[Rt-commit] rt branch, rightsmatrix, created. rt-3.8.8-598-g6d9342e

Thu Aug 26 09:27:05 EDT 2010

The branch, rightsmatrix has been created
        at  6d9342e1ae339b4277be8ba913a728b4da24aed7 (commit)

- Log -----------------------------------------------------------------
commit d0d5780f33d21f2eae6a166cea38463b30523e2b
Author: sunnavy <sunnavy at bestpractical.com>
Date:   Thu Aug 26 13:29:08 2010 +0800

    add MoreAboutRequestorGroupsLimit support

diff --git a/etc/RT_Config.pm.in b/etc/RT_Config.pm.in
index 2f0bd46..28bed83 100755
--- a/etc/RT_Config.pm.in
+++ b/etc/RT_Config.pm.in
@@ -892,6 +892,20 @@ not all the attributes are supported in this display because we're not building
 
 Set($MoreAboutRequestorExtraInfo, '');
 
+=item C<$MoreAboutRequestorGroupsLimit>
+
+By default, the 'More about requestor' box on Ticket/Display.html shows all
+the groups of the Requestor.
+Use this to limit the number of groups.
+
+e.g.
+
+Set($MoreAboutRequestorGroupsLimit, 10);
+
+=cut
+
+Set($MoreAboutRequestorGroupsLimit, undef);
+
 =item C<$AutocompleteOwners>
 
 If true, the owner dropdowns for ticket update/modify and the query builder are
diff --git a/share/html/Elements/ShowMemberships b/share/html/Elements/ShowMemberships
index 90868a5..47a09c5 100644
--- a/share/html/Elements/ShowMemberships
+++ b/share/html/Elements/ShowMemberships
@@ -46,6 +46,7 @@
 %# 
 %# END BPS TAGGED BLOCK }}}
 <ul>
+% my $i = 1;
 % while ( my $GroupMember = $GroupMembers->Next ) {
 %    my $Group = RT::Group->new($session{'CurrentUser'});
 %    $Group->Load($GroupMember->GroupId) or next;
@@ -54,6 +55,7 @@
 %    } elsif ($Group->Domain eq 'SystemInternal') {
 <li><em><% loc($Group->Type) %></em></li>
 %    }
+%    last if $Limit && ++$i > $Limit;
 % }
 </ul>
 <%INIT>
@@ -82,7 +84,9 @@ $GroupMembers->OrderByCols(
     { ALIAS => $alias, FIELD => 'Domain' },
     { ALIAS => $alias, FIELD => 'Name' },
 );
+
 </%INIT>
 <%ARGS>
 $UserObj
+$Limit => undef
 </%ARGS>
diff --git a/share/html/Ticket/Elements/ShowRequestor b/share/html/Ticket/Elements/ShowRequestor
index b3d4ba4..0145226 100755
--- a/share/html/Ticket/Elements/ShowRequestor
+++ b/share/html/Ticket/Elements/ShowRequestor
@@ -80,7 +80,7 @@ while ( my $requestor = $people->Next ) {
 % if ( $ShowGroups ) {
 <div class="more-about-user-groups">
   <span class="label"><&|/l&>Groups this user belongs to</&>:</span>
-  <span class="value"><& /Elements/ShowMemberships, UserObj => $requestor &></span>
+  <span class="value"><& /Elements/ShowMemberships, UserObj => $requestor, Limit => RT->Config->Get('MoreAboutRequestorGroupsLimit') &></span>
 </div>
 % }
 
diff --git a/t/web/requestor_groups_limit.t b/t/web/requestor_groups_limit.t
new file mode 100644
index 0000000..e49138f
--- /dev/null
+++ b/t/web/requestor_groups_limit.t
@@ -0,0 +1,37 @@
+#!/usr/bin/perl
+
+use strict;
+use warnings;
+use Encode;
+
+use RT::Test tests => 11;
+
+diag "set groups limit to 1" if $ENV{TEST_VERBOSE};
+RT->Config->Set( ShowMoreAboutPrivilegedUsers    => 1 );
+RT->Config->Set( MoreAboutRequestorGroupsLimit => 1 );
+
+my $ticket = RT::Ticket->new($RT::SystemUser);
+my ($id) = $ticket->Create(
+    Subject   => 'groups limit',
+    Queue     => 'General',
+    Requestor => 'root at localhost',
+);
+ok( $id, 'created ticket' );
+
+my ( $url, $m ) = RT::Test->started_ok;
+ok( $m->login(), 'logged in as root' );
+$m->get_ok( $url . '/Ticket/Display.html?id=' . $id );
+$m->content_contains( 'Everyone', 'got the first group' );
+$m->content_lacks( 'Privileged', 'not the second group' );
+
+RT::Test->stop_server;
+
+diag "set groups limit to 2" if $ENV{TEST_VERBOSE};
+
+RT->Config->Set( MoreAboutRequestorGroupsLimit => 2 );
+( $url, $m ) = RT::Test->started_ok;
+ok( $m->login(), 'logged in as root' );
+$m->get_ok( $url . '/Ticket/Display.html?id=' . $id );
+$m->content_contains( 'Everyone', 'got the first group' );
+$m->content_contains( 'Privileged', 'got the second group' );
+

commit 8bd2f12035a5340f4a0c3dd22d151a5797762184
Author: sunnavy <sunnavy at bestpractical.com>
Date:   Thu Aug 26 13:31:24 2010 +0800

    tiny clean

diff --git a/t/web/requestor_groups_limit.t b/t/web/requestor_groups_limit.t
index e49138f..768af97 100644
--- a/t/web/requestor_groups_limit.t
+++ b/t/web/requestor_groups_limit.t
@@ -2,7 +2,6 @@
 
 use strict;
 use warnings;
-use Encode;
 
 use RT::Test tests => 11;
 

commit 24cd111af20dd3b5daf1b15fb32c2fd49a39349c
Author: sunnavy <sunnavy at bestpractical.com>
Date:   Thu Aug 26 14:06:08 2010 +0800

    add Edit groups link in MoreAboutRequestors if current user has ShowConfigTab and AdminUsers rights

diff --git a/share/html/Ticket/Elements/ShowRequestor b/share/html/Ticket/Elements/ShowRequestor
index 0145226..0f7a3ce 100755
--- a/share/html/Ticket/Elements/ShowRequestor
+++ b/share/html/Ticket/Elements/ShowRequestor
@@ -80,6 +80,12 @@ while ( my $requestor = $people->Next ) {
 % if ( $ShowGroups ) {
 <div class="more-about-user-groups">
   <span class="label"><&|/l&>Groups this user belongs to</&>:</span>
+  <span class="label">
+% if ( $session{CurrentUser}->HasRight( Right => 'AdminUsers', Object => $RT::System ) &&
+%      $session{CurrentUser}->HasRight( Right => 'ShowConfigTab', Object =>$RT::System ) ) {
+  [<a href=<% RT->Config->Get('WebPath') . '/Admin/Users/Memberships.html?id=' . $requestor->id %> ><&|/l&>Edit</&></a>]
+% }
+  </span>
   <span class="value"><& /Elements/ShowMemberships, UserObj => $requestor, Limit => RT->Config->Get('MoreAboutRequestorGroupsLimit') &></span>
 </div>
 % }
diff --git a/t/web/requestor_groups_edit_link.t b/t/web/requestor_groups_edit_link.t
new file mode 100644
index 0000000..af5aafb
--- /dev/null
+++ b/t/web/requestor_groups_edit_link.t
@@ -0,0 +1,56 @@
+#!/usr/bin/perl
+
+use strict;
+use warnings;
+
+use RT::Test tests => 11;
+
+RT->Config->Set( ShowMoreAboutPrivilegedUsers    => 1 );
+
+my $user_a = RT::Test->load_or_create_user(
+    Name     => 'user_a',
+    Password => 'password',
+);
+ok( $user_a, 'created user user_a' );
+ok(
+    RT::Test->set_rights(
+        {
+            Principal => $user_a,
+            Right     => [ qw/SeeQueue ShowTicket CreateTicket/ ]
+        },
+    ),
+    'set rights for user_a'
+);
+
+my $ticket = RT::Ticket->new($RT::SystemUser);
+my ($id) = $ticket->Create(
+    Subject   => 'groups limit',
+    Queue     => 'General',
+    Requestor => $user_a->id,
+);
+ok( $id, 'created ticket' );
+
+
+my ( $url, $m ) = RT::Test->started_ok;
+ok( $m->login( user_a => 'password' ), 'logged in as user_a' );
+
+$m->get_ok( $url . '/Ticket/Display.html?id=' . $id );
+
+ok(
+    !$m->find_link( text => 'Edit' ), 'no Edit link without AdminUsers permission'
+);
+
+ok(
+    RT::Test->add_rights(
+        {
+            Principal => $user_a,
+            Right     => [ qw/AdminUsers ShowConfigTab/ ]
+        },
+    ),
+    'add AdminUsers and ShowConfigTab rights for user_a'
+);
+
+$m->get_ok( $url . '/Ticket/Display.html?id=' . $id );
+$m->follow_link_ok( { text => 'Edit' }, 'follow the Edit link' );
+is( $m->uri, $url . "/Admin/Users/Memberships.html?id=" . $user_a->id, 'url is right' );
+

commit fb5e4f06c637cafcbe17c3aef46b60f8c64d3057
Author: Thomas Sibley <trs at bestpractical.com>
Date:   Thu Aug 26 07:55:44 2010 -0400

    Don't HTML escape the output of ShowUser when using it in JSON

diff --git a/share/html/Elements/ShowUser b/share/html/Elements/ShowUser
index 03f93f1..edcd858 100644
--- a/share/html/Elements/ShowUser
+++ b/share/html/Elements/ShowUser
@@ -59,13 +59,14 @@ unless ( $m->comp_exists( $comp ) ) {
         . ', but '. $comp . "doesn't exist"
     );
     return $m->comp('/Elements/ShowUserConcise',
-        User => $User, Address => $Address,
+        User => $User, Address => $Address, NoEscape => $NoEscape
     );
 }
-return $m->comp( $comp, User => $User, Address => $Address );
+return $m->comp( $comp, User => $User, Address => $Address, NoEscape => $NoEscape );
 </%INIT>
 <%ARGS>
 $User => undef
 $Address => undef
+$NoEscape => 0
 $style => RT->Config->Get('UsernameFormat', $session{'CurrentUser'})
 </%ARGS>
diff --git a/share/html/Elements/ShowUserConcise b/share/html/Elements/ShowUserConcise
index 2f26088..a6a8fee 100644
--- a/share/html/Elements/ShowUserConcise
+++ b/share/html/Elements/ShowUserConcise
@@ -46,7 +46,7 @@
 %# 
 %# END BPS TAGGED BLOCK }}}
 %# Released under the terms of version 2 of the GNU Public License
-<% $Address || $User->RealName || $User->Name %>\
+<% $display |n %>\
 <%ARGS>
 $User => undef
 $Address => undef
@@ -61,4 +61,7 @@ if ( !$User && $Address ) {
         $Address = $Address->address;
     }
 }
+my $display = $Address || $User->RealName || $User->Name;
+   $display = $m->interp->apply_escapes( $display, 'h' )
+        unless $ARGS{'NoEscape'};
 </%INIT>
diff --git a/share/html/Elements/ShowUserVerbose b/share/html/Elements/ShowUserVerbose
index 7bba394..f90a1dc 100644
--- a/share/html/Elements/ShowUserVerbose
+++ b/share/html/Elements/ShowUserVerbose
@@ -46,7 +46,7 @@
 %# 
 %# END BPS TAGGED BLOCK }}}
 %# Released under the terms of version 2 of the GNU Public License
-<%$Address->format%>\
+<% $display |n %>\
 <%INIT>
 my ($phrase, $address, $comment);
 
@@ -66,6 +66,9 @@ if ( $phrase and my ( $l, $r ) = ( $phrase =~ /^(\w+) (\w+)$/ ) ) {
       || $Address->user =~ /^\Q$r\E.\Q$l\E$/;
 }
 
+my $display = $Address->format;
+   $display = $m->interp->apply_escapes( $display, 'h' )
+        unless $ARGS{'NoEscape'};
 </%INIT>
 <%ARGS>
 $User => undef
diff --git a/share/html/Helpers/Autocomplete/Owners b/share/html/Helpers/Autocomplete/Owners
index 8aad1a9..f82af1f 100644
--- a/share/html/Helpers/Autocomplete/Owners
+++ b/share/html/Helpers/Autocomplete/Owners
@@ -115,7 +115,10 @@ foreach my $spec (map { [split /\-/, $_, 2] } split /\|/, $limit) {
 
     while ( my $User = $Users->Next() ) {
         next if $user_uniq_hash{ $User->Id };
-        $user_uniq_hash{ $User->Id() } = [$User, $m->scomp('/Elements/ShowUser', User => $User)];
+        $user_uniq_hash{ $User->Id() } = [
+            $User,
+            $m->scomp('/Elements/ShowUser', User => $User, NoEscape => 1)
+        ];
     }
 }
 
@@ -124,7 +127,7 @@ my $nobody = qr/^n(?:o(?:b(?:o(?:d(?:y)?)?)?)?)?$/i;
 if ( not $user_uniq_hash{$RT::Nobody->id} and $term =~ $nobody ) {
     $user_uniq_hash{$RT::Nobody->id} = [
         $RT::Nobody,
-        $m->scomp('/Elements/ShowUser', User => $RT::Nobody)
+        $m->scomp('/Elements/ShowUser', User => $RT::Nobody, NoEscape => 1)
     ];
 }
 
diff --git a/share/html/Helpers/Autocomplete/Users b/share/html/Helpers/Autocomplete/Users
index 715bb03..b4046a5 100644
--- a/share/html/Helpers/Autocomplete/Users
+++ b/share/html/Helpers/Autocomplete/Users
@@ -108,7 +108,7 @@ while ( my $user = $users->Next ) {
     next if $user->id == $RT::SystemUser->id
          or $user->id == $RT::Nobody->id;
 
-    my $formatted = $m->scomp('/Elements/ShowUser', User => $user);
+    my $formatted = $m->scomp('/Elements/ShowUser', User => $user, NoEscape => 1);
     $formatted =~ s/\n//g;
     push @suggestions, { label => $formatted, value => $user->$return };
 }

commit 6d9342e1ae339b4277be8ba913a728b4da24aed7
Author: sunnavy <sunnavy at bestpractical.com>
Date:   Thu Aug 26 20:26:00 2010 +0800

    use RowsPerPage to limit numbers in db level

diff --git a/share/html/Elements/ShowMemberships b/share/html/Elements/ShowMemberships
index 47a09c5..1a760de 100644
--- a/share/html/Elements/ShowMemberships
+++ b/share/html/Elements/ShowMemberships
@@ -46,7 +46,6 @@
 %# 
 %# END BPS TAGGED BLOCK }}}
 <ul>
-% my $i = 1;
 % while ( my $GroupMember = $GroupMembers->Next ) {
 %    my $Group = RT::Group->new($session{'CurrentUser'});
 %    $Group->Load($GroupMember->GroupId) or next;
@@ -55,7 +54,6 @@
 %    } elsif ($Group->Domain eq 'SystemInternal') {
 <li><em><% loc($Group->Type) %></em></li>
 %    }
-%    last if $Limit && ++$i > $Limit;
 % }
 </ul>
 <%INIT>
@@ -85,6 +83,8 @@ $GroupMembers->OrderByCols(
     { ALIAS => $alias, FIELD => 'Name' },
 );
 
+$GroupMembers->RowsPerPage($Limit) if $Limit;
+
 </%INIT>
 <%ARGS>
 $UserObj

-----------------------------------------------------------------------
