2 # BEGIN BPS TAGGED BLOCK {{{
6 # This software is Copyright (c) 1996-2005 Best Practical Solutions, LLC
9 # (Except where explicitly superseded by other copyright notices)
14 # This work is made available to you under the terms of Version 2 of
15 # the GNU General Public License. A copy of that license should have
16 # been provided with this software, but in any event can be snarfed
19 # This work is distributed in the hope that it will be useful, but
20 # WITHOUT ANY WARRANTY; without even the implied warranty of
21 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
22 # General Public License for more details.
24 # You should have received a copy of the GNU General Public License
25 # along with this program; if not, write to the Free Software
26 # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
29 # CONTRIBUTION SUBMISSION POLICY:
31 # (The following paragraph is not intended to limit the rights granted
32 # to you to modify and distribute this software under the terms of
33 # the GNU General Public License and is only of importance to you if
34 # you choose to contribute your changes and enhancements to the
35 # community by submitting them to Best Practical Solutions, LLC.)
37 # By intentionally submitting any modifications, corrections or
38 # derivatives to this work, or any other work intended for use with
39 # Request Tracker, to Best Practical Solutions, LLC, you confirm that
40 # you are the copyright holder for those contributions and you grant
41 # Best Practical Solutions, LLC a nonexclusive, worldwide, irrevocable,
42 # royalty-free, perpetual, license to use, copy, create derivative
43 # works based on those contributions, and sublicense and distribute
44 # those contributions and any derivatives thereof.
46 # END BPS TAGGED BLOCK }}}
48 use RT::Test nodata => 1, tests => 32;
60 # clear all global right
61 my $acl = RT::ACL->new(RT->SystemUser);
62 $acl->Limit( FIELD => 'RightName', OPERATOR => '!=', VALUE => 'SuperUser' );
63 $acl->LimitToObject( RT->System );
64 while( my $ace = $acl->Next ) {
68 # create new queue to be sure we do not mess with rights
69 my $queue = RT::Queue->new(RT->SystemUser);
70 my ($queue_id) = $queue->Create( Name => 'watcher tests '.$$);
71 ok( $queue_id, 'queue created for watcher tests' );
73 # new privileged user to check rights
74 my $user = RT::User->new( RT->SystemUser );
75 my ($user_id) = $user->Create( Name => 'watcher'.$$,
76 EmailAddress => "watcher$$".'@localhost',
80 my $cu= RT::CurrentUser->new($user);
82 # make sure user can see tickets in the queue
83 my $principal = $user->PrincipalObj;
84 ok( $principal, "principal loaded" );
85 $principal->GrantRight( Right => 'ShowTicket', Object => $queue );
86 $principal->GrantRight( Right => 'SeeQueue' , Object => $queue );
88 ok( $user->HasRight( Right => 'SeeQueue', Object => $queue ), "user can see queue" );
89 ok( $user->HasRight( Right => 'ShowTicket', Object => $queue ), "user can show queue tickets" );
90 ok( !$user->HasRight( Right => 'ModifyTicket', Object => $queue ), "user can't modify queue tickets" );
91 ok( !$user->HasRight( Right => 'Watch', Object => $queue ), "user can't watch queue tickets" );
93 my $ticket = RT::Ticket->new( RT->SystemUser );
94 my ($rv, $msg) = $ticket->Create( Subject => 'watcher tests', Queue => $queue->Name );
95 ok( $ticket->id, "ticket created" );
97 my $ticket2 = RT::Ticket->new( $cu );
98 $ticket2->Load( $ticket->id );
99 ok( $ticket2->Subject, "ticket load by user" );
101 # user can add self to ticket only after getting Watch right
102 ($rv, $msg) = $ticket2->AddWatcher( Type => 'Cc', PrincipalId => $user->PrincipalId );
103 ok( !$rv, "user can't add self as Cc" );
104 ($rv, $msg) = $ticket2->AddWatcher( Type => 'Requestor', PrincipalId => $user->PrincipalId );
105 ok( !$rv, "user can't add self as Requestor" );
106 $principal->GrantRight( Right => 'Watch' , Object => $queue );
107 ok( $user->HasRight( Right => 'Watch', Object => $queue ), "user can watch queue tickets" );
108 ($rv, $msg) = $ticket2->AddWatcher( Type => 'Cc', PrincipalId => $user->PrincipalId );
109 ok( $rv, "user can add self as Cc by PrincipalId" );
110 ($rv, $msg) = $ticket2->AddWatcher( Type => 'Requestor', PrincipalId => $user->PrincipalId );
111 ok( $rv, "user can add self as Requestor by PrincipalId" );
113 # remove user and try adding with Email address
114 ($rv, $msg) = $ticket->DeleteWatcher( Type => 'Cc', PrincipalId => $user->PrincipalId );
115 ok( $rv, "watcher removed by PrincipalId" );
116 ($rv, $msg) = $ticket->DeleteWatcher( Type => 'Requestor', Email => $user->EmailAddress );
117 ok( $rv, "watcher removed by Email" );
119 ($rv, $msg) = $ticket2->AddWatcher( Type => 'Cc', Email => $user->EmailAddress );
120 ok( $rv, "user can add self as Cc by Email" );
121 ($rv, $msg) = $ticket2->AddWatcher( Type => 'Requestor', Email => $user->EmailAddress );
122 ok( $rv, "user can add self as Requestor by Email" );
124 # remove user and try adding by username
125 # This worked in 3.6 and is a regression in 3.8
126 ($rv, $msg) = $ticket->DeleteWatcher( Type => 'Cc', Email => $user->EmailAddress );
127 ok( $rv, "watcher removed by Email" );
128 ($rv, $msg) = $ticket->DeleteWatcher( Type => 'Requestor', Email => $user->EmailAddress );
129 ok( $rv, "watcher removed by Email" );
131 ($rv, $msg) = $ticket2->AddWatcher( Type => 'Cc', Email => $user->Name );
132 ok( $rv, "user can add self as Cc by username" );
133 ($rv, $msg) = $ticket2->AddWatcher( Type => 'Requestor', Email => $user->Name );
134 ok( $rv, "user can add self as Requestor by username" );
136 # Queue watcher tests
137 $principal->RevokeRight( Right => 'Watch' , Object => $queue );
138 ok( !$user->HasRight( Right => 'Watch', Object => $queue ), "user queue watch right revoked" );
140 my $queue2 = RT::Queue->new( $cu );
141 ($rv, $msg) = $queue2->Load( $queue->id );
142 ok( $rv, "user loaded queue" );
144 # user can add self to queue only after getting Watch right
145 ($rv, $msg) = $queue2->AddWatcher( Type => 'Cc', PrincipalId => $user->PrincipalId );
146 ok( !$rv, "user can't add self as Cc" );
147 ($rv, $msg) = $queue2->AddWatcher( Type => 'Requestor', PrincipalId => $user->PrincipalId );
148 ok( !$rv, "user can't add self as Requestor" );
149 $principal->GrantRight( Right => 'Watch' , Object => $queue );
150 ok( $user->HasRight( Right => 'Watch', Object => $queue ), "user can watch queue queues" );
151 ($rv, $msg) = $queue2->AddWatcher( Type => 'Cc', PrincipalId => $user->PrincipalId );
152 ok( $rv, "user can add self as Cc by PrincipalId" );
153 ($rv, $msg) = $queue2->AddWatcher( Type => 'Requestor', PrincipalId => $user->PrincipalId );
154 ok( $rv, "user can add self as Requestor by PrincipalId" );
156 # remove user and try adding with Email address
157 ($rv, $msg) = $queue->DeleteWatcher( Type => 'Cc', PrincipalId => $user->PrincipalId );
158 ok( $rv, "watcher removed by PrincipalId" );
159 ($rv, $msg) = $queue->DeleteWatcher( Type => 'Requestor', Email => $user->EmailAddress );
160 ok( $rv, "watcher removed by Email" );
162 ($rv, $msg) = $queue2->AddWatcher( Type => 'Cc', Email => $user->EmailAddress );
163 ok( $rv, "user can add self as Cc by Email" );
164 ($rv, $msg) = $queue2->AddWatcher( Type => 'Requestor', Email => $user->EmailAddress );
165 ok( $rv, "user can add self as Requestor by Email" );