[Rt-commit] rt branch, 5.0/respect-admin-custom-roles-right, created. rt-5.0.0alpha1-161-g2c79b28c2f
? sunnavy
sunnavy at bestpractical.com
Tue Apr 28 17:07:36 EDT 2020
The branch, 5.0/respect-admin-custom-roles-right has been created
at 2c79b28c2f976680b9e0346c5bfbba3663ebad09 (commit)
- Log -----------------------------------------------------------------
commit 20d8b918f24a3950fde0b4dcc4fd65ec3cb60387
Author: sunnavy <sunnavy at bestpractical.com>
Date: Wed Apr 29 04:49:58 2020 +0800
Fix assignment because HiddenForURLs returns a hashref
diff --git a/share/html/Admin/CustomRoles/Visibility.html b/share/html/Admin/CustomRoles/Visibility.html
index 4423568e34..1a658b9774 100644
--- a/share/html/Admin/CustomRoles/Visibility.html
+++ b/share/html/Admin/CustomRoles/Visibility.html
@@ -116,7 +116,7 @@ if ( $Update ) {
}
else {
push @results, loc('Unable to update visibility: [_1]', $msg);
- %hidden = $role->HiddenForURLs;
+ %hidden = %{ $role->HiddenForURLs };
}
MaybeRedirectForResults(
commit 094fd0fc81cba7d77507d0b77ead41b349a53d29
Author: sunnavy <sunnavy at bestpractical.com>
Date: Wed Apr 29 04:53:07 2020 +0800
Respect AdminCustomRoles right on custom role update
diff --git a/lib/RT/CustomRole.pm b/lib/RT/CustomRole.pm
index 230ecbae45..f3ea32a1d9 100644
--- a/lib/RT/CustomRole.pm
+++ b/lib/RT/CustomRole.pm
@@ -715,6 +715,10 @@ sub SetHiddenForURLs {
my $self = shift;
my $hidden = shift;
+ unless ( $self->CurrentUser->HasRight(Object => $RT::System, Right => 'AdminCustomRoles') ) {
+ return (0, $self->loc('Permission Denied'));
+ }
+
return $self->SetAttribute(
Name => 'HiddenForURLs',
Content => $hidden,
@@ -732,6 +736,17 @@ sub IsHiddenForURL {
return $self->HiddenForURLs->{$url};
}
+
+sub _Set {
+ my $self = shift;
+
+ unless ( $self->CurrentUser->HasRight( Object => $RT::System, Right => 'AdminCustomRoles' ) ) {
+ return ( 0, $self->loc('Permission Denied') );
+ }
+
+ return $self->SUPER::_Set(@_);
+}
+
sub _CoreAccessible {
{
id =>
commit 2c79b28c2f976680b9e0346c5bfbba3663ebad09
Author: sunnavy <sunnavy at bestpractical.com>
Date: Wed Apr 29 04:55:14 2020 +0800
Use the same logic of "Basics" to show custom role "Visibility" page
i.e. admins without "AdminCustomRoles" can view the "Visibility" page
but can't update.
diff --git a/lib/RT/Interface/Web/MenuBuilder.pm b/lib/RT/Interface/Web/MenuBuilder.pm
index d1ba3faa00..2f40f6a452 100644
--- a/lib/RT/Interface/Web/MenuBuilder.pm
+++ b/lib/RT/Interface/Web/MenuBuilder.pm
@@ -1307,11 +1307,7 @@ sub _BuildAdminMenu {
if ( $obj and $obj->id ) {
$page->child( basics => title => loc('Basics'), path => "/Admin/CustomRoles/Modify.html?id=".$id );
$page->child( 'applies-to' => title => loc('Applies to'), path => "/Admin/CustomRoles/Objects.html?id=" . $id );
-
- if ( $current_user->HasRight( Object => $obj, Right => 'AdminCustomRoles' ) ) {
- $page->child( 'visibility' => title => loc('Visibility'), path => "/Admin/CustomRoles/Visibility.html?id=" . $id );
- }
-
+ $page->child( 'visibility' => title => loc('Visibility'), path => "/Admin/CustomRoles/Visibility.html?id=" . $id );
}
}
}
-----------------------------------------------------------------------
More information about the rt-commit
mailing list