submissions => { 1000 => [qw(ipid subnetid note comment)] },
};
$cnf->{faculities} ||= $default_faculities;
- $cnf->{enable} = 0 if !defined $cnf->{enable};
+ $cnf->{enable} //= 0;
$app->helper(apply_seclev_filter => sub { apply_seclev_filter(@_) });
+
+ if ($cnf->{enable}) {
+ $app->hook(before_render => sub {
+ my ($c, $args) = @_;
+ return if (!defined $args->{json});
+
+ my $json = $args->{json};
+ my $result = $json->{result} || $json;
+ if ($result->{item}) {
+ if ($result->{item}->{content_type}) {
+ apply_seclev_filter($c, $result->{item}->{content_type}, $result->{item});
+ }
+ }
+
+ if ($result->{items} && ref($result->{items}) eq "ARRAY") {
+ for my $item (@{$result->{items}}) {
+ if ($item->{content_type}) {
+ apply_seclev_filter($c, $item->{content_type}, $item);
+ }
+ }
+ }
+ });
+ }
}
sub apply_seclev_filter {
my $cnf = $c->config->{ResponseFilter} || {};
my $faculties = $cnf->{faculities} || {};
- my $faculty = $faculties->{$model};
- if (!$faculty) {
- $c->app->log->debug("no faculty found for $model");
- return;
+
+ #warn Dumper $faculties;
+
+ my $faculty_all = $faculties->{all} || {};
+ for my $lv (keys %$faculty_all) {
+ if ($security_level < $lv) {
+ for my $item (@$targets) {
+ for my $k (@{$faculty_all->{$lv}}) {
+ if (defined $item->{$k}) {
+ delete $item->{$k};
+ #$c->app->log->debug("remove $k");
+ }
+ }
+ }
+ }
}
+ my $faculty = $faculties->{$model} || {};
for my $lv (keys %$faculty) {
if ($security_level < $lv) {
for my $item (@$targets) {
for my $k (@{$faculty->{$lv}}) {
- delete $item->{$k} if defined $item->{$k};
+ if (defined $item->{$k}) {
+ delete $item->{$k};
+ #$c->app->log->debug("remove $k");
+ }
}
}
}
}
+
+
return $items;
}