2 # BEGIN BPS TAGGED BLOCK {{{
6 # This software is Copyright (c) 1996-2007 Best Practical Solutions, LLC
9 # (Except where explicitly superseded by other copyright notices)
14 # This work is made available to you under the terms of Version 2 of
15 # the GNU General Public License. A copy of that license should have
16 # been provided with this software, but in any event can be snarfed
19 # This work is distributed in the hope that it will be useful, but
20 # WITHOUT ANY WARRANTY; without even the implied warranty of
21 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
22 # General Public License for more details.
24 # You should have received a copy of the GNU General Public License
25 # along with this program; if not, write to the Free Software
26 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
27 # 02110-1301 or visit their web page on the internet at
28 # http://www.gnu.org/copyleft/gpl.html.
31 # CONTRIBUTION SUBMISSION POLICY:
33 # (The following paragraph is not intended to limit the rights granted
34 # to you to modify and distribute this software under the terms of
35 # the GNU General Public License and is only of importance to you if
36 # you choose to contribute your changes and enhancements to the
37 # community by submitting them to Best Practical Solutions, LLC.)
39 # By intentionally submitting any modifications, corrections or
40 # derivatives to this work, or any other work intended for use with
41 # Request Tracker, to Best Practical Solutions, LLC, you confirm that
42 # you are the copyright holder for those contributions and you grant
43 # Best Practical Solutions, LLC a nonexclusive, worldwide, irrevocable,
44 # royalty-free, perpetual, license to use, copy, create derivative
45 # works based on those contributions, and sublicense and distribute
46 # those contributions and any derivatives thereof.
48 # END BPS TAGGED BLOCK }}}
50 use RT::Test tests => 30;
55 # clear all global right
57 my $acl = RT::ACL->new($RT::SystemUser);
58 $acl->Limit( FIELD => 'RightName', OPERATOR => '!=', VALUE => 'SuperUser' );
59 $acl->LimitToObject( $RT::System );
60 while( my $ace = $acl->Next ) {
65 my $queue = RT::Test->load_or_create_queue( Name => 'Regression' );
66 ok $queue && $queue->id, 'loaded or created queue';
67 my $qname = $queue->Name;
69 my $user = RT::Test->load_or_create_user(
70 Name => 'user', Password => 'password',
72 ok $user && $user->id, 'loaded or created user';
75 ok( !$user->HasRight( Right => 'OwnTicket', Object => $queue ),
76 "user can't own ticket"
78 ok( !$user->HasRight( Right => 'ReplyToTicket', Object => $queue ),
79 "user can't reply to ticket"
84 my $group = RT::Group->new( $RT::SystemUser );
85 ok( $group->LoadQueueRoleGroup( Queue => $queue->id, Type=> 'Owner' ),
86 "load queue owners role group"
88 my $ace = RT::ACE->new( $RT::SystemUser );
89 my ($ace_id, $msg) = $group->PrincipalObj->GrantRight(
90 Right => 'ReplyToTicket', Object => $queue
92 ok( $ace_id, "Granted queue owners role group with ReplyToTicket right: $msg" );
93 ok( $group->PrincipalObj->HasRight( Right => 'ReplyToTicket', Object => $queue ),
94 "role group can reply to ticket"
96 ok( !$user->HasRight( Right => 'ReplyToTicket', Object => $queue ),
97 "user can't reply to ticket"
104 $ticket = RT::Ticket->new($RT::SystemUser);
105 my ($ticket_id) = $ticket->Create( Queue => $queue->id, Subject => 'test');
106 ok( $ticket_id, 'new ticket created' );
107 is( $ticket->Owner, $RT::Nobody->Id, 'owner of the new ticket is nobody' );
109 ok( !$user->HasRight( Right => 'OwnTicket', Object => $ticket ),
110 "user can't reply to ticket"
112 my ($status, $msg) = $ticket->SetOwner( $user->id );
113 ok( !$status, "no permissions to be an owner" );
117 my ($status, $msg) = $user->PrincipalObj->GrantRight(
118 Object => $queue, Right => 'OwnTicket'
120 ok( $status, "successfuly granted right: $msg" );
121 ok( $user->HasRight( Right => 'OwnTicket', Object => $queue ),
122 "user can own ticket"
124 ok( $user->HasRight( Right => 'OwnTicket', Object => $ticket ),
125 "user can own ticket"
128 ($status, $msg) = $ticket->SetOwner( $user->id );
129 ok( $status, "successfuly set owner: $msg" );
130 is( $ticket->Owner, $user->id, "set correct owner" );
132 ok( $user->HasRight( Right => 'ReplyToTicket', Object => $ticket ),
133 "user is owner and can reply to ticket"
138 # Testing of EquivObjects
139 my $group = RT::Group->new( $RT::SystemUser );
140 ok( $group->LoadQueueRoleGroup( Queue => $queue->id, Type=> 'AdminCc' ),
141 "load queue AdminCc role group"
143 my $ace = RT::ACE->new( $RT::SystemUser );
144 my ($ace_id, $msg) = $group->PrincipalObj->GrantRight(
145 Right => 'ModifyTicket', Object => $queue
147 ok( $ace_id, "Granted queue AdminCc role group with ModifyTicket right: $msg" );
148 ok( $group->PrincipalObj->HasRight( Right => 'ModifyTicket', Object => $queue ),
149 "role group can modify ticket"
151 ok( !$user->HasRight( Right => 'ModifyTicket', Object => $ticket ),
152 "user is not AdminCc and can't modify ticket"
157 my ($status, $msg) = $ticket->AddWatcher(
158 Type => 'AdminCc', PrincipalId => $user->PrincipalId
160 ok( $status, "successfuly added user as AdminCc");
161 ok( $user->HasRight( Right => 'ModifyTicket', Object => $ticket ),
162 "user is AdminCc and can modify ticket"
168 $ticket2 = RT::Ticket->new($RT::SystemUser);
169 my ($id) = $ticket2->Create( Queue => $queue->id, Subject => 'test2');
170 ok( $id, 'new ticket created' );
171 ok( !$user->HasRight( Right => 'ModifyTicket', Object => $ticket2 ),
172 "user is not AdminCc and can't modify ticket2"
175 # now we can finally test EquivObjectsa
176 my $has = $user->HasRight(
177 Right => 'ModifyTicket',
179 EquivObjects => [$ticket],
181 ok( $has, "user is not AdminCc but can modify ticket2 because of EquivObjects" );
185 # the first a third test below are the same, so they should both pass
186 # make sure passed equive list is not changed
188 ok( !$user->HasRight( Right => 'ModifyTicket', Object => $ticket2, EquivObjects => \@list ),
189 "user is not AdminCc and can't modify ticket2"
191 ok( $user->HasRight( Right => 'ModifyTicket', Object => $ticket, EquivObjects => \@list ),
192 "user is AdminCc and can modify ticket"
194 ok( !$user->HasRight( Right => 'ModifyTicket', Object => $ticket2, EquivObjects => \@list ),
195 "user is not AdminCc and can't modify ticket2 (same question different answer)"