[WWcvs] webwork2: HEAD backport: The permission levels are now checked when the

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Log Message:
-----------
HEAD backport: The permission levels are now checked when the authz
instance is created. (gage)

Tags:
----
rel-2-1-patches

Modified Files:
--------------
    webwork2/lib/WeBWorK:
        Authz.pm

Revision Data
-------------
Index: Authz.pm
===================================================================
RCS file: /webwork/cvs/system/webwork2/lib/WeBWorK/Authz.pm,v
retrieving revision 1.17
retrieving revision 1.17.2.1
diff -Llib/WeBWorK/Authz.pm -Llib/WeBWorK/Authz.pm -u -r1.17 -r1.17.2.1

--- lib/WeBWorK/Authz.pm
+++ lib/WeBWorK/Authz.pm
@@ -25,30 +25,37 @@
 use strict;
 use warnings;
 
+
 sub new {
-	my ($invocant, $r) = @_;
+	my ($invocant, $r, $ce, $db) = @_;
 	my $class = ref($invocant) || $invocant;
 	my $self = {
 		r => $r,
 	};
+	
+	my $user = $r->param("user");   
+	return 0 unless defined($user);
+	my $Permission = $db->getPermissionLevel($user); # checked
+	return 0 unless defined $Permission;
+	my $permissionLevel = $Permission->permission();
+	return 0 unless defined $permissionLevel and $permissionLevel ne "";
+	
+	my $permissionLevels = $ce->{permissionLevels};
+	$self->{permissionLevels} = $permissionLevels;
+	$self->{permissionLevel}  = $permissionLevel;
 	bless $self, $class;
 	return $self;
 }
 
+# This module assumes that neither the permissionLevels nor the permissionLevel
+# changes between the time an authz module is created and the time it's used.
+
 # This currently only uses two of it's arguments, but it accepts any number, in
 # case in the future calculating certain permissions requires more information.
 sub hasPermissions {
 	my ($self, $user, $activity) = @_;
-	my $r = $self->{r};
-	my $ce = $r->ce;
-	my $db = $r->db;
-	
-	my $Permission = $db->getPermissionLevel($user); # checked
-	return 0 unless defined $Permission;
-	my $permissionLevel = $Permission->permission();
-	return 0 unless defined $permissionLevel and $permissionLevel ne "";
-	
-	my $permissionLevels = $ce->{permissionLevels};
+	my $permissionLevels = $self->{permissionLevels};
+	my $permissionLevel = $self->{permissionLevel};
 	if (exists $permissionLevels->{$activity}) {
 		if (defined $permissionLevels->{$activity}) {
 			return $permissionLevel >= $permissionLevels->{$activity};
@@ -58,6 +65,7 @@
 	} else {
 		die "Activity '$activity' not found in %permissionLevels. Can't continue.\n";
 	}
+
 }
 
 1;


