Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
I
intranet-rest
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
project-open
intranet-rest
Commits
76216c50
Commit
76216c50
authored
Dec 18, 2009
by
Frank Bergmann
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
- updated permissions for invoices
parent
77c5fcd7
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
13 additions
and
8 deletions
+13
-8
intranet-rest-procs.tcl
tcl/intranet-rest-procs.tcl
+13
-8
No files found.
tcl/intranet-rest-procs.tcl
View file @
76216c50
...
...
@@ -398,7 +398,7 @@ ad_proc -private im_rest_get_object_type {
set where_clause
""
if
{[
info
exists query_hash
(
query
)]}
{
set where_clause
$query
_hash
(
query
)}
# Determine the list of valid columns for the object type
set valid_vars
[
im_rest_object_type_columns -rest_otype
$rest
_otype
]
set valid_vars
[
util_memoize
[
list
im_rest_object_type_columns -rest_otype
$rest
_otype
]
]
# Check that the query is a valid SQL where clause
set valid_sql_where
[
im_rest_valid_sql -string
$where
_clause -variables
$valid
_vars
]
if
{
!$valid_sql_where
}
{
...
...
@@ -421,8 +421,6 @@ ad_proc -private im_rest_get_object_type {
LIMIT
$limit
"
# ad_return_complaint 1 "<pre>$sql</pre>"
set result
""
db_foreach objects
$sql
{
...
...
@@ -434,13 +432,16 @@ ad_proc -private im_rest_get_object_type {
switch
$rest
_otype
{
bt_bug
{
}
im_company
{
set read_p
[
im_permission
$user
_id
"view_companies_all"
]
}
im_cost
{
}
im_cost
{
set read_p
[
im_permission
$user
_id
"view_finance"
]
}
im_conf_item
{
set read_p
[
im_permission
$user
_id
"view_conf_items_all"
]
}
im_invoices
{
set read_p
[
im_permission
$user
_id
"view_finance"
]
}
im_project
{
set read_p
[
im_permission
$user
_id
"view_projects_all"
]
}
im_user_absence
{
set read_p
[
im_permission
$user
_id
"view_absences_all"
]
}
im_office
{
set read_p
[
im_permission
$user
_id
"view_offices_all"
]
}
im_ticket
{
set read_p
[
im_permission
$user
_id
"view_tickets_all"
]
}
im_timesheet_task
{
set read_p
[
im_permission
$user
_id
"view_timesheet_tasks_all"
]
}
im_timesheet_invoices
{
set read_p
[
im_permission
$user
_id
"view_finance"
]
}
im_trans_invoices
{
set read_p
[
im_permission
$user
_id
"view_finance"
]
}
im_translation_task
{
}
user
{
}
default
{
...
...
@@ -697,8 +698,10 @@ ad_proc -private im_rest_authenticate {
if
{[
info
exists query_hash
(
auto_login
)]}
{
set token_token
$query
_hash
(
auto_login
)}
# Check if the token fits the user
if
{
!
[
im_valid_auto_login_p -user_id
$token
_user_id -auto_login
$token
_token
]}
{
set token_user_id
""
if
{
""
!=
$token
_user_id &&
""
!=
$token
_token
}
{
if
{
!
[
im_valid_auto_login_p -user_id
$token
_user_id -auto_login
$token
_token
]}
{
set token_user_id
""
}
}
# --------------------------------------------------------
...
...
@@ -716,8 +719,10 @@ ad_proc -private im_rest_authenticate {
if
{
""
==
$basic
_auth_user_id
}
{
set basic_auth_user_id
[
db_string userid
"select party_id from parties where lower(email) = lower(:basic_auth_username)"
-default
""
]
}
set basic_auth_password_ok_p
[
ad_check_password
$basic
_auth_user_id
$basic
_auth_password
]
if
{
!$basic_auth_password_ok_p
}
{
set basic_auth_user_id
""
}
if
{
""
!=
$basic
_auth_user_id
}
{
set basic_auth_password_ok_p
[
ad_check_password
$basic
_auth_user_id
$basic
_auth_password
]
if
{
!$basic_auth_password_ok_p
}
{
set basic_auth_user_id
""
}
}
if
{
$debug
}
{
ns_log Notice
"im_rest_authenticate: basic_auth=
$basic
_auth, basic_auth_username=
$basic
_auth_username, basic_auth_password=
$basic
_auth_password"
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment