Index: openacs-4/packages/oacs-dav/tcl/oacs-dav-procs-oracle.xql
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/oacs-dav/tcl/oacs-dav-procs-oracle.xql,v
diff -u -r1.3.2.5 -r1.3.2.6
--- openacs-4/packages/oacs-dav/tcl/oacs-dav-procs-oracle.xql 23 Apr 2004 17:22:12 -0000 1.3.2.5
+++ openacs-4/packages/oacs-dav/tcl/oacs-dav-procs-oracle.xql 6 May 2004 03:30:03 -0000 1.3.2.6
@@ -12,6 +12,21 @@
+
+
+ select count(*)
+ from (select item_id
+ from cr_items
+ connect by prior item_id = parent_id
+ start with item_id = :item_id)
+ where not exists (select 1
+ from acs_object_party_privilege_map m
+ where m.object_id = cr_items.item_id
+ and m.party_id = :user_id
+ and m.privilege = :privilege)
+
+
+
@@ -100,6 +115,23 @@
+
+
+ update cr_items
+ set live_revision=latest_revision
+ where exists (
+ select 1
+ from
+ (select ci1.item_id as child_item_id
+ from cr_items ci1
+ connect by prior item_id = parent_id
+ start with item_id = :folder_id
+ ) children
+ where item_id=children.child_item_id
+ )
+
+
+
begin
@@ -118,7 +150,7 @@
content_folder.rename (
folder_id => :move_folder_id,
name => :new_name,
- label => NULL,
+ label => :new_name,
description => NULL
);
end;
Index: openacs-4/packages/oacs-dav/tcl/oacs-dav-procs-postgresql.xql
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/oacs-dav/tcl/oacs-dav-procs-postgresql.xql,v
diff -u -r1.1.1.1.2.1 -r1.1.1.1.2.2
--- openacs-4/packages/oacs-dav/tcl/oacs-dav-procs-postgresql.xql 31 Mar 2004 01:48:31 -0000 1.1.1.1.2.1
+++ openacs-4/packages/oacs-dav/tcl/oacs-dav-procs-postgresql.xql 6 May 2004 03:30:03 -0000 1.1.1.1.2.2
@@ -8,6 +8,20 @@
+
+
+ select count(*)
+ from cr_items c1, cr_items c2
+ where c2.item_id = :item_id
+ and c1.tree_sortkey between c2.tree_sortkey and tree_right(c2.tree_sortkey)
+ and not exists (select 1
+ from acs_object_party_privilege_map m
+ where m.object_id = cr_items.item_id
+ and m.party_id = :user_id
+ and m.privilege = :privilege)
+
+
+
@@ -45,7 +59,7 @@
ci.name,
content_item__get_path(ci.item_id,:folder_id) as item_uri,
coalesce(cr.mime_type,'*/*') as mime_type,
- cr.content_length,
+ coalesce(cr.content_length,0) as content_length,
to_char(timezone('GMT',o.creation_date) :: timestamptz ,'YYYY-MM-DD"T"HH:MM:SS.MS"Z"') as creation_date,
to_char(timezone('GMT',o.last_modified) :: timestamptz ,'Dy, DD Mon YYYY HH:MM:SS TZ') as last_modified
from cr_items ci,
@@ -92,6 +106,24 @@
+
+
+ update cr_items
+ set live_revision = latest_revision
+ where exists (
+ select 1
+ from
+ (select ci1.item_id as child_item_id
+ from cr_items ci1, cr_items ci2
+ where ci2.item_id=:new_folder_id
+ and ci1.tree_sortkey
+ between ci2.tree_sortkey and tree_right(ci2.tree_sortkey)
+ ) children
+ where item_id=children.child_item_id
+ )
+
+
+
select content_folder__move (
@@ -107,7 +139,7 @@
select content_folder__rename (
:move_folder_id,
:new_name,
- NULL,
+ :new_name,
NULL
)
Index: openacs-4/packages/oacs-dav/tcl/oacs-dav-procs.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/oacs-dav/tcl/oacs-dav-procs.tcl,v
diff -u -r1.4.2.16 -r1.4.2.17
--- openacs-4/packages/oacs-dav/tcl/oacs-dav-procs.tcl 4 May 2004 00:08:04 -0000 1.4.2.16
+++ openacs-4/packages/oacs-dav/tcl/oacs-dav-procs.tcl 6 May 2004 03:30:03 -0000 1.4.2.17
@@ -182,7 +182,7 @@
-privilege "create"] ]
}
propfind {
- if {!$user_id && [parameter::get -parameter RequireAuthForPropfind -package_id [apm_package_id_from_key oacs-dav] -default "1"]} {
+ if {!$user_id} {
ns_returnunauthorized
} else {
set authorized_p [permission::permission_p \
@@ -371,6 +371,26 @@
ns_log debug "\noacs_dav::conn_setup: item_id $item_id"
}
+ad_proc -public oacs_dav::children_have_permission_p {
+ -user_id
+ -item_id
+ -privilege
+} {
+ Check permission on child items of item_id for user_id with privilege
+ @param user_id
+ @param item_id
+ @param privilege
+
+ @return retursn 0 if user does not have privilege over all childern otherwise return 1
+} {
+ set child_count [db_string child_perms ""]
+ ns_log notice "\n ----- \n oacs_dav::children_have_permission_p \n child_count = $child_count \n ----- \n"
+ incr child_count [db_string revision_perms ""]
+ ns_log notice "\n ----- \n oacs_dav::children_have_permission_p \n child_count = $child_count \n ----- \n"
+ ns_log notice "\n ----- \n oacs_dav::children_have_permission_p \n return [expr $child_count == 0] \n ----- \n"
+ return [expr $child_count == 0]
+}
+
ad_proc -public oacs_dav::handle_request { uri method args } {
dispatch request to the proper service contract implmentation
} {
@@ -570,6 +590,10 @@
}
# according to the spec copy with overwrite means
# delete then copy
+ set blocked_p [oacs_dav::children_have_permission_p -item_id $copy_folder_id -user_id $user_id -privilege "delete"]
+ if {$blocked_p} {
+ return [list 409]
+ }
if {![string equal "unlocked" [tdav::check_lock $target_uri]]} {
return [list 423]
}
@@ -581,6 +605,11 @@
}
db_transaction {
db_exec_plsql copy_folder ""
+ # we need to do this because in oracle content_folder__copy
+ # is a procedure and does not return the new folder_id
+ set new_folder_id [db_string get_new_folder_id ""]
+ # update all child items revisions to live revision
+ db_dml update_child_revisions ""
} on_error {
return [list 500]
}
@@ -627,12 +656,16 @@
-privilege "write"]} {
ns_returnunauthorized
}
- # according to the spec copy with overwrite means
- # delete then copy
+ # according to the spec move with overwrite means
+ # delete then move
if {![string equal "unlocked" [tdav::check_lock $target_uri]]} {
return [list 423]
}
-
+ # TODO check if we have permission over everything inside
+ set blocked_p [oacs_dav::children_have_permission_p -item_id $move_folder_id -user_id $user_id -privilege "delete"]
+ if {$blocked_p} {
+ return [list 409]
+ }
db_exec_plsql delete_for_move ""
set response [list 204]
ns_log debug "\n ----- \n CONTENT_FOLDER::MOVE OVERWRITING RETURNING 204 \n ----- \n"
@@ -651,6 +684,10 @@
if {![string equal $cur_parent_folder_id $new_parent_folder_id]} {
ns_log debug "\n@@DAV@@ move folder $move_folder_id"
db_exec_plsql move_folder ""
+ # change label if name is different
+ if {![string equal $new_name $item_name]} {
+ db_dml update_label ""
+ }
} elseif {![empty_string_p $new_name]} {
ns_log debug "\n@@DAV@@ move folder rename $move_folder_id to $new_name"
db_exec_plsql rename_folder ""
@@ -677,6 +714,10 @@
if {![string equal "unlocked" [tdav::check_lock $uri]]} {
return [list 423]
}
+ set blocked_p [oacs_dav::children_have_permission_p -item_id $item_id -user_id $user_id -privilege "delete"]
+ if {$blocked_p} {
+ return [list 403]
+ }
if {[catch {db_exec_plsql delete_folder ""} errmsg]} {
ns_log error "content_folder::delete $errmsg"
set response [list 500]
@@ -840,6 +881,7 @@
#for now we always get live/latest revision
cr_write_content -item_id $item_id
+
}
ad_proc oacs_dav::impl::content_revision::head {} {
@@ -1115,9 +1157,13 @@
db_transaction {
if {![string equal $cur_parent_folder_id $new_parent_folder_id]} {
db_exec_plsql move_item ""
+
} elseif {![empty_string_p $new_name] } {
db_exec_plsql rename_item ""
}
+ if {![string equal $item_name $new_name]} {
+ db_dml update_title ""
+ }
} on_error {
return [list 500]
}
Index: openacs-4/packages/oacs-dav/tcl/oacs-dav-procs.xql
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/oacs-dav/tcl/oacs-dav-procs.xql,v
diff -u -r1.3 -r1.3.2.1
--- openacs-4/packages/oacs-dav/tcl/oacs-dav-procs.xql 20 Feb 2004 23:48:22 -0000 1.3
+++ openacs-4/packages/oacs-dav/tcl/oacs-dav-procs.xql 6 May 2004 03:30:03 -0000 1.3.2.1
@@ -55,6 +55,23 @@
+
+
+ update cr_folders
+ set label = :new_name
+ where folder_id=:move_folder_id
+
+
+
+
+
+ select item_id
+ from cr_items
+ where name = :new_name
+ and parent_id = :new_parent_folder_id
+
+
+
@@ -63,4 +80,44 @@
+
+
+ update cr_revisions
+ set title = :new_name
+ where revision_id = (select latest_revision from cr_items
+ where item_id=:item_id)
+
+
+
+
+
+ select count(*)
+ from cr_revisions
+ where item_id = :item_id
+ and not exists (select 1
+ from acs_object_party_privilege_map m
+ where m.object_id = revision_id
+ and m.party_id = :user_id
+ and m.privilege = 'delete')
+
+
+
+
+
+ update cr_items
+ set live_revision=latest_revision
+ where exists (
+ select 1
+ from
+ (select ci1.item_id as child_item_id
+ from cr_items ci1, cr_items ci2
+ where ci2.item_id=:new_folder_id
+ and ci1.tree_sortkey
+ between ci2.tree_sortkey and tree_right(ci2.tree_sortkey)
+ ) children
+ where item_id=child_item_id
+ )
+
+
+
\ No newline at end of file