-# BEGIN LICENSE BLOCK
-#
-# Copyright (c) 1996-2003 Jesse Vincent <jesse@bestpractical.com>
-#
-# (Except where explictly superceded by other copyright notices)
-#
-# This work is made available to you under the terms of Version 2 of
-# the GNU General Public License. A copy of that license should have
-# been provided with this software, but in any event can be snarfed
-# from www.gnu.org.
-#
-# This work is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# General Public License for more details.
-#
-# Unless otherwise specified, all modifications, corrections or
-# extensions to this work which alter its source code become the
-# property of Best Practical Solutions, LLC when submitted for
-# inclusion in the work.
-#
-#
-# END LICENSE BLOCK
-# Autogenerated by DBIx::SearchBuilder factory (by <jesse@bestpractical.com>)
-# WARNING: THIS FILE IS AUTOGENERATED. ALL CHANGES TO THIS FILE WILL BE LOST.
-#
-# !! DO NOT EDIT THIS FILE !!
-#
-
-use strict;
-
+# $Header: /home/cvs/cvsroot/freeside/rt/lib/RT/ACL.pm,v 1.1 2002-08-12 06:17:07 ivan Exp $
+# Distributed under the terms of the GNU GPL
+# Copyright (c) 2000 Jesse Vincent <jesse@fsck.com>
=head1 NAME
- RT::ACL -- Class Description
-
+ RT::ACL - collection of RT ACE objects
+
=head1 SYNOPSIS
- use RT::ACL
+ use RT::ACL;
+my $ACL = new RT::ACL($CurrentUser);
=head1 DESCRIPTION
=head1 METHODS
+=begin testing
+
+ok(require RT::TestHarness);
+ok(require RT::ACL);
+
+=end testing
+
=cut
package RT::ACL;
-
-use RT::SearchBuilder;
+use RT::EasySearch;
use RT::ACE;
+@ISA= qw(RT::EasySearch);
+
+# {{{ sub _Init
+sub _Init {
+ my $self = shift;
+ $self->{'table'} = "ACL";
+ $self->{'primary_key'} = "id";
+ return ( $self->SUPER::_Init(@_));
+
+}
+# }}}
+
+# {{{ sub NewItem
+sub NewItem {
+ my $self = shift;
+ return(RT::ACE->new($self->CurrentUser));
+}
+# }}}
+
+=head2 Next
-use vars qw( @ISA );
-@ISA= qw(RT::SearchBuilder);
+Hand out the next ACE that was found
+=cut
-sub _Init {
+# {{{ sub Next
+sub Next {
my $self = shift;
- $self->{'table'} = 'ACL';
- $self->{'primary_key'} = 'id';
+
+ my $ACE = $self->SUPER::Next();
+ if ((defined($ACE)) and (ref($ACE))) {
+
+ if ( $ACE->CurrentUserHasRight('ShowACL') or
+ $ACE->CurrentUserHasRight('ModifyACL')
+ ) {
+ return($ACE);
+ }
+
+ #If the user doesn't have the right to show this ACE
+ else {
+ return($self->Next());
+ }
+ }
+ #if there never was any ACE
+ else {
+ return(undef);
+ }
+
+}
+# }}}
- return ( $self->SUPER::_Init(@_) );
-}
+=head1 Limit the ACL to a specific scope
+
+There are two real scopes right now:
+
+=item Queue is for rights that apply to a single queue
+
+=item System is for rights that apply to the System (rights that aren't queue related)
-=item NewItem
-Returns an empty new RT::ACE item
+=head2 LimitToQueue
+
+Takes a single queueid as its argument.
+
+Limit the ACL to just a given queue when supplied with an integer queue id.
=cut
-sub NewItem {
+sub LimitToQueue {
my $self = shift;
- return(RT::ACE->new($self->CurrentUser));
+ my $queue = shift;
+
+
+
+ $self->Limit( FIELD =>'RightScope',
+ ENTRYAGGREGATOR => 'OR',
+ VALUE => 'Queue');
+ $self->Limit( FIELD =>'RightScope',
+ ENTRYAGGREGATOR => 'OR',
+ VALUE => 'Ticket');
+
+ $self->Limit(ENTRYAGGREGATOR => 'OR',
+ FIELD => 'RightAppliesTo',
+ VALUE => $queue );
+
+}
+
+
+=head2 LimitToSystem()
+
+Limit the ACL to system rights
+
+=cut
+
+sub LimitToSystem {
+ my $self = shift;
+
+ $self->Limit( FIELD =>'RightScope',
+ VALUE => 'System');
+}
+
+
+=head2 LimitRightTo
+
+Takes a single RightName as its only argument.
+Limits the search to the right $right.
+$right is a right listed in perldoc RT::ACE
+
+=cut
+
+sub LimitRightTo {
+ my $self = shift;
+ my $right = shift;
+
+ $self->Limit(ENTRYAGGREGATOR => 'OR',
+ FIELD => 'RightName',
+ VALUE => $right );
+
+}
+
+=head1 Limit to a specifc set of principals
+
+=head2 LimitPrincipalToUser
+
+Takes a single userid as its only argument.
+Limit the ACL to a just a specific user.
+
+=cut
+
+sub LimitPrincipalToUser {
+ my $self = shift;
+ my $user = shift;
+
+ $self->Limit(ENTRYAGGREGATOR => 'OR',
+ FIELD => 'PrincipalType',
+ VALUE => 'User' );
+
+ $self->Limit(ENTRYAGGREGATOR => 'OR',
+ FIELD => 'PrincipalId',
+ VALUE => $user );
+
+}
+
+
+=head2 LimitPrincipalToGroup
+
+Takes a single group as its only argument.
+Limit the ACL to just a specific group.
+
+=cut
+
+sub LimitPrincipalToGroup {
+ my $self = shift;
+ my $group = shift;
+
+ $self->Limit(ENTRYAGGREGATOR => 'OR',
+ FIELD => 'PrincipalType',
+ VALUE => 'Group' );
+
+ $self->Limit(ENTRYAGGREGATOR => 'OR',
+ FIELD => 'PrincipalId',
+ VALUE => $group );
+
+}
+
+=head2 LimitPrincipalToType($type)
+
+Takes a single argument, $type.
+Limit the ACL to just a specific principal type
+
+$type is one of:
+ TicketOwner
+ TicketRequestor
+ TicketCc
+ TicketAdminCc
+ Everyone
+ User
+ Group
+
+=cut
+
+sub LimitPrincipalToType {
+ my $self=shift;
+ my $type=shift;
+ $self->Limit(ENTRYAGGREGATOR => 'OR',
+ FIELD => 'PrincipalType',
+ VALUE => $type );
}
- eval "require RT::ACL_Overlay";
- if ($@ && $@ !~ qr{^Can't locate RT/ACL_Overlay.pm}) {
- die $@;
- };
- eval "require RT::ACL_Vendor";
- if ($@ && $@ !~ qr{^Can't locate RT/ACL_Vendor.pm}) {
- die $@;
- };
+=head2 LimitPrincipalToId
- eval "require RT::ACL_Local";
- if ($@ && $@ !~ qr{^Can't locate RT/ACL_Local.pm}) {
- die $@;
- };
+Takes a single argument, the numeric Id of the principal to limit this ACL to. Repeated calls to this
+function will broaden the scope of the search to include all principals listed.
+
+=cut
+
+sub LimitPrincipalToId {
+ my $self = shift;
+ my $id = shift;
+
+ if ($id =~ /^\d+$/) {
+ $self->Limit(ENTRYAGGREGATOR => 'OR',
+ FIELD => 'PrincipalId',
+ VALUE => $id );
+ }
+ else {
+ $RT::Logger->warn($self."->LimitPrincipalToId called with '$id' as an id");
+ return undef;
+ }
+}
+#wrap around _DoSearch so that we can build the hash of returned
+#values
+sub _DoSearch {
+ my $self = shift;
+ # $RT::Logger->debug("Now in ".$self."->_DoSearch");
+ my $return = $self->SUPER::_DoSearch(@_);
+ # $RT::Logger->debug("In $self ->_DoSearch. return from SUPER::_DoSearch was $return\n");
+ $self->_BuildHash();
+ return ($return);
+}
-=head1 SEE ALSO
+#Build a hash of this ACL's entries.
+sub _BuildHash {
+ my $self = shift;
-This class allows "overlay" methods to be placed
-into the following files _Overlay is for a System overlay by the original author,
-_Vendor is for 3rd-party vendor add-ons, while _Local is for site-local customizations.
+ while (my $entry = $self->Next) {
+ my $hashkey = $entry->RightScope . "-" .
+ $entry->RightAppliesTo . "-" .
+ $entry->RightName . "-" .
+ $entry->PrincipalId . "-" .
+ $entry->PrincipalType;
-These overlay files can contain new subs or subs to replace existing subs in this module.
+ $self->{'as_hash'}->{"$hashkey"} =1;
-If you'll be working with perl 5.6.0 or greater, each of these files should begin with the line
+ }
+}
- no warnings qw(redefine);
-so that perl does not kick and scream when you redefine a subroutine or variable in your overlay.
+# {{{ HasEntry
-RT::ACL_Overlay, RT::ACL_Vendor, RT::ACL_Local
+=head2 HasEntry
=cut
+sub HasEntry {
+
+ my $self = shift;
+ my %args = ( RightScope => undef,
+ RightAppliesTo => undef,
+ RightName => undef,
+ PrincipalId => undef,
+ PrincipalType => undef,
+ @_ );
+
+ #if we haven't done the search yet, do it now.
+ $self->_DoSearch();
+
+ if ($self->{'as_hash'}->{ $args{'RightScope'} . "-" .
+ $args{'RightAppliesTo'} . "-" .
+ $args{'RightName'} . "-" .
+ $args{'PrincipalId'} . "-" .
+ $args{'PrincipalType'}
+ } == 1) {
+ return(1);
+ }
+ else {
+ return(undef);
+ }
+}
+# }}}
1;
projects / freeside.git / blobdiff