[Rt-commit] rt branch, 5.0/filter-queues-by-right-on-ticket-create, created. rt-5.0.0beta2-8-g03a1982695
? sunnavy
sunnavy at bestpractical.com
Fri Jun 26 15:59:29 EDT 2020
The branch, 5.0/filter-queues-by-right-on-ticket-create has been created
at 03a198269541c9af61602b6eab56298ddb9315ea (commit)
- Log -----------------------------------------------------------------
commit 10452d8bbbc4e467cd9a251353d05c3bea7b341e
Author: sunnavy <sunnavy at bestpractical.com>
Date: Sat Jun 27 01:10:20 2020 +0800
Filter queues by checking "CreateTicket" right on ticket create page
Because ShowAll is true by default, which could bypass right check,
previously all the queues current user can see were rendered.
It's more correct to only show queues that current user can create
ticket in, which is consistent with RT 4.4
diff --git a/share/html/Ticket/Create.html b/share/html/Ticket/Create.html
index 001ed549ca..a17a38a9c8 100644
--- a/share/html/Ticket/Create.html
+++ b/share/html/Ticket/Create.html
@@ -85,6 +85,7 @@
Default => $Queue,
ShowNullOption => 0,
AutoSubmit => 1,
+ ShowAllQueues => 0,
},
},
{ name => 'Status',
@@ -352,6 +353,7 @@ unless ($Queue) {
ObjectType => 'Queue',
CheckRight => 'CreateTicket',
CacheNeedsUpdate => RT->System->QueueCacheNeedsUpdate,
+ ShowAll => 0,
);
$Queue = $session{$cache_key}{objects}[0]->{Id};
commit c45d9babc72043a7521d5710666100aef539da8c
Author: sunnavy <sunnavy at bestpractical.com>
Date: Sat Jun 27 01:13:18 2020 +0800
Fix an uninitialized warning in queue select
If $session{$cache_key}{objects} is empty, the call of
$session{$cache_key}{objects}[0]->{Id} automatically inserts a HASHRef
({Id => undef}) into it, which could cause uninitialized warnings when
iterating $session{$cache_key}{objects} in /Elements/SelectObject, i.e.
Use of uninitialized value in string eq at /opt/rt5/share/html/Elements/SelectObject line 73
diff --git a/share/html/Ticket/Create.html b/share/html/Ticket/Create.html
index a17a38a9c8..4d031ad1e6 100644
--- a/share/html/Ticket/Create.html
+++ b/share/html/Ticket/Create.html
@@ -356,7 +356,7 @@ unless ($Queue) {
ShowAll => 0,
);
- $Queue = $session{$cache_key}{objects}[0]->{Id};
+ $Queue = $session{$cache_key}{objects}[0]->{Id} if $session{$cache_key}{objects}[0];
}
Abort( loc( "Permission Denied" ) ) unless $Queue;
commit 03a198269541c9af61602b6eab56298ddb9315ea
Author: sunnavy <sunnavy at bestpractical.com>
Date: Sat Jun 27 01:23:09 2020 +0800
Test right check for queue select on ticket create page
diff --git a/t/web/ticket_create.t b/t/web/ticket_create.t
index c58afe8955..58ac5134c4 100644
--- a/t/web/ticket_create.t
+++ b/t/web/ticket_create.t
@@ -77,4 +77,21 @@ my $ticket = RT::Test->last_ticket;
ok( $ticket->id, 'ticket is created' );
is( $ticket->QueueObj->id, $queue1->id, 'Ticket created with correct queue' );
+ok( $m->logout, 'Logged out' );
+ok( $m->login( 'user', 'password' ), 'logged in as user' );
+$m->submit_form_ok( { form_name => 'CreateTicketInQueue' }, 'Try to create ticket' );
+$m->content_contains('Permission Denied', 'No permission to create ticket');
+$m->warning_like(qr/Permission Denied/, 'Permission denied warning' );
+
+ok( $user->PrincipalObj->GrantRight( Right => 'SeeQueue', Object => RT->System ), 'Grant SeeQueue right' );
+$m->submit_form_ok( { form_name => 'CreateTicketInQueue' }, 'Try to create ticket' );
+$m->content_contains( 'Permission Denied', 'No permission to create ticket even with SeeQueue' );
+$m->warning_like(qr/Permission Denied/, 'Permission denied warning' );
+
+ok( $user->PrincipalObj->GrantRight( Right => 'CreateTicket', Object => $queue2 ), 'Grant CreateTicket right' );
+$m->submit_form_ok( { form_name => 'CreateTicketInQueue' }, 'Try to create ticket' );
+$m->content_lacks( 'Permission Denied', 'Has permission to create ticket' );
+$form = $m->form_name('TicketCreate');
+is_deeply( [ $form->find_input('Queue','option')->possible_values ], [ $queue2->id ], 'Only Another queue is listed' );
+
done_testing();
-----------------------------------------------------------------------
More information about the rt-commit
mailing list