1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
use strict;
use warnings;
use RT::Test tests => undef;
use Set::Tiny;
my @warnings;
local $SIG{__WARN__} = sub {
push @warnings, "@_";
};
my $requestor = RT::Group->new( RT->SystemUser );
$requestor->LoadRoleGroup(
Object => RT->System,
Name => "Requestor",
);
ok $requestor->id, "Loaded global requestor role group";
$requestor = $requestor->PrincipalObj;
ok $requestor->id, "Loaded global requestor role group principal";
note "Try granting an article right to a system role group";
{
my ($ok, $msg) = $requestor->GrantRight(
Right => "ShowArticle",
Object => RT->System,
);
ok !$ok, "Couldn't grant nonsensical right to global Requestor role: $msg";
like shift @warnings, qr/Couldn't validate right name.*?ShowArticle/;
($ok, $msg) = $requestor->GrantRight(
Right => "ShowTicket",
Object => RT->System,
);
ok $ok, "Granted queue right to global queue role: $msg";
($ok, $msg) = RT->PrivilegedUsers->PrincipalObj->GrantRight(
Right => "ShowArticle",
Object => RT->System,
);
ok $ok, "Granted article right to non-role global group: $msg";
reset_rights();
}
note "AvailableRights";
{
my @available = (
[ keys %{RT->System->AvailableRights} ],
[ keys %{RT->System->AvailableRights( $requestor )} ],
);
my $all = Set::Tiny->new( @{$available[0]} );
my $role = Set::Tiny->new( @{$available[1]} );
ok $role->is_proper_subset($all), "role rights are a proper subset of all";
}
ok !@warnings, "No uncaught warnings"
or diag explain \@warnings;
# for clarity
sub reset_rights { RT::Test->set_rights() }
done_testing;
|
