[WTF CVS] wtf/lib/WTF/Apache Authz.pm,1.5,1.6

[Gryphon S. <gry...@us...>]

Update of /cvsroot/wtf-tracker/wtf/lib/WTF/Apache
In directory sc8-pr-cvs9.sourceforge.net:/tmp/cvs-serv32385

Modified Files:
	Authz.pm 
Log Message:
Refactored the large authorization conditional, moving the settings for it out into a pair of constants. This helps to avoid repeated code.

Index: Authz.pm
===================================================================
RCS file: /cvsroot/wtf-tracker/wtf/lib/WTF/Apache/Authz.pm,v
retrieving revision 1.5
retrieving revision 1.6
diff -C2 -d -r1.5 -r1.6
*** Authz.pm	2 Dec 2006 00:09:09 -0000	1.5
--- Authz.pm	5 Dec 2006 16:04:46 -0000	1.6
***************
*** 7,10 ****
--- 7,36 ----
  use WTF::SQL;
  
+ use constant {
+ 
+ 	# pages and actions to "authz" authorizations in the "authz_employee" table
+ 	SECURE_SECTIONS => {
+ 		'reports/team'     => 'team_view',
+ 		'reports/projects' => 'project_view',
+ 		'reports/project'  => 'project_view',
+ 		'reports/activity' => 'activity',
+ 		'admin/authz'      => 'admin_authz',
+ 		'admin/newauthzs'  => 'admin_authz',
+ 		'admin/update'     => 'update',
+ 		'admin/loginas'    => 'login_as',
+ 	},
+ 
+ 	# pages and actions only administrators can view or do
+ 	ADMIN_AREAS => [
+ 		'admin/users',
+ 		'admin/saveusers',
+ 		'admin/taskarea',
+ 		'admin/savetarea',
+ 		'admin/tables',
+ 		'admin/tablesave',
+ 	],
+ 
+ };
+ 
  # setup database and SQL statement handles
  my $dbh = WTF::DBH->connect();
***************
*** 13,19 ****
  sub handler {
  	my ($r) = @_;
! 
! 	my ($section) = $r->uri() =~ m|^/wtf/\w+/([^?]+)|;
! 	$section ||= '';
  
  	$sth->{'authz'}->execute( $r->pnotes('user_id') ) or die $dbh->errstr();
--- 39,43 ----
  sub handler {
  	my ($r) = @_;
! 	my $section = ( $r->uri() =~ m|^/wtf/\w+/([^?]+)| ) ? $1 : q();
  
  	$sth->{'authz'}->execute( $r->pnotes('user_id') ) or die $dbh->errstr();
***************
*** 23,45 ****
  
  	if (
! 
! 		# pages and actions authorized by the "authz_employee" table
! 		( $section eq 'reports/team'     and not $r->pnotes('authz')->{'team_view'}    ) or
! 		( $section eq 'reports/projects' and not $r->pnotes('authz')->{'project_view'} ) or
! 		( $section eq 'reports/project'  and not $r->pnotes('authz')->{'project_view'} ) or
! 		( $section eq 'reports/activity' and not $r->pnotes('authz')->{'activity'}     ) or
! 		( $section eq 'admin/authz'      and not $r->pnotes('authz')->{'admin_authz'}  ) or
! 		( $section eq 'admin/newauthzs'  and not $r->pnotes('authz')->{'admin_authz'}  ) or
! 		( $section eq 'admin/update'     and not $r->pnotes('authz')->{'update'}       ) or
! 		( $section eq 'admin/loginas'    and not $r->pnotes('authz')->{'login_as'}     ) or
! 
! 		# pages and actions only administrators can view or do
! 		( $section eq 'admin/users'      and not $r->pnotes('is_admin') ) or
! 		( $section eq 'admin/saveusers'  and not $r->pnotes('is_admin') ) or
! 		( $section eq 'admin/taskarea'   and not $r->pnotes('is_admin') ) or
! 		( $section eq 'admin/savetarea'  and not $r->pnotes('is_admin') ) or
! 		( $section eq 'admin/tables'     and not $r->pnotes('is_admin') ) or
! 		( $section eq 'admin/tablesave'  and not $r->pnotes('is_admin') )
! 
  	) {
  		$r->note_basic_auth_failure();
--- 47,52 ----
  
  	if (
! 		( SECURE_SECTIONS->{$section} and not $r->pnotes('authz')->{ SECURE_SECTIONS->{$section} } ) or
! 		( grep { $_ eq $section } @{ (ADMIN_AREAS) } and not $r->pnotes('is_admin') )
  	) {
  		$r->note_basic_auth_failure();