1 use RT::Test nodata => 1, tests => 34;
13 # clear all global right
14 my $acl = RT::ACL->new(RT->SystemUser);
15 $acl->Limit( FIELD => 'RightName', OPERATOR => '!=', VALUE => 'SuperUser' );
16 $acl->LimitToObject( RT->System );
17 while( my $ace = $acl->Next ) {
21 # create new queue to be sure we do not mess with rights
22 my $queue = RT::Queue->new(RT->SystemUser);
23 my ($queue_id) = $queue->Create( Name => 'watcher tests '.$$);
24 ok( $queue_id, 'queue created for watcher tests' );
26 # new privileged user to check rights
27 my $user = RT::User->new( RT->SystemUser );
28 my ($user_id) = $user->Create(
30 EmailAddress => "watcher$$".'@localhost',
34 my $cu= RT::CurrentUser->new($user);
36 # make sure user can see tickets in the queue
37 my $principal = $user->PrincipalObj;
38 ok( $principal, "principal loaded" );
39 $principal->GrantRight( Right => 'ShowTicket', Object => $queue );
40 $principal->GrantRight( Right => 'SeeQueue' , Object => $queue );
42 ok( $user->HasRight( Right => 'SeeQueue', Object => $queue ), "user can see queue" );
43 ok( $user->HasRight( Right => 'ShowTicket', Object => $queue ), "user can show queue tickets" );
44 ok( !$user->HasRight( Right => 'ModifyTicket', Object => $queue ), "user can't modify queue tickets" );
45 ok( !$user->HasRight( Right => 'Watch', Object => $queue ), "user can't watch queue tickets" );
47 my $ticket = RT::Ticket->new( RT->SystemUser );
48 my ($rv, $msg) = $ticket->Create( Subject => 'watcher tests', Queue => $queue->Name );
49 ok( $ticket->id, "ticket created" );
51 my $ticket2 = RT::Ticket->new( $cu );
52 $ticket2->Load( $ticket->id );
53 ok( $ticket2->Subject, "ticket load by user" );
55 # user can add self to ticket only after getting Watch right
56 ($rv, $msg) = $ticket2->AddWatcher( Type => 'Cc', PrincipalId => $user->PrincipalId );
57 ok( !$rv, "user can't add self as Cc" );
58 ($rv, $msg) = $ticket2->AddWatcher( Type => 'Requestor', PrincipalId => $user->PrincipalId );
59 ok( !$rv, "user can't add self as Requestor" );
60 $principal->GrantRight( Right => 'Watch' , Object => $queue );
61 ok( $user->HasRight( Right => 'Watch', Object => $queue ), "user can watch queue tickets" );
62 ($rv, $msg) = $ticket2->AddWatcher( Type => 'Cc', PrincipalId => $user->PrincipalId );
63 ok( $rv, "user can add self as Cc by PrincipalId" );
64 ($rv, $msg) = $ticket2->AddWatcher( Type => 'Requestor', PrincipalId => $user->PrincipalId );
65 ok( $rv, "user can add self as Requestor by PrincipalId" );
67 # remove user and try adding with Email address
68 ($rv, $msg) = $ticket->DeleteWatcher( Type => 'Cc', PrincipalId => $user->PrincipalId );
69 ok( $rv, "watcher removed by PrincipalId" );
70 ($rv, $msg) = $ticket->DeleteWatcher( Type => 'Requestor', Email => $user->EmailAddress );
71 ok( $rv, "watcher removed by Email" );
73 ($rv, $msg) = $ticket2->AddWatcher( Type => 'Cc', Email => $user->EmailAddress );
74 ok( $rv, "user can add self as Cc by Email" );
75 ($rv, $msg) = $ticket2->AddWatcher( Type => 'Requestor', Email => $user->EmailAddress );
76 ok( $rv, "user can add self as Requestor by Email" );
78 # remove user and try adding by username
79 # This worked in 3.6 and is a regression in 3.8
80 ($rv, $msg) = $ticket->DeleteWatcher( Type => 'Cc', Email => $user->EmailAddress );
81 ok( $rv, "watcher removed by Email" );
82 ($rv, $msg) = $ticket->DeleteWatcher( Type => 'Requestor', Email => $user->EmailAddress );
83 ok( $rv, "watcher removed by Email" );
85 ($rv, $msg) = $ticket2->AddWatcher( Type => 'Cc', Email => $user->Name );
86 ok( $rv, "user can add self as Cc by username" );
87 ($rv, $msg) = $ticket2->AddWatcher( Type => 'Requestor', Email => $user->Name );
88 ok( $rv, "user can add self as Requestor by username" );
90 # Add an email address with a phrase
91 ($rv, $msg) = $ticket->AddWatcher( Type => 'Cc', Email => q["Foo Bar" <foo@example.com>] );
92 ok $rv, "Added email address with phrase" or diag $msg;
94 my $foo = RT::Test->load_or_create_user( EmailAddress => 'foo@example.com' );
95 is $foo->RealName, "Foo Bar", "RealName matches";
98 $principal->RevokeRight( Right => 'Watch' , Object => $queue );
99 ok( !$user->HasRight( Right => 'Watch', Object => $queue ), "user queue watch right revoked" );
101 my $queue2 = RT::Queue->new( $cu );
102 ($rv, $msg) = $queue2->Load( $queue->id );
103 ok( $rv, "user loaded queue" );
105 # user can add self to queue only after getting Watch right
106 ($rv, $msg) = $queue2->AddWatcher( Type => 'Cc', PrincipalId => $user->PrincipalId );
107 ok( !$rv, "user can't add self as Cc" );
108 ($rv, $msg) = $queue2->AddWatcher( Type => 'Requestor', PrincipalId => $user->PrincipalId );
109 ok( !$rv, "user can't add self as Requestor" );
110 $principal->GrantRight( Right => 'Watch' , Object => $queue );
111 ok( $user->HasRight( Right => 'Watch', Object => $queue ), "user can watch queue queues" );
112 ($rv, $msg) = $queue2->AddWatcher( Type => 'Cc', PrincipalId => $user->PrincipalId );
113 ok( $rv, "user can add self as Cc by PrincipalId" );
114 ($rv, $msg) = $queue2->AddWatcher( Type => 'Requestor', PrincipalId => $user->PrincipalId );
115 ok( $rv, "user can add self as Requestor by PrincipalId" );
117 # remove user and try adding with Email address
118 ($rv, $msg) = $queue->DeleteWatcher( Type => 'Cc', PrincipalId => $user->PrincipalId );
119 ok( $rv, "watcher removed by PrincipalId" );
120 ($rv, $msg) = $queue->DeleteWatcher( Type => 'Requestor', Email => $user->EmailAddress );
121 ok( $rv, "watcher removed by Email" );
123 ($rv, $msg) = $queue2->AddWatcher( Type => 'Cc', Email => $user->EmailAddress );
124 ok( $rv, "user can add self as Cc by Email" );
125 ($rv, $msg) = $queue2->AddWatcher( Type => 'Requestor', Email => $user->EmailAddress );
126 ok( $rv, "user can add self as Requestor by Email" );