line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
|
|
|
|
|
|
package CatalystX::Eta::Controller::AutoResultDELETE; |
2
|
|
|
|
|
|
|
|
3
|
2
|
|
|
2
|
|
1170
|
use Moose::Role; |
|
2
|
|
|
|
|
4
|
|
|
2
|
|
|
|
|
13
|
|
4
|
|
|
|
|
|
|
|
5
|
|
|
|
|
|
|
requires 'result_DELETE'; |
6
|
|
|
|
|
|
|
|
7
|
|
|
|
|
|
|
around result_DELETE => \&AutoResult_around_result_DELETE; |
8
|
|
|
|
|
|
|
|
9
|
|
|
|
|
|
|
sub AutoResult_around_result_DELETE { |
10
|
1
|
|
|
1
|
|
1327
|
my $orig = shift; |
11
|
1
|
|
|
|
|
3
|
my $self = shift; |
12
|
1
|
|
|
|
|
2
|
my ($c) = @_; |
13
|
1
|
|
|
|
|
4
|
my $config = $self->config; |
14
|
1
|
|
|
|
|
63
|
my $something = $c->stash->{ $self->config->{object_key} }; |
15
|
|
|
|
|
|
|
|
16
|
1
|
50
|
|
|
|
123
|
$self->status_gone( $c, message => 'object already deleted' ), $c->detach |
17
|
|
|
|
|
|
|
unless $something; |
18
|
|
|
|
|
|
|
|
19
|
1
|
50
|
|
|
|
5
|
if ( exists $self->config->{delete_roles} ) { |
20
|
1
|
|
|
|
|
58
|
my $do_detach = 0; |
21
|
1
|
50
|
|
|
|
2
|
if ( !$c->check_any_user_role( @{ $config->{delete_roles} } ) ) { |
|
1
|
|
|
|
|
7
|
|
22
|
0
|
|
|
|
|
0
|
$do_detach = 1; |
23
|
|
|
|
|
|
|
} |
24
|
|
|
|
|
|
|
|
25
|
|
|
|
|
|
|
# if he does not have the role, but is the creator... |
26
|
1
|
0
|
33
|
|
|
422
|
if ( |
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
|
|
|
0
|
|
|
|
|
27
|
|
|
|
|
|
|
$do_detach == 1 |
28
|
|
|
|
|
|
|
&& exists $config->{object_key} |
29
|
|
|
|
|
|
|
&& $c->stash->{ $config->{object_key} } |
30
|
|
|
|
|
|
|
&& ( $c->stash->{ $config->{object_key} }->can('id') |
31
|
|
|
|
|
|
|
|| $c->stash->{ $config->{object_key} }->can('user_id') |
32
|
|
|
|
|
|
|
|| $c->stash->{ $config->{object_key} }->can('created_by') ) |
33
|
|
|
|
|
|
|
) { |
34
|
0
|
|
|
|
|
0
|
my $obj = $c->stash->{ $config->{object_key} }; |
35
|
0
|
0
|
0
|
|
|
0
|
my $obj_id = |
|
|
0
|
0
|
|
|
|
|
|
|
0
|
0
|
|
|
|
|
36
|
|
|
|
|
|
|
$obj->can('created_by') && defined $obj->created_by ? $obj->created_by |
37
|
|
|
|
|
|
|
: $obj->can('user_id') && defined $obj->user_id ? $obj->user_id |
38
|
|
|
|
|
|
|
: $obj->can('roles') && $obj->can('id') ? $obj->id # user it-self. |
39
|
|
|
|
|
|
|
: -999; # false |
40
|
|
|
|
|
|
|
|
41
|
0
|
|
|
|
|
0
|
my $user_id = $c->user->id; |
42
|
|
|
|
|
|
|
|
43
|
0
|
0
|
|
|
|
0
|
$self->status_forbidden( $c, message => $config->{object_key} . ".invalid [$obj_id!=$user_id]", ), |
44
|
|
|
|
|
|
|
$c->detach |
45
|
|
|
|
|
|
|
if $obj_id != $user_id; |
46
|
|
|
|
|
|
|
|
47
|
0
|
|
|
|
|
0
|
$do_detach = 0; |
48
|
|
|
|
|
|
|
} |
49
|
|
|
|
|
|
|
|
50
|
1
|
50
|
|
|
|
5
|
if ($do_detach) { |
51
|
0
|
|
|
|
|
0
|
$self->status_forbidden( $c, message => "insufficient privileges" ); |
52
|
0
|
|
|
|
|
0
|
$c->detach; |
53
|
|
|
|
|
|
|
} |
54
|
|
|
|
|
|
|
} |
55
|
|
|
|
|
|
|
|
56
|
|
|
|
|
|
|
$c->model('DB')->txn_do( |
57
|
|
|
|
|
|
|
sub { |
58
|
|
|
|
|
|
|
|
59
|
1
|
|
|
1
|
|
500
|
my $delete = 1; |
60
|
1
|
50
|
|
|
|
5
|
if ( ref $self->config->{before_delete} eq 'CODE' ) { |
61
|
1
|
|
|
|
|
69
|
$delete = $self->config->{before_delete}->( $self, $c, $something ); |
62
|
|
|
|
|
|
|
} |
63
|
|
|
|
|
|
|
|
64
|
1
|
50
|
|
|
|
1431
|
$something->delete if $delete; |
65
|
|
|
|
|
|
|
} |
66
|
1
|
|
|
|
|
7
|
); |
67
|
|
|
|
|
|
|
|
68
|
1
|
|
|
|
|
155
|
$self->status_no_content($c); |
69
|
1
|
|
|
|
|
177
|
$self->$orig(@_); |
70
|
|
|
|
|
|
|
} |
71
|
|
|
|
|
|
|
|
72
|
|
|
|
|
|
|
1; |