From: Tara L Andrews <tla@mit.edu>
Date: Fri, 31 Aug 2012 22:04:01 +0000 (+0200)
Subject: another ACL logic fix
X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=commitdiff_plain;h=75ce4f7a218ab238ec516bf24871d54c8f826bc2;p=scpubgit%2Fstemmatology.git

another ACL logic fix
---

diff --git a/script/dblookup.pl b/script/dblookup.pl
index 2346fde..16ee440 100755
--- a/script/dblookup.pl
+++ b/script/dblookup.pl
@@ -67,7 +67,8 @@ if( $list ) {
 			next unless grep { $_ eq $tid } @uuids;
 		}
 		my $t = $kdb->lookup( $tid );
-		print STDERR "$tid: Tradition '" . $t->name . "'\n";
+		my $tstr = $t->public ? 'Public tradition' : 'Tradition';
+		print STDERR "$tid: $tstr '" . $t->name . "'\n";
 		my @wits = map { $_->sigil } $t->witnesses;
 		print STDERR "...with witnesses @wits\n";
 		my $c = $t->collation;
diff --git a/stemmaweb/lib/stemmaweb/Controller/Relation.pm b/stemmaweb/lib/stemmaweb/Controller/Relation.pm
index 961cfa1..357b9ca 100644
--- a/stemmaweb/lib/stemmaweb/Controller/Relation.pm
+++ b/stemmaweb/lib/stemmaweb/Controller/Relation.pm
@@ -383,16 +383,17 @@ sub _check_permission {
     	$c->stash->{'permission'} = 'full'
     		if( $user->is_admin || $tradition->user->id eq $user->id );
     	return 1;
-    } elsif( $tradition->public ) {
+    } 
+    # Is it public?
+    if( $tradition->public ) {
     	$c->stash->{'permission'} = 'readonly';
     	return 1;
-    } else {
-    	# Forbidden!
-    	$c->response->status( 403 );
-    	$c->response->body( 'You do not have permission to view this tradition.' );
-    	$c->detach( 'View::Plain' );
-    	return 0;
-    }
+    } 
+	# Forbidden!
+	$c->response->status( 403 );
+	$c->response->body( 'You do not have permission to view this tradition.' );
+	$c->detach( 'View::Plain' );
+	return 0;
 }
 
 sub _clean_booleans {
diff --git a/stemmaweb/lib/stemmaweb/Controller/Root.pm b/stemmaweb/lib/stemmaweb/Controller/Root.pm
index 7e9ff2b..3ff836f 100644
--- a/stemmaweb/lib/stemmaweb/Controller/Root.pm
+++ b/stemmaweb/lib/stemmaweb/Controller/Root.pm
@@ -291,10 +291,11 @@ sub _check_permission {
     if( $user ) {
     	return 'full' if ( $user->is_admin || 
     		( $tradition->has_user && $tradition->user->id eq $user->id ) );
-    } elsif( $tradition->public ) {
-    	return 'readonly';
-    } 
-	# else Forbidden!
+    }
+	# Text doesn't belong to us, so maybe it's public?
+	return 'readonly' if $tradition->public;
+
+	# ...nope. Forbidden!
 	$c->response->status( 403 );
 	$c->response->body( 'You do not have permission to view this tradition.' );
 	$c->detach( 'View::Plain' );
diff --git a/stemmaweb/lib/stemmaweb/Controller/Stexaminer.pm b/stemmaweb/lib/stemmaweb/Controller/Stexaminer.pm
index d40ecbc..86020a1 100644
--- a/stemmaweb/lib/stemmaweb/Controller/Stexaminer.pm
+++ b/stemmaweb/lib/stemmaweb/Controller/Stexaminer.pm
@@ -104,16 +104,17 @@ sub _check_permission {
     	$c->stash->{'permission'} = 'full'
     		if( $user->is_admin || $tradition->user->id eq $user->id );
     	return 1;
-    } elsif( $tradition->public ) {
+    } 
+    # Is it public?
+    if( $tradition->public ) {
     	$c->stash->{'permission'} = 'readonly';
     	return 1;
-    } else {
-    	# Forbidden!
-    	$c->response->status( 403 );
-    	$c->response->body( 'You do not have permission to view this tradition.' );
-    	$c->detach( 'View::Plain' );
-    	return 0;
-    }
+    } 
+	# Forbidden!
+	$c->response->status( 403 );
+	$c->response->body( 'You do not have permission to view this tradition.' );
+	$c->detach( 'View::Plain' );
+	return 0;
 }
 
 =head2 graphsvg