another ACL logic fix

diff --git a/script/dblookup.pl b/script/dblookup.pl
index 2346fde..16ee440 100755 (executable)
--- a/script/dblookup.pl
+++ b/script/dblookup.pl
@@ -67,7 +67,8 @@ if( $list ) {
                        next unless grep { $_ eq $tid } @uuids;
                }
                my $t = $kdb->lookup( $tid );
-               print STDERR "$tid: Tradition '" . $t->name . "'\n";
+               my $tstr = $t->public ? 'Public tradition' : 'Tradition';
+               print STDERR "$tid: $tstr '" . $t->name . "'\n";
                my @wits = map { $_->sigil } $t->witnesses;
                print STDERR "...with witnesses @wits\n";
                my $c = $t->collation;

diff --git a/stemmaweb/lib/stemmaweb/Controller/Relation.pm b/stemmaweb/lib/stemmaweb/Controller/Relation.pm
index 961cfa1..357b9ca 100644 (file)
--- a/stemmaweb/lib/stemmaweb/Controller/Relation.pm
+++ b/stemmaweb/lib/stemmaweb/Controller/Relation.pm
@@ -383,16 +383,17 @@ sub _check_permission {
        $c->stash->{'permission'} = 'full'
                if( $user->is_admin || $tradition->user->id eq $user->id );
        return 1;
-    } elsif( $tradition->public ) {
+    } 
+    # Is it public?
+    if( $tradition->public ) {
        $c->stash->{'permission'} = 'readonly';
        return 1;
-    } else {
-       # Forbidden!
-       $c->response->status( 403 );
-       $c->response->body( 'You do not have permission to view this tradition.' );
-       $c->detach( 'View::Plain' );
-       return 0;
-    }
+    } 
+       # Forbidden!
+       $c->response->status( 403 );
+       $c->response->body( 'You do not have permission to view this tradition.' );
+       $c->detach( 'View::Plain' );
+       return 0;
 }
 
 sub _clean_booleans {

diff --git a/stemmaweb/lib/stemmaweb/Controller/Root.pm b/stemmaweb/lib/stemmaweb/Controller/Root.pm
index 7e9ff2b..3ff836f 100644 (file)
--- a/stemmaweb/lib/stemmaweb/Controller/Root.pm
+++ b/stemmaweb/lib/stemmaweb/Controller/Root.pm
@@ -291,10 +291,11 @@ sub _check_permission {
     if( $user ) {
        return 'full' if ( $user->is_admin || 
                ( $tradition->has_user && $tradition->user->id eq $user->id ) );
-    } elsif( $tradition->public ) {
-       return 'readonly';
-    } 
-       # else Forbidden!
+    }
+       # Text doesn't belong to us, so maybe it's public?
+       return 'readonly' if $tradition->public;
+
+       # ...nope. Forbidden!
        $c->response->status( 403 );
        $c->response->body( 'You do not have permission to view this tradition.' );
        $c->detach( 'View::Plain' );

diff --git a/stemmaweb/lib/stemmaweb/Controller/Stexaminer.pm b/stemmaweb/lib/stemmaweb/Controller/Stexaminer.pm
index d40ecbc..86020a1 100644 (file)
--- a/stemmaweb/lib/stemmaweb/Controller/Stexaminer.pm
+++ b/stemmaweb/lib/stemmaweb/Controller/Stexaminer.pm
@@ -104,16 +104,17 @@ sub _check_permission {
        $c->stash->{'permission'} = 'full'
                if( $user->is_admin || $tradition->user->id eq $user->id );
        return 1;
-    } elsif( $tradition->public ) {
+    } 
+    # Is it public?
+    if( $tradition->public ) {
        $c->stash->{'permission'} = 'readonly';
        return 1;
-    } else {
-       # Forbidden!
-       $c->response->status( 403 );
-       $c->response->body( 'You do not have permission to view this tradition.' );
-       $c->detach( 'View::Plain' );
-       return 0;
-    }
+    } 
+       # Forbidden!
+       $c->response->status( 403 );
+       $c->response->body( 'You do not have permission to view this tradition.' );
+       $c->detach( 'View::Plain' );
+       return 0;
 }
 
 =head2 graphsvg