comanage-dev - [comanage-dev] r251 - in registry/trunk/app: Controller Lib View/CoPeople
Subject: COmanage Developers List
List archive
- From:
- To:
- Subject: [comanage-dev] r251 - in registry/trunk/app: Controller Lib View/CoPeople
- Date: Mon, 5 Mar 2012 20:41:39 -0500
Author: benno
Date: 2012-03-05 20:41:39 -0500 (Mon, 05 Mar 2012)
New Revision: 251
Modified:
registry/trunk/app/Controller/CoPeopleController.php
registry/trunk/app/Lib/lang.php
registry/trunk/app/View/CoPeople/index.ctp
Log:
Prohibit delete of CO Person if CO Person Roles still present (CO-278)
Modified: registry/trunk/app/Controller/CoPeopleController.php
===================================================================
--- registry/trunk/app/Controller/CoPeopleController.php 2012-03-06
01:23:29 UTC (rev 250)
+++ registry/trunk/app/Controller/CoPeopleController.php 2012-03-06
01:41:39 UTC (rev 251)
@@ -103,17 +103,41 @@
}
}
+ if($this->restful) {
+ // At the moment, we're unlikely to get here since REST authz is
+ // currently all or nothing.
+
+ $this->restResultHeader(403, "CouPerson Exists In Unowned COU");
+ }
+
$this->Session->setFlash(_txt('er.coumember',
array(generateCn($curdata['Name']),
Sanitize::html($couname))),
'', array(), 'error');
- return(false);
+ return false;
}
}
}
- return(true);
+ // Check that the target person has no CO Person Roles. We do this check
+ // (which makes the above check slightly redundant) for two reasons:
+ // (1) to make it harder to accidentally blow away a record
+ // (2) the cascading delete will fail because we don't dynamically bind
+ // Co#ExtendedAttributes here (but CoPersonRole does)
+
+ if(!empty($curdata['CoPersonRole'])) {
+ if($this->restful)
+ $this->restResultHeader(403, "CoPersonRole Exists");
+ else
+ $this->Session->setFlash(_txt('er.copr.exists',
+ array(generateCn($curdata['Name']))),
+ '', array(), 'error');
+
+ return false;
+ }
+
+ return true;
}
/**
Modified: registry/trunk/app/Lib/lang.php
===================================================================
--- registry/trunk/app/Lib/lang.php 2012-03-06 01:23:29 UTC (rev 250)
+++ registry/trunk/app/Lib/lang.php 2012-03-06 01:41:39 UTC (rev 251)
@@ -199,6 +199,7 @@
'er.cop.unk-a' => 'Unknown CO Person "%1$s"',
// XXX These should become er.copr (or tossed if not needed)
'er.cop.nf' => 'CO Person Role %1$s Not Found',
+ 'er.copr.exists' => '%1$s has one or more CO Person Roles and cannot be
removed.',
'er.copr.none' => 'CO Person Role Not Provided',
'er.cou.copr' => 'There are still one or more CO person role records in
the COU %1$s, and so it cannot be deleted.',
'er.cou.child' => 'COUs with children can not be deleted',
Modified: registry/trunk/app/View/CoPeople/index.ctp
===================================================================
--- registry/trunk/app/View/CoPeople/index.ctp 2012-03-06 01:23:29 UTC (rev
250)
+++ registry/trunk/app/View/CoPeople/index.ctp 2012-03-06 01:41:39 UTC (rev
251)
@@ -116,7 +116,8 @@
array('controller' => 'co_people',
'action' => 'edit', $p['CoPerson']['id'], 'co' => $cur_co['Co']['id']),
array('class' => 'editbutton')) . "\n";
- if($permissions['delete'])
+ // Can't delete a CO Person if they have any roles
+ if(empty($p['CoPersonRole']) && $permissions['delete'])
echo '<button class="deletebutton" title="' .
_txt('op.delete') . '" onclick="javascript:js_confirm_delete(\'' .
_jtxt(Sanitize::html(generateCn($p['Name']))) . '\', \'' .
$this->Html->url(array('controller' => 'co_people', 'action' => 'delete',
$p['CoPerson']['id'], 'co' => $cur_co['Co']['id'])) . '\')";>' .
_txt('op.delete') . '</button>' . "\n";
if($permissions['invite'] && ($p['CoPerson']['status'] != 'A' &&
$p['CoPerson']['status'] != 'D'))
- [comanage-dev] r251 - in registry/trunk/app: Controller Lib View/CoPeople, svnlog, 03/05/2012
Archive powered by MHonArc 2.6.16.