[Rt-devel] ACLs defined by extensions

Kevin Falcone falcone at bestpractical.com
Thu Oct 8 11:42:31 EDT 2009


On Thu, Oct 08, 2009 at 04:09:03PM +0100, Dominic Hargreaves wrote:
> I'm interested in additing some ACL checking functionality to
> RTx::EmailCompletion[1] but there doesn't seem to be any existing
> ACL that corresponds to "view all users" (and in any case I'd want
> a separate one for "view all LDAP users"). I'm not sure whether it's
> possible to easily define a new ACL in an extension without making
> schema management a nightmare; does anyone have any thoughts on this?

New ACLs don't have to change the DB schema.  
You can inject new rights into the package %RIGHTS and
RT::ACE::LOWERCASERIGHTNAMES to make a new ACL available.

Depending on what you're doing with user info, you may also need to
tweak User::Accessible

-kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
Url : http://lists.bestpractical.com/pipermail/rt-devel/attachments/20091008/a160abae/attachment.pgp 


More information about the Rt-devel mailing list