From f85ac955239cf2583ae67de16efb41a3f590b5bc Mon Sep 17 00:00:00 2001
From: miker <miker@dcc99617-32d9-48b4-a31d-7c20da2025e4>
Date: Tue, 21 Jun 2005 13:36:52 +0000
Subject: [PATCH] adding "target" ou to the usr_has_perm function

git-svn-id: svn://svn.open-ils.org/ILS/trunk@883 dcc99617-32d9-48b4-a31d-7c20da2025e4
---
 .../sql/Postgres/006.schema.permissions.sql   | 47 ++++++++++++-------
 1 file changed, 31 insertions(+), 16 deletions(-)

diff --git a/Open-ILS/src/sql/Postgres/006.schema.permissions.sql b/Open-ILS/src/sql/Postgres/006.schema.permissions.sql
index bff1f8c590..b863c17b20 100644
--- a/Open-ILS/src/sql/Postgres/006.schema.permissions.sql
+++ b/Open-ILS/src/sql/Postgres/006.schema.permissions.sql
@@ -24,17 +24,17 @@ CREATE TABLE permission.grp_perm_map (
 	id	SERIAL	PRIMARY KEY,
 	grp	INT	NOT NULL REFERENCES permission.grp_tree (id),
 	perm	INT	NOT NULL REFERENCES permission.perm_list (id),
-	depth	INT	NOT NULL REFERENCES actor.org_unit_type (id),
+	depth	INT	NOT NULL,
 		CONSTRAINT perm_grp_once UNIQUE (grp,perm)
 );
-INSERT INTO permission.grp_perm_map VALUES (DEFAULT,1,2,(SELECT id FROM actor.org_unit_type WHERE depth = 0 LIMIT 1));
-INSERT INTO permission.grp_perm_map VALUES (DEFAULT,2,1,(SELECT id FROM actor.org_unit_type WHERE depth = 0 LIMIT 1));
+INSERT INTO permission.grp_perm_map VALUES (DEFAULT,1,2,0);
+INSERT INTO permission.grp_perm_map VALUES (DEFAULT,2,1,0);
 
 CREATE TABLE permission.usr_perm_map (
 	id	SERIAL	PRIMARY KEY,
 	usr	INT	NOT NULL REFERENCES actor.usr (id),
 	perm	INT	NOT NULL REFERENCES permission.perm_list (id),
-	depth	INT	NOT NULL REFERENCES actor.org_unit_type (id),
+	depth	INT	NOT NULL,
 		CONSTRAINT perm_usr_once UNIQUE (usr,perm)
 );
 
@@ -88,7 +88,7 @@ BEGIN
 		FOR g_list IN	SELECT	*
 				  FROM	permission.grp_ancestors( grp.grp ) LOOP
 
-			FOR u_perm IN	SELECT	DISTINCT p.id, iuser AS usr, p.perm, p.depth
+			FOR u_perm IN	SELECT	DISTINCT -p.id, iuser AS usr, p.perm, p.depth
 					  FROM	permission.grp_perm_map p
 						JOIN permission.usr_grp_map m ON (m.grp = p.grp)
 					  WHERE	m.grp = g_list.id LOOP
@@ -98,22 +98,37 @@ BEGIN
 			END LOOP;
 		END LOOP;
 	END LOOP;
+
 	RETURN;
 END;
 $$ LANGUAGE PLPGSQL;
 
-CREATE OR REPLACE FUNCTION permission.usr_has_perm ( iuser INT, tperm TEXT ) RETURNS BOOL AS $$
+CREATE OR REPLACE FUNCTION permission.usr_has_perm ( iuser INT, tperm TEXT, target INT ) RETURNS BOOL AS $$
+DECLARE
+	r_usr	actor.usr%ROWTYPE;
+	r_perm	permission.usr_perm_map%ROWTYPE;
 BEGIN
-	PERFORM	TRUE
-	  FROM	permission.usr_perms(iuser) p
-		JOIN permission.perm_list l
-			ON (l.id = p.perm)
-	  WHERE	l.code = tperm;
-	IF FOUND THEN
-		RETURN TRUE;
-	ELSE
-		RETURN FALSE;
-	END IF;
+
+	SELECT * INTO r_usr FROM actor.usr WHERE id = iuser;
+
+	FOR r_perm IN	SELECT	*
+			  FROM	permission.usr_perms(iuser) p
+				JOIN permission.perm_list l
+					ON (l.id = p.perm)
+			  WHERE	l.code = tperm LOOP
+
+		PERFORM	*
+		  FROM	actor.org_unit_descendants(target,r_perm.depth)
+		  WHERE	id = r_usr.home_ou;
+
+		IF FOUND THEN
+			RETURN TRUE;
+		ELSE
+			RETURN FALSE;
+		END IF;
+	END LOOP;
+
+	RETURN FALSE;
 END;
 $$ LANGUAGE PLPGSQL;
 
-- 
2.43.2