From 791ee0dc06650351e0fd6cf79d6af5056c5c987f Mon Sep 17 00:00:00 2001 From: Kaarle Ritvanen Date: Mon, 24 Mar 2014 18:22:55 +0200 Subject: model: allow fallback to default permission checking implementation --- aconf/model/model.lua | 4 ++-- aconf/model/node.lua | 18 ++++++++++++------ 2 files changed, 14 insertions(+), 8 deletions(-) diff --git a/aconf/model/model.lua b/aconf/model/model.lua index 5d4145f..259da09 100644 --- a/aconf/model/model.lua +++ b/aconf/model/model.lua @@ -233,8 +233,8 @@ function M.Model:init(context) end if self.has_permission then - function mt.has_permission(permission) - return mt.privileged or self:has_permission(mt.txn.user, permission) + function mt._has_permission(permission) + return self:has_permission(mt.txn.user, permission) end end diff --git a/aconf/model/node.lua b/aconf/model/node.lua index c45196a..fe816e8 100644 --- a/aconf/model/node.lua +++ b/aconf/model/node.lua @@ -129,6 +129,8 @@ function M.TreeNode:init(context, params) local permissions = {} + function mt._has_permission(permission) end + function mt.has_permission(permission) if mt.privileged then return true end @@ -136,13 +138,17 @@ function M.TreeNode:init(context, params) local res = permissions[name] if res ~= nil then return res end - if getmetatable(mt.escalate).fetch('/auth/permissions')[name] then - res = mt.txn.user:check_permission(name) - else - if ({create=true, delete=true})[permission] then - permission = 'modify' + res = mt._has_permission(permission) + + if res == nil then + if getmetatable(mt.escalate).fetch('/auth/permissions')[name] then + res = mt.txn.user:check_permission(name) + else + if ({create=true, delete=true})[permission] then + permission = 'modify' + end + res = getmetatable(mt.parent).has_permission(permission) end - res = getmetatable(mt.parent).has_permission(permission) end permissions[name] = res -- cgit v1.2.3