diff options
| author | Russ Allbery <rra@stanford.edu> | 2013-03-27 12:51:46 -0700 |
|---|---|---|
| committer | Russ Allbery <rra@stanford.edu> | 2013-03-27 12:52:58 -0700 |
| commit | f6c63bdb2be5ccc0c6133bf87025d37805579005 (patch) | |
| tree | c027fed89455b36e386722a63cce9c77d90ebffa /perl/Wallet/Server.pm | |
| parent | b273cc907951a8b7dfcd4095ab58b6ae74c7d87e (diff) | |
Allow owners of objects to destroy them by default
Owners of wallet objects are now allowed to destroy them. In previous
versions, a special destroy ACL had to be set and the owner ACL wasn't
used for destroy actions, but operational experience at Stanford has
shown that letting owners destroy their own objects is a better model.
Change-Id: I0e97d7a000e62cf5321add7b44140db6edc6769f
Reviewed-on: https://gerrit.stanford.edu/973
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
Diffstat (limited to 'perl/Wallet/Server.pm')
| -rw-r--r-- | perl/Wallet/Server.pm | 19 |
1 files changed, 10 insertions, 9 deletions
diff --git a/perl/Wallet/Server.pm b/perl/Wallet/Server.pm index db53f6c..6d67e17 100644 --- a/perl/Wallet/Server.pm +++ b/perl/Wallet/Server.pm @@ -1,7 +1,7 @@ # Wallet::Server -- Wallet system server implementation. # # Written by Russ Allbery <rra@stanford.edu> -# Copyright 2007, 2008, 2010, 2011 +# Copyright 2007, 2008, 2010, 2011, 2013 # The Board of Trustees of the Leland Stanford Junior University # # See LICENSE for licensing terms. @@ -301,7 +301,7 @@ sub acl_verify { } elsif ($action ne 'comment') { $id = $object->acl ($action); } - if (! defined ($id) and $action ne 'flags' and $action ne 'destroy') { + if (! defined ($id) and $action ne 'flags') { $id = $object->owner; } unless (defined $id) { @@ -970,9 +970,10 @@ owner as determined by the wallet configuration. Destroys the object identified by TYPE and NAME. This destroys any data that the wallet had saved about the object, may remove the underlying object from other external systems, and destroys the wallet database entry -for the object. To destroy an object, the current user must be authorized -by the ADMIN ACL or the destroy ACL on the object; the owner ACL is not -sufficient. Returns true on success and false on failure. +for the object. To destroy an object, the current user must be a member +of the ADMIN ACL, authorized by the destroy ACL, or authorized by the +owner ACL; however, if the destroy ACL is set, the owner ACL will not be +checked. Returns true on success and false on failure. =item dbh() @@ -981,10 +982,6 @@ mostly for testing; normally, clients should perform all actions through the Wallet::Server object to ensure that authorization and history logging is done properly. -=item schema() - -Returns the DBIx::Class schema object. - =item error() Returns the error of the last failing operation or undef if no operations @@ -1058,6 +1055,10 @@ The owner of an object is permitted to get, store, and show that object, but cannot destroy or set flags on that object without being listed on those ACLs as well. +=item schema() + +Returns the DBIx::Class schema object. + =item show(TYPE, NAME) Returns (as a string) a human-readable representation of the metadata |