Hi all again,
I am trying to add general comments to file-storage, but only the
folder owner can add comments. I haven't looked too deeply into how
file-storage does perms (or blow waves) but surely since I pass a
valid -context to general-comments, and thus ad_require_permission,
the context should be checked for perms when the test on the object_id
fails? Except that ad_require_permission, doesn't have an option to
supply a custom context. Sooo, I hacked the add-comment.tcl in
general-comments/www to change:
ad_require_permission $object_id general_comments_create
into:
if {![ad_permission_p $object_id general_comments_create]} {
ad_require_permission $context_id general_comments_create
}
this seems to me to be the purpose behind the ability to pass through
a context - since context is a perms thing not a structural thing...
Let me know what you all think.