Index: openacs-4/packages/dotlrn/sql/postgresql/custom-permissions.sql =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/dotlrn/sql/postgresql/custom-permissions.sql,v diff -u -N --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ openacs-4/packages/dotlrn/sql/postgresql/custom-permissions.sql 17 Oct 2002 11:40:51 -0000 1.1.2.1 @@ -0,0 +1,62 @@ +-- @author Don Baccus +-- @creation-date 2002-07-09 +-- +-- Ported from oracle 2002-08-10 davis@xarg.net +-- +-- Return 't' if the party has admin privileges on the given group +-- This function is much faster than the general permissions permission_p +-- function as it takes advantage of the fact that we know the object +-- being checked is a group. This allows us to greatly simplify the relseg +-- check. + +-- We also don't bother checking to see if "The Public" (all visitors) or +-- "Registered Users" are allowed to admin the dotLRN community because, well, +-- we know they aren't. + + +-- We also don't check to see if the group has the direct admin perm on +-- the object because dotLRN puts all group-level admins into a relational +-- segment with the 'admin' privilege on its parent group. + + +-- If you customize the dotLRN community datamodel and violate any of the +-- above assumptions, rewrite this function. + + +create or replace function dotlrn_community_admin_p (integer, integer) +returns char as ' + declare + group_id alias for $1; + party_id alias for $2; + begin + -- + -- direct permissions + if exists ( + select 1 + from acs_object_grantee_priv_map + where object_id = dotlrn_community_admin_p.group_id + and grantee_id = dotlrn_community_admin_p.party_id + and privilege = ''admin'') + then + return ''t''; + end if; + + -- check to see if the user belongs to a rel seg that has + -- the admin priv on the object (in this case a group) + + + if exists ( + select 1 + from acs_object_grantee_priv_map ogpm, + rel_seg_approved_member_map rs + where rs.group_id = dotlrn_community_admin_p.group_id + and ogpm.object_id = rs.group_id + and ogpm.privilege = ''admin'' + and ogpm.grantee_id = rs.segment_id + and rs.member_id = dotlrn_community_admin_p.party_id) + then + return ''t''; + end if; + + return ''f''; +end;' language 'plpgsql';