LP#1480432: choose broadest depth if staff has same perm multiple times
authorMichele Morgan <mmorgan@noblenet.org>
Thu, 29 Sep 2016 20:35:20 +0000 (16:35 -0400)
committerGalen Charlton <gmc@equinoxinitiative.org>
Tue, 8 Aug 2017 19:48:00 +0000 (15:48 -0400)
commit2790b6e8a1d375134ff654d098eeccafea2f27f7
tree8a30fc6e91c6f10bface61cbf61d5ad7a45aa2ac
parent1f027999be137ebf3454d5a2259e40c1afb3a4b0
LP#1480432: choose broadest depth if staff has same perm multiple times

Fixes a staff user permission depth issue that can exist when multiple
permission groups are assigned. In particular, this patch clarifies
that if a given permission is assigned to a staff member multiple times,
e.g., via mutiple profiles or by individual permission mapping, whatever
permission depth is the broadest will apply.

To test
-------
[1] Run the t/lp1480432_test_func.permissions.usr_perms_depth_sort.pg
    pgTAP test.
[2] Set up a staff user that has the same permission at multiple
    depths, and verify that its scope of applicability applies
    at the broadest depth. For example, if you give SET_CIRC_CLAIMS_RETURNED
    at system and consortial depth, verify that the staff user can
    mark any loan as claims returned regardless of system.

Signed-off-by: Michele Morgan <mmorgan@noblenet.org>
Signed-off-by: Cesar Velez <cesar.velez@equinoxinitiative.org>
Signed-off-by: Galen Charlton <gmc@equinoxinitiative.org>
Open-ILS/src/sql/Pg/006.schema.permissions.sql
Open-ILS/src/sql/Pg/upgrade/XXXX.function.permission.user_perms.sql [new file with mode: 0644]