X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=SL%2FAuth.pm;h=82be3b8d80cc2601fbfa580b60563400ec78fa8f;hb=ab18d1c0c613c094e576be22c0f788dfa19165bc;hp=c2e6f73364d6f12a864cce592e7b821f04784467;hpb=e476a9df6d7b8794add9fe384a624817dc21c21b;p=kivitendo-erp.git diff --git a/SL/Auth.pm b/SL/Auth.pm index c2e6f7336..82be3b8d8 100644 --- a/SL/Auth.pm +++ b/SL/Auth.pm @@ -55,10 +55,10 @@ sub init { sub reset { my ($self, %params) = @_; - $self->{SESSION} = { }; - $self->{FULL_RIGHTS} = { }; - $self->{RIGHTS} = { }; - $self->{unique_counter} = 0; + $self->{SESSION} = { }; + $self->{FULL_RIGHTS} = { }; + $self->{RIGHTS} = { }; + $self->{unique_counter} = 0; if ($self->is_db_connected) { # reset is called during request shutdown already. In case of a @@ -1077,23 +1077,36 @@ sub evaluate_rights_ary { my $value = 0; my $action = '|'; + my $negate = 0; foreach my $el (@{$ary}) { if (ref $el eq "ARRAY") { + my $val = evaluate_rights_ary($el); + $val = !$val if $negate; + $negate = 0; if ($action eq '|') { - $value |= evaluate_rights_ary($el); + $value |= $val; } else { - $value &= evaluate_rights_ary($el); + $value &= $val; } } elsif (($el eq '&') || ($el eq '|')) { $action = $el; + } elsif ($el eq '!') { + $negate = !$negate; + } elsif ($action eq '|') { - $value |= $el; + my $val = $el; + $val = !$val if $negate; + $negate = 0; + $value |= $val; } else { - $value &= $el; + my $val = $el; + $val = !$val if $negate; + $negate = 0; + $value &= $val; } } @@ -1309,6 +1322,11 @@ close the database connection. Creating a new database handle on each request can take up to 30% of the pre-request startup time, so we want to avoid that for fast ajax calls. +=item C + +Checks if current user has the C<$right>. If C<$dont_abort> is falsish +the request dies with a access denied error, otherwise returns true or false. + =back =head1 BUGS