add RT ACL for bulk updating tickets, #72964

Conflicts: rt/lib/RT/System.pm
author: Mark Wells <mark@freeside.biz> 2016-11-27 16:43:19 -0800
committer: Mark Wells <mark@freeside.biz> 2016-11-27 21:14:34 -0800
commit: 2de76dd592749962a7bd3c33417ad4ebaac1f934 (patch)
tree: 3d360c6db2da93e9441464e5266b0db08216179c /FS
parent: fd90ad324e6e19d2e51676d0be8951801731f2e7 (diff)
1 files changed, 19 insertions, 0 deletions
diff --git a/FS/FS/TicketSystem.pm b/FS/FS/TicketSystem.pm
index 8f3d7af03..c973c8802 100644
--- a/FS/FS/TicketSystem.pm
+++ b/FS/FS/TicketSystem.pm
@@ -401,6 +401,25 @@ sub _upgrade_data {
     warn "Fixed $rows transactions with empty time values\n" if $rows > 0;
   }
 
+  # One-time fix: We've created a "BulkUpdateTickets" access right; grant
+  # it to all auth'd users initially.
+  eval "use FS::upgrade_journal;";
+  my $upgrade = 'RT_add_BulkUpdateTickets_ACL';
+  if (!FS::upgrade_journal->is_done($upgrade)) {
+    my $groups = RT::Groups->new(RT->SystemUser);
+    $groups->LimitToEnabled;
+    $groups->LimitToSystemInternalGroups;
+    $groups->Limit(FIELD => 'Type', VALUE => 'Privileged', OPERATOR => '=');
+    my $group = $groups->First
+      or die "No RT internal group found for Privileged users";
+    my ($val, $msg) = $group->PrincipalObj->GrantRight(
+      Right => 'BulkUpdateTickets', Object => RT->System
+    );
+    die "Couldn't grant BulkUpdateTickets right to all users: $msg\n"
+      if !$val;
+    FS::upgrade_journal->set_done($upgrade);
+  }
+
   return;
 }
author	Mark Wells <mark@freeside.biz>	2016-11-27 16:43:19 -0800
committer	Mark Wells <mark@freeside.biz>	2016-11-27 21:14:34 -0800
commit	2de76dd592749962a7bd3c33417ad4ebaac1f934 (patch)
tree	3d360c6db2da93e9441464e5266b0db08216179c /FS
parent	fd90ad324e6e19d2e51676d0be8951801731f2e7 (diff)