diff options
Diffstat (limited to 'rt/etc/upgrade/4.0.1/content')
| -rw-r--r-- | rt/etc/upgrade/4.0.1/content | 83 |
1 files changed, 83 insertions, 0 deletions
diff --git a/rt/etc/upgrade/4.0.1/content b/rt/etc/upgrade/4.0.1/content new file mode 100644 index 000000000..9b74ff1a8 --- /dev/null +++ b/rt/etc/upgrade/4.0.1/content @@ -0,0 +1,83 @@ +@Initial = ( + sub { + use strict; + $RT::Logger->debug('Removing all delegated rights'); + + my $acl = RT::ACL->new(RT->SystemUser); + my $groupjoin = $acl->NewAlias('Groups'); + $acl->Join( ALIAS1 => 'main', + FIELD1 => 'PrincipalId', + ALIAS2 => $groupjoin, + FIELD2 => 'id' + ); + $acl->Limit( ALIAS => $groupjoin, + FIELD => 'Domain', + OPERATOR => '=', + VALUE => 'Personal', + ); + + while ( my $ace = $acl->Next ) { + my ( $ok, $msg ) = $ace->Delete(); + + if ( !$ok ) { + $RT::Logger->warn( "Unable to delete ACE " . $ace->id . ": " . $msg ); + } + } + + my $groups = RT::Groups->new(RT->SystemUser); + $groups->Limit( FIELD => 'Domain', + OPERATOR => '=', + VALUE => 'Personal' + ); + while ( my $group = $groups->Next ) { + my $members = $group->MembersObj(); + while ( my $member = $members->Next ) { + my ( $ok, $msg ) = $group->DeleteMember( $member->MemberId ); + if ( !$ok ) { + $RT::Logger->warn( "Unable to remove group member " + . $member->id . ": " + . $msg ); + } + } + $group->PrincipalObj->Delete; + $group->RT::Record::Delete(); + } + }, + sub { + use strict; + $RT::Logger->debug('Removing all Delegate and PersonalGroup rights'); + + my $acl = RT::ACL->new(RT->SystemUser); + for my $right (qw/AdminOwnPersonalGroups AdminAllPersonalGroups DelegateRights/) { + $acl->Limit( FIELD => 'RightName', VALUE => $right ); + } + + while ( my $ace = $acl->Next ) { + my ( $ok, $msg ) = $ace->Delete(); + $RT::Logger->debug("Removing ACE ".$ace->id." for right ".$ace->__Value('RightName')); + + if ( !$ok ) { + $RT::Logger->warn( "Unable to delete ACE " . $ace->id . ": " . $msg ); + } + } + }, + sub { + use strict; + $RT::Logger->debug('Removing unimplemented RejectTicket and ModifyTicketStatus rights'); + + my $acl = RT::ACL->new(RT->SystemUser); + for my $right (qw/RejectTicket ModifyTicketStatus/) { + $acl->Limit( FIELD => 'RightName', VALUE => $right ); + } + + while ( my $ace = $acl->Next ) { + my ( $ok, $msg ) = $ace->Delete(); + $RT::Logger->debug("Removing ACE ".$ace->id." for right ".$ace->__Value('RightName')); + + if ( !$ok ) { + $RT::Logger->warn( "Unable to delete ACE " . $ace->id . ": " . $msg ); + } + } + }, +); + |