[Rt-commit] rt branch, 4.0/transactionbatch-currentuser-leak, created. rt-4.0.6-216-gc5de7b0

Kevin Falcone falcone at bestpractical.com
Thu Jun 28 17:07:52 EDT 2012 

The branch, 4.0/transactionbatch-currentuser-leak has been created
        at  c5de7b01683ce25e9bc3835859637ab127f0ffb6 (commit)

- Log -----------------------------------------------------------------
commit c5de7b01683ce25e9bc3835859637ab127f0ffb6
Author: Kevin Falcone <falcone at bestpractical.com>
Date:   Thu Jun 28 16:56:30 2012 -0400

    We're not cleaning up all CurrentUsers in TransactionBatch
    
    After the sequence of commits around 771a9575a2 we started storing the
    CurrentUser of the ticket/transaction in a transaction batch scrip and
    then restoring it.  The rationale is in 771a9575a2.  Unfortunately, we
    only catch the top-level CurrentUser.  If there are objects cached in
    the Ticket or Transaction, they don't get turned into RT_System objects.
    
    This was found because the SLA extension calls
    $self->TicketObj->QueueObj->CustomFields and the Unprivileged user
    emailing RT doesn't have permission to see the SLA Custom Field.

diff --git a/t/web/transaction_batch.t b/t/web/transaction_batch.t
index ae04e1f..12d01fb 100644
--- a/t/web/transaction_batch.t
+++ b/t/web/transaction_batch.t
@@ -12,7 +12,14 @@ my ($val, $msg) =$s1->Create( Queue => $q->Id,
              ScripAction       => 'User Defined',
              CustomIsApplicableCode => 'return ($self->TransactionObj->Field||"") eq "TimeEstimated"',
              CustomPrepareCode => 'return 1',
-             CustomCommitCode  => '$self->TicketObj->SetPriority($self->TicketObj->Priority + 2); return 1;',
+             CustomCommitCode  => '
+if ( $self->TicketObj->CurrentUser->Name ne "RT_System" ) { 
+    warn "Ticket obj has incorrect CurrentUser (should be RT_System) ".$self->TicketObj->CurrentUser->Name
+}
+if ( $self->TicketObj->QueueObj->CurrentUser->Name ne "RT_System" ) { 
+    warn "Queue obj has incorrect CurrentUser (should be RT_System) ".$self->TicketObj->QueueObj->CurrentUser->Name
+}
+$self->TicketObj->SetPriority($self->TicketObj->Priority + 2); return 1;',
              Template          => 'Blank',
              Stage             => 'TransactionBatch',
     );

-----------------------------------------------------------------------

More information about the Rt-commit mailing list