[Bps-public-commit] jifty-plugin-recordhistory branch, master, updated. 0.04-8-g8c79493
Shawn Moore
sartak at bestpractical.com
Thu Feb 24 17:55:18 EST 2011
The branch, master has been updated
via 8c794937b553b86210dbe121686a2380a10bdc58 (commit)
from 751675606b9876f461f94408abb5d64bc38ae2b2 (commit)
Summary of changes:
lib/Jifty/Plugin/RecordHistory/Model/Change.pm | 11 +++--------
1 files changed, 3 insertions(+), 8 deletions(-)
- Log -----------------------------------------------------------------
commit 8c794937b553b86210dbe121686a2380a10bdc58
Author: Shawn M Moore <sartak at bestpractical.com>
Date: Thu Feb 24 17:55:00 2011 -0500
For read, ask the record. For create/update/delete, demand superuser
diff --git a/lib/Jifty/Plugin/RecordHistory/Model/Change.pm b/lib/Jifty/Plugin/RecordHistory/Model/Change.pm
index a17b5a1..4df5b9f 100644
--- a/lib/Jifty/Plugin/RecordHistory/Model/Change.pm
+++ b/lib/Jifty/Plugin/RecordHistory/Model/Change.pm
@@ -76,15 +76,10 @@ sub delegate_current_user_can {
my $right = shift;
my %args = @_;
- my $record = $self->__record(%args);
+ return $self->__record(%args)->current_user_can($right) if $right eq 'read';
- if ($record->can('current_user_can_for_change')) {
- return $record->current_user_can_for_change($right, %args, change => $self);
- }
-
- $right = 'update' if $right ne 'read';
-
- return $self->__record(%args)->current_user_can($right);
+ # only superuser can create, update, and delete change entries
+ return $self->current_user->is_superuser;
}
sub add_change_field {
-----------------------------------------------------------------------
More information about the Bps-public-commit
mailing list