From 751f019580e210ff22fc1ac0eea72cece854534a Mon Sep 17 00:00:00 2001 From: Kaarle Ritvanen Date: Tue, 18 Mar 2014 00:52:30 +0200 Subject: move permission checking from server to model hide all model data and functions inaccessible to the user --- aconf/transaction/init.lua | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) (limited to 'aconf/transaction') diff --git a/aconf/transaction/init.lua b/aconf/transaction/init.lua index aba1b66..d4c79fe 100644 --- a/aconf/transaction/init.lua +++ b/aconf/transaction/init.lua @@ -19,12 +19,14 @@ local ModelTransaction = object.class( require('aconf.transaction.base').Transaction ) -function ModelTransaction:init(backend, validate) +function ModelTransaction:init(backend, validate, user) super(self, ModelTransaction):init(backend) self.validate = validate self.validable = {} + self.user = user + self.root = root.RootModel{txn=self} end @@ -79,7 +81,10 @@ function ModelTransaction:check_deleted(path) end end -function ModelTransaction:fetch(path) return self.root:fetch(path) end +function ModelTransaction:fetch(path, escalate) + local root = self.root + return (escalate and getmetatable(root).escalate or root):fetch(path) +end function ModelTransaction:meta(path) return self.root:meta(path) end @@ -93,7 +98,7 @@ function ModelTransaction:commit() local function validate(path) if path > '/' then validate(pth.parent(path)) end if not self.commit_val[path] then return end - errors:collect(getmetatable(self:fetch(path)).validate) + errors:collect(getmetatable(self:fetch(path, true)).validate) self.commit_val[path] = nil end @@ -119,6 +124,7 @@ return function(options) options = options or {} return ModelTransaction( options.parent or (options.allow_commit_defer and def_store or store), - not (options.parent and options.defer_validation) + not (options.parent and options.defer_validation), + options.parent and options.parent.user or options.user ) end -- cgit v1.2.3