Forum OpenACS Q&A: Here's a fix for a WimpyPoint SELECT query...

The original code returned everyone's presentations when you selected to show only "Yours":
if { $show_user == "all" || $user_id == 0 } {
    set user_condition ""
    set whose "Everyone's"
} else {
    set user_condition "and wp_access(presentation_id, $user_id,
'write', public_p, creation_user, group_id) is not null"
    set whose "Your"
}
This fix prepends
and u.user_id = $user_id
to user_condition. Here it is in context:
if { $show_user == "all" || $user_id == 0 } {
    set user_condition ""
    set whose "Everyone's"
} else {
    set user_condition "and u.user_id = $user_id and
wp_access(presentation_id, $user_id, 'write', public_p, creation_user,
group_id) is not null"
    set whose "Your"
}
Also, I have ported the WimpyPoint import feature, and as soon as I have time, I will get it to Don Baccus as requested -- if someone needs it sooner, then e-mail me.
Collapse
Posted by Don Baccus on
Hmmm...normally a user should only have write access to their own wimpy point presentations, so the original code should work for normal users.  I think the author's notion was probably that selecting "Your" presentation would give you all of them *if* you're an administrator for the group.  In this case, the header's misleading but the code's probably right.

So - question: did you try the original code as a non-admin member of the group?  If so and if you could see other member's presentations, then that implies that "write" access is incorrectly being given to non-authors so it would be worth digging a little deeper...