# HG changeset patch # User wizard # Date 1272490287 -14400 # Node ID 79bf75223afef8137742f050d5179713e850e015 # Parent 0667064553ef695c1517ff444cfb0e07800d3653 Fixed security related bugs diff -r 0667064553ef -r 79bf75223afe Lib/IMPL/Exception.pm --- a/Lib/IMPL/Exception.pm Wed Apr 28 17:50:55 2010 +0400 +++ b/Lib/IMPL/Exception.pm Thu Apr 29 01:31:27 2010 +0400 @@ -100,6 +100,10 @@ our @ISA = qw(IMPL::Exception); __PACKAGE__->PassThroughArgs; +package IMPL::SecurityException; +our @ISA = qw(IMPL::Exception); +__PACKAGE__->PassThroughArgs; + package Exception; our @ISA = qw(IMPL::Exception); __PACKAGE__->PassThroughArgs; diff -r 0667064553ef -r 79bf75223afe Lib/IMPL/Security/Context.pm --- a/Lib/IMPL/Security/Context.pm Wed Apr 28 17:50:55 2010 +0400 +++ b/Lib/IMPL/Security/Context.pm Thu Apr 29 01:31:27 2010 +0400 @@ -65,6 +65,14 @@ $current; } +sub Satisfy { + my ($this,@roles) = @_; + + my $roleEffective = new IMPL::Security::Role ( _effective => $this->rolesAssigned ); + + return $roleEffective->Satisfy(@roles); +} + 1; __END__ diff -r 0667064553ef -r 79bf75223afe Lib/IMPL/Security/Role.pm --- a/Lib/IMPL/Security/Role.pm Wed Apr 28 17:50:55 2010 +0400 +++ b/Lib/IMPL/Security/Role.pm Thu Apr 29 01:31:27 2010 +0400 @@ -20,6 +20,7 @@ my ($this,@roles) = @_; return 1 unless $this->_FilterRoles( @roles ); + return 0; } sub _FilterRoles { @@ -27,7 +28,7 @@ @roles = grep not (ref $_ ? $this == $_ : $this->roleName eq $_), @roles; - @roles = $_->_FilterRoles(@roles) or return foreach @{$this->parentRoles} ; + @roles = $_->_FilterRoles(@roles) or return foreach $this->parentRoles ; return @roles; } diff -r 0667064553ef -r 79bf75223afe Lib/IMPL/Security/Rule/RoleCheck.pm --- a/Lib/IMPL/Security/Rule/RoleCheck.pm Wed Apr 28 17:50:55 2010 +0400 +++ b/Lib/IMPL/Security/Rule/RoleCheck.pm Thu Apr 29 01:31:27 2010 +0400 @@ -5,7 +5,7 @@ sub SatisfyAll { my ($secPackage,$object,$desiredAccess,$context) = @_; - my $roleEffective = new IMPL::Security::Role ( effective => $context->AssignedRoles ); + my $roleEffective = new IMPL::Security::Role ( _effective => $context->rolesAssigned ); return $roleEffective->Satisfy(ExtractRoles($object)); } diff -r 0667064553ef -r 79bf75223afe Lib/IMPL/Web/Security.pm --- a/Lib/IMPL/Web/Security.pm Wed Apr 28 17:50:55 2010 +0400 +++ b/Lib/IMPL/Web/Security.pm Thu Apr 29 01:31:27 2010 +0400 @@ -35,7 +35,7 @@ return { status => $status, answer => $answer, - context => $this->MakeContext( $user, $user->roles, $auth ) + context => $this->MakeContext( $user, [$user->roles], $auth ) } }