1 %# BEGIN BPS TAGGED BLOCK {{{
5 %# This software is Copyright (c) 1996-2011 Best Practical Solutions, LLC
6 %# <sales@bestpractical.com>
8 %# (Except where explicitly superseded by other copyright notices)
13 %# This work is made available to you under the terms of Version 2 of
14 %# the GNU General Public License. A copy of that license should have
15 %# been provided with this software, but in any event can be snarfed
18 %# This work is distributed in the hope that it will be useful, but
19 %# WITHOUT ANY WARRANTY; without even the implied warranty of
20 %# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 %# General Public License for more details.
23 %# You should have received a copy of the GNU General Public License
24 %# along with this program; if not, write to the Free Software
25 %# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
26 %# 02110-1301 or visit their web page on the internet at
27 %# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html.
30 %# CONTRIBUTION SUBMISSION POLICY:
32 %# (The following paragraph is not intended to limit the rights granted
33 %# to you to modify and distribute this software under the terms of
34 %# the GNU General Public License and is only of importance to you if
35 %# you choose to contribute your changes and enhancements to the
36 %# community by submitting them to Best Practical Solutions, LLC.)
38 %# By intentionally submitting any modifications, corrections or
39 %# derivatives to this work, or any other work intended for use with
40 %# Request Tracker, to Best Practical Solutions, LLC, you confirm that
41 %# you are the copyright holder for those contributions and you grant
42 %# Best Practical Solutions, LLC a nonexclusive, worldwide, irrevocable,
43 %# royalty-free, perpetual, license to use, copy, create derivative
44 %# works based on those contributions, and sublicense and distribute
45 %# those contributions and any derivatives thereof.
47 %# END BPS TAGGED BLOCK }}}
48 <input type="hidden" class="hidden" name="CheckACL" value="<%$ACLDesc%>" />
51 <td valign="top" width="180" align="left">
55 while ( my $ace = $ACLObj->Next ) {
56 my $right = $ace->RightName;
57 $current_rights{ $right } = 1;
58 push @pairs, [$right, loc($right)];
60 @pairs = sort { $a->[1] cmp $b->[1] } @pairs;
62 <h3><&|/l&>Current rights</&></h3>
64 <i><&|/l&>No rights granted.</&></i> <br />
66 <i>(<&|/l&>Check box to revoke right</&>)</i><br />
67 % foreach my $pair ( @pairs ) {
68 <input type="checkbox" class="checkbox" value="<% $pair->[0] %>" name="RevokeRight-<% $ACLDesc %>" /> <% $pair->[1] %><br />
72 <h3><&|/l&>New rights</&></h3>
73 <select size="5" multiple="multiple" name="GrantRight-<%$ACLDesc%>">
74 % foreach my $pair (sort { $a->[1] cmp $b->[1] } map [$_, loc($_)], grep !$current_rights{$_}, keys %Rights) {
75 <option value="<% $pair->[0] %>" title="<% loc($Rights{$pair->[0]}) %>"><% $pair->[1] %></option>
77 <option value="" selected="selected"><&|/l&>(no value)</&></option>
83 my ($ACLDesc, $AppliesTo, %Rights);
85 # if the principal id points to a user, we really want to point
86 # to their ACL equivalence group. The machinations we're going through
87 # lead me to start to suspect that we really want users and groups
88 # to just be the same table. or _maybe_ that we want an object db.
89 my $princ = RT::Principal->new($RT::SystemUser);
90 $princ->Load($PrincipalId);
91 if ($princ->PrincipalType eq 'User') {
92 my $group = RT::Group->new($RT::SystemUser);
93 $group->LoadACLEquivalenceGroup($princ);
94 $PrincipalId = $group->PrincipalId;
98 my $ACLObj = new RT::ACL($session{'CurrentUser'});
99 my $ACE = new RT::ACE($session{'CurrentUser'});
102 $ACLObj->LimitToObject( $Object);
103 $ACLObj->LimitToPrincipal( Id => $PrincipalId);
104 $ACLObj->OrderBy(FIELD=>'RightName');
106 if (ref($Object) && UNIVERSAL::can($Object, 'AvailableRights')) {
107 %Rights = %{$Object->AvailableRights};
111 %Rights = ( loc('System Error') => loc("No rights found") );
114 $ACLDesc = "$PrincipalId-".ref($Object)."-".$Object->Id;
118 $PrincipalType => undef
119 $PrincipalId => undef