[Rt-commit] rt branch, 4.0/delete-private-groups-and-acls-again, created. rt-4.0.0-408-gd9225b5
Kevin Falcone
falcone at bestpractical.com
Thu May 19 18:23:36 EDT 2011
The branch, 4.0/delete-private-groups-and-acls-again has been created
at d9225b55a1f80edda3f19baf45b5a1597590ac4a (commit)
- Log -----------------------------------------------------------------
commit d9225b55a1f80edda3f19baf45b5a1597590ac4a
Author: Kevin Falcone <falcone at bestpractical.com>
Date: Thu May 19 18:21:02 2011 -0400
Add a 4.0.1 upgrade step to clean up ACLs because 3.9.2 had an error in 4.0.0
If you upgraded from 3.8.x -> 4.0.0, then 3.9.2/content never ran:
This means we need to find ACLs granted to Personal Groups and prevent
ghost rights from being in your system. We also want to remove your
Personal Groups and their Group members.
If you are going from 3.8.x -> 4.0.1, then 3.9.2 will compile and work
and 4.0.1 is pretty much a no-op.
Both of these leave a CGM pointing with MemberId, GroupId,
ImmediateParentId of the old Personal Group and Transactions about the
group. These can be cleaned with rt-validator.
We also took this opportunity to make 3.9.2 clean your group's principal
objects.
diff --git a/etc/upgrade/3.9.2/content b/etc/upgrade/3.9.2/content
index e155e7c..d0dbbfd 100644
--- a/etc/upgrade/3.9.2/content
+++ b/etc/upgrade/3.9.2/content
@@ -40,6 +40,7 @@
. $msg );
}
}
+ $group->PrincipalObj->Delete;
$group->RT::Record::Delete();
}
},
diff --git a/etc/upgrade/3.9.2/content b/etc/upgrade/4.0.1/content
similarity index 64%
copy from etc/upgrade/3.9.2/content
copy to etc/upgrade/4.0.1/content
index e155e7c..6294ee8 100644
--- a/etc/upgrade/3.9.2/content
+++ b/etc/upgrade/4.0.1/content
@@ -4,24 +4,23 @@
$RT::Logger->debug('Removing all delegated rights');
my $acl = RT::ACL->new(RT->SystemUser);
- $acl->Limit( CLAUSE => 'search',
- FIELD => 'DelegatedBy',
- OPERATOR => '>',
- VALUE => '0'
- );
- $acl->Limit( CLAUSE => 'search',
- FIELD => 'DelegatedFrom',
- OPERATOR => '>',
- VALUE => '0',
- ENTRYAGGREGATOR => 'OR',
- );
+ my $groupjoin = $acl->NewAlias('Groups');
+ $acl->Join( ALIAS1 => 'main',
+ FIELD1 => 'PrincipalId',
+ ALIAS2 => $groupjoin,
+ FIELD2 => 'id'
+ );
+ $acl->Limit( ALIAS => $groupjoin,
+ FIELD => 'Domain',
+ OPERATOR => '=',
+ VALUE => 'Personal',
+ );
while ( my $ace = $acl->Next ) {
my ( $ok, $msg ) = $ace->Delete();
if ( !$ok ) {
- $RT::Logger->warn(
- "Unable to delete ACE " . $ace->id . ": " . $msg );
+ $RT::Logger->warn( "Unable to delete ACE " . $ace->id . ": " . $msg );
}
}
@@ -40,6 +39,7 @@
. $msg );
}
}
+ $group->PrincipalObj->Delete;
$group->RT::Record::Delete();
}
},
-----------------------------------------------------------------------
More information about the Rt-commit
mailing list