From e7ed4a1168a1661e75d86025c284a3517d2d9340 Mon Sep 17 00:00:00 2001 From: Matthew Somerville Date: Fri, 16 Dec 2016 18:10:22 +0000 Subject: Only load user body permissions once per request. This should help if a template uses has_permission_to a lot. --- perllib/FixMyStreet/DB/Result/User.pm | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) (limited to 'perllib/FixMyStreet/DB/Result/User.pm') diff --git a/perllib/FixMyStreet/DB/Result/User.pm b/perllib/FixMyStreet/DB/Result/User.pm index f4e5144f8..72acb6940 100644 --- a/perllib/FixMyStreet/DB/Result/User.pm +++ b/perllib/FixMyStreet/DB/Result/User.pm @@ -248,6 +248,15 @@ sub split_name { return { first => $first || '', last => $last || '' }; } +has body_permissions => ( + is => 'ro', + lazy => 1, + default => sub { + my $self = shift; + return [ $self->user_body_permissions->all ]; + }, +); + sub permissions { my ($self, $c, $body_id) = @_; @@ -258,9 +267,7 @@ sub permissions { return unless $self->belongs_to_body($body_id); - my @permissions = $self->user_body_permissions->search({ - body_id => $self->from_body->id, - })->all; + my @permissions = grep { $_->body_id == $self->from_body->id } @{$self->body_permissions}; return { map { $_->permission_type => 1 } @permissions }; } @@ -269,12 +276,13 @@ sub has_permission_to { return 1 if $self->is_superuser; return 0 if !$body_ids || (ref $body_ids && !@$body_ids); + $body_ids = [ $body_ids ] unless ref $body_ids; + my %body_ids = map { $_ => 1 } @$body_ids; - my $permission = $self->user_body_permissions->find({ - permission_type => $permission_type, - body_id => $body_ids, - }); - return $permission ? 1 : 0; + foreach (@{$self->body_permissions}) { + return 1 if $_->permission_type eq $permission_type && $body_ids{$_->body_id}; + } + return 0; } =head2 has_body_permission_to -- cgit v1.2.3 From d5641749504a8eb9295f95bac412cb3737256476 Mon Sep 17 00:00:00 2001 From: Matthew Somerville Date: Tue, 10 Jan 2017 13:24:44 +0000 Subject: Update has_body_permission_to to allow superusers. --- perllib/FixMyStreet/DB/Result/User.pm | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) (limited to 'perllib/FixMyStreet/DB/Result/User.pm') diff --git a/perllib/FixMyStreet/DB/Result/User.pm b/perllib/FixMyStreet/DB/Result/User.pm index 72acb6940..135f9b4a5 100644 --- a/perllib/FixMyStreet/DB/Result/User.pm +++ b/perllib/FixMyStreet/DB/Result/User.pm @@ -287,23 +287,26 @@ sub has_permission_to { =head2 has_body_permission_to -Checks if the User has a from_body set, and the specified permission on that body. +Checks if the User has a from_body set, the specified permission on that body, +and optionally that their from_body is one particular body. Instead of saying: - ($user->from_body && $user->has_permission_to('user_edit', $user->from_body->id)) + ($user->from_body && $user->from_body->id == $body_id && $user->has_permission_to('user_edit', $body_id)) You can just say: - $user->has_body_permission_to('user_edit') - -NB unlike has_permission_to, this doesn't blindly return 1 if the user is a superuser. + $user->has_body_permission_to('user_edit', $body_id) =cut sub has_body_permission_to { - my ($self, $permission_type) = @_; + my ($self, $permission_type, $body_id) = @_; + + return 1 if $self->is_superuser; + return unless $self->from_body; + return if $body_id && $self->from_body->id != $body_id; return $self->has_permission_to($permission_type, $self->from_body->id); } -- cgit v1.2.3 From 21877e063f8ab9c5914adbc88c8210d2393671ae Mon Sep 17 00:00:00 2001 From: Matthew Somerville Date: Tue, 22 Nov 2016 15:38:07 +0000 Subject: Add shortlist buttons to report lists. This includes adding/removing reports from a user's shortlist, and manual reordering of a shortlist with up/down buttons. The backend code can cope with an item moving to any point in the list. --- perllib/FixMyStreet/DB/Result/User.pm | 2 ++ 1 file changed, 2 insertions(+) (limited to 'perllib/FixMyStreet/DB/Result/User.pm') diff --git a/perllib/FixMyStreet/DB/Result/User.pm b/perllib/FixMyStreet/DB/Result/User.pm index 72acb6940..b34be674a 100644 --- a/perllib/FixMyStreet/DB/Result/User.pm +++ b/perllib/FixMyStreet/DB/Result/User.pm @@ -379,6 +379,8 @@ around add_to_planned_reports => sub { around remove_from_planned_reports => sub { my ($orig, $self, $report) = @_; $self->user_planned_reports->active->for_report($report->id)->remove(); + $report->unset_extra_metadata('order'); + $report->update; }; sub active_planned_reports { -- cgit v1.2.3