- fixed a permission problem with ad_group_member_p, which

didn't take into account deleted membership rels. - ad_group_member_p was used wrongly to query im_biz_object_member_p, this has been corrected now

- fixed a permission problem with ad_group_member_p, which
didn't take into account deleted membership rels. - ad_group_member_p was used wrongly to query im_biz_object_member_p, this has been corrected now
14eecdac · Frank Bergmann · 2f7f389d · 14eecdac · 14eecdac · 14eecdac
Commit 14eecdac authored Aug 03, 2005 by Frank Bergmann
Showing with 16 additions and 24 deletions

intranet-company-procs.tcl tcl/intranet-company-procs.tcl +1 -1

intranet-compat-procs.tcl tcl/intranet-compat-procs.tcl +13 -21

intranet-project-procs.tcl tcl/intranet-project-procs.tcl +2 -2

No files found.
--- a/tcl/intranet-company-procs.tcl
+++ b/tcl/intranet-company-procs.tcl
@@ -97,7 +97,7 @@ ad_proc -public im_company_permissions {user_id company_id view_var read_var wri
    set user_is_admin_p [im_is_user_site_wide_or_intranet_admin $user_id]
    set user_is_wheel_p [ad_user_group_member [im_wheel_group_id] $user_id]
-    set user_is_group_member_p [ad_user_group_member $company_id $user_id]
+    set user_is_group_member_p [im_biz_object_member_p $user_id $company_id]
    set user_is_group_admin_p [im_biz_object_admin_p $user_id $company_id]
    set user_is_employee_p [im_user_is_employee_p $user_id]
    set user_admin_p [expr $user_is_admin_p || $user_is_group_admin_p]

--- a/tcl/intranet-compat-procs.tcl
+++ b/tcl/intranet-compat-procs.tcl
@@ -35,33 +35,25 @@ ad_proc -public ad_user_group_member { group_id user_id} {
 ad_proc -public ad_user_group_member_helper { group_id user_id} {
 } {
    set member_count [db_string member_count "
-select count(*) 
+	select 
-from	acs_rels ar
+		count(*) 
-where	ar.object_id_two = :user_id 
+	from 
-	and ar.object_id_one = :group_id
+		acs_rels ar,
-"]
+		membership_rels mr
+	where 
+		ar.rel_id = mr.rel_id
+		and ar.object_id_two = $user_id 
+		and ar.object_id_one = $group_id
+		and mr.member_state = 'approved'
+    "]
    if {$member_count > 0} { return 1 }
    return 0
 }
-# This one doesn't work because the relationship between
-# a business object (company) and a user is defined on
-# the base of a acs_rels, but not a membership-rel.
-#
-#    set member_count [db_string member_count "
-#select 
-#	count(*) 
-#from 
-#	acs_rels ar,
-#	membership_rels mr
-#where 
-#	ar.rel_id = mr.rel_id
-#	and ar.object_id_two = $user_id 
-#	and ar.object_id_one = $group_id
-#	and mr.member_state = 'approved'
-#"]

--- a/tcl/intranet-project-procs.tcl
+++ b/tcl/intranet-project-procs.tcl
@@ -100,7 +100,7 @@ ad_proc -public im_project_permissions {user_id project_id view_var read_var wri
    set user_is_admin_p [im_is_user_site_wide_or_intranet_admin $user_id]
    set user_is_wheel_p [ad_user_group_member [im_wheel_group_id] $user_id]
-    set user_is_group_member_p [ad_user_group_member $project_id $user_id]
+    set user_is_group_member_p [im_biz_object_member_p $user_id $project_id]
    set user_is_group_admin_p [im_biz_object_admin_p $user_id $project_id]
    set user_is_employee_p [im_user_is_employee_p $user_id]
    set user_in_project_group_p [string compare "t" [db_string user_belongs_to_project "select ad_group_member_p( :user_id, :project_id ) from dual" ] ]
@@ -140,7 +140,7 @@ ad_proc -public im_project_permissions {user_id project_id view_var read_var wri
    ns_log Notice "view_projects_history=[im_permission $user_id view_projects_history]"
    ns_log Notice "project_status=$project_status"
-    set user_is_company_member_p [ad_user_group_member $company_id $user_id]
+    set user_is_company_member_p [im_biz_object_member_p $user_id $company_id]
    if {$user_admin_p} { 
 	set admin 1