[Rt-devel] adding non-priviledged users to groups
Jesse Vincent
jesse at bestpractical.com
Wed May 16 13:01:48 EDT 2007
On May 16, 2007, at 12:41 PM, Nicholas Clark wrote:
> On Wed, May 16, 2007 at 12:29:30PM -0400, Jesse Vincent wrote:
>>
>> On May 16, 2007, at 10:24 AM, Nicholas Clark wrote:
>>
>>> Here's a first stab at providing the interface to allow non-
>>> privileged users
>>> to be added to groups.
>>>
>>> I'm not sure how efficient it is, as it calls Privileged() on each
>>> user in
>>> turn in turn when building the list, and Privileged appears to
>>> result in a
>>> call on the database each time. I couldn't see how to get
>>> DBIx::SeachBuilder
>>> to return the info all at once.
>>
>> I'd probably do two different user objects. One of which is -
>>> LimitToPrivileged, the other of which is LimitToUnprivileged.
>
> Sort of like this?
Getting there. A nuance of mason: It's one namespace for all mason
pages. So sub definitions are...not what you want. An anon sub is
better.
I'd also put the label on the optgroup inside <%loc("")%> so that it
gets localized.
-j
> Which is somewhat cut&paste in RT::Users_Overlay
>
> Nicholas Clark
>
> --- html/Admin/Elements/SelectNewGroupMembers~ Mon Jun 19 22:44:04
> 2006
> +++ html/Admin/Elements/SelectNewGroupMembers Wed May 16 16:36:14 2007
> @@ -46,7 +46,13 @@
> % if ($Show ne 'Groups') {
> <b><&|/l&>Users</&></b>
> <select multiple name="<%$Name%>Users" size="10">
> -%while (my $user = $users->Next) {
> +<optgroup label="Privileged users">
> +%while (my $user = $p_users->Next) {
> +%next if $SkipUsers->{$user->id};
> +<option value="User-<%$user->id%>"><%$user->Name%></option>
> +%}
> +<optgroup label="Unprivileged users">
> +%while (my $user = $u_users->Next) {
> %next if $SkipUsers->{$user->id};
> <option value="User-<%$user->id%>"><%$user->Name%></option>
> %}
> @@ -64,21 +70,30 @@
> % }
>
> <%INIT>
> -my $users = new RT::Users($session{'CurrentUser'});
> +sub visible_users {
> + my $users = new RT::Users($session{'CurrentUser'});
>
> -$users->Limit(
> + $users->Limit(
> FIELD => 'id',
> VALUE => $RT::SystemUser->id,
> OPERATOR => '!=',
> ENTRYAGGREGATOR => 'AND'
> -);
> -$users->Limit(
> + );
> + $users->Limit(
> FIELD => 'id',
> VALUE => $RT::Nobody->id,
> OPERATOR => '!=',
> ENTRYAGGREGATOR => 'AND'
> -);
> -$users->LimitToPrivileged();
> + );
> +
> + return $users;
> +}
> +
> +my $p_users = visible_users();
> +$p_users->LimitToPrivileged();
> +
> +my $u_users = visible_users();
> +$u_users->LimitToUnprivileged();
>
> my $groups = new RT::Groups($session{'CurrentUser'});
>
> --- lib/RT/Users_Overlay.pm~ Tue Sep 26 15:06:31 2006
> +++ lib/RT/Users_Overlay.pm Wed May 16 16:38:58 2007
> @@ -226,6 +226,27 @@
>
> # }}}
>
> +# {{{ LimitToUnprivileged
> +
> +=head2 LimitToUnprivileged
> +
> +Limits to users who can not be made members of ACLs and groups
> +
> +=cut
> +
> +sub LimitToUnprivileged {
> + my $self = shift;
> +
> + my $priv = RT::Group->new( $self->CurrentUser );
> + $priv->LoadSystemInternalGroup('Unprivileged');
> + unless ( $priv->Id ) {
> + $RT::Logger->crit("Couldn't find a unprivileged users
> group");
> + }
> + $self->MemberOfGroup( $priv->PrincipalId );
> +}
> +
> +# }}}
> +
> # {{{ WhoHaveRight
>
> =head2 WhoHaveRight { Right => 'name', Object => $rt_object ,
> IncludeSuperusers => undef, IncludeSubgroupMembers => undef,
> IncludeSystemRights => undef, EquivObjects => [ ] }
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
Url : http://lists.bestpractical.com/pipermail/rt-devel/attachments/20070516/9729bf58/PGP.pgp
More information about the Rt-devel
mailing list