[Bps-public-commit] App-Changeloggr branch, master, updated. 12d11bbb66e293c6ac6ffff9b7dc6d237c885756

[sartak at bestpractical.com]

The branch, master has been updated
       via  12d11bbb66e293c6ac6ffff9b7dc6d237c885756 (commit)
      from  c1068215808607b103a065c174f55cc41a542b97 (commit)

Summary of changes:
 lib/App/Changeloggr/Model/Change.pm    |    6 ++----
 lib/App/Changeloggr/Model/Changelog.pm |   12 ++++--------
 lib/App/Changeloggr/Model/Vote.pm      |   11 +++--------
 3 files changed, 9 insertions(+), 20 deletions(-)

- Log -----------------------------------------------------------------
commit 12d11bbb66e293c6ac6ffff9b7dc6d237c885756
Author: Shawn M Moore <sartak at gmail.com>
Date:   Thu Feb 26 22:24:52 2009 -0500

    Recast each current_user_can to let the user do additional things, then
    ask the superclass for more checks

diff --git a/lib/App/Changeloggr/Model/Change.pm b/lib/App/Changeloggr/Model/Change.pm
index 9a7dc90..d220c5c 100644
--- a/lib/App/Changeloggr/Model/Change.pm
+++ b/lib/App/Changeloggr/Model/Change.pm
@@ -25,12 +25,10 @@ sub current_user_can {
     my $self  = shift;
     my $right = shift;
 
-    return 1 if $self->current_user->is_superuser;
-
+    # anyone can read a change
     return 1 if $right eq 'read';
 
-    # no ordinary users can update, delete, or create new changes
-    return 0;
+    return $self->SUPER::current_user_can($right, @_);
 }
 
 1;
diff --git a/lib/App/Changeloggr/Model/Changelog.pm b/lib/App/Changeloggr/Model/Changelog.pm
index a71bc79..ac077b0 100644
--- a/lib/App/Changeloggr/Model/Changelog.pm
+++ b/lib/App/Changeloggr/Model/Changelog.pm
@@ -30,16 +30,12 @@ sub current_user_can {
     my $right = shift;
     my %args  = @_;
 
-    return 1 if $self->current_user->is_superuser;
-
-    # admin tokens are private
-    return 0 if $right eq 'read' && $args{column} eq 'admin_token';
-
-    # anyone can create and read changelogs
-    return 1 if $right eq 'create' || $right eq 'read';
+    # anyone can create and read changelogs (except admin token)
+    return 1 if $right eq 'create'
+             || ($right eq 'read' && $args{column} ne 'admin_token');
 
     # but not delete or update. those must happen as root
-    return 0;
+    return $self->SUPER::current_user_can($right, %args);
 }
 
 1;
diff --git a/lib/App/Changeloggr/Model/Vote.pm b/lib/App/Changeloggr/Model/Vote.pm
index 447c7ae..a30f2cc 100644
--- a/lib/App/Changeloggr/Model/Vote.pm
+++ b/lib/App/Changeloggr/Model/Vote.pm
@@ -20,19 +20,14 @@ sub current_user_can {
     my $right = shift;
     my %args  = @_;
 
-    return 1 if $self->current_user->is_superuser;
-
-    # voters are private..
-    return 0 if $right eq 'read' && $args{column} eq 'user_session_id';
-
-    # ..but votes are not
-    return 1 if $right eq 'read';
+    # votes are not private except who submitted the vote
+    return 1 if $right eq 'read' && $args{column} ne 'user_session_id';
 
     # anyone can vote
     return 1 if $right eq 'create';
 
     # but votes are immutable
-    return 0;
+    return $self->SUPER::current_user_can($right, %args);
 }
 
 1;

-----------------------------------------------------------------------