1 # BEGIN BPS TAGGED BLOCK {{{
5 # This software is Copyright (c) 1996-2011 Best Practical Solutions, LLC
6 # <sales@bestpractical.com>
8 # (Except where explicitly superseded by other copyright notices)
13 # This work is made available to you under the terms of Version 2 of
14 # the GNU General Public License. A copy of that license should have
15 # been provided with this software, but in any event can be snarfed
18 # This work is distributed in the hope that it will be useful, but
19 # WITHOUT ANY WARRANTY; without even the implied warranty of
20 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 # General Public License for more details.
23 # You should have received a copy of the GNU General Public License
24 # along with this program; if not, write to the Free Software
25 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
26 # 02110-1301 or visit their web page on the internet at
27 # http://www.gnu.org/licenses/old-licenses/gpl-2.0.html.
30 # CONTRIBUTION SUBMISSION POLICY:
32 # (The following paragraph is not intended to limit the rights granted
33 # to you to modify and distribute this software under the terms of
34 # the GNU General Public License and is only of importance to you if
35 # you choose to contribute your changes and enhancements to the
36 # community by submitting them to Best Practical Solutions, LLC.)
38 # By intentionally submitting any modifications, corrections or
39 # derivatives to this work, or any other work intended for use with
40 # Request Tracker, to Best Practical Solutions, LLC, you confirm that
41 # you are the copyright holder for those contributions and you grant
42 # Best Practical Solutions, LLC a nonexclusive, worldwide, irrevocable,
43 # royalty-free, perpetual, license to use, copy, create derivative
44 # works based on those contributions, and sublicense and distribute
45 # those contributions and any derivatives thereof.
47 # END BPS TAGGED BLOCK }}}
51 RT::Queue - an RT Queue object
69 no warnings qw(redefine);
73 use RT::Interface::Email;
75 our @DEFAULT_ACTIVE_STATUS = qw(new open stalled);
76 our @DEFAULT_INACTIVE_STATUS = qw(resolved rejected deleted);
78 # $self->loc('new'); # For the string extractor to get a string to localize
79 # $self->loc('open'); # For the string extractor to get a string to localize
80 # $self->loc('stalled'); # For the string extractor to get a string to localize
81 # $self->loc('resolved'); # For the string extractor to get a string to localize
82 # $self->loc('rejected'); # For the string extractor to get a string to localize
83 # $self->loc('deleted'); # For the string extractor to get a string to localize
87 SeeQueue => 'Can this principal see this queue', # loc_pair
88 AdminQueue => 'Create, delete and modify queues', # loc_pair
89 ShowACL => 'Display Access Control List', # loc_pair
90 ModifyACL => 'Modify Access Control List', # loc_pair
91 ModifyQueueWatchers => 'Modify the queue watchers', # loc_pair
92 SeeCustomField => 'See custom field values', # loc_pair
93 ModifyCustomField => 'Modify custom field values', # loc_pair
94 AssignCustomFields => 'Assign and remove custom fields', # loc_pair
95 ModifyTemplate => 'Modify Scrip templates for this queue', # loc_pair
96 ShowTemplate => 'Display Scrip templates for this queue', # loc_pair
98 ModifyScrips => 'Modify Scrips for this queue', # loc_pair
99 ShowScrips => 'Display Scrips for this queue', # loc_pair
101 ShowTicket => 'See ticket summaries', # loc_pair
102 ShowTicketComments => 'See ticket private commentary', # loc_pair
103 ShowOutgoingEmail => 'See exact outgoing email messages and their recipeients', # loc_pair
105 Watch => 'Sign up as a ticket Requestor or ticket or queue Cc', # loc_pair
106 WatchAsAdminCc => 'Sign up as a ticket or queue AdminCc', # loc_pair
107 CreateTicket => 'Create tickets in this queue', # loc_pair
108 ReplyToTicket => 'Reply to tickets', # loc_pair
109 CommentOnTicket => 'Comment on tickets', # loc_pair
110 OwnTicket => 'Own tickets', # loc_pair
111 ModifyTicket => 'Modify tickets', # loc_pair
112 DeleteTicket => 'Delete tickets', # loc_pair
113 TakeTicket => 'Take tickets', # loc_pair
114 StealTicket => 'Steal tickets', # loc_pair
116 ForwardMessage => 'Forward messages to third person(s)', # loc_pair
120 # Tell RT::ACE that this sort of object can get acls granted
121 $RT::ACE::OBJECT_TYPES{'RT::Queue'} = 1;
123 # TODO: This should be refactored out into an RT::ACLedObject or something
124 # stuff the rights into a hash of rights that can exist.
126 foreach my $right ( keys %{$RIGHTS} ) {
127 $RT::ACE::LOWERCASERIGHTNAMES{ lc $right } = $right;
130 =head2 AddRights C<RIGHT>, C<DESCRIPTION> [, ...]
132 Adds the given rights to the list of possible rights. This method
133 should be called during server startup, not at runtime.
140 $RIGHTS = { %$RIGHTS, %new };
141 %RT::ACE::LOWERCASERIGHTNAMES = ( %RT::ACE::LOWERCASERIGHTNAMES,
142 map { lc($_) => $_ } keys %new);
147 my %args = ( Target => '',
153 unless ( $self->CurrentUserHasRight('ModifyQueue') ) {
154 return ( 0, $self->loc("Permission Denied") );
157 return $self->SUPER::_AddLink(%args);
170 unless ( $self->CurrentUserHasRight('ModifyQueue') ) {
171 $RT::Logger->debug("No permission to delete links");
172 return ( 0, $self->loc('Permission Denied'))
175 return $self->SUPER::_DeleteLink(%args);
178 =head2 AvailableRights
180 Returns a hash of available rights for this object. The keys are the right names and the values are a description of what the rights do
184 sub AvailableRights {
189 # {{{ ActiveStatusArray
191 =head2 ActiveStatusArray
193 Returns an array of all ActiveStatuses for this queue
197 sub ActiveStatusArray {
199 if (RT->Config->Get('ActiveStatus')) {
200 return (RT->Config->Get('ActiveStatus'))
202 $RT::Logger->warning("RT::ActiveStatus undefined, falling back to deprecated defaults");
203 return (@DEFAULT_ACTIVE_STATUS);
209 # {{{ InactiveStatusArray
211 =head2 InactiveStatusArray
213 Returns an array of all InactiveStatuses for this queue
217 sub InactiveStatusArray {
219 if (RT->Config->Get('InactiveStatus')) {
220 return (RT->Config->Get('InactiveStatus'))
222 $RT::Logger->warning("RT::InactiveStatus undefined, falling back to deprecated defaults");
223 return (@DEFAULT_INACTIVE_STATUS);
233 Returns an array of all statuses for this queue
239 return ($self->ActiveStatusArray(), $self->InactiveStatusArray());
246 =head2 IsValidStatus VALUE
248 Returns true if VALUE is a valid status. Otherwise, returns 0.
257 my $retval = grep ( $_ eq $value, $self->StatusArray );
266 =head2 IsActiveStatus VALUE
268 Returns true if VALUE is a Active status. Otherwise, returns 0
277 my $retval = grep ( $_ eq $value, $self->ActiveStatusArray );
284 # {{{ IsInactiveStatus
286 =head2 IsInactiveStatus VALUE
288 Returns true if VALUE is a Inactive status. Otherwise, returns 0
293 sub IsInactiveStatus {
297 my $retval = grep ( $_ eq $value, $self->InactiveStatusArray );
312 Arguments: ARGS is a hash of named parameters. Valid parameters are:
322 If you pass the ACL check, it creates the queue and returns its queue id.
331 CorrespondAddress => '',
333 CommentAddress => '',
335 InitialPriority => 0,
340 _RecordTransaction => 1,
344 unless ( $self->CurrentUser->HasRight(Right => 'AdminQueue', Object => $RT::System) )
346 return ( 0, $self->loc("No permission to create queues") );
349 unless ( $self->ValidateName( $args{'Name'} ) ) {
350 return ( 0, $self->loc('Queue already exists') );
353 my %attrs = map {$_ => 1} $self->ReadableAttributes;
355 #TODO better input validation
356 $RT::Handle->BeginTransaction();
357 my $id = $self->SUPER::Create( map { $_ => $args{$_} } grep exists $args{$_}, keys %attrs );
359 $RT::Handle->Rollback();
360 return ( 0, $self->loc('Queue could not be created') );
363 my $create_ret = $self->_CreateQueueGroups();
364 unless ($create_ret) {
365 $RT::Handle->Rollback();
366 return ( 0, $self->loc('Queue could not be created') );
368 if ( $args{'_RecordTransaction'} ) {
369 $self->_NewTransaction( Type => "Create" );
373 if ( defined $args{'Sign'} ) {
374 my ($status, $msg) = $self->SetSign( $args{'Sign'} );
375 $RT::Logger->error("Couldn't set attribute 'Sign': $msg")
378 if ( defined $args{'Encrypt'} ) {
379 my ($status, $msg) = $self->SetEncrypt( $args{'Encrypt'} );
380 $RT::Logger->error("Couldn't set attribute 'Encrypt': $msg")
384 return ( $id, $self->loc("Queue created") );
394 $self->loc('Deleting this object would break referential integrity') );
399 # {{{ sub SetDisabled
404 1 will cause this queue to no longer be available for tickets.
405 0 will re-enable this queue.
413 $RT::Handle->BeginTransaction();
414 my $set_err = $self->SUPER::SetDisabled($val);
416 $RT::Handle->Rollback();
417 $RT::Logger->warning("Couldn't ".($val == 1) ? "disable" : "enable"." queue ".$self->PrincipalObj->Id);
420 $self->_NewTransaction( Type => ($val == 1) ? "Disabled" : "Enabled" );
422 $RT::Handle->Commit();
425 return (1, $self->loc("Queue disabled"));
427 return (1, $self->loc("Queue enabled"));
438 Takes either a numerical id or a textual Name and loads the specified queue.
445 my $identifier = shift;
446 if ( !$identifier ) {
450 if ( $identifier =~ /^(\d+)$/ ) {
451 $self->SUPER::LoadById($identifier);
454 $self->LoadByCols( Name => $identifier );
457 return ( $self->Id );
463 # {{{ sub ValidateName
465 =head2 ValidateName NAME
467 Takes a queue name. Returns true if it's an ok name for
468 a new queue. Returns undef if there's already a queue by that name.
476 my $tempqueue = new RT::Queue($RT::SystemUser);
477 $tempqueue->Load($name);
479 #If this queue exists, return undef
480 if ( $tempqueue->Name() && $tempqueue->id != $self->id) {
484 #If the queue doesn't exist, return 1
486 return ($self->SUPER::ValidateName($name));
501 return undef unless $self->CurrentUserHasRight('SeeQueue');
502 my $attr = $self->FirstAttribute('Sign') or return 0;
503 return $attr->Content;
510 return ( 0, $self->loc('Permission Denied') )
511 unless $self->CurrentUserHasRight('AdminQueue');
513 my ($status, $msg) = $self->SetAttribute(
515 Description => 'Sign outgoing messages by default',
518 return ($status, $msg) unless $status;
519 return ($status, $self->loc('Signing enabled')) if $value;
520 return ($status, $self->loc('Signing disabled'));
527 return undef unless $self->CurrentUserHasRight('SeeQueue');
528 my $attr = $self->FirstAttribute('Encrypt') or return 0;
529 return $attr->Content;
536 return ( 0, $self->loc('Permission Denied') )
537 unless $self->CurrentUserHasRight('AdminQueue');
539 my ($status, $msg) = $self->SetAttribute(
541 Description => 'Encrypt outgoing messages by default',
544 return ($status, $msg) unless $status;
545 return ($status, $self->loc('Encrypting enabled')) if $value;
546 return ($status, $self->loc('Encrypting disabled'));
551 return RT->System->SubjectTag( $self );
558 return ( 0, $self->loc('Permission Denied') )
559 unless $self->CurrentUserHasRight('AdminQueue');
561 my $attr = RT->System->FirstAttribute('BrandedSubjectTag');
562 my $map = $attr ? $attr->Content : {};
563 if ( defined $value && length $value ) {
564 $map->{ $self->id } = $value;
566 delete $map->{ $self->id };
569 my ($status, $msg) = RT->System->SetAttribute(
570 Name => 'BrandedSubjectTag',
571 Description => 'Queue id => subject tag map',
574 return ($status, $msg) unless $status;
575 return ($status, $self->loc(
576 "SubjectTag changed to [_1]",
577 (defined $value && length $value)? $value : $self->loc("(no value)")
585 Returns an RT::Templates object of all of this queue's templates.
592 my $templates = RT::Templates->new( $self->CurrentUser );
594 if ( $self->CurrentUserHasRight('ShowTemplate') ) {
595 $templates->LimitToQueue( $self->id );
603 # {{{ Dealing with custom fields
607 =head2 CustomField NAME
609 Load the queue-specific custom field named NAME
616 my $cf = RT::CustomField->new($self->CurrentUser);
617 $cf->LoadByNameAndQueue(Name => $name, Queue => $self->Id);
622 # {{{ TicketCustomFields
624 =head2 TicketCustomFields
626 Returns an L<RT::CustomFields> object containing all global and
627 queue-specific B<ticket> custom fields.
631 sub TicketCustomFields {
634 my $cfs = RT::CustomFields->new( $self->CurrentUser );
635 if ( $self->CurrentUserHasRight('SeeQueue') ) {
636 $cfs->SetContextObject( $self );
637 $cfs->LimitToGlobalOrObjectId( $self->Id );
638 $cfs->LimitToLookupType( 'RT::Queue-RT::Ticket' );
639 $cfs->ApplySortOrder;
646 # {{{ TicketTransactionCustomFields
648 =head2 TicketTransactionCustomFields
650 Returns an L<RT::CustomFields> object containing all global and
651 queue-specific B<transaction> custom fields.
655 sub TicketTransactionCustomFields {
658 my $cfs = RT::CustomFields->new( $self->CurrentUser );
659 if ( $self->CurrentUserHasRight('SeeQueue') ) {
660 $cfs->LimitToGlobalOrObjectId( $self->Id );
661 $cfs->LimitToLookupType( 'RT::Queue-RT::Ticket-RT::Transaction' );
662 $cfs->ApplySortOrder;
672 # {{{ Routines dealing with watchers.
674 # {{{ _CreateQueueGroups
676 =head2 _CreateQueueGroups
678 Create the ticket groups and links for this ticket.
679 This routine expects to be called from Ticket->Create _inside of a transaction_
681 It will create four groups for this ticket: Requestor, Cc, AdminCc and Owner.
683 It will return true on success and undef on failure.
689 sub _CreateQueueGroups {
692 my @types = qw(Cc AdminCc Requestor Owner);
694 foreach my $type (@types) {
695 my $type_obj = RT::Group->new($self->CurrentUser);
696 my ($id, $msg) = $type_obj->CreateRoleGroup(Instance => $self->Id,
698 Domain => 'RT::Queue-Role');
700 $RT::Logger->error("Couldn't create a Queue group of type '$type' for ticket ".
701 $self->Id.": ".$msg);
716 AddWatcher takes a parameter hash. The keys are as follows:
718 Type One of Requestor, Cc, AdminCc
720 PrinicpalId The RT::Principal id of the user or group that's being added as a watcher
721 Email The email address of the new watcher. If a user with this
722 email address can't be found, a new nonprivileged user will be created.
724 If the watcher you\'re trying to set has an RT account, set the Owner parameter to their User Id. Otherwise, set the Email parameter to their Email address.
726 Returns a tuple of (status/id, message).
734 PrincipalId => undef,
739 return ( 0, "No principal specified" )
740 unless $args{'Email'} or $args{'PrincipalId'};
742 if ( !$args{'PrincipalId'} && $args{'Email'} ) {
743 my $user = RT::User->new( $self->CurrentUser );
744 $user->LoadByEmail( $args{'Email'} );
745 $args{'PrincipalId'} = $user->PrincipalId if $user->id;
749 return ( $self->_AddWatcher(%args) )
750 if $self->CurrentUserHasRight('ModifyQueueWatchers');
752 #If the watcher we're trying to add is for the current user
753 if ( defined $args{'PrincipalId'} && $self->CurrentUser->PrincipalId eq $args{'PrincipalId'}) {
754 # If it's an AdminCc and they don't have
755 # 'WatchAsAdminCc' or 'ModifyTicket', bail
756 if ( defined $args{'Type'} && ($args{'Type'} eq 'AdminCc') ) {
757 return ( $self->_AddWatcher(%args) )
758 if $self->CurrentUserHasRight('WatchAsAdminCc');
761 # If it's a Requestor or Cc and they don't have
762 # 'Watch' or 'ModifyTicket', bail
763 elsif ( $args{'Type'} eq 'Cc' or $args{'Type'} eq 'Requestor' ) {
764 return ( $self->_AddWatcher(%args) )
765 if $self->CurrentUserHasRight('Watch');
768 $RT::Logger->warning( "$self -> AddWatcher got passed a bogus type");
769 return ( 0, $self->loc('Error in parameters to Queue->AddWatcher') );
773 return ( 0, $self->loc("Permission Denied") );
776 #This contains the meat of AddWatcher. but can be called from a routine like
777 # Create, which doesn't need the additional acl check
783 PrincipalId => undef,
789 my $principal = RT::Principal->new( $self->CurrentUser );
790 if ( $args{'PrincipalId'} ) {
791 $principal->Load( $args{'PrincipalId'} );
792 if ( $principal->id and $principal->IsUser and my $email = $principal->Object->EmailAddress ) {
793 return (0, $self->loc("[_1] is an address RT receives mail at. Adding it as a '[_2]' would create a mail loop", $email, $self->loc($args{'Type'})))
794 if RT::EmailParser->IsRTAddress( $email );
797 elsif ( $args{'Email'} ) {
798 if ( RT::EmailParser->IsRTAddress( $args{'Email'} ) ) {
799 return (0, $self->loc("[_1] is an address RT receives mail at. Adding it as a '[_2]' would create a mail loop", $args{'Email'}, $self->loc($args{'Type'})));
801 my $user = RT::User->new($self->CurrentUser);
802 $user->LoadByEmail( $args{'Email'} );
803 $user->Load( $args{'Email'} )
806 if ( $user->Id ) { # If the user exists
807 $principal->Load( $user->PrincipalId );
809 # if the user doesn't exist, we need to create a new user
810 my $new_user = RT::User->new($RT::SystemUser);
812 my ( $Address, $Name ) =
813 RT::Interface::Email::ParseAddressFromHeader($args{'Email'});
815 my ( $Val, $Message ) = $new_user->Create(
817 EmailAddress => $Address,
820 Comments => 'Autocreated when added as a watcher'
823 $RT::Logger->error("Failed to create user ".$args{'Email'} .": " .$Message);
824 # Deal with the race condition of two account creations at once
825 $new_user->LoadByEmail( $args{'Email'} );
827 $principal->Load( $new_user->PrincipalId );
830 # If we can't find this watcher, we need to bail.
831 unless ( $principal->Id ) {
832 return(0, $self->loc("Could not find or create that user"));
835 my $group = RT::Group->new($self->CurrentUser);
836 $group->LoadQueueRoleGroup(Type => $args{'Type'}, Queue => $self->Id);
837 unless ($group->id) {
838 return(0,$self->loc("Group not found"));
841 if ( $group->HasMember( $principal)) {
843 return ( 0, $self->loc('That principal is already a [_1] for this queue', $args{'Type'}) );
847 my ($m_id, $m_msg) = $group->_AddMember(PrincipalId => $principal->Id);
849 $RT::Logger->error("Failed to add ".$principal->Id." as a member of group ".$group->Id.": ".$m_msg);
851 return ( 0, $self->loc('Could not make that principal a [_1] for this queue', $args{'Type'}) );
853 return ( 1, $self->loc('Added principal as a [_1] for this queue', $args{'Type'}) );
858 # {{{ sub DeleteWatcher
860 =head2 DeleteWatcher { Type => TYPE, PrincipalId => PRINCIPAL_ID, Email => EMAIL_ADDRESS }
863 Deletes a queue watcher. Takes two arguments:
865 Type (one of Requestor,Cc,AdminCc)
869 PrincipalId (an RT::Principal Id of the watcher you want to remove)
871 Email (the email address of an existing wathcer)
880 my %args = ( Type => undef,
881 PrincipalId => undef,
885 unless ( $args{'PrincipalId'} || $args{'Email'} ) {
886 return ( 0, $self->loc("No principal specified") );
889 if ( !$args{PrincipalId} and $args{Email} ) {
890 my $user = RT::User->new( $self->CurrentUser );
891 my ($rv, $msg) = $user->LoadByEmail( $args{Email} );
892 $args{PrincipalId} = $user->PrincipalId if $rv;
895 my $principal = RT::Principal->new( $self->CurrentUser );
896 if ( $args{'PrincipalId'} ) {
897 $principal->Load( $args{'PrincipalId'} );
900 my $user = RT::User->new( $self->CurrentUser );
901 $user->LoadByEmail( $args{'Email'} );
902 $principal->Load( $user->Id );
905 # If we can't find this watcher, we need to bail.
906 unless ( $principal->Id ) {
907 return ( 0, $self->loc("Could not find that principal") );
910 my $group = RT::Group->new($self->CurrentUser);
911 $group->LoadQueueRoleGroup(Type => $args{'Type'}, Queue => $self->Id);
912 unless ($group->id) {
913 return(0,$self->loc("Group not found"));
916 my $can_modify_queue = $self->CurrentUserHasRight('ModifyQueueWatchers');
919 #If the watcher we're trying to add is for the current user
920 if ( defined $args{'PrincipalId'} and $self->CurrentUser->PrincipalId eq $args{'PrincipalId'}) {
921 # If it's an AdminCc and they don't have
922 # 'WatchAsAdminCc' or 'ModifyQueue', bail
923 if ( $args{'Type'} eq 'AdminCc' ) {
924 unless ( $can_modify_queue
925 or $self->CurrentUserHasRight('WatchAsAdminCc') ) {
926 return ( 0, $self->loc('Permission Denied'))
930 # If it's a Requestor or Cc and they don't have
931 # 'Watch' or 'ModifyQueue', bail
932 elsif ( ( $args{'Type'} eq 'Cc' ) or ( $args{'Type'} eq 'Requestor' ) ) {
933 unless ( $can_modify_queue
934 or $self->CurrentUserHasRight('Watch') ) {
935 return ( 0, $self->loc('Permission Denied'))
939 $RT::Logger->warning( "$self -> DeleteWatcher got passed a bogus type");
940 return ( 0, $self->loc('Error in parameters to Queue->DeleteWatcher') );
944 # If the watcher isn't the current user
945 # and the current user doesn't have 'ModifyQueueWathcers' bail
947 unless ( $can_modify_queue ) {
948 return ( 0, $self->loc("Permission Denied") );
955 # see if this user is already a watcher.
957 unless ( $group->HasMember($principal)) {
959 $self->loc('That principal is not a [_1] for this queue', $args{'Type'}) );
962 my ($m_id, $m_msg) = $group->_DeleteMember($principal->Id);
964 $RT::Logger->error("Failed to delete ".$principal->Id.
965 " as a member of group ".$group->Id.": ".$m_msg);
967 return ( 0, $self->loc('Could not remove that principal as a [_1] for this queue', $args{'Type'}) );
970 return ( 1, $self->loc("[_1] is no longer a [_2] for this queue.", $principal->Object->Name, $args{'Type'} ));
975 # {{{ AdminCcAddresses
977 =head2 AdminCcAddresses
979 returns String: All queue AdminCc email addresses as a string
983 sub AdminCcAddresses {
986 unless ( $self->CurrentUserHasRight('SeeQueue') ) {
990 return ( $self->AdminCc->MemberEmailAddressesAsString )
1000 returns String: All queue Ccs as a string of email addresses
1007 unless ( $self->CurrentUserHasRight('SeeQueue') ) {
1011 return ( $self->Cc->MemberEmailAddressesAsString);
1022 Returns an RT::Group object which contains this Queue's Ccs.
1023 If the user doesn't have "ShowQueue" permission, returns an empty group
1030 my $group = RT::Group->new($self->CurrentUser);
1031 if ( $self->CurrentUserHasRight('SeeQueue') ) {
1032 $group->LoadQueueRoleGroup(Type => 'Cc', Queue => $self->Id);
1045 Returns an RT::Group object which contains this Queue's AdminCcs.
1046 If the user doesn't have "ShowQueue" permission, returns an empty group
1053 my $group = RT::Group->new($self->CurrentUser);
1054 if ( $self->CurrentUserHasRight('SeeQueue') ) {
1055 $group->LoadQueueRoleGroup(Type => 'AdminCc', Queue => $self->Id);
1063 # {{{ IsWatcher, IsCc, IsAdminCc
1066 # a generic routine to be called by IsRequestor, IsCc and IsAdminCc
1068 =head2 IsWatcher { Type => TYPE, PrincipalId => PRINCIPAL_ID }
1070 Takes a param hash with the attributes Type and PrincipalId
1072 Type is one of Requestor, Cc, AdminCc and Owner
1074 PrincipalId is an RT::Principal id
1076 Returns true if that principal is a member of the group Type for this queue
1084 my %args = ( Type => 'Cc',
1085 PrincipalId => undef,
1089 # Load the relevant group.
1090 my $group = RT::Group->new($self->CurrentUser);
1091 $group->LoadQueueRoleGroup(Type => $args{'Type'}, Queue => $self->id);
1092 # Ask if it has the member in question
1094 my $principal = RT::Principal->new($self->CurrentUser);
1095 $principal->Load($args{'PrincipalId'});
1096 unless ($principal->Id) {
1100 return ($group->HasMemberRecursively($principal));
1108 =head2 IsCc PRINCIPAL_ID
1110 Takes an RT::Principal id.
1111 Returns true if the principal is a requestor of the current queue.
1120 return ( $self->IsWatcher( Type => 'Cc', PrincipalId => $cc ) );
1128 =head2 IsAdminCc PRINCIPAL_ID
1130 Takes an RT::Principal id.
1131 Returns true if the principal is a requestor of the current queue.
1139 return ( $self->IsWatcher( Type => 'AdminCc', PrincipalId => $person ) );
1154 # {{{ ACCESS CONTROL
1160 unless ( $self->CurrentUserHasRight('AdminQueue') ) {
1161 return ( 0, $self->loc('Permission Denied') );
1163 return ( $self->SUPER::_Set(@_) );
1173 unless ( $self->CurrentUserHasRight('SeeQueue') ) {
1177 return ( $self->__Value(@_) );
1182 # {{{ sub CurrentUserHasRight
1184 =head2 CurrentUserHasRight
1186 Takes one argument. A textual string with the name of the right we want to check.
1187 Returns true if the current user has that right for this queue.
1188 Returns undef otherwise.
1192 sub CurrentUserHasRight {
1198 Principal => $self->CurrentUser,
1211 Takes a param hash with the fields 'Right' and 'Principal'.
1212 Principal defaults to the current user.
1213 Returns true if the principal has that right for this queue.
1214 Returns undef otherwise.
1218 # TAKES: Right and optional "Principal" which defaults to the current user
1223 Principal => $self->CurrentUser,
1226 my $principal = delete $args{'Principal'};
1227 unless ( $principal ) {
1228 $RT::Logger->error("Principal undefined in Queue::HasRight");
1232 return $principal->HasRight(
1234 Object => ($self->Id ? $self : $RT::System),