Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Item14189: fix checking for access control rules
- i.e. when none are defined.
- some performance improvement
  • Loading branch information
MichaelDaum committed Sep 9, 2016
1 parent 56d720e commit 12d123b
Show file tree
Hide file tree
Showing 6 changed files with 20 additions and 30 deletions.
7 changes: 4 additions & 3 deletions data/System/SqlPlugin.txt
Expand Up @@ -120,6 +120,7 @@ The behavior when the database parameter is omitted is unchanged.
%$DEPENDENCIES%

---++ Change History
| 09 Sep 2016: | (3.03) Foswiki:Tasks/Item14189 - fix checking for access control rules, i.e. when none are defined |
| 29 Sep 2015: | (3.02) Foswiki:Tasks/Item13623 - fixed error initializing access rules |
| 25 Sep 2014: | (3.00) Foswiki:Tasks/Item13037 - rewrite the core in an object-oriented way |
| 18 Mar 2014: | (2.00) Foswiki:Tasks/Item12801 - make logging of sql action configurable |
Expand All @@ -135,11 +136,11 @@ The behavior when the database parameter is omitted is unchanged.

%META:FORM{name="PackageForm"}%
%META:FIELD{name="Author" title="Author" value="Foswiki:MichaelDaum"}%
%META:FIELD{name="Copyright" title="Copyright" value="© 2009-2015 Michael Daum http://michaeldaumconsulting.com"}%
%META:FIELD{name="Copyright" title="Copyright" value="© 2009-2016 Michael Daum http://michaeldaumconsulting.com"}%
%META:FIELD{name="Description" title="Description" value="%25$SHORTDESCRIPTION%25"}%
%META:FIELD{name="Home" title="Home" value="http://foswiki.org/Extensions/%TOPIC%"}%
%META:FIELD{name="Home" title="Home" value="https://foswiki.org/Extensions/%TOPIC%"}%
%META:FIELD{name="License" title="License" value="[[http://www.gnu.org/licenses/gpl.html][GPL (Gnu General Public License)]]"}%
%META:FIELD{name="Release" title="Release" value="%$RELEASE%"}%
%META:FIELD{name="Repository" title="Repository" value="https://github.com/foswiki/%TOPIC%"}%
%META:FIELD{name="Support" title="Support" value="http://foswiki.org/Support/%TOPIC%"}%
%META:FIELD{name="Support" title="Support" value="https://foswiki.org/Support/%TOPIC%"}%
%META:FIELD{name="Version" title="Version" value="%$VERSION%"}%
6 changes: 3 additions & 3 deletions lib/Foswiki/Plugins/SqlPlugin.pm
@@ -1,6 +1,6 @@
# Plugin for Foswiki - The Free and Open Source Wiki, http://foswiki.org/
#
# Copyright (C) 2009-2015 Michael Daum http://michaeldaumconsulting.com
# Copyright (C) 2009-2016 Michael Daum http://michaeldaumconsulting.com
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
Expand All @@ -18,8 +18,8 @@ package Foswiki::Plugins::SqlPlugin;
use strict;
use warnings;

our $VERSION = '3.02';
our $RELEASE = '29 Sep 2015';
our $VERSION = '3.03';
our $RELEASE = '09 Sep 2016';
our $SHORTDESCRIPTION = 'SQL interface for Foswiki';
our $NO_PREFS_IN_TOPIC = 1;
our $core;
Expand Down
2 changes: 2 additions & 0 deletions lib/Foswiki/Plugins/SqlPlugin/Config.spec
Expand Up @@ -47,3 +47,5 @@ $Foswiki::cfg{SqlPlugin}{AccessControl} =
]
},
];

1;
2 changes: 1 addition & 1 deletion lib/Foswiki/Plugins/SqlPlugin/Connection.pm
@@ -1,6 +1,6 @@
# Plugin for Foswiki - The Free and Open Source Wiki, http://foswiki.org/
#
# Copyright (C) 2009-2015 Michael Daum http://michaeldaumconsulting.com
# Copyright (C) 2009-2016 Michael Daum http://michaeldaumconsulting.com
#
# Based on DatabasePlugin Copyright (C) 2002-2007 Tait Cyrus, tait.cyrus@usa.net
#
Expand Down
17 changes: 9 additions & 8 deletions lib/Foswiki/Plugins/SqlPlugin/Core.pm
@@ -1,6 +1,6 @@
# Plugin for Foswiki - The Free and Open Source Wiki, http://foswiki.org/
#
# Copyright (C) 2009-2015 Michael Daum http://michaeldaumconsulting.com
# Copyright (C) 2009-2016 Michael Daum http://michaeldaumconsulting.com
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
Expand Down Expand Up @@ -298,19 +298,19 @@ sub formatResult {

##############################################################################
# Check if the currently logged in user has permission to run
# $theQuery on $theDatabase. Thows Error::Simple on access failure.
# $theQuery on $theDatabase. Throws Error::Simple on access failure.
##############################################################################
sub checkAccess {
my ($this, $theDatabase, $theQuery) = @_;

my $isAllowed = 0;

if (!$this->{accessControls} || !defined($this->{accessControls}{$theDatabase})) {
$isAllowed = 1;
} else {
my $isAllowed = 1;

if ($this->{accessControls}) {
my $user = Foswiki::Func::getWikiName();
foreach my $access (@{$this->{accessControls}{$theDatabase}}) {
foreach my $access (@{$this->{accessControls}}) {
next unless $access->{id} eq $theDatabase;

$isAllowed = 0;

my $whoPasses = 0;
my $who = $access->{who};
Expand Down Expand Up @@ -351,6 +351,7 @@ sub checkAccess {

if ($whoPasses && $queryPasses) {
$isAllowed = 1;
last;
}
}
}
Expand Down
16 changes: 1 addition & 15 deletions lib/Foswiki/Plugins/SqlPlugin/build.pl
@@ -1,24 +1,10 @@
#!/usr/bin/perl -w
#!/usr/bin/env perl
BEGIN { unshift @INC, split( /:/, $ENV{FOSWIKI_LIBS} ); }
use Foswiki::Contrib::Build;

# Create the build object
$build = new Foswiki::Contrib::Build('SqlPlugin');

# (Optional) Set the details of the repository for uploads.
# This can be any web on any accessible Foswiki installation.
# These defaults will be used when expanding tokens in .txt
# files, but be warned, they can be overridden at upload time!

# name of web to upload to
$build->{UPLOADTARGETWEB} = 'Extensions';
# Full URL of pub directory
$build->{UPLOADTARGETPUB} = 'http://foswiki.org/pub';
# Full URL of bin directory
$build->{UPLOADTARGETSCRIPT} = 'http://foswiki.org/bin';
# Script extension
$build->{UPLOADTARGETSUFFIX} = '';

# Build the target on the command line, or the default target
$build->build($build->{target});

0 comments on commit 12d123b

Please sign in to comment.