Update of /cvsroot/wtf-tracker/wtf/lib/WTF/Apache
In directory sc8-pr-cvs9.sourceforge.net:/tmp/cvs-serv32385
Modified Files:
Authz.pm
Log Message:
Refactored the large authorization conditional, moving the settings for it out into a pair of constants. This helps to avoid repeated code.
Index: Authz.pm
===================================================================
RCS file: /cvsroot/wtf-tracker/wtf/lib/WTF/Apache/Authz.pm,v
retrieving revision 1.5
retrieving revision 1.6
diff -C2 -d -r1.5 -r1.6
*** Authz.pm 2 Dec 2006 00:09:09 -0000 1.5
--- Authz.pm 5 Dec 2006 16:04:46 -0000 1.6
***************
*** 7,10 ****
--- 7,36 ----
use WTF::SQL;
+ use constant {
+
+ # pages and actions to "authz" authorizations in the "authz_employee" table
+ SECURE_SECTIONS => {
+ 'reports/team' => 'team_view',
+ 'reports/projects' => 'project_view',
+ 'reports/project' => 'project_view',
+ 'reports/activity' => 'activity',
+ 'admin/authz' => 'admin_authz',
+ 'admin/newauthzs' => 'admin_authz',
+ 'admin/update' => 'update',
+ 'admin/loginas' => 'login_as',
+ },
+
+ # pages and actions only administrators can view or do
+ ADMIN_AREAS => [
+ 'admin/users',
+ 'admin/saveusers',
+ 'admin/taskarea',
+ 'admin/savetarea',
+ 'admin/tables',
+ 'admin/tablesave',
+ ],
+
+ };
+
# setup database and SQL statement handles
my $dbh = WTF::DBH->connect();
***************
*** 13,19 ****
sub handler {
my ($r) = @_;
!
! my ($section) = $r->uri() =~ m|^/wtf/\w+/([^?]+)|;
! $section ||= '';
$sth->{'authz'}->execute( $r->pnotes('user_id') ) or die $dbh->errstr();
--- 39,43 ----
sub handler {
my ($r) = @_;
! my $section = ( $r->uri() =~ m|^/wtf/\w+/([^?]+)| ) ? $1 : q();
$sth->{'authz'}->execute( $r->pnotes('user_id') ) or die $dbh->errstr();
***************
*** 23,45 ****
if (
!
! # pages and actions authorized by the "authz_employee" table
! ( $section eq 'reports/team' and not $r->pnotes('authz')->{'team_view'} ) or
! ( $section eq 'reports/projects' and not $r->pnotes('authz')->{'project_view'} ) or
! ( $section eq 'reports/project' and not $r->pnotes('authz')->{'project_view'} ) or
! ( $section eq 'reports/activity' and not $r->pnotes('authz')->{'activity'} ) or
! ( $section eq 'admin/authz' and not $r->pnotes('authz')->{'admin_authz'} ) or
! ( $section eq 'admin/newauthzs' and not $r->pnotes('authz')->{'admin_authz'} ) or
! ( $section eq 'admin/update' and not $r->pnotes('authz')->{'update'} ) or
! ( $section eq 'admin/loginas' and not $r->pnotes('authz')->{'login_as'} ) or
!
! # pages and actions only administrators can view or do
! ( $section eq 'admin/users' and not $r->pnotes('is_admin') ) or
! ( $section eq 'admin/saveusers' and not $r->pnotes('is_admin') ) or
! ( $section eq 'admin/taskarea' and not $r->pnotes('is_admin') ) or
! ( $section eq 'admin/savetarea' and not $r->pnotes('is_admin') ) or
! ( $section eq 'admin/tables' and not $r->pnotes('is_admin') ) or
! ( $section eq 'admin/tablesave' and not $r->pnotes('is_admin') )
!
) {
$r->note_basic_auth_failure();
--- 47,52 ----
if (
! ( SECURE_SECTIONS->{$section} and not $r->pnotes('authz')->{ SECURE_SECTIONS->{$section} } ) or
! ( grep { $_ eq $section } @{ (ADMIN_AREAS) } and not $r->pnotes('is_admin') )
) {
$r->note_basic_auth_failure();
|
