[Rt-commit] rt branch, 5.0/show-edit-system-config-option, created. rt-5.0.0alpha1-107-g1c0b242a48

? sunnavy sunnavy at bestpractical.com
Wed Apr 15 16:32:52 EDT 2020


The branch, 5.0/show-edit-system-config-option has been created
        at  1c0b242a48f47a6c1d454aadfc33f2a90e36d314 (commit)

- Log -----------------------------------------------------------------
commit e141f286c3fb57191a925706e40d219de3348c3a
Author: sunnavy <sunnavy at bestpractical.com>
Date:   Thu Apr 16 03:59:45 2020 +0800

    Add ShowEditSystemConfig option to disable EditConfig page

diff --git a/etc/RT_Config.pm.in b/etc/RT_Config.pm.in
index 20e416b1f3..aa02cc4363 100644
--- a/etc/RT_Config.pm.in
+++ b/etc/RT_Config.pm.in
@@ -3598,6 +3598,16 @@ Set(%AdminSearchResultRows,
     Assets       => 50,
 );
 
+=item C<$ShowEditSystemConfig>
+
+RT allows superusers to edit RT system configurations via web UI.
+
+Set C<$ShowEditSystemConfig> to 0 if you want to disable this feature.
+
+=cut
+
+Set($ShowEditSystemConfig, 1);
+
 =back
 
 
diff --git a/lib/RT/Config.pm b/lib/RT/Config.pm
index 9dc3c1e0e3..b71b1f5512 100644
--- a/lib/RT/Config.pm
+++ b/lib/RT/Config.pm
@@ -1551,6 +1551,10 @@ our %META;
     ShowBccHeader => {
         Widget => '/Widgets/Form/Boolean',
     },
+    ShowEditSystemConfig => {
+        Immutable => 1,
+        Widget    => '/Widgets/Form/Boolean',
+    },
     ShowMoreAboutPrivilegedUsers => {
         Widget => '/Widgets/Form/Boolean',
     },
diff --git a/lib/RT/Interface/Web/MenuBuilder.pm b/lib/RT/Interface/Web/MenuBuilder.pm
index 03dd352964..7aa2e09324 100644
--- a/lib/RT/Interface/Web/MenuBuilder.pm
+++ b/lib/RT/Interface/Web/MenuBuilder.pm
@@ -718,7 +718,7 @@ sub BuildMainNav {
 
     if ( $request_path =~ m{^/Admin/Tools/(Configuration|EditConfig|ConfigHistory)} ) {
         $page->child( display => title => loc('View'), path => "/Admin/Tools/Configuration.html" );
-        $page->child( modify => title => loc('Edit'), path => "/Admin/Tools/EditConfig.html" );
+        $page->child( modify => title => loc('Edit'), path => "/Admin/Tools/EditConfig.html" ) if RT->Config->Get('ShowEditSystemConfig');
         $page->child( history => title => loc('History'), path => "/Admin/Tools/ConfigHistory.html" );
     }
 
diff --git a/share/html/Admin/Tools/EditConfig.html b/share/html/Admin/Tools/EditConfig.html
index 788e1806f3..2341e6656e 100644
--- a/share/html/Admin/Tools/EditConfig.html
+++ b/share/html/Admin/Tools/EditConfig.html
@@ -46,6 +46,8 @@
 %#
 %# END BPS TAGGED BLOCK }}}
 <%INIT>
+Abort( loc( 'Permission Denied' ) ) unless RT->Config->Get('ShowEditSystemConfig');
+
 my $title = loc('System Configuration');
 unless ($session{'CurrentUser'}->HasRight( Object=> $RT::System, Right => 'SuperUser')) {
  Abort(loc('This feature is only available to system administrators'));

commit 1c0b242a48f47a6c1d454aadfc33f2a90e36d314
Author: sunnavy <sunnavy at bestpractical.com>
Date:   Thu Apr 16 04:08:59 2020 +0800

    Test ShowEditSystemConfig option

diff --git a/t/web/admin_tools_editconfig.t b/t/web/admin_tools_editconfig.t
index 826c8adf58..f23d2fdb04 100644
--- a/t/web/admin_tools_editconfig.t
+++ b/t/web/admin_tools_editconfig.t
@@ -4,11 +4,22 @@ use warnings;
 use Test::Deep;
 use Data::Dumper ();
 
-use RT::Test tests => undef;
+use RT::Test tests => undef, config => 'Set($ShowEditSystemConfig, 0);';
 
 my ( $url, $m ) = RT::Test->started_ok;
 ok( $m->login(), 'logged in' );
 
+$m->follow_link_ok( { text => 'System Configuration' }, 'followed link to "System Configuration"' );
+ok( !$m->find_link( text => 'Edit' ), 'no edit link' );
+$m->get_ok('/Admin/Tools/EditConfig.html');
+$m->content_contains('Permission Denied');
+
+RT::Test->stop_server;
+RT->Config->Set( ShowEditSystemConfig => 1 );
+
+( $url, $m ) = RT::Test->started_ok;
+ok( $m->login(), 'logged in' );
+
 $m->follow_link_ok( { text => 'System Configuration' }, 'followed link to "System Configuration"' );
 $m->follow_link_ok( { text => 'History' }, 'followed link to History page' );
 $m->follow_link_ok( { text => 'Edit' }, 'followed link to Edit page' );

-----------------------------------------------------------------------


More information about the rt-commit mailing list