diff options
author | Mark Wells <mark@freeside.biz> | 2016-11-27 16:43:19 -0800 |
---|---|---|
committer | Mark Wells <mark@freeside.biz> | 2016-11-27 21:14:34 -0800 |
commit | 2de76dd592749962a7bd3c33417ad4ebaac1f934 (patch) | |
tree | 3d360c6db2da93e9441464e5266b0db08216179c | |
parent | fd90ad324e6e19d2e51676d0be8951801731f2e7 (diff) |
add RT ACL for bulk updating tickets, #72964
Conflicts:
rt/lib/RT/System.pm
-rw-r--r-- | FS/FS/TicketSystem.pm | 19 | ||||
-rw-r--r-- | rt/FREESIDE_MODIFIED | 6 | ||||
-rw-r--r-- | rt/lib/RT/System.pm | 3 | ||||
-rwxr-xr-x | rt/share/html/Elements/Tabs | 5 | ||||
-rwxr-xr-x | rt/share/html/Search/Bulk.html | 7 | ||||
-rwxr-xr-x | rt/share/html/Ticket/Elements/Tabs | 13 |
6 files changed, 48 insertions, 5 deletions
diff --git a/FS/FS/TicketSystem.pm b/FS/FS/TicketSystem.pm index 8f3d7af..c973c88 100644 --- a/FS/FS/TicketSystem.pm +++ b/FS/FS/TicketSystem.pm @@ -401,6 +401,25 @@ sub _upgrade_data { warn "Fixed $rows transactions with empty time values\n" if $rows > 0; } + # One-time fix: We've created a "BulkUpdateTickets" access right; grant + # it to all auth'd users initially. + eval "use FS::upgrade_journal;"; + my $upgrade = 'RT_add_BulkUpdateTickets_ACL'; + if (!FS::upgrade_journal->is_done($upgrade)) { + my $groups = RT::Groups->new(RT->SystemUser); + $groups->LimitToEnabled; + $groups->LimitToSystemInternalGroups; + $groups->Limit(FIELD => 'Type', VALUE => 'Privileged', OPERATOR => '='); + my $group = $groups->First + or die "No RT internal group found for Privileged users"; + my ($val, $msg) = $group->PrincipalObj->GrantRight( + Right => 'BulkUpdateTickets', Object => RT->System + ); + die "Couldn't grant BulkUpdateTickets right to all users: $msg\n" + if !$val; + FS::upgrade_journal->set_done($upgrade); + } + return; } diff --git a/rt/FREESIDE_MODIFIED b/rt/FREESIDE_MODIFIED index 05ffb2a..db5212d 100644 --- a/rt/FREESIDE_MODIFIED +++ b/rt/FREESIDE_MODIFIED @@ -171,3 +171,9 @@ share/html/Search/Schedule.html share/html/Elements/CalendarSlotSchedule share/html/Ticket/Display.html +# BulkUpdateTickets ACL +lib/RT/System.pm +share/html/Elements/Tabs +share/html/Search/Bulk.html +share/html/Ticket/Elements/Tabs + diff --git a/rt/lib/RT/System.pm b/rt/lib/RT/System.pm index 388a1fd..af7a22b 100644 --- a/rt/lib/RT/System.pm +++ b/rt/lib/RT/System.pm @@ -92,6 +92,9 @@ __PACKAGE__->AddRight( General => LoadSavedSearch => 'Allow loading of saved __PACKAGE__->AddRight( General => CreateSavedSearch => 'Allow creation of saved searches'); # loc __PACKAGE__->AddRight( Admin => ExecuteCode => 'Allow writing Perl code in templates, scrips, etc'); # loc +#freeside +__PACKAGE__->AddRight( Staff => BulkUpdateTickets => 'Bulk update tickets'); + =head2 AvailableRights Returns a hashref of available rights for this object. The keys are the diff --git a/rt/share/html/Elements/Tabs b/rt/share/html/Elements/Tabs index 297d907..aef27ed 100755 --- a/rt/share/html/Elements/Tabs +++ b/rt/share/html/Elements/Tabs @@ -847,7 +847,10 @@ my $build_main_nav = sub { } if ( $has_query ) { - $current_search_menu->child( bulk => title => loc('Bulk Update'), path => "/Search/Bulk.html$args" ); + #freeside + if ( $session{'CurrentUser'}->HasRight( Right => 'BulkUpdateTickets', Object => RT->System ) ) { + $current_search_menu->child( bulk => title => loc('Bulk Update'), path => "/Search/Bulk.html$args" ); + } $current_search_menu->child( chart => title => loc('Chart'), path => "/Search/Chart.html$args" ); #formerly Callbacks/RTx-Calendar/Ticket/Element/Tabs/Default diff --git a/rt/share/html/Search/Bulk.html b/rt/share/html/Search/Bulk.html index bacd96c..38b29fe 100755 --- a/rt/share/html/Search/Bulk.html +++ b/rt/share/html/Search/Bulk.html @@ -203,6 +203,13 @@ unless ( defined $Rows ) { } my $title = loc("Update multiple tickets"); +#freeside +unless ( $session{'CurrentUser'} + ->HasRight( Right => 'BulkUpdateTickets', Object => RT->System) ) +{ + Abort('You are not allowed to bulk-update tickets.'); +} + # Iterate through the ARGS hash and remove anything with a null value. map ( $ARGS{$_} =~ /^$/ && ( delete $ARGS{$_} ), keys %ARGS ); diff --git a/rt/share/html/Ticket/Elements/Tabs b/rt/share/html/Ticket/Elements/Tabs index 2f89dc6..bcc97e5 100755 --- a/rt/share/html/Ticket/Elements/Tabs +++ b/rt/share/html/Ticket/Elements/Tabs @@ -326,10 +326,15 @@ if ($has_query) { title => loc('Show Results'), }; - $tabs->{"j"} = { - path => "Search/Bulk.html$args", - title => loc('Bulk Update'), - }; + #freeside + if ( $session{'CurrentUser'} + ->HasRight(Right => 'BulkUpdateTickets', Object => $RT::System) ) + { + $tabs->{"j"} = { + path => "Search/Bulk.html$args", + title => loc('Bulk Update'), + }; + } $tabs->{"k"} = { path => "Search/Chart.html$args", |