Bug #7890
Clean up security check classes
| Status: | Verified | Start date: | 10/08/2014 | |
|---|---|---|---|---|
| Priority: | Medium | Due date: | ||
| Assignee: | Sara Allain | % Done: | 0% | |
| Category: | Access Control | Estimated time: | 2.00 hours | |
| Target version: | Release 2.3.0 | |||
| Google Code Legacy ID: | Tested version: | |||
| Sponsored: | No | Requires documentation: |
Description
Regarding to the following two files:
- SecurityCheck.class.php
- SecurityPrivileges.class.php
- It should be "Privileges", not "Priviliges" (thanks MikeG!)
- Overlaps with QubitAcl?
- The code style is not the expected
- The implementation could use a hashmap? e.g. https://gist.github.com/sevein/417917c79764f0b60b60
- SecurityCheck is only used twice, probably unneeded?
History
#2 Updated by Jesús García Crespo about 7 years ago
- Target version changed from Release 2.2.0 to Release 2.3.0
#3 Updated by Jesús García Crespo about 7 years ago
- Description updated (diff)
#4 Updated by Jesús García Crespo about 7 years ago
- Subject changed from Cleanup security check classes to Clean up security check classes
#5 Updated by Jesús García Crespo over 6 years ago
- Assignee deleted (
Jesús García Crespo)
#6 Updated by Redmine Admin about 6 years ago
- Assignee set to Jesús García Crespo
#7 Updated by Jesús García Crespo about 6 years ago
- Status changed from New to Code Review
- Assignee changed from Jesús García Crespo to José Raddaoui Marín
#9 Updated by José Raddaoui Marín about 6 years ago
- Status changed from Code Review to Feedback
- Assignee changed from José Raddaoui Marín to Jesús García Crespo
Nice clean up!
#10 Updated by Jesús García Crespo about 6 years ago
- Status changed from Feedback to QA/Review
- Assignee changed from Jesús García Crespo to Dan Gillean
One way to test this is going to the page of a RAD (MODS/ISDIAH/ISAD also affected) description and verify that links like "Title and statement of responsibility area", "Edition area", "Class of material specific details area" or "Dates of creation area" are shown as links that point to the edit page only when the user is a "administrator", "editor", "contributor" or "translator" but not otherwise (unauthenticated, other groups, etc).
If you run "git grep SecurityPrivileges" you'll see a full list of files where this class is used.
#11 Updated by Sara Allain almost 6 years ago
- Status changed from QA/Review to Verified
- Assignee changed from Dan Gillean to Sara Allain
Looks good!