[Rt-commit] r13637 - in rt/3.8/trunk: .

Thu Jun 26 20:08:51 EDT 2008

Author: sartak
Date: Thu Jun 26 20:08:50 2008
New Revision: 13637

Modified:
   rt/3.8/trunk/   (props changed)
   rt/3.8/trunk/lib/RT/Dashboard.pm
   rt/3.8/trunk/lib/RT/SharedSetting.pm

Log:
 r63282 at onn:  sartak | 2008-06-26 20:01:20 -0400
 Implementations of CurrentUserCan{See,Modify,Delete}


Modified: rt/3.8/trunk/lib/RT/Dashboard.pm
==============================================================================

--- rt/3.8/trunk/lib/RT/Dashboard.pm	(original)
+++ rt/3.8/trunk/lib/RT/Dashboard.pm	Thu Jun 26 20:08:50 2008
@@ -254,22 +254,67 @@
 
 # ACLs
 
+sub _CurrentUserCan {
+    my $self    = shift;
+    my $privacy = shift || $self->Privacy;
+    my %rights  = @_;
+
+    my $object = $self->_GetObject($privacy);
+    return 0 unless $object;
+
+    my $right;
+
+       if ($object->isa('RT::System')) { $right = $rights{System} }
+    elsif ($object->isa('RT::User'))   { $right = $rights{User}   }
+    elsif ($object->isa('RT::Group'))  { $right = $rights{Group}  }
+
+    $right ||= $rights{Right};
+
+    if (!$right) {
+        $RT::Logger->error("No right provided for object $object");
+        return 0;
+    }
+
+    # users are mildly special-cased, since we actually have to check that
+    # the user has the global right
+    if ($object->isa('RT::User')) {
+        return 0 unless $object->Id == $self->CurrentUser->Id;
+        $object = $RT::System;
+    }
+
+    return $self->CurrentUser->HasRight(
+        Right  => $right,
+        Object => $object,
+    );
+}
+
 sub CurrentUserCanSee {
     my $self = shift;
-    my $privacy = shift || $self->Privacy;
-    return 1;
+    my $privacy = shift;
+
+    $self->_CurrentUserCan($privacy,
+        Right => 'SeeDashboard',
+    );
 }
 
 sub CurrentUserCanModify {
     my $self = shift;
-    my $privacy = shift || $self->Privacy;
-    return 1;
+    my $privacy = shift;
+
+    $self->_CurrentUserCan($privacy,
+        Right  => 'ModifyDashboard',
+        System => 'SuperUser',
+    );
 }
 
 sub CurrentUserCanDelete {
     my $self = shift;
-    my $privacy = shift || $self->Privacy;
-    return 1;
+    my $privacy = shift;
+
+    $self->_CurrentUserCan($privacy,
+        Right  => 'DeleteDashboard',
+        System => 'SuperUser',
+    );
 }
 
 eval "require RT::Dashboard_Vendor";

Modified: rt/3.8/trunk/lib/RT/SharedSetting.pm
==============================================================================
--- rt/3.8/trunk/lib/RT/SharedSetting.pm	(original)
+++ rt/3.8/trunk/lib/RT/SharedSetting.pm	Thu Jun 26 20:08:50 2008
@@ -337,7 +337,7 @@
     return 1 if $privacy =~ /^RT::System/;
 
     # Only privacies that are RT::System can be seen by everyone.
-    return 0 if $to eq /^RT::System/;
+    return 0 if $to =~ /^RT::System/;
 
     # If the setting is group-wide...
     if ($privacy =~ /^RT::Group-(\d+)$/) {
