[Rt-devel] PATCH: don't link Admin/Users/Modify if the user
doesn't have the required privilege
Jesse Vincent
jesse at bestpractical.com
Mon Apr 24 11:07:12 EDT 2006
Thanks. applied.
On Fri, Apr 21, 2006 at 04:15:21PM +0200, David Schweikert wrote:
> Hi,
>
> On the Ticket page, if you click on the "More about Requestor" link, you
> get to the Admin/Users/Modify.html page, but if you don't have the
> AdminUsers privilege, you only get a blank page.
>
> This patch removes the link if the user doesn't have that privilege.
>
>
> --- share/html/Ticket/Elements/ShowRequestor 2006-01-12 04:04:46.000000000 +0100
> +++ share/html/Ticket/Elements/ShowRequestor 2006-04-21 16:10:13.943128000 +0200
> @@ -49,6 +49,7 @@
> while (my $requestor=$people->Next) {
> my $name=$requestor->RealName || $requestor->EmailAddress;
> my $tickets = RT::Tickets->new($session{'CurrentUser'});
> +my $has_right_adminusers = $session{'CurrentUser'}->HasRight(Object => $RT::System, Right => 'AdminUsers');
> $tickets->LimitWatcher(TYPE => 'Requestor', VALUE => $requestor->EmailAddress );
> $tickets->LimitStatus( VALUE => 'open');
> $tickets->LimitStatus( VALUE => 'new');
> @@ -58,7 +59,7 @@
> </%PERL>
>
> % unless ($requestor->Privileged) {
> -<&| /Widgets/TitleBox, title_href => "$RT::WebPath/Admin/Users/Modify.html?id=".$requestor->id, title=> loc("More about [_1]", $name) &>
> +<&| /Widgets/TitleBox, title_href => $has_right_adminusers ? "$RT::WebPath/Admin/Users/Modify.html?id=".$requestor->id : undef, title=> loc("More about [_1]", $name) &>
>
> %# Additional information about this user. Empty by default.
> <& /Elements/Callback, _CallbackName => 'AboutThisUser', requestor => $requestor, %ARGS &>
>
>
>
> Cheers
> David
> --
> David Schweikert | phone: +41 44 632 7019
> System manager ISG.EE | walk: ETH Zentrum, ETL F24.1
> ETH Zurich, Switzerland | web: http://people.ee.ethz.ch/dws
> _______________________________________________
> List info: http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-devel
>
> Best Practical is hiring! Come hack Perl for us: http://bestpractical.com/about/jobs.html
>
--
More information about the Rt-devel
mailing list