[Koha-cvs] CVS: koha/C4 Auth.pm,1.22,1.23

[Ambrose Li]

Update of /cvsroot/koha/koha/C4
In directory sc8-pr-cvs1:/tmp/cvs-serv19776/C4

Modified Files:
        Auth.pm 
Log Message:
POD elaboration for checkauth() (esp. regarding "$flagsrequired")


Index: Auth.pm
===================================================================
RCS file: /cvsroot/koha/koha/C4/Auth.pm,v
retrieving revision 1.22
retrieving revision 1.23
diff -C2 -r1.22 -r1.23
*** Auth.pm     4 Feb 2003 17:57:10 -0000       1.22
--- Auth.pm     6 Feb 2003 06:13:59 -0000       1.23
***************
*** 1,2 ****
--- 1,5 ----
+ # -*- tab-width: 8 -*-
+ # NOTE: This file uses 8-character tabs; do not change the tab size!
+ 
  package C4::Auth;
  
***************
*** 88,94 ****
                          });
  
!     This call passes the C<query>, C<flagsrequired> and C<authnotrequired> to
!     C<&checkauth> (in this module) to perform authentification. See below
!     for more information on the C<&checkauth> subroutine.
  
      The C<template_name> is then used to find the correct template for
--- 91,97 ----
                          });
  
!     This call passes the C<query>, C<flagsrequired> and C<authnotrequired>
!     to C<&checkauth> (in this module) to perform authentification.
!     See C<&checkauth> for an explanation of these parameters.
  
      The C<template_name> is then used to find the correct template for
***************
*** 99,103 ****
      authenticated page.
  
!     more information on the C<gettemplate> sub can be found in the
      Output.pm module.
  
--- 102,106 ----
      authenticated page.
  
!     More information on the C<gettemplate> sub can be found in the
      Output.pm module.
  
***************
*** 131,138 ****
    ($userid, $cookie, $sessionID) = &checkauth($query, $noauth, 
$flagsrequired, $type);
  
! Verifies that the user is authorized to run this script. Note that
! C<&checkauth> will return if and only if the user is authorized, so it
! should be called early on, before any unfinished operations (i.e., if
! you've opened a file, then C<&checkauth> won't close it for you).
  
  C<$query> is the CGI object for the script calling C<&checkauth>.
--- 134,148 ----
    ($userid, $cookie, $sessionID) = &checkauth($query, $noauth, 
$flagsrequired, $type);
  
! Verifies that the user is authorized to run this script.  If
! the user is authorized, a (userid, cookie, session-id, flags)
! quadruple is returned.  If the user is not authorized but does
! not have the required privilege (see $flagsrequired below), it
! displays an error page and exits.  Otherwise, it displays the
! login page and exits.
! 
! Note that C<&checkauth> will return if and only if the user
! is authorized, so it should be called early on, before any
! unfinished operations (e.g., if you've opened a file, then
! C<&checkauth> won't close it for you).
  
  C<$query> is the CGI object for the script calling C<&checkauth>.
***************
*** 145,149 ****
  authorization.
  
! XXXX Some more information about the flagsrequired hash should go in here.
  
  If C<$query> does not have a valid session ID associated with it
--- 155,172 ----
  authorization.
  
! The C<$flagsrequired> argument specifies the required privileges
! the user must have if the username and password are correct.
! It should be specified as a reference-to-hash; keys in the hash
! should be the "flags" for the user, as specified in the Members
! intranet module. Any key specified must correspond to a "flag"
! in the userflags table. E.g., { circulate => 1 } would specify
! that the user must have the "circulate" privilege in order to
! proceed. To make sure that access control is correct, the
! C<$flagsrequired> parameter must be specified correctly.
! 
! The C<$type> argument specifies whether the template should be
! retrieved from the opac or intranet directory tree.  "opac" is
! assumed if it is not specified; however, if C<$type> is specified,
! "intranet" is assumed if it is not "opac".
  
  If C<$query> does not have a valid session ID associated with it