[Rt-commit] rt branch, 3.9-trunk, updated. rt-3.8.8-458-g646ed79
Shawn Moore
sartak at bestpractical.com
Tue Aug 17 22:12:31 EDT 2010
The branch, 3.9-trunk has been updated
via 646ed79ba38cc9a19108c2887aef4641d5264889 (commit)
via 3449339ca6f3baf1edc3dfc5431f332e6d46e0a3 (commit)
from f5202999934029f9ef4b54327f85a7d123c9ace5 (commit)
Summary of changes:
lib/RT/Queue_Overlay.pm | 108 ++++++++++++++++-------------------------------
1 files changed, 36 insertions(+), 72 deletions(-)
- Log -----------------------------------------------------------------
commit 3449339ca6f3baf1edc3dfc5431f332e6d46e0a3
Author: Shawn M Moore <sartak at bestpractical.com>
Date: Tue Aug 17 22:13:46 2010 -0400
Method name fix
diff --git a/lib/RT/Queue_Overlay.pm b/lib/RT/Queue_Overlay.pm
index 74e3bca..c61ea1f 100755
--- a/lib/RT/Queue_Overlay.pm
+++ b/lib/RT/Queue_Overlay.pm
@@ -661,7 +661,7 @@ L</ManageableRoleGroupTypes>.
sub AllRoleGroupTypes {
my $self = shift;
- return ($self->RoleGroupTypes, qw(Requestor Owner));
+ return ($self->ManageableRoleGroupTypes, qw(Requestor Owner));
}
# }}}
commit 646ed79ba38cc9a19108c2887aef4641d5264889
Author: Shawn M Moore <sartak at bestpractical.com>
Date: Tue Aug 17 22:14:40 2010 -0400
DeleteWatcher and AddWatcher can use the same rights-check code
diff --git a/lib/RT/Queue_Overlay.pm b/lib/RT/Queue_Overlay.pm
index c61ea1f..81d0b64 100755
--- a/lib/RT/Queue_Overlay.pm
+++ b/lib/RT/Queue_Overlay.pm
@@ -763,6 +763,36 @@ sub _CreateQueueRoleGroup {
# }}}
+# _HasModifyWatcherRight {{{
+sub _HasModifyWatcherRight {
+ my $self = shift;
+ my %args = (
+ Type => undef,
+ PrincipalId => undef,
+ Email => undef,
+ @_
+ );
+
+ return 1 if $self->CurrentUserHasRight('ModifyQueueWatchers');
+
+ #If the watcher we're trying to add is for the current user
+ if ( defined $args{'PrincipalId'} && $self->CurrentUser->PrincipalId eq $args{'PrincipalId'}) {
+ if ( $args{'Type'} eq 'AdminCc' ) {
+ return 1 if $self->CurrentUserHasRight('WatchAsAdminCc');
+ }
+ elsif ( $args{'Type'} eq 'Cc' or $args{'Type'} eq 'Requestor' ) {
+ return 1 if $self->CurrentUserHasRight('Watch');
+ }
+ else {
+ $RT::Logger->warning( "$self -> _HasModifyWatcher got passed a bogus type $args{Type}");
+ return ( 0, $self->loc('Invalid queue role group type [_1]', $args{Type}) );
+ }
+ }
+
+ return ( 0, $self->loc("Permission Denied") );
+}
+# }}}
+
# {{{ sub AddWatcher
=head2 AddWatcher
@@ -802,45 +832,12 @@ sub AddWatcher {
return ( 0, "Unknown watcher type [_1]", $args{Type} )
unless $self->IsRoleGroupType($args{Type});
- my ($ok, $msg) = $self->_HasAddWatcherRight(%args);
+ my ($ok, $msg) = $self->_HasModifyWatcherRight(%args);
return ($ok, $msg) if !$ok;
return $self->_AddWatcher(%args);
}
-sub _HasAddWatcherRight {
- my $self = shift;
- my %args = (
- Type => undef,
- PrincipalId => undef,
- Email => undef,
- @_
- );
-
- return 1 if $self->CurrentUserHasRight('ModifyQueueWatchers');
-
- #If the watcher we're trying to add is for the current user
- if ( defined $args{'PrincipalId'} && $self->CurrentUser->PrincipalId eq $args{'PrincipalId'}) {
- # If it's an AdminCc and they don't have
- # 'WatchAsAdminCc' or 'ModifyTicket', bail
- if ( $args{'Type'} eq 'AdminCc' ) {
- return 1 if $self->CurrentUserHasRight('WatchAsAdminCc');
- }
-
- # If it's a Requestor or Cc and they don't have
- # 'Watch' or 'ModifyTicket', bail
- elsif ( $args{'Type'} eq 'Cc' or $args{'Type'} eq 'Requestor' ) {
- return 1 if $self->CurrentUserHasRight('Watch');
- }
- else {
- $RT::Logger->warning( "$self -> AddWatcher got passed a bogus type");
- return ( 0, $self->loc('Error in parameters to Queue->AddWatcher') );
- }
- }
-
- return ( 0, $self->loc("Permission Denied") );
-}
-
#This contains the meat of AddWatcher. but can be called from a routine like
# Create, which doesn't need the additional acl check
sub _AddWatcher {
@@ -981,44 +978,11 @@ sub DeleteWatcher {
return(0,$self->loc("Group not found"));
}
- my $can_modify_queue = $self->CurrentUserHasRight('ModifyQueueWatchers');
-
- # {{{ Check ACLS
- #If the watcher we're trying to add is for the current user
- if ( defined $args{'PrincipalId'} and $self->CurrentUser->PrincipalId eq $args{'PrincipalId'}) {
- # If it's an AdminCc and they don't have
- # 'WatchAsAdminCc' or 'ModifyQueue', bail
- if ( $args{'Type'} eq 'AdminCc' ) {
- unless ( $can_modify_queue
- or $self->CurrentUserHasRight('WatchAsAdminCc') ) {
- return ( 0, $self->loc('Permission Denied'))
- }
- }
-
- # If it's a Requestor or Cc and they don't have
- # 'Watch' or 'ModifyQueue', bail
- elsif ( ( $args{'Type'} eq 'Cc' ) or ( $args{'Type'} eq 'Requestor' ) ) {
- unless ( $can_modify_queue
- or $self->CurrentUserHasRight('Watch') ) {
- return ( 0, $self->loc('Permission Denied'))
- }
- }
- else {
- $RT::Logger->warning( "$self -> DeleteWatcher got passed a bogus type");
- return ( 0, $self->loc('Error in parameters to Queue->DeleteWatcher') );
- }
- }
-
- # If the watcher isn't the current user
- # and the current user doesn't have 'ModifyQueueWathcers' bail
- else {
- unless ( $can_modify_queue ) {
- return ( 0, $self->loc("Permission Denied") );
- }
- }
-
- # }}}
+ return ( 0, "Unknown watcher type [_1]", $args{Type} )
+ unless $self->IsRoleGroupType($args{Type});
+ my ($ok, $msg) = $self->_HasModifyWatcherRight(%args);
+ return ($ok, $msg) if !$ok;
# see if this user is already a watcher.
-----------------------------------------------------------------------
More information about the Rt-commit
mailing list