diff options
| author | Dave Arter <davea@mysociety.org> | 2016-09-14 10:52:08 +0100 |
|---|---|---|
| committer | Dave Arter <davea@mysociety.org> | 2016-09-20 16:07:09 +0100 |
| commit | b01df0c7609a1d6c008b943a9936d471cf0e0ce3 (patch) | |
| tree | 150199d93afb6ad71a6d7cb921eaff81dd07f63b /perllib/FixMyStreet/App/Controller | |
| parent | 6f623cbb0c055fb4ae7f1a3639edaa212fc55392 (diff) | |
Remove from_body requirement from User::has_permission_to
Diffstat (limited to 'perllib/FixMyStreet/App/Controller')
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Admin.pm | 2 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Moderate.pm | 2 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Report.pm | 4 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Report/New.pm | 6 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Report/Update.pm | 6 |
5 files changed, 10 insertions, 10 deletions
diff --git a/perllib/FixMyStreet/App/Controller/Admin.pm b/perllib/FixMyStreet/App/Controller/Admin.pm index 3fc5421ba..63ed9f3c6 100644 --- a/perllib/FixMyStreet/App/Controller/Admin.pm +++ b/perllib/FixMyStreet/App/Controller/Admin.pm @@ -687,7 +687,7 @@ sub report_edit : Path('report_edit') : Args(1) { unless ( $c->cobrand->moniker eq 'zurich' - || $c->user->has_permission_to(report_edit => $problem->bodies_str) + || $c->user->has_permission_to(report_edit => $problem->bodies_str_ids) ) { $c->detach( '/page_error_403_access_denied', [] ); } diff --git a/perllib/FixMyStreet/App/Controller/Moderate.pm b/perllib/FixMyStreet/App/Controller/Moderate.pm index dadec5c53..94e6cd62a 100644 --- a/perllib/FixMyStreet/App/Controller/Moderate.pm +++ b/perllib/FixMyStreet/App/Controller/Moderate.pm @@ -54,7 +54,7 @@ sub report : Chained('moderate') : PathPart('report') : CaptureArgs(1) { # ... and immediately, if the user isn't authorized $c->detach unless $c->user_exists; - $c->detach unless $c->user->has_permission_to(moderate => $problem->bodies_str); + $c->detach unless $c->user->has_permission_to(moderate => $problem->bodies_str_ids); $c->forward('/auth/check_csrf_token'); diff --git a/perllib/FixMyStreet/App/Controller/Report.pm b/perllib/FixMyStreet/App/Controller/Report.pm index 1d67afd0e..34392782b 100644 --- a/perllib/FixMyStreet/App/Controller/Report.pm +++ b/perllib/FixMyStreet/App/Controller/Report.pm @@ -133,7 +133,7 @@ sub load_problem_or_display_error : Private { } $c->stash->{problem} = $problem; - if ( $c->user_exists && $c->user->has_permission_to(moderate => $problem->bodies_str) ) { + if ( $c->user_exists && $c->user->has_permission_to(moderate => $problem->bodies_str_ids) ) { $c->stash->{problem_original} = $problem->find_or_new_related( moderation_original_data => { title => $problem->title, @@ -401,7 +401,7 @@ to the current Problem in $c->stash->{problem}. Shows the 403 page if not. sub check_has_permission_to : Private { my ( $self, $c, @permissions ) = @_; - my $bodies = $c->stash->{problem}->bodies_str; + my $bodies = $c->stash->{problem}->bodies_str_ids; my %permissions = map { $_ => $c->user->has_permission_to($_, $bodies) } @permissions if $c->user_exists; diff --git a/perllib/FixMyStreet/App/Controller/Report/New.pm b/perllib/FixMyStreet/App/Controller/Report/New.pm index 7b012e0a1..267f1059d 100644 --- a/perllib/FixMyStreet/App/Controller/Report/New.pm +++ b/perllib/FixMyStreet/App/Controller/Report/New.pm @@ -188,9 +188,9 @@ sub report_form_ajax : Path('ajax') : Args(0) { my $contribute_as = {}; if ($c->user_exists) { - my $bodies = join(',', keys %{$c->stash->{bodies}}); - my $ca_another_user = $c->user->has_permission_to('contribute_as_another_user', $bodies); - my $ca_body = $c->user->has_permission_to('contribute_as_body', $bodies); + my @bodies = keys %{$c->stash->{bodies}}; + my $ca_another_user = $c->user->has_permission_to('contribute_as_another_user', \@bodies); + my $ca_body = $c->user->has_permission_to('contribute_as_body', \@bodies); $contribute_as->{another_user} = $ca_another_user if $ca_another_user; $contribute_as->{body} = $ca_body if $ca_body; } diff --git a/perllib/FixMyStreet/App/Controller/Report/Update.pm b/perllib/FixMyStreet/App/Controller/Report/Update.pm index 705e6ee99..4c2d92d5e 100644 --- a/perllib/FixMyStreet/App/Controller/Report/Update.pm +++ b/perllib/FixMyStreet/App/Controller/Report/Update.pm @@ -113,7 +113,7 @@ sub process_user : Private { if ( $c->user_exists ) { { my $user = $c->user->obj; - if ($c->stash->{contributing_as_another_user} = $user->contributing_as('another_user', $c, $update->problem->bodies_str)) { + if ($c->stash->{contributing_as_another_user} = $user->contributing_as('another_user', $c, $update->problem->bodies_str_ids)) { # Act as if not logged in (and it will be auto-confirmed later on) last; } @@ -276,7 +276,7 @@ sub process_update : Private { $update->mark_fixed($params{fixed} ? 1 : 0); $update->mark_open($params{reopen} ? 1 : 0); - $c->stash->{contributing_as_body} = $c->user_exists && $c->user->contributing_as('body', $c, $update->problem->bodies_str); + $c->stash->{contributing_as_body} = $c->user_exists && $c->user->contributing_as('body', $c, $update->problem->bodies_str_ids); if ($c->stash->{contributing_as_body}) { $update->name($c->user->from_body->name); $update->anonymous(0); @@ -286,7 +286,7 @@ sub process_update : Private { } if ( $params{state} ) { - $params{state} = 'fixed - council' + $params{state} = 'fixed - council' if $params{state} eq 'fixed' && $c->user && $c->user->belongs_to_body( $update->problem->bodies_str ); $update->problem_state( $params{state} ); } else { |