Changeset 7205
- Timestamp:
- Oct 19, 2016, 8:46:15 AM (6 years ago)
- Location:
- trunk/src/core/net/sf/basedb/core
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/core/net/sf/basedb/core/Annotation.java
r7120 r7205 195 195 READ permission is granted if the logged in user has READ permission on 196 196 the associated item and annotation type. CREATE, WRITE and DELETE permissions 197 are granted if the logged in user has WRITE permission on the associated item. 197 are granted if the logged in user has WRITE permission on the associated item 198 and USE permission on the annotation type. USE permission (needed for inheriting) 199 is granted if the logged in user has USE permission on the associated item. 198 200 */ 199 201 @Override … … 202 204 { 203 205 AnnotationSet as = getAnnotationSet(); 206 AnnotationType at = null; 204 207 if (!disableATPermissionCheck) 205 208 { 206 AnnotationTypeat = getAnnotationType();207 } 208 if (as.hasPermission(Permission.WRITE) )209 at = getAnnotationType(); 210 } 211 if (as.hasPermission(Permission.WRITE) && (at == null || at.hasPermission(Permission.USE))) 209 212 { 210 213 granted |= Permission.grant(Permission.CREATE, Permission.READ, Permission.WRITE, Permission.DELETE); -
trunk/src/core/net/sf/basedb/core/AnnotationSet.java
r7120 r7205 558 558 // Create a new annotation 559 559 checkPermission(Permission.WRITE); 560 annotationType.checkPermission(Permission.USE); 560 561 // AnnotatableProxy items allow annotations of all types 561 562 boolean isAnnotatableProxy = AnnotatableProxy.class.isAssignableFrom(getItemType().getItemClass()); … … 709 710 checkPermission(Permission.WRITE); 710 711 if (annotationType == null) throw new InvalidUseOfNullException("annotationType"); 712 annotationType.checkPermission(Permission.USE); 711 713 712 714 DbControl dc = getDbControl();
Note: See TracChangeset
for help on using the changeset viewer.