my $access = $node->{access};
- while ($access =~ m/^([a-z_\/]+|\||\&|\(|\)|\s+)/) {
+ while ($access =~ m/^([a-z_\/]+|\!|\||\&|\(|\)|\s+)/) {
my $token = $1;
substr($access, 0, length($1)) = "";
}
$cur_ary = $stack[-1];
- } elsif (($token eq "|") || ($token eq "&")) {
+ } elsif (($token eq "|") || ($token eq "&") || ($token eq "!")) {
push @{$cur_ary}, $token;
} else {
}
1;
-
# ( ) & | are supported. if binary operator is missing the last
# operator in same scope is repeated, or "|" if none used in scope
# yet. client config entries can be used as rights by prefixing them
-# with "client/". If missing, access will be granted.
+# with "client/".
+# ! is supported to negate the subsequent expression.
+# If missing, access will be granted.
#
# Example:
# client/feature_default_enabled | ( feature & system )
$node{access} = 'sales_quotation_edit & client/feature_experimental';
ok($menu->parse_access_string(\%node), 'client');
+$node{access} = '!no_such_right';
+ok($menu->parse_access_string(\%node), 'simple negation 1');
+
+$node{access} = '!sales_order_edit';
+ok(!$menu->parse_access_string(\%node), 'simple negation 2');
+
+$node{access} = '!!sales_order_edit';
+ok($menu->parse_access_string(\%node), 'double negation');
+
+$node{access} = '(no_such_right & sales_order_edit | !(no_such_right & sales_order_edit))';
+ok($menu->parse_access_string(\%node), 'parenthesis with negation 1');
+
+$node{access} = '(no_such_right & sales_order_edit | (!no_such_right | !sales_order_edit))';
+ok($menu->parse_access_string(\%node), 'parenthesis with negation 2');
+
+$node{access} = 'sales_quotation_edit & !client/feature_experimental';
+ok(!$menu->parse_access_string(\%node), 'client negation');
+
done_testing;
1;
projects / kivitendo-erp.git / commitdiff