1 files changed, 90 insertions, 0 deletions
diff --git a/rt/html/Admin/Elements/SelectRights b/rt/html/Admin/Elements/SelectRights
new file mode 100644
index 000000000..37a06dc4d
--- /dev/null
+++ b/rt/html/Admin/Elements/SelectRights
@@ -0,0 +1,90 @@
+%# BEGIN LICENSE BLOCK
+%# 
+%# Copyright (c) 1996-2003 Jesse Vincent <jesse@bestpractical.com>
+%# 
+%# (Except where explictly superceded by other copyright notices)
+%# 
+%# This work is made available to you under the terms of Version 2 of
+%# the GNU General Public License. A copy of that license should have
+%# been provided with this software, but in any event can be snarfed
+%# from www.gnu.org.
+%# 
+%# This work is distributed in the hope that it will be useful, but
+%# WITHOUT ANY WARRANTY; without even the implied warranty of
+%# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+%# General Public License for more details.
+%# 
+%# Unless otherwise specified, all modifications, corrections or
+%# extensions to this work which alter its source code become the
+%# property of Best Practical Solutions, LLC when submitted for
+%# inclusion in the work.
+%# 
+%# 
+%# END LICENSE BLOCK
+<INPUT TYPE=HIDDEN NAME="CheckACL"  VALUE="<%$ACLDesc%>">
+     <TABLE BORDER=0>
+<TR>
+<TD valign=top width="180"> 
+<h3><&|/l&>Current rights</&></h3>
+% if ($ACLObj->Count() > 0) {
+<i>(<&|/l&>Check box to revoke right</&>)</i> <BR>
+% } else {
+<i><&|/l&>No rights granted.</&></i> <BR>    
+% }
+% while (my $right = $ACLObj->Next()) {
+% if ($right->RightName) {
+<input type=checkbox value="<%$right->Id%>" name="RevokeRight-<%$ACLDesc%>-<%$right->RightName%>"> <% loc($right->RightName) %><br>
+% }
+%  }
+</TD>
+<TD valign=top>
+<h3><&|/l&>New rights</&></h3> 
+<SELECT SIZE=5  MULTIPLE  NAME="GrantRight-<%$ACLDesc%>">
+% foreach $right (sort keys %Rights) {
+      <OPTION VALUE="<%$right%>"  
+	><% loc($right) %></OPTION>
+% }
+<OPTION VALUE="" SELECTED><&|/l&>(no value)</&></OPTION>
+</SELECT>
+</TD>
+</TR>
+</TABLE>
+<%INIT>
+    my ($right, $ACLDesc, $AppliesTo, %Rights);
+
+    # if the principal id points to a user, we really want to point
+    # to their ACL equivalence group. The machinations we're going through
+    # lead me to start to suspect that we really want users and groups
+    # to just be the same table. or _maybe_ that we want an object db.
+    my $princ = RT::Principal->new($RT::SystemUser);
+    $princ->Load($PrincipalId);
+    if ($princ->PrincipalType eq 'User') {
+    my $group = RT::Group->new($RT::SystemUser);
+        $group->LoadACLEquivalenceGroup($princ);
+        $PrincipalId = $group->PrincipalId;
+    }
+
+
+    my $ACLObj = new RT::ACL($session{'CurrentUser'});
+    my $ACE = new RT::ACE($session{'CurrentUser'});
+
+
+    $ACLObj->LimitToObject( $Object);
+    $ACLObj->LimitToPrincipal( Id => $PrincipalId);
+
+    if (ref($Object) && UNIVERSAL::can($Object, 'AvailableRights')) { 
+        %Rights = %{$Object->AvailableRights};
+    } 
+
+        else {
+                %Rights = { loc('System Error') => loc("No rights found")};
+        }
+        
+    $ACLDesc = "$PrincipalId-".ref($Object)."-".$Object->Id;
+</%INIT>
+    
+<%ARGS>
+$PrincipalType => undef
+$PrincipalId => undef
+$Object =>undef
+</%ARGS>