From f1cea5a914bd08417b11ce96a999db57cc405cc2 Mon Sep 17 00:00:00 2001
From: scottmk <scottmk@dcc99617-32d9-48b4-a31d-7c20da2025e4>
Date: Mon, 16 Mar 2009 14:49:12 +0000
Subject: [PATCH] For usr_has_perm* functions: super_user has all permissions
 everywhere (even permissions that don't exist).

git-svn-id: svn://svn.open-ils.org/ILS/trunk@12536 dcc99617-32d9-48b4-a31d-7c20da2025e4
---
 .../src/sql/Pg/006.schema.permissions.sql     | 29 +++++++++++++++++++
 1 file changed, 29 insertions(+)

diff --git a/Open-ILS/src/sql/Pg/006.schema.permissions.sql b/Open-ILS/src/sql/Pg/006.schema.permissions.sql
index 7037d3e51d..424bb1d086 100644
--- a/Open-ILS/src/sql/Pg/006.schema.permissions.sql
+++ b/Open-ILS/src/sql/Pg/006.schema.permissions.sql
@@ -314,6 +314,7 @@ RETURNS SETOF INTEGER AS $$
 -- by a DISTINCT clause.
 --
 DECLARE
+	b_super       BOOLEAN;
 	n_perm        INTEGER;
 	n_min_depth   INTEGER; 
 	n_work_ou     INTEGER;
@@ -321,6 +322,34 @@ DECLARE
 	n_depth       INTEGER;
 	n_curr_depth  INTEGER;
 BEGIN
+	--
+	-- Check for superuser
+	--
+	SELECT INTO b_super
+		super_user
+	FROM
+		actor.usr
+	WHERE
+		id = user_id;
+	--
+	IF NOT FOUND THEN
+		return;				-- No user?  No permissions.
+	ELSIF b_super THEN
+		--
+		-- Super user has all permissions everywhere
+		--
+		FOR n_work_ou IN
+			SELECT
+				id
+			FROM
+				actor.org_unit
+			WHERE
+				parent_ou IS NULL
+		LOOP
+			RETURN NEXT n_work_ou; 
+		END LOOP;
+		RETURN;
+	END IF;
 	--
 	-- Translate the permission name
 	-- to a numeric permission id
-- 
2.43.2