Update of /cvsroot/openinteract/OpenInteract2/lib/OpenInteract2
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv10946
Modified Files:
Action.pm
Log Message:
allow 'security' to be assigned for all tasks at once
Index: Action.pm
===================================================================
RCS file: /cvsroot/openinteract/OpenInteract2/lib/OpenInteract2/Action.pm,v
retrieving revision 1.70
retrieving revision 1.71
diff -C2 -d -r1.70 -r1.71
*** Action.pm 2 Mar 2005 15:32:23 -0000 1.70
--- Action.pm 4 Mar 2005 02:51:44 -0000 1.71
***************
*** 50,54 ****
security_level => 'Security level found for this action + task invocation',
security_required => 'Security level required for this action + task invocation',
! security => 'Whether to use security (yes/no)',
url_alt => 'Alternate URLs that can be used to lookup this action',
url_none => 'Flag to indicate that this action cannot be looked up by URL (yes/no)',
--- 50,54 ----
security_level => 'Security level found for this action + task invocation',
security_required => 'Security level required for this action + task invocation',
! security => 'Configured security levels',
url_alt => 'Alternate URLs that can be used to lookup this action',
url_none => 'Flag to indicate that this action cannot be looked up by URL (yes/no)',
***************
*** 481,500 ****
my $action_security = $self->security;
! unless ( ref $action_security eq 'HASH' ) {
$log->error( "Secure action, no security configuration" );
oi_error "Configuration error: action is secured but no ",
"security requirements configured";
}
my $task = $self->task;
! my $required_level = $action_security->{ $task } ||
! $action_security->{DEFAULT} ||
! $action_security->{default};
unless ( defined $required_level ) {
$log->is_info &&
$log->info( "Assigned security level WRITE to task ",
! "'$task' since security requirement not found" );
$required_level = SEC_LEVEL_WRITE;
}
--- 481,512 ----
my $action_security = $self->security;
! unless ( $action_security ) {
$log->error( "Secure action, no security configuration" );
oi_error "Configuration error: action is secured but no ",
"security requirements configured";
}
+ my ( $required_level );
+
+ # NOTE: values in $action_security have already been translated to
+ # security levels by OI2::Config::Initializer::_action_security_level()
+ # at server startup.
+ # specify security per task...
my $task = $self->task;
! if ( ref $action_security eq 'HASH' ) {
! $required_level = $action_security->{ $task } ||
! $action_security->{DEFAULT} ||
! $action_security->{default};
! }
+ # specify security for entire action...
+ else {
+ $required_level = $action_security;
+ }
unless ( defined $required_level ) {
$log->is_info &&
$log->info( "Assigned security level WRITE to task ",
! "'$task' since no security requirement found" );
$required_level = SEC_LEVEL_WRITE;
}
***************
*** 506,511 ****
my $msg = sprintf( "Security check for '%s' '%s' failed",
$self->name, $task );
! $log->error( "$msg [required: $required_level] ",
! "[found: $action_level]" );
oi_security_error $msg,
{ security_required => $required_level,
--- 518,523 ----
my $msg = sprintf( "Security check for '%s' '%s' failed",
$self->name, $task );
! $log->warn( "$msg [required: $required_level] ",
! "[found: $action_level]" );
oi_security_error $msg,
{ security_required => $required_level,
|
