[Bps-public-commit] RT-Extension-MergeUsers branch, master, updated. 1.05-1-gf3c0b8e

Tue Feb 18 16:33:03 EST 2020

The branch, master has been updated
       via  f3c0b8e7a6774e5b3408415422c4f2fb694a6ec8 (commit)
      from  3f1cd6c810ca17afe828cbaf01ed811eb3186873 (commit)

Summary of changes:
 lib/RT/Extension/MergeUsers.pm | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

- Log -----------------------------------------------------------------
commit f3c0b8e7a6774e5b3408415422c4f2fb694a6ec8
Author: sunnavy <sunnavy at bestpractical.com>
Date:   Wed Feb 19 04:28:04 2020 +0800

    Check rights on all the merged users in RT::Principal::HasRight
    
    If one of the merged users has permission, then the main user has it.
    
    E.g. Requestors have "ShowTicket" right, where user "bar" is a Requestor
    and thus can see the ticket. Later "bar" is merged into user "foo", then
    "foo" should be able to see the ticket too.

diff --git a/lib/RT/Extension/MergeUsers.pm b/lib/RT/Extension/MergeUsers.pm
index 8fd3f47..55928b9 100644
--- a/lib/RT/Extension/MergeUsers.pm
+++ b/lib/RT/Extension/MergeUsers.pm
@@ -456,6 +456,28 @@ sub SetDisabled {
     return ($ret, $msg);
 }
 
+my $orig_has_right = \&RT::Principal::HasRight;
+*HasRight = sub {
+    my $self = shift;
+    my $ret = $orig_has_right->( $self, @_ );
+    return $ret if $ret || $self->IsGroup;
+
+    if ( my $merged_users = $self->Object->FirstAttribute('MergedUsers') ) {
+        for my $id ( @{ $merged_users->Content || [] } ) {
+            my $principal = RT::Principal->new( $self->CurrentUser );
+            $principal->Load($id);
+            if ( $principal->Id ) {
+                my $ret = $orig_has_right->( $principal, @_ );
+                return $ret if $ret;
+            }
+            else {
+                RT->Logger->warning("Couldn't load principal #$id");
+            }
+        }
+    }
+    return 0;
+};
+
 {
     package RT::Group;
     my $orig_delete_member = \&RT::Group::DeleteMember;

-----------------------------------------------------------------------
