[Rt-commit] rt branch, rightsmatrix, updated. rt-3.8.8-611-gc688bf7
Thomas Sibley
trs at bestpractical.com
Thu Sep 2 13:26:52 EDT 2010
The branch, rightsmatrix has been updated
via c688bf7e5765a7f3f7364b0e5f3daca80a271abf (commit)
via b70294586642168f126bede4b3e715f55189e74a (commit)
via 8e43a69bfd68427766376a3682c902f198e7161b (commit)
from d4b552a6c5415ade24c68a0cecffb8f527c3bfdc (commit)
Summary of changes:
lib/RT/Interface/Web.pm | 34 +++++++++++++++++++++++++++++-
share/html/Helpers/Autocomplete/Users | 3 ++
share/html/NoAuth/js/userautocomplete.js | 23 +++++++++++++++++--
3 files changed, 56 insertions(+), 4 deletions(-)
- Log -----------------------------------------------------------------
commit 8e43a69bfd68427766376a3682c902f198e7161b
Author: Thomas Sibley <trs at bestpractical.com>
Date: Thu Sep 2 12:23:43 2010 -0400
Only autocomplete privileged users for the rights editor
diff --git a/share/html/Helpers/Autocomplete/Users b/share/html/Helpers/Autocomplete/Users
index b4046a5..5aecf07 100644
--- a/share/html/Helpers/Autocomplete/Users
+++ b/share/html/Helpers/Autocomplete/Users
@@ -53,6 +53,7 @@ $return => ''
$term => undef
$delim => undef
$max => 10
+$privileged => undef
</%ARGS>
<%INIT>
require JSON;
@@ -89,6 +90,8 @@ my %fields = %{ RT->Config->Get('UserAutocompleteFields')
my $users = RT::Users->new( $CurrentUser );
$users->RowsPerPage( $max );
+$users->LimitToPrivileged() if $privileged;
+
while (my ($name, $op) = each %fields) {
$op = 'STARTSWITH'
unless $op =~ /^(?:LIKE|(?:START|END)SWITH)$/i;
diff --git a/share/html/NoAuth/js/userautocomplete.js b/share/html/NoAuth/js/userautocomplete.js
index 8944f5c..a1a799f 100644
--- a/share/html/NoAuth/js/userautocomplete.js
+++ b/share/html/NoAuth/js/userautocomplete.js
@@ -3,11 +3,15 @@ jQuery(function() {
var multipleCompletion = new Array("Requestors", "To", "Bcc", "Cc", "AdminCc", "WatcherAddressEmail[123]", "UpdateCc", "UpdateBcc");
// inputs with only a single email address allowed
- var singleCompletion = new Array("(Add|Delete)Requestor", "(Add|Delete)Cc", "(Add|Delete)AdminCc", "AddPrincipalForRights-user");
+ var singleCompletion = new Array("(Add|Delete)Requestor", "(Add|Delete)Cc", "(Add|Delete)AdminCc");
+
+ // inputs for only privileged users
+ var privilegedCompletion = new Array("AddPrincipalForRights-user");
// build up the regexps we'll use to match
- var applyto = new RegExp('^(' + multipleCompletion.concat(singleCompletion).join('|') + ')$');
+ var applyto = new RegExp('^(' + multipleCompletion.concat(singleCompletion, privilegedCompletion).join('|') + ')$');
var acceptsMultiple = new RegExp('^(' + multipleCompletion.join('|') + ')$');
+ var onlyPrivileged = new RegExp('^(' + privilegedCompletion.join('|') + ')$');
var inputs = document.getElementsByTagName("input");
@@ -22,8 +26,14 @@ jQuery(function() {
source: "<% RT->Config->Get('WebPath')%>/Helpers/Autocomplete/Users"
};
+ var queryargs = [];
+
+ if (inputName.match(onlyPrivileged)) {
+ queryargs.push("privileged=1");
+ }
+
if (inputName.match(acceptsMultiple)) {
- options.source = options.source + "?delim=,";
+ queryargs.push("delim=,");
options.focus = function () {
// prevent value inserted on focus
@@ -38,6 +48,10 @@ jQuery(function() {
return false;
}
}
+
+ if (queryargs.length)
+ options.source += "?" + queryargs.join("&");
+
jQuery(input).autocomplete(options);
}
});
commit b70294586642168f126bede4b3e715f55189e74a
Author: Thomas Sibley <trs at bestpractical.com>
Date: Thu Sep 2 13:27:21 2010 -0400
Update ProcessACLChanges to deal with adding rights to new principals
diff --git a/lib/RT/Interface/Web.pm b/lib/RT/Interface/Web.pm
index 780b85e..6d6014b 100755
--- a/lib/RT/Interface/Web.pm
+++ b/lib/RT/Interface/Web.pm
@@ -1374,6 +1374,37 @@ sub ProcessACLChanges {
my $CheckACL = $ARGSref->{'CheckACL'};
my @check = grep { defined } (ref $CheckACL eq 'ARRAY' ? @$CheckACL : $CheckACL);
+ # Check if we want to grant rights to a previously rights-less user
+ for my $type (qw(user group)) {
+ my $key = "AddPrincipalForRights-$type";
+
+ next unless $ARGSref->{$key};
+
+ my $principal;
+ if ( $type eq 'user' ) {
+ $principal = RT::User->new( $session{'CurrentUser'} );
+ $principal->Load( $ARGSref->{$key} );
+ }
+ else {
+ $principal = RT::Group->new( $session{'CurrentUser'} );
+ $principal->LoadUserDefinedGroup( $ARGSref->{$key} );
+ }
+
+ unless ($principal->PrincipalId) {
+ push @results, loc("Couldn't load the specified principal");
+ next;
+ }
+
+ my $principal_id = $principal->PrincipalId;
+
+ # Turn our addprincipal rights spec into a real one
+ for my $arg (keys %$ARGSref) {
+ next unless $arg =~ /^SetRights-addprincipal-(.+?-\d+)$/;
+ $ARGSref->{"SetRights-$principal_id-$1"} = $ARGSref->{$arg};
+ push @check, "$principal_id-$1";
+ }
+ }
+
# Build our rights state for each Principal-Object tuple
foreach my $arg ( keys %$ARGSref ) {
next unless $arg =~ /^SetRights-(\d+-.+?-\d+)$/;
diff --git a/share/html/NoAuth/js/userautocomplete.js b/share/html/NoAuth/js/userautocomplete.js
index a1a799f..cc74868 100644
--- a/share/html/NoAuth/js/userautocomplete.js
+++ b/share/html/NoAuth/js/userautocomplete.js
@@ -28,6 +28,9 @@ jQuery(function() {
var queryargs = [];
+ if (inputName.match("AddPrincipalForRights-user"))
+ queryargs.push("return=Name");
+
if (inputName.match(onlyPrivileged)) {
queryargs.push("privileged=1");
}
commit c688bf7e5765a7f3f7364b0e5f3daca80a271abf
Author: Thomas Sibley <trs at bestpractical.com>
Date: Thu Sep 2 13:27:55 2010 -0400
Don't include subgroup members when finding user groups with rights
diff --git a/lib/RT/Interface/Web.pm b/lib/RT/Interface/Web.pm
index 6d6014b..c20f675 100755
--- a/lib/RT/Interface/Web.pm
+++ b/lib/RT/Interface/Web.pm
@@ -2186,7 +2186,8 @@ sub GetPrincipalsMap {
$groups->WithGroupRight(
Right => '',
Object => $object,
- IncludeSystemRights => 0
+ IncludeSystemRights => 0,
+ IncludeSubgroupMembers => 0,
);
push @map, ['User Groups' => $groups => 'Name' => 0];
-----------------------------------------------------------------------
More information about the Rt-commit
mailing list