diff options
author | Mark Wells <mark@freeside.biz> | 2016-11-27 16:43:19 -0800 |
---|---|---|
committer | Mark Wells <mark@freeside.biz> | 2016-11-27 21:14:25 -0800 |
commit | 7c5f50804027577aac17d0fcefedcd0d0b6ca180 (patch) | |
tree | 68273b26685ca221d44ef95511ded74ecc589e6e /FS/FS/TicketSystem.pm | |
parent | bcfa8b9c306cc871b5851d7c07ef0759eb1bcb31 (diff) |
add RT ACL for bulk updating tickets, #72964
Conflicts:
rt/lib/RT/System.pm
Diffstat (limited to 'FS/FS/TicketSystem.pm')
-rw-r--r-- | FS/FS/TicketSystem.pm | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/FS/FS/TicketSystem.pm b/FS/FS/TicketSystem.pm index 8f3d7af03..c973c8802 100644 --- a/FS/FS/TicketSystem.pm +++ b/FS/FS/TicketSystem.pm @@ -401,6 +401,25 @@ sub _upgrade_data { warn "Fixed $rows transactions with empty time values\n" if $rows > 0; } + # One-time fix: We've created a "BulkUpdateTickets" access right; grant + # it to all auth'd users initially. + eval "use FS::upgrade_journal;"; + my $upgrade = 'RT_add_BulkUpdateTickets_ACL'; + if (!FS::upgrade_journal->is_done($upgrade)) { + my $groups = RT::Groups->new(RT->SystemUser); + $groups->LimitToEnabled; + $groups->LimitToSystemInternalGroups; + $groups->Limit(FIELD => 'Type', VALUE => 'Privileged', OPERATOR => '='); + my $group = $groups->First + or die "No RT internal group found for Privileged users"; + my ($val, $msg) = $group->PrincipalObj->GrantRight( + Right => 'BulkUpdateTickets', Object => RT->System + ); + die "Couldn't grant BulkUpdateTickets right to all users: $msg\n" + if !$val; + FS::upgrade_journal->set_done($upgrade); + } + return; } |