[Rt-commit] rt branch 5.0/fix-column-map-bug created. rt-5.0.2beta1-4-ge663e928f0

BPS Git Server git at git.bestpractical.com
Thu Aug 26 15:44:43 UTC 2021 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "rt".

The branch, 5.0/fix-column-map-bug has been created
        at  e663e928f0f141aeff0646febafabfcfceb61325 (commit)

- Log -----------------------------------------------------------------
commit e663e928f0f141aeff0646febafabfcfceb61325
Author: craig kaiser <craig at bestpractical.com>
Date:   Thu Aug 26 11:23:46 2021 -0400

    Add test for extended status column rights check

diff --git a/t/web/search_results.t b/t/web/search_results.t
index 52db4aff17..a873cc9094 100644
--- a/t/web/search_results.t
+++ b/t/web/search_results.t
@@ -1,7 +1,10 @@
 use strict;
 use warnings;
 
-use RT::Test tests => undef;
+use RT::Test
+    tests => undef,
+    config => 'Set( $UseSQLForACLChecks, 0 );'
+;
 
 my ( $baseurl, $m ) = RT::Test->started_ok;
 
@@ -23,4 +26,44 @@ $m->text_like( qr/alice.*bob.*richard/i, 'Order by Requestors ASC' );
 $m->follow_link_ok( { text => 'Requestor' } );
 $m->text_like( qr/richard.*bob.*alice/i, , 'Order by Requestors DESC' );
 
+diag "Test extended status column map when 'UseSQLForACLChecks' is false";
+{
+    my $queue_a = RT::Test->load_or_create_queue( Name => 'A' );
+    ok $queue_a && $queue_a->id, 'loaded or created queue_a';
+    my $qa_id = $queue_a->id;
+
+    my $user_a = RT::Test->load_or_create_user(
+        Name => 'user_a', Password => 'password', Privileged => 1
+    );
+    ok $user_a && $user_a->id, 'loaded or created user';
+    my $m_user_a = RT::Test::Web->new;
+    ok( $m_user_a->login( 'user_a', 'password' ), 'logged in as user_a' );
+
+    RT::Test->set_rights(
+        { Principal => 'Everyone', Right => [qw(SeeQueue)] },
+        { Principal => 'Requestor', Right => [qw(ShowTicket)] },
+    );
+
+    my $ticket = RT::Ticket->new( RT->SystemUser );
+    my ($id, $txn, $msg) = $ticket->Create(
+        Queue     => 'A',
+        Subject   => 'Parent Ticket',
+        Requestor => 'dave at localost',
+    );
+    ok $id;
+
+    # Create ticket with DependsOn relationship
+    (my $new_id, $txn, $msg) = $ticket->Create(
+        Queue     => 'A',
+        Subject   => 'Child Ticket',
+        Requestor => 'user_a',
+        DependsOn => $id
+    );
+
+    # Do a search with extended status column but the logged in user can only see
+    # the DependedOn ticket.
+    $m_user_a->get_ok( "/Search/Results.html?Query=id>0&Format='__id__','__ExtendedStatus__'" );
+    $m_user_a->content_lacks('Invalid column', 'No invalid column map results from extended status');
+}
+
 done_testing;

commit 29d4ec2845038d1d4567b49d71eaecd6e79bf70f
Author: craig kaiser <craig at bestpractical.com>
Date:   Wed Aug 25 17:02:46 2021 -0400

    Extended Status column map check if tickets are actually found
    
    When UseSQLForACLChecks=0 the 'count' of linked tickets can be found to
    be 1 but due to rights checks occurring on display, the one linked ticket
    may not be able to be loaded.

diff --git a/share/html/Elements/RT__Ticket/ColumnMap b/share/html/Elements/RT__Ticket/ColumnMap
index 9a98d13b1d..78391c4079 100644
--- a/share/html/Elements/RT__Ticket/ColumnMap
+++ b/share/html/Elements/RT__Ticket/ColumnMap
@@ -147,9 +147,14 @@ $COLUMN_MAP = {
                     my $SearchURL = RT->Config->Get('WebPath') . '/Search/Results.html?' . $m->comp('/Elements/QueryString', Query => $Query);
 
                     if ($count == 1) {
+                        # Count can be 1 but when UseSQLForACLChecks is set to 0 the rights check hasn't been
+                        # peformed yet, meaning the current user may not be able to see the linked ticket.
+                        # Therefore we need to check if a ticket is actually found.
                         my $pending_ticket = $unresolved_dependencies->Next;
-                        my $pending_ticket_url = RT->Config->Get('WebPath') . '/Ticket/Display.html?id=' . $pending_ticket->id;
-                        return \'<a href="',$pending_ticket_url,\'">', loc('(pending ticket #[_1])',$pending_ticket->id), \'</a>';
+                        if ($pending_ticket) {
+                            my $pending_ticket_url = RT->Config->Get('WebPath') . '/Ticket/Display.html?id=' . $pending_ticket->id;
+                            return \'<a href="',$pending_ticket_url,\'">', loc('(pending ticket #[_1])',$pending_ticket->id), \'</a>';
+                        }
                     }
 
                     return \'<a href="',$SearchURL,\'">', loc('(pending [quant,_1,other ticket,other tickets])',$count), \'</a>';

-----------------------------------------------------------------------


hooks/post-receive
-- 
rt

More information about the rt-commit mailing list