1 # $Header: /home/cvs/cvsroot/freeside/rt/lib/RT/ACL.pm,v 1.1 2002-08-12 06:17:07 ivan Exp $
2 # Distributed under the terms of the GNU GPL
3 # Copyright (c) 2000 Jesse Vincent <jesse@fsck.com>
7 RT::ACL - collection of RT ACE objects
12 my $ACL = new RT::ACL($CurrentUser);
21 ok(require RT::TestHarness);
31 @ISA= qw(RT::EasySearch);
36 $self->{'table'} = "ACL";
37 $self->{'primary_key'} = "id";
38 return ( $self->SUPER::_Init(@_));
46 return(RT::ACE->new($self->CurrentUser));
52 Hand out the next ACE that was found
60 my $ACE = $self->SUPER::Next();
61 if ((defined($ACE)) and (ref($ACE))) {
63 if ( $ACE->CurrentUserHasRight('ShowACL') or
64 $ACE->CurrentUserHasRight('ModifyACL')
69 #If the user doesn't have the right to show this ACE
71 return($self->Next());
74 #if there never was any ACE
84 =head1 Limit the ACL to a specific scope
86 There are two real scopes right now:
88 =item Queue is for rights that apply to a single queue
90 =item System is for rights that apply to the System (rights that aren't queue related)
95 Takes a single queueid as its argument.
97 Limit the ACL to just a given queue when supplied with an integer queue id.
107 $self->Limit( FIELD =>'RightScope',
108 ENTRYAGGREGATOR => 'OR',
110 $self->Limit( FIELD =>'RightScope',
111 ENTRYAGGREGATOR => 'OR',
114 $self->Limit(ENTRYAGGREGATOR => 'OR',
115 FIELD => 'RightAppliesTo',
121 =head2 LimitToSystem()
123 Limit the ACL to system rights
130 $self->Limit( FIELD =>'RightScope',
137 Takes a single RightName as its only argument.
138 Limits the search to the right $right.
139 $right is a right listed in perldoc RT::ACE
147 $self->Limit(ENTRYAGGREGATOR => 'OR',
148 FIELD => 'RightName',
153 =head1 Limit to a specifc set of principals
155 =head2 LimitPrincipalToUser
157 Takes a single userid as its only argument.
158 Limit the ACL to a just a specific user.
162 sub LimitPrincipalToUser {
166 $self->Limit(ENTRYAGGREGATOR => 'OR',
167 FIELD => 'PrincipalType',
170 $self->Limit(ENTRYAGGREGATOR => 'OR',
171 FIELD => 'PrincipalId',
177 =head2 LimitPrincipalToGroup
179 Takes a single group as its only argument.
180 Limit the ACL to just a specific group.
184 sub LimitPrincipalToGroup {
188 $self->Limit(ENTRYAGGREGATOR => 'OR',
189 FIELD => 'PrincipalType',
192 $self->Limit(ENTRYAGGREGATOR => 'OR',
193 FIELD => 'PrincipalId',
198 =head2 LimitPrincipalToType($type)
200 Takes a single argument, $type.
201 Limit the ACL to just a specific principal type
214 sub LimitPrincipalToType {
217 $self->Limit(ENTRYAGGREGATOR => 'OR',
218 FIELD => 'PrincipalType',
223 =head2 LimitPrincipalToId
225 Takes a single argument, the numeric Id of the principal to limit this ACL to. Repeated calls to this
226 function will broaden the scope of the search to include all principals listed.
230 sub LimitPrincipalToId {
234 if ($id =~ /^\d+$/) {
235 $self->Limit(ENTRYAGGREGATOR => 'OR',
236 FIELD => 'PrincipalId',
240 $RT::Logger->warn($self."->LimitPrincipalToId called with '$id' as an id");
246 #wrap around _DoSearch so that we can build the hash of returned
250 # $RT::Logger->debug("Now in ".$self."->_DoSearch");
251 my $return = $self->SUPER::_DoSearch(@_);
252 # $RT::Logger->debug("In $self ->_DoSearch. return from SUPER::_DoSearch was $return\n");
258 #Build a hash of this ACL's entries.
262 while (my $entry = $self->Next) {
263 my $hashkey = $entry->RightScope . "-" .
264 $entry->RightAppliesTo . "-" .
265 $entry->RightName . "-" .
266 $entry->PrincipalId . "-" .
267 $entry->PrincipalType;
269 $self->{'as_hash'}->{"$hashkey"} =1;
284 my %args = ( RightScope => undef,
285 RightAppliesTo => undef,
287 PrincipalId => undef,
288 PrincipalType => undef,
291 #if we haven't done the search yet, do it now.
294 if ($self->{'as_hash'}->{ $args{'RightScope'} . "-" .
295 $args{'RightAppliesTo'} . "-" .
296 $args{'RightName'} . "-" .
297 $args{'PrincipalId'} . "-" .
298 $args{'PrincipalType'}