[Rt-commit] r11471 - in rt/branches/3.6-RELEASE/lib: t/regression
ruz at bestpractical.com
ruz at bestpractical.com
Thu Apr 3 23:30:05 EDT 2008
Author: ruz
Date: Thu Apr 3 23:30:05 2008
New Revision: 11471
Added:
rt/branches/3.6-RELEASE/lib/t/regression/24-watchers.t
Modified:
rt/branches/3.6-RELEASE/lib/RT/Queue_Overlay.pm
rt/branches/3.6-RELEASE/lib/RT/Ticket_Overlay.pm
Log:
* unify AddWatcher methods in Queue and Ticket classes
* add tests
* Thanks to Todd Chapman
Modified: rt/branches/3.6-RELEASE/lib/RT/Queue_Overlay.pm
==============================================================================
--- rt/branches/3.6-RELEASE/lib/RT/Queue_Overlay.pm (original)
+++ rt/branches/3.6-RELEASE/lib/RT/Queue_Overlay.pm Thu Apr 3 23:30:05 2008
@@ -648,45 +648,41 @@
@_
);
+ return ( 0, "No principal specified" )
+ unless $args{'Email'} or $args{'PrincipalId'};
+
+ if ( !$args{'PrincipalId'} && $args{'Email'} ) {
+ my $user = RT::User->new( $self->CurrentUser );
+ $user->LoadByEmail( $args{'Email'} );
+ $args{'PrincipalId'} = $user->PrincipalId if $user->id;
+ }
+
# {{{ Check ACLS
+ return ( $self->_AddWatcher(%args) )
+ if $self->CurrentUserHasRight('ModifyQueueWatchers');
+
#If the watcher we're trying to add is for the current user
- if ( $self->CurrentUser->PrincipalId eq $args{'PrincipalId'}) {
+ if ( $self->CurrentUser->PrincipalId == ($args{'PrincipalId'}||0) ) {
# If it's an AdminCc and they don't have
# 'WatchAsAdminCc' or 'ModifyTicket', bail
if ( $args{'Type'} eq 'AdminCc' ) {
- unless ( $self->CurrentUserHasRight('ModifyQueueWatchers')
- or $self->CurrentUserHasRight('WatchAsAdminCc') ) {
- return ( 0, $self->loc('Permission Denied'))
- }
+ return ( $self->_AddWatcher(%args) )
+ if $self->CurrentUserHasRight('WatchAsAdminCc');
}
# If it's a Requestor or Cc and they don't have
# 'Watch' or 'ModifyTicket', bail
- elsif ( ( $args{'Type'} eq 'Cc' ) or ( $args{'Type'} eq 'Requestor' ) ) {
-
- unless ( $self->CurrentUserHasRight('ModifyQueueWatchers')
- or $self->CurrentUserHasRight('Watch') ) {
- return ( 0, $self->loc('Permission Denied'))
- }
+ elsif ( $args{'Type'} eq 'Cc' or $args{'Type'} eq 'Requestor' ) {
+ return ( $self->_AddWatcher(%args) )
+ if $self->CurrentUserHasRight('Watch');
}
- else {
+ else {
$RT::Logger->warning( "$self -> AddWatcher got passed a bogus type");
return ( 0, $self->loc('Error in parameters to Queue->AddWatcher') );
}
}
- # If the watcher isn't the current user
- # and the current user doesn't have 'ModifyQueueWatcher'
- # bail
- else {
- unless ( $self->CurrentUserHasRight('ModifyQueueWatchers') ) {
- return ( 0, $self->loc("Permission Denied") );
- }
- }
-
- # }}}
-
- return ( $self->_AddWatcher(%args) );
+ return ( 0, $self->loc("Permission Denied") );
}
#This contains the meat of AddWatcher. but can be called from a routine like
@@ -702,48 +698,45 @@
);
- my $principal = RT::Principal->new($self->CurrentUser);
- if ($args{'PrincipalId'}) {
- $principal->Load($args{'PrincipalId'});
+ my $principal = RT::Principal->new( $self->CurrentUser );
+ if ( $args{'PrincipalId'} ) {
+ $principal->Load( $args{'PrincipalId'} );
}
- elsif ($args{'Email'}) {
-
+ elsif ( $args{'Email'} ) {
my $user = RT::User->new($self->CurrentUser);
- $user->LoadByEmail($args{'Email'});
+ $user->LoadByEmail( $args{'Email'} );
+ $user->Load( $args{'Email'} )
+ unless $user->id;
- unless ($user->Id) {
- $user->Load($args{'Email'});
- }
- if ($user->Id) { # If the user exists
- $principal->Load($user->PrincipalId);
+ if ( $user->Id ) { # If the user exists
+ $principal->Load( $user->PrincipalId );
} else {
-
- # if the user doesn't exist, we need to create a new user
- my $new_user = RT::User->new($RT::SystemUser);
+ # if the user doesn't exist, we need to create a new user
+ my $new_user = RT::User->new($RT::SystemUser);
my ( $Address, $Name ) =
RT::Interface::Email::ParseAddressFromHeader($args{'Email'});
my ( $Val, $Message ) = $new_user->Create(
- Name => $Address,
+ Name => $Address,
EmailAddress => $Address,
RealName => $Name,
Privileged => 0,
- Comments => 'Autocreated when added as a watcher');
+ Comments => 'Autocreated when added as a watcher'
+ );
unless ($Val) {
$RT::Logger->error("Failed to create user ".$args{'Email'} .": " .$Message);
# Deal with the race condition of two account creations at once
- $new_user->LoadByEmail($args{'Email'});
+ $new_user->LoadByEmail( $args{'Email'} );
}
- $principal->Load($new_user->PrincipalId);
+ $principal->Load( $new_user->PrincipalId );
}
}
# If we can't find this watcher, we need to bail.
- unless ($principal->Id) {
+ unless ( $principal->Id ) {
return(0, $self->loc("Could not find or create that user"));
}
-
my $group = RT::Group->new($self->CurrentUser);
$group->LoadQueueRoleGroup(Type => $args{'Type'}, Queue => $self->Id);
unless ($group->id) {
@@ -791,11 +784,18 @@
my %args = ( Type => undef,
PrincipalId => undef,
+ Email => undef,
@_ );
- unless ($args{'PrincipalId'} ) {
- return(0, $self->loc("No principal specified"));
+ return ( 0, "No principal specified" )
+ unless $args{Email} or $args{PrincipalId};
+
+ if ( !$args{PrincipalId} and $args{Email} ) {
+ my $user = RT::User->new( $self->CurrentUser );
+ my ($rv, $msg) = $user->LoadByEmail( $args{Email} );
+ $args{PrincipalId} = $user->PrincipalId if $rv;
}
+
my $principal = RT::Principal->new($self->CurrentUser);
$principal->Load($args{'PrincipalId'});
@@ -810,13 +810,15 @@
return(0,$self->loc("Group not found"));
}
+ my $can_modify_queue = $self->CurrentUserHasRight('ModifyQueueWatchers');
+
# {{{ Check ACLS
#If the watcher we're trying to add is for the current user
if ( $self->CurrentUser->PrincipalId eq $args{'PrincipalId'}) {
# If it's an AdminCc and they don't have
# 'WatchAsAdminCc' or 'ModifyQueue', bail
- if ( $args{'Type'} eq 'AdminCc' ) {
- unless ( $self->CurrentUserHasRight('ModifyQueueWatchers')
+ if ( $args{'Type'} eq 'AdminCc' ) {
+ unless ( $can_modify_queue
or $self->CurrentUserHasRight('WatchAsAdminCc') ) {
return ( 0, $self->loc('Permission Denied'))
}
@@ -825,7 +827,7 @@
# If it's a Requestor or Cc and they don't have
# 'Watch' or 'ModifyQueue', bail
elsif ( ( $args{'Type'} eq 'Cc' ) or ( $args{'Type'} eq 'Requestor' ) ) {
- unless ( $self->CurrentUserHasRight('ModifyQueueWatchers')
+ unless ( $can_modify_queue
or $self->CurrentUserHasRight('Watch') ) {
return ( 0, $self->loc('Permission Denied'))
}
@@ -839,7 +841,7 @@
# If the watcher isn't the current user
# and the current user doesn't have 'ModifyQueueWathcers' bail
else {
- unless ( $self->CurrentUserHasRight('ModifyQueueWatchers') ) {
+ unless ( $can_modify_queue ) {
return ( 0, $self->loc("Permission Denied") );
}
}
Modified: rt/branches/3.6-RELEASE/lib/RT/Ticket_Overlay.pm
==============================================================================
--- rt/branches/3.6-RELEASE/lib/RT/Ticket_Overlay.pm (original)
+++ rt/branches/3.6-RELEASE/lib/RT/Ticket_Overlay.pm Thu Apr 3 23:30:05 2008
@@ -1341,52 +1341,43 @@
@_
);
- # XXX, FIXME, BUG: if only email is provided then we only check
- # for ModifyTicket right, but must try to get PrincipalId and
- # check Watch* rights too if user exist
+ return ( 0, "No principal specified" )
+ unless $args{'Email'} or $args{'PrincipalId'};
+
+ if ( !$args{'PrincipalId'} and $args{'Email'} ) {
+ my $user = RT::User->new( $self->CurrentUser );
+ $user->LoadByEmail( $args{'Email'} );
+ if ( $user->id ) {
+ $args{'PrincipalId'} = $user->PrincipalId;
+ delete $args{'Email'};
+ }
+ }
# {{{ Check ACLS
+ # ModifyTicket allow you to add any watcher
+ return $self->_AddWatcher(%args)
+ if $self->CurrentUserHasRight('ModifyTicket');
+
#If the watcher we're trying to add is for the current user
- if ( $self->CurrentUser->PrincipalId == ($args{'PrincipalId'} || 0)
- or lc( $self->CurrentUser->UserObj->EmailAddress )
- eq lc( RT::User->CanonicalizeEmailAddress( $args{'Email'} ) || '' ) )
- {
- # If it's an AdminCc and they don't have
- # 'WatchAsAdminCc' or 'ModifyTicket', bail
+ if ( $self->CurrentUser->PrincipalId == ($args{'PrincipalId'} || 0) ) {
+ # If it's an AdminCc and they have 'WatchAsAdminCc'
if ( $args{'Type'} eq 'AdminCc' ) {
- unless ( $self->CurrentUserHasRight('ModifyTicket')
- or $self->CurrentUserHasRight('WatchAsAdminCc') ) {
- return ( 0, $self->loc('Permission Denied'))
- }
+ return $self->_AddWatcher( %args )
+ if $self->CurrentUserHasRight('WatchAsAdminCc');
}
- # If it's a Requestor or Cc and they don't have
- # 'Watch' or 'ModifyTicket', bail
- elsif ( ( $args{'Type'} eq 'Cc' ) or ( $args{'Type'} eq 'Requestor' ) ) {
-
- unless ( $self->CurrentUserHasRight('ModifyTicket')
- or $self->CurrentUserHasRight('Watch') ) {
- return ( 0, $self->loc('Permission Denied'))
- }
+ # If it's a Requestor or Cc and they have 'Watch'
+ elsif ( $args{'Type'} eq 'Cc' || $args{'Type'} eq 'Requestor' ) {
+ return $self->_AddWatcher( %args )
+ if $self->CurrentUserHasRight('Watch');
}
else {
- $RT::Logger->warning( "$self -> AddWatcher got passed a bogus type");
+ $RT::Logger->warning( "AddWatcher got passed a bogus type" );
return ( 0, $self->loc('Error in parameters to Ticket->AddWatcher') );
}
}
- # If the watcher isn't the current user
- # and the current user doesn't have 'ModifyTicket'
- # bail
- else {
- unless ( $self->CurrentUserHasRight('ModifyTicket') ) {
- return ( 0, $self->loc("Permission Denied") );
- }
- }
-
- # }}}
-
- return ( $self->_AddWatcher(%args) );
+ return ( 0, $self->loc("Permission Denied") );
}
#This contains the meat of AddWatcher. but can be called from a routine like
Added: rt/branches/3.6-RELEASE/lib/t/regression/24-watchers.t
==============================================================================
--- (empty file)
+++ rt/branches/3.6-RELEASE/lib/t/regression/24-watchers.t Thu Apr 3 23:30:05 2008
@@ -0,0 +1,157 @@
+#!/usr/bin/perl -w
+# BEGIN BPS TAGGED BLOCK {{{
+#
+# COPYRIGHT:
+#
+# This software is Copyright (c) 1996-2005 Best Practical Solutions, LLC
+# <jesse.com>
+#
+# (Except where explicitly superseded by other copyright notices)
+#
+#
+# LICENSE:
+#
+# This work is made available to you under the terms of Version 2 of
+# the GNU General Public License. A copy of that license should have
+# been provided with this software, but in any event can be snarfed
+# from www.gnu.org.
+#
+# This work is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+#
+#
+# CONTRIBUTION SUBMISSION POLICY:
+#
+# (The following paragraph is not intended to limit the rights granted
+# to you to modify and distribute this software under the terms of
+# the GNU General Public License and is only of importance to you if
+# you choose to contribute your changes and enhancements to the
+# community by submitting them to Best Practical Solutions, LLC.)
+#
+# By intentionally submitting any modifications, corrections or
+# derivatives to this work, or any other work intended for use with
+# Request Tracker, to Best Practical Solutions, LLC, you confirm that
+# you are the copyright holder for those contributions and you grant
+# Best Practical Solutions, LLC a nonexclusive, worldwide, irrevocable,
+# royalty-free, perpetual, license to use, copy, create derivative
+# works based on those contributions, and sublicense and distribute
+# those contributions and any derivatives thereof.
+#
+# END BPS TAGGED BLOCK }}}
+
+use Test::More tests => 28;
+use RT;
+RT::LoadConfig();
+RT::Init();
+use strict;
+no warnings 'once';
+
+use RT::Queue;
+use RT::User;
+use RT::Group;
+use RT::Ticket;
+use RT::CurrentUser;
+
+
+# clear all global right
+my $acl = RT::ACL->new($RT::SystemUser);
+$acl->Limit( FIELD => 'RightName', OPERATOR => '!=', VALUE => 'SuperUser' );
+$acl->LimitToObject( $RT::System );
+while( my $ace = $acl->Next ) {
+ $ace->Delete;
+}
+
+# create new queue to be sure we do not mess with rights
+my $queue = RT::Queue->new($RT::SystemUser);
+my ($queue_id) = $queue->Create( Name => 'watcher tests '.$$);
+ok( $queue_id, 'queue created for watcher tests' );
+
+# new privileged user to check rights
+my $user = RT::User->new( $RT::SystemUser );
+my ($user_id) = $user->Create( Name => 'watcher'.$$,
+ EmailAddress => "watcher$$".'@localhost',
+ Privileged => 1,
+ Password => 'qwe123',
+ );
+my $cu= RT::CurrentUser->new($user);
+
+# make sure user can see tickets in the queue
+my $principal = $user->PrincipalObj;
+ok( $principal, "principal loaded" );
+$principal->GrantRight( Right => 'ShowTicket', Object => $queue );
+$principal->GrantRight( Right => 'SeeQueue' , Object => $queue );
+
+ok( $user->HasRight( Right => 'SeeQueue', Object => $queue ), "user can see queue" );
+ok( $user->HasRight( Right => 'ShowTicket', Object => $queue ), "user can show queue tickets" );
+ok( !$user->HasRight( Right => 'ModifyTicket', Object => $queue ), "user can't modify queue tickets" );
+ok( !$user->HasRight( Right => 'Watch', Object => $queue ), "user can't watch queue tickets" );
+
+my $ticket = RT::Ticket->new( $RT::SystemUser );
+my ($rv, $msg) = $ticket->Create( Subject => 'watcher tests', Queue => $queue->Name );
+ok( $ticket->id, "ticket created" );
+
+my $ticket2 = RT::Ticket->new( $cu );
+$ticket2->Load( $ticket->id );
+ok( $ticket2->Subject, "ticket load by user" );
+
+# user can add self to ticket only after getting Watch right
+($rv, $msg) = $ticket2->AddWatcher( Type => 'Cc', PrincipalId => $user->PrincipalId );
+ok( !$rv, "user can't add self as Cc" );
+($rv, $msg) = $ticket2->AddWatcher( Type => 'Requestor', PrincipalId => $user->PrincipalId );
+ok( !$rv, "user can't add self as Requestor" );
+$principal->GrantRight( Right => 'Watch' , Object => $queue );
+ok( $user->HasRight( Right => 'Watch', Object => $queue ), "user can watch queue tickets" );
+($rv, $msg) = $ticket2->AddWatcher( Type => 'Cc', PrincipalId => $user->PrincipalId );
+ok( $rv, "user can add self as Cc by PrincipalId" );
+($rv, $msg) = $ticket2->AddWatcher( Type => 'Requestor', PrincipalId => $user->PrincipalId );
+ok( $rv, "user can add self as Requestor by PrincipalId" );
+
+# remove user and try adding with Email address
+($rv, $msg) = $ticket->DeleteWatcher( Type => 'Cc', PrincipalId => $user->PrincipalId );
+ok( $rv, "watcher removed by PrincipalId" );
+($rv, $msg) = $ticket->DeleteWatcher( Type => 'Requestor', Email => $user->EmailAddress );
+ok( $rv, "watcher removed by Email" );
+
+($rv, $msg) = $ticket2->AddWatcher( Type => 'Cc', Email => $user->EmailAddress );
+ok( $rv, "user can add self as Cc by Email" );
+($rv, $msg) = $ticket2->AddWatcher( Type => 'Requestor', Email => $user->EmailAddress );
+ok( $rv, "user can add self as Requestor by Email" );
+
+# Queue watcher tests
+$principal->RevokeRight( Right => 'Watch' , Object => $queue );
+ok( !$user->HasRight( Right => 'Watch', Object => $queue ), "user queue watch right revoked" );
+
+my $queue2 = RT::Queue->new( $cu );
+($rv, $msg) = $queue2->Load( $queue->id );
+ok( $rv, "user loaded queue" );
+
+# user can add self to queue only after getting Watch right
+($rv, $msg) = $queue2->AddWatcher( Type => 'Cc', PrincipalId => $user->PrincipalId );
+ok( !$rv, "user can't add self as Cc" );
+($rv, $msg) = $queue2->AddWatcher( Type => 'Requestor', PrincipalId => $user->PrincipalId );
+ok( !$rv, "user can't add self as Requestor" );
+$principal->GrantRight( Right => 'Watch' , Object => $queue );
+ok( $user->HasRight( Right => 'Watch', Object => $queue ), "user can watch queue queues" );
+($rv, $msg) = $queue2->AddWatcher( Type => 'Cc', PrincipalId => $user->PrincipalId );
+ok( $rv, "user can add self as Cc by PrincipalId" );
+($rv, $msg) = $queue2->AddWatcher( Type => 'Requestor', PrincipalId => $user->PrincipalId );
+ok( $rv, "user can add self as Requestor by PrincipalId" );
+
+# remove user and try adding with Email address
+($rv, $msg) = $queue->DeleteWatcher( Type => 'Cc', PrincipalId => $user->PrincipalId );
+ok( $rv, "watcher removed by PrincipalId" );
+($rv, $msg) = $queue->DeleteWatcher( Type => 'Requestor', Email => $user->EmailAddress );
+ok( $rv, "watcher removed by Email" );
+
+($rv, $msg) = $queue2->AddWatcher( Type => 'Cc', Email => $user->EmailAddress );
+ok( $rv, "user can add self as Cc by Email" );
+($rv, $msg) = $queue2->AddWatcher( Type => 'Requestor', Email => $user->EmailAddress );
+ok( $rv, "user can add self as Requestor by Email" );
+
+
More information about the Rt-commit
mailing list