2 # BEGIN BPS TAGGED BLOCK {{{
6 # This software is Copyright (c) 1996-2005 Best Practical Solutions, LLC
9 # (Except where explicitly superseded by other copyright notices)
14 # This work is made available to you under the terms of Version 2 of
15 # the GNU General Public License. A copy of that license should have
16 # been provided with this software, but in any event can be snarfed
19 # This work is distributed in the hope that it will be useful, but
20 # WITHOUT ANY WARRANTY; without even the implied warranty of
21 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
22 # General Public License for more details.
24 # You should have received a copy of the GNU General Public License
25 # along with this program; if not, write to the Free Software
26 # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
29 # CONTRIBUTION SUBMISSION POLICY:
31 # (The following paragraph is not intended to limit the rights granted
32 # to you to modify and distribute this software under the terms of
33 # the GNU General Public License and is only of importance to you if
34 # you choose to contribute your changes and enhancements to the
35 # community by submitting them to Best Practical Solutions, LLC.)
37 # By intentionally submitting any modifications, corrections or
38 # derivatives to this work, or any other work intended for use with
39 # Request Tracker, to Best Practical Solutions, LLC, you confirm that
40 # you are the copyright holder for those contributions and you grant
41 # Best Practical Solutions, LLC a nonexclusive, worldwide, irrevocable,
42 # royalty-free, perpetual, license to use, copy, create derivative
43 # works based on those contributions, and sublicense and distribute
44 # those contributions and any derivatives thereof.
46 # END BPS TAGGED BLOCK }}}
48 use RT::Test tests => 32;
61 # clear all global right
62 my $acl = RT::ACL->new($RT::SystemUser);
63 $acl->Limit( FIELD => 'RightName', OPERATOR => '!=', VALUE => 'SuperUser' );
64 $acl->LimitToObject( $RT::System );
65 while( my $ace = $acl->Next ) {
69 # create new queue to be sure we do not mess with rights
70 my $queue = RT::Queue->new($RT::SystemUser);
71 my ($queue_id) = $queue->Create( Name => 'watcher tests '.$$);
72 ok( $queue_id, 'queue created for watcher tests' );
74 # new privileged user to check rights
75 my $user = RT::User->new( $RT::SystemUser );
76 my ($user_id) = $user->Create( Name => 'watcher'.$$,
77 EmailAddress => "watcher$$".'@localhost',
81 my $cu= RT::CurrentUser->new($user);
83 # make sure user can see tickets in the queue
84 my $principal = $user->PrincipalObj;
85 ok( $principal, "principal loaded" );
86 $principal->GrantRight( Right => 'ShowTicket', Object => $queue );
87 $principal->GrantRight( Right => 'SeeQueue' , Object => $queue );
89 ok( $user->HasRight( Right => 'SeeQueue', Object => $queue ), "user can see queue" );
90 ok( $user->HasRight( Right => 'ShowTicket', Object => $queue ), "user can show queue tickets" );
91 ok( !$user->HasRight( Right => 'ModifyTicket', Object => $queue ), "user can't modify queue tickets" );
92 ok( !$user->HasRight( Right => 'Watch', Object => $queue ), "user can't watch queue tickets" );
94 my $ticket = RT::Ticket->new( $RT::SystemUser );
95 my ($rv, $msg) = $ticket->Create( Subject => 'watcher tests', Queue => $queue->Name );
96 ok( $ticket->id, "ticket created" );
98 my $ticket2 = RT::Ticket->new( $cu );
99 $ticket2->Load( $ticket->id );
100 ok( $ticket2->Subject, "ticket load by user" );
102 # user can add self to ticket only after getting Watch right
103 ($rv, $msg) = $ticket2->AddWatcher( Type => 'Cc', PrincipalId => $user->PrincipalId );
104 ok( !$rv, "user can't add self as Cc" );
105 ($rv, $msg) = $ticket2->AddWatcher( Type => 'Requestor', PrincipalId => $user->PrincipalId );
106 ok( !$rv, "user can't add self as Requestor" );
107 $principal->GrantRight( Right => 'Watch' , Object => $queue );
108 ok( $user->HasRight( Right => 'Watch', Object => $queue ), "user can watch queue tickets" );
109 ($rv, $msg) = $ticket2->AddWatcher( Type => 'Cc', PrincipalId => $user->PrincipalId );
110 ok( $rv, "user can add self as Cc by PrincipalId" );
111 ($rv, $msg) = $ticket2->AddWatcher( Type => 'Requestor', PrincipalId => $user->PrincipalId );
112 ok( $rv, "user can add self as Requestor by PrincipalId" );
114 # remove user and try adding with Email address
115 ($rv, $msg) = $ticket->DeleteWatcher( Type => 'Cc', PrincipalId => $user->PrincipalId );
116 ok( $rv, "watcher removed by PrincipalId" );
117 ($rv, $msg) = $ticket->DeleteWatcher( Type => 'Requestor', Email => $user->EmailAddress );
118 ok( $rv, "watcher removed by Email" );
120 ($rv, $msg) = $ticket2->AddWatcher( Type => 'Cc', Email => $user->EmailAddress );
121 ok( $rv, "user can add self as Cc by Email" );
122 ($rv, $msg) = $ticket2->AddWatcher( Type => 'Requestor', Email => $user->EmailAddress );
123 ok( $rv, "user can add self as Requestor by Email" );
125 # remove user and try adding by username
126 # This worked in 3.6 and is a regression in 3.8
127 ($rv, $msg) = $ticket->DeleteWatcher( Type => 'Cc', Email => $user->EmailAddress );
128 ok( $rv, "watcher removed by Email" );
129 ($rv, $msg) = $ticket->DeleteWatcher( Type => 'Requestor', Email => $user->EmailAddress );
130 ok( $rv, "watcher removed by Email" );
132 ($rv, $msg) = $ticket2->AddWatcher( Type => 'Cc', Email => $user->Name );
133 ok( $rv, "user can add self as Cc by username" );
134 ($rv, $msg) = $ticket2->AddWatcher( Type => 'Requestor', Email => $user->Name );
135 ok( $rv, "user can add self as Requestor by username" );
137 # Queue watcher tests
138 $principal->RevokeRight( Right => 'Watch' , Object => $queue );
139 ok( !$user->HasRight( Right => 'Watch', Object => $queue ), "user queue watch right revoked" );
141 my $queue2 = RT::Queue->new( $cu );
142 ($rv, $msg) = $queue2->Load( $queue->id );
143 ok( $rv, "user loaded queue" );
145 # user can add self to queue only after getting Watch right
146 ($rv, $msg) = $queue2->AddWatcher( Type => 'Cc', PrincipalId => $user->PrincipalId );
147 ok( !$rv, "user can't add self as Cc" );
148 ($rv, $msg) = $queue2->AddWatcher( Type => 'Requestor', PrincipalId => $user->PrincipalId );
149 ok( !$rv, "user can't add self as Requestor" );
150 $principal->GrantRight( Right => 'Watch' , Object => $queue );
151 ok( $user->HasRight( Right => 'Watch', Object => $queue ), "user can watch queue queues" );
152 ($rv, $msg) = $queue2->AddWatcher( Type => 'Cc', PrincipalId => $user->PrincipalId );
153 ok( $rv, "user can add self as Cc by PrincipalId" );
154 ($rv, $msg) = $queue2->AddWatcher( Type => 'Requestor', PrincipalId => $user->PrincipalId );
155 ok( $rv, "user can add self as Requestor by PrincipalId" );
157 # remove user and try adding with Email address
158 ($rv, $msg) = $queue->DeleteWatcher( Type => 'Cc', PrincipalId => $user->PrincipalId );
159 ok( $rv, "watcher removed by PrincipalId" );
160 ($rv, $msg) = $queue->DeleteWatcher( Type => 'Requestor', Email => $user->EmailAddress );
161 ok( $rv, "watcher removed by Email" );
163 ($rv, $msg) = $queue2->AddWatcher( Type => 'Cc', Email => $user->EmailAddress );
164 ok( $rv, "user can add self as Cc by Email" );
165 ($rv, $msg) = $queue2->AddWatcher( Type => 'Requestor', Email => $user->EmailAddress );
166 ok( $rv, "user can add self as Requestor by Email" );