X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=rt%2Flib%2FRT%2FDashboard.pm;h=7f76853d956ee3deb288a0f161e2a03e97e4019f;hb=352c40dffca003ef8212333ab22d14faaf8830ce;hp=c0531c464215caa69d1d236212f5a43bfbd55114;hpb=63a268637b2d51a8766412617724b9436439deb6;p=freeside.git diff --git a/rt/lib/RT/Dashboard.pm b/rt/lib/RT/Dashboard.pm index c0531c464..7f76853d9 100644 --- a/rt/lib/RT/Dashboard.pm +++ b/rt/lib/RT/Dashboard.pm @@ -1,40 +1,40 @@ # BEGIN BPS TAGGED BLOCK {{{ -# +# # COPYRIGHT: -# -# This software is Copyright (c) 1996-2009 Best Practical Solutions, LLC -# -# +# +# This software is Copyright (c) 1996-2017 Best Practical Solutions, LLC +# +# # (Except where explicitly superseded by other copyright notices) -# -# +# +# # LICENSE: -# +# # This work is made available to you under the terms of Version 2 of # the GNU General Public License. A copy of that license should have # been provided with this software, but in any event can be snarfed # from www.gnu.org. -# +# # This work is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # General Public License for more details. -# +# # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA # 02110-1301 or visit their web page on the internet at # http://www.gnu.org/licenses/old-licenses/gpl-2.0.html. -# -# +# +# # CONTRIBUTION SUBMISSION POLICY: -# +# # (The following paragraph is not intended to limit the rights granted # to you to modify and distribute this software under the terms of # the GNU General Public License and is only of importance to you if # you choose to contribute your changes and enhancements to the # community by submitting them to Best Practical Solutions, LLC.) -# +# # By intentionally submitting any modifications, corrections or # derivatives to this work, or any other work intended for use with # Request Tracker, to Best Practical Solutions, LLC, you confirm that @@ -43,7 +43,7 @@ # royalty-free, perpetual, license to use, copy, create derivative # works based on those contributions, and sublicense and distribute # those contributions and any derivatives thereof. -# +# # END BPS TAGGED BLOCK }}} =head1 NAME @@ -67,26 +67,25 @@ package RT::Dashboard; -use RT::SavedSearch; - use strict; use warnings; + use base qw/RT::SharedSetting/; +use RT::SavedSearch; + use RT::System; -RT::System::AddRights( - SubscribeDashboard => 'Subscribe to dashboards', #loc_pair +'RT::System'->AddRight( Staff => SubscribeDashboard => 'Subscribe to dashboards'); # loc - SeeDashboard => 'View system dashboards', #loc_pair - CreateDashboard => 'Create system dashboards', #loc_pair - ModifyDashboard => 'Modify system dashboards', #loc_pair - DeleteDashboard => 'Delete system dashboards', #loc_pair +'RT::System'->AddRight( General => SeeDashboard => 'View system dashboards'); # loc +'RT::System'->AddRight( Admin => CreateDashboard => 'Create system dashboards'); # loc +'RT::System'->AddRight( Admin => ModifyDashboard => 'Modify system dashboards'); # loc +'RT::System'->AddRight( Admin => DeleteDashboard => 'Delete system dashboards'); # loc - SeeOwnDashboard => 'View personal dashboards', #loc_pair - CreateOwnDashboard => 'Create personal dashboards', #loc_pair - ModifyOwnDashboard => 'Modify personal dashboards', #loc_pair - DeleteOwnDashboard => 'Delete personal dashboards', #loc_pair -); +'RT::System'->AddRight( Staff => SeeOwnDashboard => 'View personal dashboards'); # loc +'RT::System'->AddRight( Staff => CreateOwnDashboard => 'Create personal dashboards'); # loc +'RT::System'->AddRight( Staff => ModifyOwnDashboard => 'Modify personal dashboards'); # loc +'RT::System'->AddRight( Staff => DeleteOwnDashboard => 'Delete personal dashboards'); # loc =head2 ObjectName @@ -95,7 +94,7 @@ An object of this class is called "dashboard" =cut -sub ObjectName { "dashboard" } +sub ObjectName { "dashboard" } # loc sub SaveAttribute { my $self = shift; @@ -142,6 +141,19 @@ sub UpdateAttribute { return ($status, $msg); } +=head2 PostLoadValidate + +Ensure that the ID corresponds to an actual dashboard object, since it's all +attributes under the hood. + +=cut + +sub PostLoadValidate { + my $self = shift; + return (0, "Invalid object type") unless $self->{'Attribute'}->Name eq 'Dashboard'; + return 1; +} + =head2 Panes Returns a hashref of pane name to portlets @@ -230,44 +242,23 @@ sub PossibleHiddenSearches { } # _PrivacyObjects: returns a list of objects that can be used to load -# dashboards from. If the Modify parameter is true, then check modify rights. -# If the Create parameter is true, then check create rights. Otherwise, check -# read rights. +# dashboards from. You probably want to use the wrapper methods like +# ObjectsForLoading, ObjectsForCreating, etc. sub _PrivacyObjects { my $self = shift; - my %args = @_; - my $CurrentUser = $self->CurrentUser; my @objects; - my $prefix = $args{Modify} ? "Modify" - : $args{Create} ? "Create" - : "See"; - - push @objects, $CurrentUser->UserObj - if $self->CurrentUser->HasRight( - Right => "${prefix}OwnDashboard", - Object => $RT::System, - ); + my $CurrentUser = $self->CurrentUser; + push @objects, $CurrentUser->UserObj; my $groups = RT::Groups->new($CurrentUser); $groups->LimitToUserDefinedGroups; - $groups->WithMember( PrincipalId => $CurrentUser->Id, - Recursively => 1 ); + $groups->WithCurrentUser; + push @objects, @{ $groups->ItemsArrayRef }; - push @objects, grep { - $self->CurrentUser->HasRight( - Right => "${prefix}GroupDashboard", - Object => $_, - ) - } @{ $groups->ItemsArrayRef }; - - push @objects, RT::System->new($CurrentUser) - if $CurrentUser->HasRight( - Right => "${prefix}Dashboard", - Object => $RT::System, - ); + push @objects, RT::System->new($CurrentUser); return @objects; } @@ -350,9 +341,130 @@ sub CurrentUserCanSubscribe { $self->_CurrentUserCan($privacy, FullRight => 'SubscribeDashboard'); } -eval "require RT::Dashboard_Vendor"; -die $@ if ($@ && $@ !~ qr{^Can't locate RT/Dashboard_Vendor.pm}); -eval "require RT::Dashboard_Local"; -die $@ if ($@ && $@ !~ qr{^Can't locate RT/Dashboard_Local.pm}); +=head2 Subscription + +Returns the L representing the current user's subscription +to this dashboard if there is one; otherwise, returns C. + +=cut + +sub Subscription { + my $self = shift; + + # no subscription to unloaded dashboards + return unless $self->id; + + for my $sub ($self->CurrentUser->UserObj->Attributes->Named('Subscription')) { + return $sub if $sub->SubValue('DashboardId') == $self->id; + } + + return; +} + +sub ObjectsForLoading { + my $self = shift; + my %args = ( + IncludeSuperuserGroups => 1, + @_ + ); + my @objects; + + # If you've been granted the SeeOwnDashboard global right (which you + # could have by way of global user right or global group right), you + # get to see your own dashboards + my $CurrentUser = $self->CurrentUser; + push @objects, $CurrentUser->UserObj + if $CurrentUser->HasRight(Object => $RT::System, Right => 'SeeOwnDashboard'); + + # Find groups for which: (a) you are a member of the group, and (b) + # you have been granted SeeGroupDashboard on (by any means), and (c) + # have at least one dashboard + my $groups = RT::Groups->new($CurrentUser); + $groups->LimitToUserDefinedGroups; + $groups->ForWhichCurrentUserHasRight( + Right => 'SeeGroupDashboard', + IncludeSuperusers => $args{IncludeSuperuserGroups}, + ); + $groups->WithCurrentUser; + my $attrs = $groups->Join( + ALIAS1 => 'main', + FIELD1 => 'id', + TABLE2 => 'Attributes', + FIELD2 => 'ObjectId', + ); + $groups->Limit( + ALIAS => $attrs, + FIELD => 'ObjectType', + VALUE => 'RT::Group', + ); + $groups->Limit( + ALIAS => $attrs, + FIELD => 'Name', + VALUE => 'Dashboard', + ); + push @objects, @{ $groups->ItemsArrayRef }; + + # Finally, if you have been granted the SeeDashboard right (which + # you could have by way of global user right or global group right), + # you can see system dashboards. + push @objects, RT::System->new($CurrentUser) + if $CurrentUser->HasRight(Object => $RT::System, Right => 'SeeDashboard'); + + return @objects; +} + +sub CurrentUserCanCreateAny { + my $self = shift; + my @objects; + + my $CurrentUser = $self->CurrentUser; + return 1 + if $CurrentUser->HasRight(Object => $RT::System, Right => 'CreateOwnDashboard'); + + my $groups = RT::Groups->new($CurrentUser); + $groups->LimitToUserDefinedGroups; + $groups->ForWhichCurrentUserHasRight( + Right => 'CreateGroupDashboard', + IncludeSuperusers => 1, + ); + return 1 if $groups->Count; + + return 1 + if $CurrentUser->HasRight(Object => $RT::System, Right => 'CreateDashboard'); + + return 0; +} + +=head2 Delete + +Deletes the dashboard and related subscriptions. +Returns a tuple of status and message, where status is true upon success. + +=cut + +sub Delete { + my $self = shift; + my $id = $self->id; + my ( $status, $msg ) = $self->SUPER::Delete(@_); + if ( $status ) { + # delete all the subscriptions + my $subscriptions = RT::Attributes->new( RT->SystemUser ); + $subscriptions->Limit( + FIELD => 'Name', + VALUE => 'Subscription', + ); + $subscriptions->Limit( + FIELD => 'Description', + VALUE => "Subscription to dashboard $id", + ); + while ( my $subscription = $subscriptions->Next ) { + $subscription->Delete(); + } + } + + return ( $status, $msg ); +} + +RT::Base->_ImportOverlays(); 1;