-# BEGIN LICENSE BLOCK
-#
-# Copyright (c) 1996-2003 Jesse Vincent <jesse@bestpractical.com>
-#
-# (Except where explictly superceded by other copyright notices)
-#
+# BEGIN BPS TAGGED BLOCK {{{
+#
+# COPYRIGHT:
+#
+# This software is Copyright (c) 1996-2011 Best Practical Solutions, LLC
+# <sales@bestpractical.com>
+#
+# (Except where explicitly superseded by other copyright notices)
+#
+#
+# LICENSE:
+#
# This work is made available to you under the terms of Version 2 of
# the GNU General Public License. A copy of that license should have
# been provided with this software, but in any event can be snarfed
# from www.gnu.org.
-#
+#
# This work is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
-#
-# Unless otherwise specified, all modifications, corrections or
-# extensions to this work which alter its source code become the
-# property of Best Practical Solutions, LLC when submitted for
-# inclusion in the work.
-#
-#
-# END LICENSE BLOCK
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+# 02110-1301 or visit their web page on the internet at
+# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html.
+#
+#
+# CONTRIBUTION SUBMISSION POLICY:
+#
+# (The following paragraph is not intended to limit the rights granted
+# to you to modify and distribute this software under the terms of
+# the GNU General Public License and is only of importance to you if
+# you choose to contribute your changes and enhancements to the
+# community by submitting them to Best Practical Solutions, LLC.)
+#
+# By intentionally submitting any modifications, corrections or
+# derivatives to this work, or any other work intended for use with
+# Request Tracker, to Best Practical Solutions, LLC, you confirm that
+# you are the copyright holder for those contributions and you grant
+# Best Practical Solutions, LLC a nonexclusive, worldwide, irrevocable,
+# royalty-free, perpetual, license to use, copy, create derivative
+# works based on those contributions, and sublicense and distribute
+# those contributions and any derivatives thereof.
+#
+# END BPS TAGGED BLOCK }}}
+
=head1 NAME
RT::ACL - collection of RT ACE objects
=head1 METHODS
-=begin testing
-ok(require RT::ACL);
+=cut
-=end testing
-=cut
+package RT::ACL;
use strict;
no warnings qw(redefine);
sub LimitToObject {
my $self = shift;
- my $obj = shift;
- unless (defined($obj) && ref($obj) && UNIVERSAL::can($obj, 'id')) {
- return undef;
+ my $obj = shift;
+ unless ( defined($obj)
+ && ref($obj)
+ && UNIVERSAL::can( $obj, 'id' )
+ && $obj->id )
+ {
+ return undef;
}
- $self->Limit(FIELD => 'ObjectType', OPERATOR=> '=', VALUE => ref($obj), ENTRYAGGREGATOR => 'OR');
- $self->Limit(FIELD => 'ObjectId', OPERATOR=> '=', VALUE => $obj->id, ENTRYAGGREGATOR => 'OR', QUOTEVALUE => 0);
+ $self->Limit(
+ FIELD => 'ObjectType',
+ OPERATOR => '=',
+ VALUE => ref($obj),
+ ENTRYAGGREGATOR => 'OR'
+ );
+ $self->Limit(
+ FIELD => 'ObjectId',
+ OPERATOR => '=',
+ VALUE => $obj->id,
+ ENTRYAGGREGATOR => 'OR',
+ QUOTEVALUE => 0
+ );
+
+}
+# }}}
+
+# {{{ LimitNotObject
+
+=head2 LimitNotObject $object
+
+Limit the ACL to rights NOT on the object $object. $object needs to be
+an RT::Record class.
+
+=cut
+
+sub LimitNotObject {
+ my $self = shift;
+ my $obj = shift;
+ unless ( defined($obj)
+ && ref($obj)
+ && UNIVERSAL::can( $obj, 'id' )
+ && $obj->id )
+ {
+ return undef;
+ }
+ $self->Limit( FIELD => 'ObjectType',
+ OPERATOR => '!=',
+ VALUE => ref($obj),
+ ENTRYAGGREGATOR => 'OR',
+ SUBCLAUSE => $obj->id
+ );
+ $self->Limit( FIELD => 'ObjectId',
+ OPERATOR => '!=',
+ VALUE => $obj->id,
+ ENTRYAGGREGATOR => 'OR',
+ QUOTEVALUE => 0,
+ SUBCLAUSE => $obj->id
+ );
}
# }}}
# lead me to start to suspect that we really want users and groups
# to just be the same table. or _maybe_ that we want an object db.
my $princ = RT::Principal->new($RT::SystemUser);
- $princ->Load($args{'PrincipalId'});
+ $princ->Load($args{'Id'});
if ($princ->PrincipalType eq 'User') {
my $group = RT::Group->new($RT::SystemUser);
$group->LoadACLEquivalenceGroup($princ);
- $args{'PrincipalId'} = $group->PrincipalId;
+ $args{'Id'} = $group->PrincipalId;
}
$self->Limit( FIELD => 'PrincipalId',
OPERATOR => '=',
my $self = shift;
# $RT::Logger->debug("Now in ".$self."->_DoSearch");
my $return = $self->SUPER::_DoSearch(@_);
- # $RT::Logger->debug("In $self ->_DoSearch. return from SUPER::_DoSearch was $return\n");
- $self->_BuildHash();
+ # $RT::Logger->debug("In $self ->_DoSearch. return from SUPER::_DoSearch was $return");
+ if ( $self->{'must_redo_search'} ) {
+ $RT::Logger->crit(
+"_DoSearch is not so successful as it still needs redo search, won't call _BuildHash"
+ );
+ }
+ else {
+ $self->_BuildHash();
+ }
return ($return);
}
my $self = shift;
while (my $entry = $self->Next) {
- my $hashkey = $entry->ObjectType . "-" . $entry->ObjectId . "-" . $entry->RightName . "-" . $entry->PrincipalId . "-" . $entry->PrincipalType;
+ my $hashkey = join '-', map $entry->__Value( $_ ),
+ qw(ObjectType ObjectId RightName PrincipalId PrincipalType);
$self->{'as_hash'}->{"$hashkey"} =1;
projects / freeside.git / blobdiff