[Rt-commit] rt branch, rightsmatrix, updated. rt-3.8.8-604-g8e85e99
Thomas Sibley
trs at bestpractical.com
Mon Aug 30 13:49:37 EDT 2010
The branch, rightsmatrix has been updated
via 8e85e99d08dff694ee166b539d6f3dcb29e1033e (commit)
from b9634f3074184c00c22301b9ba720877cc5b02e7 (commit)
Summary of changes:
lib/RT/Interface/Web.pm | 52 ++++++++++
share/html/Admin/CustomFields/GroupRights.html | 46 ++--------
share/html/Admin/CustomFields/UserRights.html | 44 +--------
share/html/Admin/Elements/SelectRights | 121 ------------------------
share/html/Admin/Global/GroupRights.html | 72 ++-------------
share/html/Admin/Global/UserRights.html | 49 +---------
share/html/Admin/Groups/GroupRights.html | 53 +----------
share/html/Admin/Groups/UserRights.html | 51 +---------
share/html/Admin/Queues/GroupRights.html | 22 +----
share/html/Admin/Queues/UserRights.html | 10 +--
10 files changed, 94 insertions(+), 426 deletions(-)
delete mode 100755 share/html/Admin/Elements/SelectRights
- Log -----------------------------------------------------------------
commit 8e85e99d08dff694ee166b539d6f3dcb29e1033e
Author: Thomas Sibley <trs at bestpractical.com>
Date: Mon Aug 30 13:50:26 2010 -0400
Replace SelectRights everywhere with the new rights editor
This introduces GetPrincipalsMap() which consolidates a lot of common
principal collection creation.
diff --git a/lib/RT/Interface/Web.pm b/lib/RT/Interface/Web.pm
index 5515211..9bbee7a 100755
--- a/lib/RT/Interface/Web.pm
+++ b/lib/RT/Interface/Web.pm
@@ -2129,6 +2129,58 @@ sub ProcessColumnMapValue {
return $value;
}
+=head2 GetPrincipalsMap OBJECT, CATEGORIES
+
+Returns an array suitable for passing to /Admin/Elements/EditRights with the
+principal collections mapped from the categories given.
+
+=cut
+
+sub GetPrincipalsMap {
+ my $object = shift;
+ my @map;
+ for (@_) {
+ if (/System/) {
+ my $system = RT::Groups->new($session{'CurrentUser'});
+ $system->LimitToSystemInternalGroups();
+ push @map, ['System' => $system => 'Type' => 1];
+ }
+ elsif (/Groups/) {
+ my $groups = RT::Groups->new($session{'CurrentUser'});
+ $groups->LimitToUserDefinedGroups();
+ # XXX TODO: only find those user groups with rights granted
+ push @map, ['User Groups' => $groups => 'Name' => 0];
+ }
+ elsif (/Roles/) {
+ my $roles = RT::Groups->new($session{'CurrentUser'});
+
+ if ($object->isa('RT::System')) {
+ $roles->LimitToRolesForSystem();
+ }
+ elsif ($object->isa('RT::Queue')) {
+ $roles->LimitToRolesForQueue($object->Id);
+ }
+ else {
+ $RT::Logger->warn("Skipping unknown object type ($object) for Role principals");
+ next;
+ }
+ push @map, ['Roles' => $roles => 'Type' => 1];
+ }
+ elsif (/Users/) {
+ my $Privileged = RT::Group->new($session{'CurrentUser'});
+ $Privileged->LoadSystemInternalGroup('Privileged');
+ my $Users = $Privileged->UserMembersObj();
+ $Users->OrderBy( FIELD => 'Name', ORDER => 'ASC' );
+
+ my $display = sub {
+ $m->scomp('/Elements/ShowUser', User => $_[0], NoEscape => 1)
+ };
+ push @map, ['Users' => $Users => $display => 0];
+ }
+ }
+ return @map;
+}
+
=head2 _load_container_object ( $type, $id );
Instantiate container object for saving searches.
diff --git a/share/html/Admin/CustomFields/GroupRights.html b/share/html/Admin/CustomFields/GroupRights.html
index 9bb972e..0a31ea7 100644
--- a/share/html/Admin/CustomFields/GroupRights.html
+++ b/share/html/Admin/CustomFields/GroupRights.html
@@ -55,45 +55,11 @@
<form method="post" action="GroupRights.html">
<input type="hidden" class="hidden" name="id" value="<% $CustomFieldObj->id %>" />
-
-
-<h1><&|/l&>System groups</&></h1>
-<table>
-% my $Groups = RT::Groups->new($session{'CurrentUser'});
-% $Groups->LimitToSystemInternalGroups();
-% while (my $Group = $Groups->Next()) {
- <tr align="right">
- <td valign="top">
- <% loc($Group->Type) %>
- </td>
- <td>
- <& /Admin/Elements/SelectRights, PrincipalId => $Group->PrincipalId,
- Object => $CustomFieldObj &>
- </td>
- </tr>
-% }
-</table>
-<h1><&|/l&>User defined groups</&></h1>
-<table>
-% $Groups = RT::Groups->new($session{'CurrentUser'});
-% $Groups->LimitToUserDefinedGroups();
-% while (my $Group = $Groups->Next()) {
- <tr align="right">
- <td valign="top">
- <% $Group->Name %>
- </td>
- <td>
- <& /Admin/Elements/SelectRights, PrincipalId => $Group->PrincipalId,
- Object => $CustomFieldObj &>
- </td>
- </tr>
-% }
-</table>
-
- <& /Elements/Submit, Caption => loc("Be sure to save your changes"), Reset => 1 &>
-
+
+ <& /Admin/Elements/EditRights, Context => $CustomFieldObj, Principals => \@principals &>
+ <& /Elements/Submit, Caption => loc("Be sure to save your changes"), Reset => 1 &>
</form>
-
+
<%INIT>
if (!defined $id) {
@@ -106,7 +72,9 @@ $CustomFieldObj->Load($id) || $m->comp("/Elements/Error", Why => loc("Couldn't l
my @results = ProcessACLChanges( \%ARGS );
my $title = loc('Modify group rights for custom field [_1]', $CustomFieldObj->Name);
-
+
+# Principal collections
+my @principals = GetPrincipalsMap($CustomFieldObj, qw(System Groups));
</%INIT>
<%ARGS>
diff --git a/share/html/Admin/CustomFields/UserRights.html b/share/html/Admin/CustomFields/UserRights.html
index 2d9bc9f..b2c9d67 100644
--- a/share/html/Admin/CustomFields/UserRights.html
+++ b/share/html/Admin/CustomFields/UserRights.html
@@ -53,37 +53,13 @@ Title => $title, &>
<form method="post" action="UserRights.html">
<input type="hidden" class="hidden" name="id" value="<% $CustomFieldObj->id %>" />
-
-
-<table>
-
-% while (my $Member = $Users->Next()) {
-% my $UserObj = $Member->MemberObj->Object();
-% my $group = RT::Group->new($session{'CurrentUser'});
-% $group->LoadACLEquivalenceGroup($Member->MemberObj);
- <tr align="right">
- <td valign="top"><& /Elements/ShowUser, User => $UserObj &></td>
- <td>
- <& /Admin/Elements/SelectRights, PrincipalId=> $group->PrincipalId,
- Object => $CustomFieldObj &>
- </td>
- </tr>
-% }
- </table>
-
- <& /Elements/Submit, Caption => loc("Be sure to save your changes"), Reset => 1 &>
-
+ <& /Admin/Elements/EditRights, Context => $CustomFieldObj, Principals => \@principals &>
+ <& /Elements/Submit, Caption => loc("Be sure to save your changes"), Reset => 1 &>
</form>
-
<%INIT>
-
-#Update the acls.
+# Update the acls.
my @results = ProcessACLChanges( \%ARGS );
-# {{{ Deal with setting up the display of current rights.
-
-
-
if (!defined $id) {
$m->comp("/Elements/Error", Why => loc("No Class defined"));
}
@@ -91,20 +67,12 @@ if (!defined $id) {
my $CustomFieldObj = RT::CustomField->new($session{'CurrentUser'});
$CustomFieldObj->Load($id) || $m->comp("/Elements/Error", Why => loc("Couldn't load Class [_1]",$id));
-# Find out which users we want to display ACL selects for
-my $Privileged = RT::Group->new($session{'CurrentUser'});
-$Privileged->LoadSystemInternalGroup('Privileged');
-my $Users = $Privileged->MembersObj();
-
my $title = loc('Modify user rights for custom field [_1]', $CustomFieldObj->Name);
-
-# }}}
-
+
+# Principal collections
+my @principals = GetPrincipalsMap($CustomFieldObj, qw(Users));
</%INIT>
<%ARGS>
$id => undef
-$UserString => undef
-$UserOp => undef
-$UserField => undef
</%ARGS>
diff --git a/share/html/Admin/Elements/SelectRights b/share/html/Admin/Elements/SelectRights
deleted file mode 100755
index c5fe015..0000000
--- a/share/html/Admin/Elements/SelectRights
+++ /dev/null
@@ -1,121 +0,0 @@
-%# BEGIN BPS TAGGED BLOCK {{{
-%#
-%# COPYRIGHT:
-%#
-%# This software is Copyright (c) 1996-2010 Best Practical Solutions, LLC
-%# <jesse at bestpractical.com>
-%#
-%# (Except where explicitly superseded by other copyright notices)
-%#
-%#
-%# LICENSE:
-%#
-%# This work is made available to you under the terms of Version 2 of
-%# the GNU General Public License. A copy of that license should have
-%# been provided with this software, but in any event can be snarfed
-%# from www.gnu.org.
-%#
-%# This work is distributed in the hope that it will be useful, but
-%# WITHOUT ANY WARRANTY; without even the implied warranty of
-%# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-%# General Public License for more details.
-%#
-%# You should have received a copy of the GNU General Public License
-%# along with this program; if not, write to the Free Software
-%# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-%# 02110-1301 or visit their web page on the internet at
-%# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html.
-%#
-%#
-%# CONTRIBUTION SUBMISSION POLICY:
-%#
-%# (The following paragraph is not intended to limit the rights granted
-%# to you to modify and distribute this software under the terms of
-%# the GNU General Public License and is only of importance to you if
-%# you choose to contribute your changes and enhancements to the
-%# community by submitting them to Best Practical Solutions, LLC.)
-%#
-%# By intentionally submitting any modifications, corrections or
-%# derivatives to this work, or any other work intended for use with
-%# Request Tracker, to Best Practical Solutions, LLC, you confirm that
-%# you are the copyright holder for those contributions and you grant
-%# Best Practical Solutions, LLC a nonexclusive, worldwide, irrevocable,
-%# royalty-free, perpetual, license to use, copy, create derivative
-%# works based on those contributions, and sublicense and distribute
-%# those contributions and any derivatives thereof.
-%#
-%# END BPS TAGGED BLOCK }}}
-<input type="hidden" class="hidden" name="CheckACL" value="<%$ACLDesc%>" />
- <table border="0">
-<tr>
-<td valign="top" width="180" align="left">
-<%PERL>
-my %current_rights;
-my @pairs;
-while ( my $ace = $ACLObj->Next ) {
- my $right = $ace->RightName;
- $current_rights{ $right } = 1;
- push @pairs, [$right, loc($right)];
-}
- at pairs = sort { $a->[1] cmp $b->[1] } @pairs;
-</%PERL>
-<h3><&|/l&>Current rights</&></h3>
-% unless ( @pairs ) {
-<i><&|/l&>No rights granted.</&></i> <br />
-% } else {
-<i>(<&|/l&>Check box to revoke right</&>)</i><br />
-% foreach my $pair ( @pairs ) {
-<input type="checkbox" class="checkbox" value="<% $pair->[0] %>" name="RevokeRight-<% $ACLDesc %>" /> <% $pair->[1] %><br />
-% } }
-</td>
-<td valign="top">
-<h3><&|/l&>New rights</&></h3>
-<select size="5" multiple="multiple" name="GrantRight-<%$ACLDesc%>">
-% foreach my $pair (sort { $a->[1] cmp $b->[1] } map [$_, loc($_)], grep !$current_rights{$_}, keys %Rights) {
- <option value="<% $pair->[0] %>" title="<% loc($Rights{$pair->[0]}) %>"><% $pair->[1] %></option>
-% }
-<option value="" selected="selected"><&|/l&>(no value)</&></option>
-</select>
-</td>
-</tr>
-</table>
-<%INIT>
- my ($ACLDesc, $AppliesTo, %Rights);
-
- # if the principal id points to a user, we really want to point
- # to their ACL equivalence group. The machinations we're going through
- # lead me to start to suspect that we really want users and groups
- # to just be the same table. or _maybe_ that we want an object db.
- my $princ = RT::Principal->new($RT::SystemUser);
- $princ->Load($PrincipalId);
- if ($princ->PrincipalType eq 'User') {
- my $group = RT::Group->new($RT::SystemUser);
- $group->LoadACLEquivalenceGroup($princ);
- $PrincipalId = $group->PrincipalId;
- }
-
-
- my $ACLObj = RT::ACL->new($session{'CurrentUser'});
- my $ACE = RT::ACE->new($session{'CurrentUser'});
-
-
- $ACLObj->LimitToObject( $Object);
- $ACLObj->LimitToPrincipal( Id => $PrincipalId);
- $ACLObj->OrderBy(FIELD=>'RightName');
-
- if (ref($Object) && UNIVERSAL::can($Object, 'AvailableRights')) {
- %Rights = %{$Object->AvailableRights};
- }
-
- else {
- %Rights = ( loc('System Error') => loc("No rights found") );
- }
-
- $ACLDesc = "$PrincipalId-".ref($Object)."-".$Object->Id;
-</%INIT>
-
-<%ARGS>
-$PrincipalType => undef
-$PrincipalId => undef
-$Object =>undef
-</%ARGS>
diff --git a/share/html/Admin/Global/GroupRights.html b/share/html/Admin/Global/GroupRights.html
index c9daf13..31941e9 100755
--- a/share/html/Admin/Global/GroupRights.html
+++ b/share/html/Admin/Global/GroupRights.html
@@ -51,73 +51,17 @@
Title => loc('Modify global group rights') &>
<& /Elements/ListActions, actions => \@results &>
- <form method="post" action="GroupRights.html">
-
-<&| /Widgets/TitleBox, title => loc('Modify global group rights.')&>
-
-<h1><&|/l&>System groups</&></h1>
-<table>
-% $Groups = RT::Groups->new($session{'CurrentUser'});
-% $Groups->LimitToSystemInternalGroups();
-% while (my $Group = $Groups->Next()) {
- <tr align="right">
- <td valign="top">
- <% loc($Group->Type) %>
- </td>
- <td>
- <& /Admin/Elements/SelectRights, PrincipalId => $Group->PrincipalId,
- Object =>$RT::System &>
- </td>
- </tr>
-% }
-</table>
-<h1><&|/l&>Roles</&></h1>
-<table>
-% $Groups = RT::Groups->new($session{'CurrentUser'});
-% $Groups->LimitToRolesForSystem();
-% while (my $Group = $Groups->Next()) {
- <tr align="right">
- <td valign="top">
- <% loc($Group->Type) %>
- </td>
- <td>
- <& /Admin/Elements/SelectRights, PrincipalId => $Group->PrincipalId,
- Object => $RT::System &>
- </td>
- </tr>
-% }
-</table>
-<h1><&|/l&>User defined groups</&></h1>
-<table>
-% $Groups = RT::Groups->new($session{'CurrentUser'});
-% $Groups->LimitToUserDefinedGroups();
-% while (my $Group = $Groups->Next()) {
- <tr align="right">
- <td valign="top">
- <% $Group->Name %>
- </td>
- <td>
- <& /Admin/Elements/SelectRights, PrincipalId => $Group->PrincipalId,
- Object => $RT::System &>
- </td>
- </tr>
-% }
-</table>
-
- </&>
- <& /Elements/Submit, Label => loc('Modify Group Rights'), Reset => 1 &>
-
- </form>
+<form method="post" action="GroupRights.html">
+ <& /Admin/Elements/EditRights, Context => $RT::System, Principals => \@principals &>
+ <& /Elements/Submit, Label => loc('Modify Group Rights'), Reset => 1 &>
+</form>
<%INIT>
-
- #Update the acls.
- my @results = ProcessACLChanges(\%ARGS);
+# Update the acls.
+my @results = ProcessACLChanges(\%ARGS);
-
-my $Groups;
-
+# Principal collections
+my @principals = GetPrincipalsMap($RT::System, qw(System Roles Groups));
</%INIT>
-
<%ARGS>
</%ARGS>
diff --git a/share/html/Admin/Global/UserRights.html b/share/html/Admin/Global/UserRights.html
index 2242774..ac2a42c 100755
--- a/share/html/Admin/Global/UserRights.html
+++ b/share/html/Admin/Global/UserRights.html
@@ -51,49 +51,12 @@
Title => loc('Modify global user rights') &>
<& /Elements/ListActions, actions => \@results &>
- <form method="post" action="UserRights.html">
-
-<&| /Widgets/TitleBox, title => loc('Modify global user rights.') &>
-<table>
-
-% while ( my $UserObj = $Users->Next ) {
-% my $group = RT::Group->new($session{'CurrentUser'});
-% $group->LoadACLEquivalenceGroup( $UserObj );
- <tr align="right">
- <td valign="top"><& /Elements/ShowUser, User => $UserObj &></td>
- <td><& /Admin/Elements/SelectRights,
- PrincipalId => $group->PrincipalId,
- Object => $RT::System,
- &></td>
- </tr>
-% }
-</table>
-</&>
-
-<& /Elements/Submit, Label => loc('Modify User Rights'), Reset => 1 &>
-
+<form method="post" action="UserRights.html">
+ <& /Admin/Elements/EditRights, Context => $RT::System, Principals => \@principals &>
+ <& /Elements/Submit, Label => loc('Modify User Rights'), Reset => 1 &>
</form>
<%INIT>
-
- #Update the acls.
- my @results = ProcessACLChanges(\%ARGS);
-
-# {{{ Deal with setting up the display of current rights.
-
-
-# Find out which users we want to display ACL selects for
-my $Privileged = RT::Group->new($session{'CurrentUser'});
-$Privileged->LoadSystemInternalGroup('Privileged');
-my $Users = $Privileged->UserMembersObj();
-$Users->OrderBy( FIELD => $UserOrderBy, ORDER => $UserOrder );
-
-
-
-# }}}
-
+# Update the acls.
+my @results = ProcessACLChanges(\%ARGS);
+my @principals = GetPrincipalsMap($RT::System, 'Users');
</%INIT>
-
-<%ARGS>
-$UserOrderBy => 'Name'
-$UserOrder => 'ASC'
-</%ARGS>
diff --git a/share/html/Admin/Groups/GroupRights.html b/share/html/Admin/Groups/GroupRights.html
index df834a8..4311ee4 100755
--- a/share/html/Admin/Groups/GroupRights.html
+++ b/share/html/Admin/Groups/GroupRights.html
@@ -54,54 +54,12 @@
<form method="post" action="GroupRights.html">
<input type="hidden" class="hidden" name="id" value="<% $GroupObj->id %>" />
-
-<&| /Widgets/TitleBox, title => loc('Modify group rights for group [_1]', $GroupObj->Name) &>
-
-<h1><&|/l&>System groups</&></h1>
-<table>
-% $Groups = RT::Groups->new($session{'CurrentUser'});
-% $Groups->LimitToSystemInternalGroups();
-% while (my $Group = $Groups->Next()) {
- <tr align="right">
- <td valign="top">
- <% loc($Group->Type) %>
- </td>
- <td>
- <& /Admin/Elements/SelectRights, PrincipalId => $Group->PrincipalId,
- PrincipalType => 'Group',
- Object => $GroupObj &>
- </td>
- </tr>
-% }
-</table>
-<h1><&|/l&>User defined groups</&></h1>
-<table>
-% $Groups = RT::Groups->new($session{'CurrentUser'});
-% $Groups->LimitToUserDefinedGroups();
-% while (my $Group = $Groups->Next()) {
- <tr align="right">
- <td valign="top">
- <% $Group->Name %>
- </td>
- <td>
- <& /Admin/Elements/SelectRights, PrincipalId => $Group->PrincipalId,
- PrincipalType => 'Group',
- Object => $GroupObj &>
- </td>
- </tr>
-% }
-</table>
-
- </&>
- <& /Elements/Submit, Label => loc('Modify Group Rights'), Reset => 1 &>
-
+ <& /Admin/Elements/EditRights, Context => $GroupObj, Principals => \@principals &>
+ <& /Elements/Submit, Label => loc('Modify Group Rights'), Reset => 1 &>
</form>
-
<%INIT>
-
- #Update the acls.
- my @results = ProcessACLChanges(\%ARGS);
-
+# Update the acls.
+my @results = ProcessACLChanges(\%ARGS);
if (!defined $id) {
Abort(loc("No Group defined"));
@@ -110,8 +68,7 @@ if (!defined $id) {
my $GroupObj = RT::Group->new($session{'CurrentUser'});
$GroupObj->Load($id) || Abort(loc("Couldn't load group [_1]",$id));
-my $Groups;
-
+my @principals = GetPrincipalsMap($GroupObj, 'System', 'User Groups');
</%INIT>
<%ARGS>
diff --git a/share/html/Admin/Groups/UserRights.html b/share/html/Admin/Groups/UserRights.html
index e930fef..31dae23 100755
--- a/share/html/Admin/Groups/UserRights.html
+++ b/share/html/Admin/Groups/UserRights.html
@@ -54,41 +54,13 @@
<form method="post" action="UserRights.html">
<input type="hidden" class="hidden" name="id" value="<% $GroupObj->id %>" />
-
-<&| /Widgets/TitleBox, title => loc('Modify user rights for group [_1]', $GroupObj->Name) &>
-<table>
-% while ( my $Member = $Users->Next ) {
-% my $UserObj = $Member->MemberObj->Object;
- <tr align="right">
- <td valign="top">
- <a href="<% RT->Config->Get('WebPath') %>/Admin/Users/Modify.html?id=<% $UserObj->id %>">
- <& /Elements/ShowUser, User => $UserObj &>
- </a>
- </td>
- <td><& /Admin/Elements/SelectRights,
- PrincipalId => $Member->MemberObj->Id,
- PrincipalType => 'User',
- Object => $GroupObj,
- &></td>
- </tr>
-% }
-</table>
-</&>
-
-<& /Elements/Submit, Label => loc('Modify User Rights'), Reset => 1 &>
-
-</form>
+ <& /Admin/Elements/EditRights, Context => $GroupObj, Principals => \@principals &>
+ <& /Elements/Submit, Label => loc('Modify User Rights'), Reset => 1 &>
+ </form>
<%INIT>
-
- #Update the acls.
- my @results = ProcessACLChanges(\%ARGS);
-
-# {{{ Deal with setting up the display of current rights.
-
-
-#Define vars used in html above
-
+# Update the acls.
+my @results = ProcessACLChanges(\%ARGS);
if (!defined $id) {
Abort(loc("No Group defined"));
@@ -97,20 +69,9 @@ if (!defined $id) {
my $GroupObj = RT::Group->new($session{'CurrentUser'});
$GroupObj->Load($id) || Abort(loc("Couldn't load group [_1]",$id));
-# Find out which users we want to display ACL selects for
-my $Privileged = RT::Group->new($session{'CurrentUser'});
-$Privileged->LoadSystemInternalGroup('Privileged');
-my $Users = $Privileged->MembersObj();
-
-
-
-# }}}
-
+my @principals = GetPrincipalsMap($GroupObj, 'Users');
</%INIT>
<%ARGS>
$id => undef
-$UserString => undef
-$UserOp => undef
-$UserField => undef
</%ARGS>
diff --git a/share/html/Admin/Queues/GroupRights.html b/share/html/Admin/Queues/GroupRights.html
index 2f5824f..4daa61d 100755
--- a/share/html/Admin/Queues/GroupRights.html
+++ b/share/html/Admin/Queues/GroupRights.html
@@ -55,8 +55,7 @@
<form method="post" action="GroupRights.html">
<input type="hidden" class="hidden" name="id" value="<% $QueueObj->id %>" />
-%# XXX TODO: this was just after the opening table tag, put it somewhere reasonable
-% $m->callback( %ARGS, QueueObj => $QueueObj, results => \@results );
+% $m->callback( %ARGS, QueueObj => $QueueObj, results => \@results, principals => \@principals );
<& /Admin/Elements/EditRights, Context => $QueueObj, Principals => \@principals &>
@@ -65,7 +64,7 @@
<%INIT>
# Update the acls.
-my @results = ProcessACLChanges(\%ARGS);
+my @results = ProcessACLChanges(\%ARGS);
if (!defined $id) {
Abort(loc("No Queue defined"));
@@ -77,22 +76,7 @@ $QueueObj->Load($id) || Abort(loc("Couldn't load queue [_1]",$id));
my $current_tab = 'Admin/Queues/GroupRights.html?id='.$QueueObj->id;
# Principal collections
-my $system = RT::Groups->new($session{'CurrentUser'});
-$system->LimitToSystemInternalGroups();
-
-my $roles = RT::Groups->new($session{'CurrentUser'});
-$roles->LimitToRolesForQueue($QueueObj->Id);
-
-my $groups = RT::Groups->new($session{'CurrentUser'});
-$groups->LimitToUserDefinedGroups();
-# XXX TODO: only find those user groups with rights granted
-
-my @principals = (
- # Category collection column loc?
- ['System' => $system => 'Type' => 1],
- ['Roles' => $roles => 'Type' => 1],
- ['User Groups' => $groups => 'Name' => 0],
-);
+my @principals = GetPrincipalsMap($QueueObj, qw(System Roles Groups));
</%INIT>
<%ARGS>
$id => undef
diff --git a/share/html/Admin/Queues/UserRights.html b/share/html/Admin/Queues/UserRights.html
index 757991f..75c3f9a 100755
--- a/share/html/Admin/Queues/UserRights.html
+++ b/share/html/Admin/Queues/UserRights.html
@@ -75,15 +75,7 @@ if (!defined $id) {
my $QueueObj = RT::Queue->new($session{'CurrentUser'});
$QueueObj->Load($id) || Abort(loc("Couldn't load queue [_1]",$id));
-# Find out which users we want to display ACLs for
-my $Privileged = RT::Group->new($session{'CurrentUser'});
-$Privileged->LoadSystemInternalGroup('Privileged');
-my $Users = $Privileged->UserMembersObj();
-
-my $display = sub {
- $m->scomp('/Elements/ShowUser', User => $_[0], NoEscape => 1)
-};
-my @principals = (['Users' => $Users => $display => 0]);
+my @principals = GetPrincipalsMap($QueueObj, 'Users');
my $current_tab = 'Admin/Queues/UserRights.html?id='.$QueueObj->id;
</%INIT>
-----------------------------------------------------------------------
More information about the Rt-commit
mailing list