[Rt-commit] rt branch, 5.0/hide-pencil-button-if-no-rights, created. rt-5.0.0alpha1-31-g17ff02d4b9

Michel Rodriguez michel at bestpractical.com
Mon Apr 6 10:07:03 EDT 2020


The branch, 5.0/hide-pencil-button-if-no-rights has been created
        at  17ff02d4b9b1f1db142dc193b5aed7e19a02a262 (commit)

- Log -----------------------------------------------------------------
commit 698258c7509ec4ce117b32c8e563ea5d87ce8477
Author: michel <michel at bestpractical.com>
Date:   Fri Mar 20 19:41:10 2020 +0100

    Bug fix: use the right CurrentUserCanSetOwner return value.
    
    CurrentUserCanSetOwner returns ($ok, $msg), not a boolean.

diff --git a/lib/RT/Interface/Web/MenuBuilder.pm b/lib/RT/Interface/Web/MenuBuilder.pm
index 8852112603..b99063629d 100644
--- a/lib/RT/Interface/Web/MenuBuilder.pm
+++ b/lib/RT/Interface/Web/MenuBuilder.pm
@@ -319,7 +319,8 @@ sub BuildMainNav {
                 my $actions = $page->child( actions => title => loc('Actions'), sort_order  => 95 );
 
                 my %can = %{ $obj->CurrentUser->PrincipalObj->HasRights( Object => $obj ) };
-                $can{'_ModifyOwner'} = $obj->CurrentUserCanSetOwner();
+                # since CurrentUserCanSetOwner returns ($ok, $msg), the parens ensure that $can{} gets $ok
+                ( $can{'_ModifyOwner'} ) = $obj->CurrentUserCanSetOwner();
                 my $can = sub {
                     unless ($_[0] eq 'ExecuteCode') {
                         return $can{$_[0]} || $can{'SuperUser'};
diff --git a/share/html/Ticket/Elements/ShowSummary b/share/html/Ticket/Elements/ShowSummary
index 0c5ffdab9b..d9d1a6a380 100644
--- a/share/html/Ticket/Elements/ShowSummary
+++ b/share/html/Ticket/Elements/ShowSummary
@@ -226,7 +226,7 @@ $InlineEdit => 0
 <%INIT>
 my $can_modify = $Ticket->CurrentUserHasRight('ModifyTicket');
 my $can_modify_cf = $Ticket->CurrentUserHasRight('ModifyCustomField');
-my $can_modify_owner = $Ticket->CurrentUserCanSetOwner();
+my( $can_modify_owner ) = $Ticket->CurrentUserCanSetOwner();
 my $can_modify_people = $Ticket->CurrentUserHasRight('Watch')
                      || $Ticket->CurrentUserHasRight('WatchAsAdminCc');
 

commit 17ff02d4b9b1f1db142dc193b5aed7e19a02a262
Author: michel <michel at bestpractical.com>
Date:   Fri Mar 20 20:14:41 2020 +0100

    Hide the pencil icon if the user doesn't have the rights.
    
    On the ticket display page, only display the pencil icon if the
    user can modify data in the portlet.

diff --git a/share/html/Ticket/Elements/ShowSummary b/share/html/Ticket/Elements/ShowSummary
index d9d1a6a380..425777be1c 100644
--- a/share/html/Ticket/Elements/ShowSummary
+++ b/share/html/Ticket/Elements/ShowSummary
@@ -58,13 +58,13 @@ my $modify_inline
     . '<a class="inline-edit-toggle cancel hidden" href="#">'
     . qq{<span class="fas fa-times icon-bordered fa-2x" alt="$cancel_label" data-toggle="tooltip" data-placement="top" data-original-title="$cancel_label"></span>}
     . '</a>';
-my $modify_basics = sprintf( $modify_inline, $m->interp->apply_escapes( $modify_url, 'h' ) );
+my $modify_basics = ($can_modify || $can_modify_cf) ? sprintf( $modify_inline, $m->interp->apply_escapes( $modify_url, 'h' ) ) : '';
 my $modify_behavior = $InlineEdit ? ($inline_edit_behavior{Basics} || $inline_edit_behavior{_default} || 'link') : 'hide';
 </%PERL>
 
     <&| /Widgets/TitleBox, title => loc('The Basics'),
         (($can_modify || $can_modify_cf) ? (title_href => $modify_url) : ()),
-        ($modify_behavior =~ /^(link|click)$/ ? (titleright_raw => $modify_basics) : ()),
+        ( $modify_basics ? ( titleright_raw => $modify_basics ) : ()),
         class => (join " ", 'ticket-info-basics', ($modify_behavior eq 'always' ? 'editing' : ())),
         data => { 'inline-edit-behavior' => $modify_behavior },
     &>
@@ -90,12 +90,12 @@ my $modify_behavior = $InlineEdit ? ($inline_edit_behavior{Basics} || $inline_ed
     <& /Elements/ShowCustomFieldCustomGroupings,
         Object       => $Ticket,
         title_href   => ($can_modify || $can_modify_cf) ? RT->Config->Get('WebPath')."/Ticket/Modify.html" : "",
-        InlineEdit   => $InlineEdit,
+        InlineEdit   => ($can_modify || $can_modify_cf) ? $InlineEdit : 0,
         &>
 
 <%PERL>
 my $people_url = RT->Config->Get('WebPath')."/Ticket/ModifyPeople.html?id=".$Ticket->Id;
-my $people_inline = sprintf( $modify_inline, $m->interp->apply_escapes( $people_url, 'h' ) );
+my $people_inline = $can_modify_people ? sprintf( $modify_inline, $m->interp->apply_escapes( $people_url, 'h' ) ) : '';
 my $people_behavior = $InlineEdit ? ($inline_edit_behavior{People} || $inline_edit_behavior{_default} || 'link') : 'hide';
 </%PERL>
     <&| /Widgets/TitleBox, title => loc('People'),
@@ -144,7 +144,7 @@ my $people_behavior = $InlineEdit ? ($inline_edit_behavior{People} || $inline_ed
 
 <%PERL>
 my $dates_url = RT->Config->Get('WebPath')."/Ticket/ModifyDates.html?id=".$Ticket->Id;
-my $dates_inline = sprintf( $modify_inline, $m->interp->apply_escapes( $dates_url, 'h' ) );
+my $dates_inline = $can_modify ? sprintf( $modify_inline, $m->interp->apply_escapes( $dates_url, 'h' ) ) : '';
 my $dates_behavior = $InlineEdit ? ($inline_edit_behavior{Dates} || $inline_edit_behavior{_default} || 'link') : 'hide';
 </%PERL>
     <&| /Widgets/TitleBox, title => loc("Dates"),
@@ -174,7 +174,7 @@ my $dates_behavior = $InlineEdit ? ($inline_edit_behavior{Dates} || $inline_edit
 <& /Ticket/Elements/ShowAssets, Ticket => $Ticket &>
 <%PERL>
 my $links_url = RT->Config->Get('WebPath')."/Ticket/ModifyLinks.html?id=".$Ticket->Id;
-my $links_inline = sprintf( $modify_inline, $m->interp->apply_escapes( $links_url, 'h' ) );
+my $links_inline = $can_modify ? sprintf( $modify_inline, $m->interp->apply_escapes( $links_url, 'h' ) ) : '';
 my $links_behavior = $InlineEdit ? ($inline_edit_behavior{Links} || $inline_edit_behavior{_default} || 'link') : 'hide';
 my $alt = loc('Graph ticket links');
 my $links_graph = '<a href="' . RT->Config->Get('WebPath') . '/Ticket/Graphs/index.html?id=' . $Ticket->id . '"><span class="fas fa-project-diagram icon-bordered fa-2x" alt="' . $alt . '" data-toggle="tooltip" data-placement="top" data-original-title="' . $alt . '"></span></a>';

-----------------------------------------------------------------------


More information about the rt-commit mailing list