Changeset 7211


Ignore:
Timestamp:
Oct 19, 2016, 2:08:22 PM (5 years ago)
Author:
Nicklas Nordborg
Message:

References #2034: New permission for annotating items

Decoupled the USE and RESTRICTED_WRITE permission from each other. To avoid unexpected problems with the User item, USE permission is explicitely added.

The AnnotationSet now checks for RESTRICTED_WRITE permission instead of WRITE permission on the parent item. This should be enough for allowing a user to handle annotations on the item.

Location:
trunk/src/core/net/sf/basedb/core
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/core/net/sf/basedb/core/AnnotationSet.java

    r7205 r7211  
    386386  /**
    387387    READ permission is granted to all users. CREATE, WRITE and DELETE permissions are granted
    388     if the logged in user has WRITE permission on the associated item.
     388    if the logged in user has RESTRICTED_WRITE permission on the associated item.
    389389  */
    390390  @Override
     
    399399    catch (PermissionDeniedException ex)
    400400    {}
    401     if (item != null && item.hasPermission(Permission.WRITE))
     401    if (item != null && item.hasPermission(Permission.RESTRICTED_WRITE))
    402402    {
    403403      granted |= Permission.grant(Permission.CREATE, Permission.READ, Permission.WRITE, Permission.DELETE);       
  • trunk/src/core/net/sf/basedb/core/Permission.java

    r6881 r7211  
    7373    This permission allows a user to use/link to an item.
    7474  */
    75   USE(1+2, 2+4+8+16+32, "use"),
     75  USE(1+2, 2+8+16+32, "use"),
    7676 
    7777  /**
    7878    This permission allows a user to update some information about an item.
    7979  */
    80   RESTRICTED_WRITE(1+2+4, 4+8+16+32+64, "restricted write"),
     80  RESTRICTED_WRITE(1+4, 4+8+16+32+64, "restricted write"),
    8181
    8282  /**
  • trunk/src/core/net/sf/basedb/core/User.java

    r7082 r7211  
    473473    if (getSessionControl().getLoggedInUserId() == getId())
    474474    {
    475       granted |= Permission.grant(isMultiuserAccount() ? Permission.READ : Permission.RESTRICTED_WRITE);
     475      if (isMultiuserAccount())
     476      {
     477        granted |= Permission.grant(Permission.READ);
     478      }
     479      else
     480      {
     481        granted |= Permission.grant(Permission.USE, Permission.RESTRICTED_WRITE);
     482      }
    476483    }
    477484    if (getSessionControl().isFriendOf(this))
Note: See TracChangeset for help on using the changeset viewer.