summaryrefslogtreecommitdiff
path: root/rt/lib/RT/Users_Overlay.pm
diff options
context:
space:
mode:
Diffstat (limited to 'rt/lib/RT/Users_Overlay.pm')
-rw-r--r--rt/lib/RT/Users_Overlay.pm85
1 files changed, 71 insertions, 14 deletions
diff --git a/rt/lib/RT/Users_Overlay.pm b/rt/lib/RT/Users_Overlay.pm
index a2d235c23..bdc7074ff 100644
--- a/rt/lib/RT/Users_Overlay.pm
+++ b/rt/lib/RT/Users_Overlay.pm
@@ -1,8 +1,8 @@
# BEGIN BPS TAGGED BLOCK {{{
#
# COPYRIGHT:
-#
-# This software is Copyright (c) 1996-2009 Best Practical Solutions, LLC
+#
+# This software is Copyright (c) 1996-2009 Best Practical Solutions, LLC
# <jesse@bestpractical.com>
#
# (Except where explicitly superseded by other copyright notices)
@@ -45,7 +45,6 @@
# those contributions and any derivatives thereof.
#
# END BPS TAGGED BLOCK }}}
-
=head1 NAME
RT::Users - Collection of RT::User objects
@@ -60,6 +59,11 @@
=head1 METHODS
+=begin testing
+
+ok(require RT::Users);
+
+=end testing
=cut
@@ -228,6 +232,68 @@ sub LimitToPrivileged {
=head2 WhoHaveRight { Right => 'name', Object => $rt_object , IncludeSuperusers => undef, IncludeSubgroupMembers => undef, IncludeSystemRights => undef, EquivObjects => [ ] }
+=begin testing
+
+ok(my $users = RT::Users->new($RT::SystemUser));
+$users->WhoHaveRight(Object =>$RT::System, Right =>'SuperUser');
+ok($users->Count == 1, "There is one privileged superuser - Found ". $users->Count );
+# TODO: this wants more testing
+
+my $RTxUser = RT::User->new($RT::SystemUser);
+($id, $msg) = $RTxUser->Create( Name => 'RTxUser', Comments => "RTx extension user", Privileged => 1);
+ok ($id,$msg);
+
+my $group = RT::Group->new($RT::SystemUser);
+$group->LoadACLEquivalenceGroup($RTxUser->PrincipalObj);
+
+my $RTxSysObj = {};
+bless $RTxSysObj, 'RTx::System';
+*RTx::System::Id = sub { 1; };
+*RTx::System::id = *RTx::System::Id;
+my $ace = RT::Record->new($RT::SystemUser);
+$ace->Table('ACL');
+$ace->_BuildTableAttributes unless ($_TABLE_ATTR->{ref($self)});
+($id, $msg) = $ace->Create( PrincipalId => $group->id, PrincipalType => 'Group', RightName => 'RTxUserRight', ObjectType => 'RTx::System', ObjectId => 1 );
+ok ($id, "ACL for RTxSysObj created");
+
+my $RTxObj = {};
+bless $RTxObj, 'RTx::System::Record';
+*RTx::System::Record::Id = sub { 4; };
+*RTx::System::Record::id = *RTx::System::Record::Id;
+
+$users = RT::Users->new($RT::SystemUser);
+$users->WhoHaveRight(Right => 'RTxUserRight', Object => $RTxSysObj);
+is($users->Count, 1, "RTxUserRight found for RTxSysObj");
+
+$users = RT::Users->new($RT::SystemUser);
+$users->WhoHaveRight(Right => 'RTxUserRight', Object => $RTxObj);
+is($users->Count, 0, "RTxUserRight not found for RTxObj");
+
+$users = RT::Users->new($RT::SystemUser);
+$users->WhoHaveRight(Right => 'RTxUserRight', Object => $RTxObj, EquivObjects => [ $RTxSysObj ]);
+is($users->Count, 1, "RTxUserRight found for RTxObj using EquivObjects");
+
+$ace = RT::Record->new($RT::SystemUser);
+$ace->Table('ACL');
+$ace->_BuildTableAttributes unless ($_TABLE_ATTR->{ref($self)});
+($id, $msg) = $ace->Create( PrincipalId => $group->id, PrincipalType => 'Group', RightName => 'RTxUserRight', ObjectType => 'RTx::System::Record', ObjectId => 5 );
+ok ($id, "ACL for RTxObj created");
+
+my $RTxObj2 = {};
+bless $RTxObj2, 'RTx::System::Record';
+*RTx::System::Record::Id = sub { 5; };
+*RTx::System::Record::id = sub { 5; };
+
+$users = RT::Users->new($RT::SystemUser);
+$users->WhoHaveRight(Right => 'RTxUserRight', Object => $RTxObj2);
+is($users->Count, 1, "RTxUserRight found for RTxObj2");
+
+$users = RT::Users->new($RT::SystemUser);
+$users->WhoHaveRight(Right => 'RTxUserRight', Object => $RTxObj2, EquivObjects => [ $RTxSysObj ]);
+is($users->Count, 1, "RTxUserRight found for RTxObj2");
+
+
+=end testing
find all users who the right Right for this group, either individually
or as members of groups
@@ -297,16 +363,6 @@ sub _JoinACL
@_,
);
- if ( $args{'Right'} ) {
- my $canonic = RT::ACE->CanonicalizeRightName( $args{'Right'} );
- unless ( $canonic ) {
- $RT::Logger->error("Invalid right. Couldn't canonicalize right '$args{'Right'}'");
- }
- else {
- $args{'Right'} = $canonic;
- }
- }
-
my $acl = $self->NewAlias('ACL');
$self->Limit(
ALIAS => $acl,
@@ -347,7 +403,7 @@ sub _GetEquivObjects
# XXX: This should be abstracted into object itself
if( $args{'Object'}->id ) {
- push @objects, $args{'Object'}->ACLEquivalenceObjects;
+ push @objects, $args{'Object'}->QueueObj;
} else {
push @objects, 'RT::Queue';
}
@@ -384,6 +440,7 @@ sub WhoHaveRight {
$from_group->WhoHaveGroupRight( %args );
#XXX: DIRTY HACK
+ use DBIx::SearchBuilder 1.50; #no version on ::Union :(
use DBIx::SearchBuilder::Union;
my $union = new DBIx::SearchBuilder::Union;
$union->add( $_ ) foreach @from_role;
generated by cgit v1.2.1 (git 2.18.0) at 2025-12-23 19:36:39 +0000