Commit a5f6f3e9 authored by David Metzler's avatar David Metzler
Browse files

Updated to change security model to be repository specific, including

defaults. 
parent b63e4cfd
......@@ -37,19 +37,21 @@ class FrxDataSource{
* @return unknown
*/
public function access($arg) {
$obj_access = TRUE;
$access = user_access('access ' . $this->name . ' data');
$f = @$this->conf['access callback'];
if ($f && is_callable($f)) {
return $f($arg);
}
elseif (isset($this->conf['access block'])) {
$block = @$this->conf['access block'];
$path='';
if (isset($this->conf['access path'])) $path = $this->conf['access path'];
return FrxReportGenerator::instance()->block_access($block, $path, $arg);
}
else {
return user_access('access content');
if ($arg) {
if ($f && is_callable($f)) {
$obj_access = $f($arg);
}
elseif (isset($this->conf['access block'])) {
$block = @$this->conf['access block'];
$path='';
if (isset($this->conf['access path'])) $path = $this->conf['access path'];
$obj_access = FrxReportGenerator::instance()->block_access($block, $path, $arg);
}
}
return $access && $obj_access;
}
protected function loadBlockFromDB($block_name) {
......
......@@ -461,6 +461,7 @@ function forena_general_form($form, &$form_state, $report_name) {
}
function forena_general_form_validate($form, &$form_state) {
$values = $form_state['values'];
if ($values['menu']['path']) {
if (!valid_url(str_replace(':', '', $values['menu']['path']), FALSE)) {
form_set_error('menu][path', t('Invalid Path'));
......
......@@ -52,25 +52,23 @@ function forena_load_cache($r_xhtml) {
}
}
if ($repos) foreach ($repos as $provider => $blocks) {
$provider = Frx::RepoMan()->repository($provider);
if ($repos) foreach ($repos as $provider_key => $blocks) {
$provider = Frx::RepoMan()->repository($provider_key);
if (isset($provider->conf))$conf = $provider->conf;
$access = array();
foreach ($blocks as $block_name) {
if ($provider && $block_name) {
if (method_exists($provider, 'loadBlock')) {
$conf = $provider->conf;
$block = $provider->loadBlock($block_name);
if (isset($block['access']) && array_search($block['access'], $access)===FALSE) $access[]=$block['access'];
$obj = @$block['access'];
if (array_search($obj, $access)===FALSE) $access[]=$obj;
}
}
else {
//drupal_set_message('no provider found', 'error');
}
}
if (isset($conf['access callback']) && $access) $cache['access'][$conf['access callback']]=$access;
if (isset($conf['access callback']) && $access) $cache['access'][$provider_key][$conf['access callback']]=$access;
}
......@@ -126,9 +124,6 @@ function forena_get_html($tag, $r_text) {
return $str;
}
/**
* Form to edit parameters
* Extra features:
......@@ -151,29 +146,34 @@ function forena_get_user_reports($category = '') {
->fields('r')
->condition('language', $language->language)
->condition('hidden', 0);
if ($category) {
$select = $select->condition('category', $category);
}
$result = $select->execute();
$result = $select->orderBy('title')->execute();
$reports = array();
foreach ($result AS $row) {
$access = TRUE;
$access = FALSE;
$cache = $row->cache;
if ($cache) {
$cache = unserialize($cache);
// Check each callback function to see if we have an error.
if (@$cache['access']) foreach ($cache['access'] as $callback => $args) {
if ($callback) foreach ($args as $arg) {
$access = FALSE;
if (function_exists($callback)) {
$a = $callback($arg);
if (@$cache['access']) foreach ($cache['access'] as $provider => $callbacks) {
if (user_access('access ' . $provider . ' data')) foreach ($callbacks as $callback=>$args) {
if ($callback) foreach ($args as $arg) {
if (function_exists($callback) && $arg) {
$a = $callback($arg);
if ($a) $access = TRUE;
}
else {
$access = TRUE;
}
}
else {
$access = TRUE;
}
if ($a) $access = TRUE;
}
else {
$access = TRUE;
}
}
}
......
......@@ -757,6 +757,10 @@ function forena_permission() {
'perform email merge' => array('title' => t('Peform email merge')),
'access forena block xml' => array('title' => t('Access xml from data blocks directly'), 'description' => t('Useful for ajax calls to data blocks')),
);
foreach (Frx::RepoMan()->repositories as $repos => $conf) {
$name = $conf['title'] ? $conf['title'] : $repos;
$perms['access '. $repos . ' data'] = array('title' => 'Access ' . $name . ' Data');
}
return $perms;
}
......@@ -900,15 +904,21 @@ function forena_report_menu_callback() {
function forena_check_all_access($checks) {
// Check each callback function to see if we have an error.
$access = FALSE;
if ($checks) foreach ((array)$checks as $callback => $args) {
if ($callback && $args) foreach ($args as $arg) {
if (function_exists($callback)) {
$a = $callback($arg);
// Check each callback function to see if we have an error.
if ($checks) foreach ($checks as $provider => $callbacks) {
if (user_access('access ' . $provider . ' data')) foreach ($callbacks as $callback=>$args) {
if ($callback) foreach ($args as $arg) {
if (function_exists($callback) && $arg) {
$a = $callback($arg);
if ($a) $access = TRUE;
}
else {
$access = TRUE;
}
}
else {
$access = TRUE;
}
if ($a) $access = TRUE;
}
else {
$access = TRUE;
}
}
return $access;
......
--ACCESS=access demo reports
select * from user_distribution WHERE
state in (:state)
--ACCESS=access demo reports
select * from states
WHERE code=:state
--ACCESS=access demo reports
select *, code as state from states
ORDER BY name
......
--ACCESS=access demo reports
select
code AS state,
name,
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment