X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=rt%2Flib%2FRT%2FGroups_Overlay.pm;h=ed18939f14a1d983d1dc021ef3f6b06024d0a597;hb=fc6209f398899f0211cfcedeb81a3cd65e04a941;hp=f8f54876b569b07446474d2a22573b82260b29b1;hpb=ef20b2b6b1feb47ad02b5ff7525f1a0fd11d0fa4;p=freeside.git diff --git a/rt/lib/RT/Groups_Overlay.pm b/rt/lib/RT/Groups_Overlay.pm index f8f54876b..ed18939f1 100644 --- a/rt/lib/RT/Groups_Overlay.pm +++ b/rt/lib/RT/Groups_Overlay.pm @@ -1,40 +1,40 @@ # BEGIN BPS TAGGED BLOCK {{{ -# +# # COPYRIGHT: -# -# This software is Copyright (c) 1996-2007 Best Practical Solutions, LLC -# -# +# +# This software is Copyright (c) 1996-2011 Best Practical Solutions, LLC +# +# # (Except where explicitly superseded by other copyright notices) -# -# +# +# # LICENSE: -# +# # This work is made available to you under the terms of Version 2 of # the GNU General Public License. A copy of that license should have # been provided with this software, but in any event can be snarfed # from www.gnu.org. -# +# # This work is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # General Public License for more details. -# +# # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA # 02110-1301 or visit their web page on the internet at -# http://www.gnu.org/copyleft/gpl.html. -# -# +# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html. +# +# # CONTRIBUTION SUBMISSION POLICY: -# +# # (The following paragraph is not intended to limit the rights granted # to you to modify and distribute this software under the terms of # the GNU General Public License and is only of importance to you if # you choose to contribute your changes and enhancements to the # community by submitting them to Best Practical Solutions, LLC.) -# +# # By intentionally submitting any modifications, corrections or # derivatives to this work, or any other work intended for use with # Request Tracker, to Best Practical Solutions, LLC, you confirm that @@ -43,8 +43,9 @@ # royalty-free, perpetual, license to use, copy, create derivative # works based on those contributions, and sublicense and distribute # those contributions and any derivatives thereof. -# +# # END BPS TAGGED BLOCK }}} + =head1 NAME RT::Groups - a collection of RT::Group objects @@ -52,7 +53,7 @@ =head1 SYNOPSIS use RT::Groups; - my $groups = $RT::Groups->new($CurrentUser); + my $groups = RT::Groups->new($CurrentUser); $groups->UnLimit(); while (my $group = $groups->Next()) { print $group->Id ." is a group id\n"; @@ -64,11 +65,6 @@ =head1 METHODS -=begin testing - -ok (require RT::Groups); - -=end testing =cut @@ -88,28 +84,11 @@ use RT::Users; # {{{ sub _Init -=begin testing - -# next had bugs -# Groups->Limit( FIELD => 'id', OPERATOR => '!=', VALUE => xx ); -my $g = RT::Group->new($RT::SystemUser); -my ($id, $msg) = $g->CreateUserDefinedGroup(Name => 'GroupsNotEqualTest'); -ok ($id, "created group #". $g->id) or diag("error: $msg"); - -my $groups = RT::Groups->new($RT::SystemUser); -$groups->Limit( FIELD => 'id', OPERATOR => '!=', VALUE => $g->id ); -$groups->LimitToUserDefinedGroups(); -my $bug = grep $_->id == $g->id, @{$groups->ItemsArrayRef}; -ok (!$bug, "didn't find group"); - -=end testing - -=cut - sub _Init { my $self = shift; $self->{'table'} = "Groups"; $self->{'primary_key'} = "id"; + $self->{'with_disabled_column'} = 1; my @result = $self->SUPER::_Init(@_); @@ -151,7 +130,7 @@ sub PrincipalsAlias { } -# {{{ LimiToSystemInternalGroups +# {{{ LimitToSystemInternalGroups =head2 LimitToSystemInternalGroups @@ -170,9 +149,9 @@ sub LimitToSystemInternalGroups { # }}} -# {{{ LimiToUserDefinedGroups +# {{{ LimitToUserDefinedGroups -=head2 LimitToUserDefined Groups +=head2 LimitToUserDefinedGroups Return only UserDefined Groups @@ -189,7 +168,7 @@ sub LimitToUserDefinedGroups { # }}} -# {{{ LimiToPersonalGroups +# {{{ LimitToPersonalGroupsFor =head2 LimitToPersonalGroupsFor PRINCIPAL_ID @@ -265,27 +244,6 @@ sub LimitToRolesForSystem { Limits the set of groups returned to groups which have Principal PRINCIPAL_ID as a member - -=begin testing - -my $u = RT::User->new($RT::SystemUser); -$u->Create(Name => 'Membertests'); -my $g = RT::Group->new($RT::SystemUser); -my ($id, $msg) = $g->CreateUserDefinedGroup(Name => 'Membertests'); -ok ($id, $msg); - -my ($aid, $amsg) =$g->AddMember($u->id); -ok ($aid, $amsg); -ok($g->HasMember($u->PrincipalObj),"G has member u"); - -my $groups = RT::Groups->new($RT::SystemUser); -$groups->LimitToUserDefinedGroups(); -$groups->WithMember(PrincipalId => $u->id); -ok ($groups->Count == 1,"found the 1 group - " . $groups->Count); -ok ($groups->First->Id == $g->Id, "it's the right one"); - -=end testing - =cut @@ -307,92 +265,42 @@ sub WithMember { $self->Limit(ALIAS => $members, FIELD => 'MemberId', OPERATOR => '=', VALUE => $args{'PrincipalId'}); } +sub WithoutMember { + my $self = shift; + my %args = ( + PrincipalId => undef, + Recursively => undef, + @_ + ); + + my $members = $args{'Recursively'} ? 'CachedGroupMembers' : 'GroupMembers'; + my $members_alias = $self->Join( + TYPE => 'LEFT', + FIELD1 => 'id', + TABLE2 => $members, + FIELD2 => 'GroupId', + ); + $self->Limit( + LEFTJOIN => $members_alias, + ALIAS => $members_alias, + FIELD => 'MemberId', + OPERATOR => '=', + VALUE => $args{'PrincipalId'}, + ); + $self->Limit( + ALIAS => $members_alias, + FIELD => 'MemberId', + OPERATOR => 'IS', + VALUE => 'NULL', + QUOTEVALUE => 0, + ); +} =head2 WithRight { Right => RIGHTNAME, Object => RT::Record, IncludeSystemRights => 1, IncludeSuperusers => 0, EquivObjects => [ ] } Find all groups which have RIGHTNAME for RT::Record. Optionally include global rights and superusers. By default, include the global rights, but not the superusers. -=begin testing - -my $q = RT::Queue->new($RT::SystemUser); -my ($id, $msg) =$q->Create( Name => 'GlobalACLTest'); -ok ($id, $msg); - -my $testuser = RT::User->new($RT::SystemUser); -($id,$msg) = $testuser->Create(Name => 'JustAnAdminCc'); -ok ($id,$msg); - -my $global_admin_cc = RT::Group->new($RT::SystemUser); -$global_admin_cc->LoadSystemRoleGroup('AdminCc'); -ok($global_admin_cc->id, "Found the global admincc group"); -my $groups = RT::Groups->new($RT::SystemUser); -$groups->WithRight(Right => 'OwnTicket', Object => $q); -is($groups->Count, 1); -($id, $msg) = $global_admin_cc->PrincipalObj->GrantRight(Right =>'OwnTicket', Object=> $RT::System); -ok ($id,$msg); -ok (!$testuser->HasRight(Object => $q, Right => 'OwnTicket') , "The test user does not have the right to own tickets in the test queue"); -($id, $msg) = $q->AddWatcher(Type => 'AdminCc', PrincipalId => $testuser->id); -ok($id,$msg); -ok ($testuser->HasRight(Object => $q, Right => 'OwnTicket') , "The test user does have the right to own tickets now. thank god."); - -$groups = RT::Groups->new($RT::SystemUser); -$groups->WithRight(Right => 'OwnTicket', Object => $q); -ok ($id,$msg); -is($groups->Count, 3); - -my $RTxGroup = RT::Group->new($RT::SystemUser); -($id, $msg) = $RTxGroup->CreateUserDefinedGroup( Name => 'RTxGroup', Description => "RTx extension group"); -ok ($id,$msg); - -my $RTxSysObj = {}; -bless $RTxSysObj, 'RTx::System'; -*RTx::System::Id = sub { 1; }; -*RTx::System::id = *RTx::System::Id; -my $ace = RT::Record->new($RT::SystemUser); -$ace->Table('ACL'); -$ace->_BuildTableAttributes unless ($_TABLE_ATTR->{ref($self)}); -($id, $msg) = $ace->Create( PrincipalId => $RTxGroup->id, PrincipalType => 'Group', RightName => 'RTxGroupRight', ObjectType => 'RTx::System', ObjectId => 1); -ok ($id, "ACL for RTxSysObj created"); - -my $RTxObj = {}; -bless $RTxObj, 'RTx::System::Record'; -*RTx::System::Record::Id = sub { 4; }; -*RTx::System::Record::id = *RTx::System::Record::Id; - -$groups = RT::Groups->new($RT::SystemUser); -$groups->WithRight(Right => 'RTxGroupRight', Object => $RTxSysObj); -is($groups->Count, 1, "RTxGroupRight found for RTxSysObj"); - -$groups = RT::Groups->new($RT::SystemUser); -$groups->WithRight(Right => 'RTxGroupRight', Object => $RTxObj); -is($groups->Count, 0, "RTxGroupRight not found for RTxObj"); - -$groups = RT::Groups->new($RT::SystemUser); -$groups->WithRight(Right => 'RTxGroupRight', Object => $RTxObj, EquivObjects => [ $RTxSysObj ]); -is($groups->Count, 1, "RTxGroupRight found for RTxObj using EquivObjects"); - -$ace = RT::Record->new($RT::SystemUser); -$ace->Table('ACL'); -$ace->_BuildTableAttributes unless ($_TABLE_ATTR->{ref($self)}); -($id, $msg) = $ace->Create( PrincipalId => $RTxGroup->id, PrincipalType => 'Group', RightName => 'RTxGroupRight', ObjectType => 'RTx::System::Record', ObjectId => 5 ); -ok ($id, "ACL for RTxObj created"); - -my $RTxObj2 = {}; -bless $RTxObj2, 'RTx::System::Record'; -*RTx::System::Record::Id = sub { 5; }; - -$groups = RT::Groups->new($RT::SystemUser); -$groups->WithRight(Right => 'RTxGroupRight', Object => $RTxObj2); -is($groups->Count, 1, "RTxGroupRight found for RTxObj2"); - -$groups = RT::Groups->new($RT::SystemUser); -$groups->WithRight(Right => 'RTxGroupRight', Object => $RTxObj2, EquivObjects => [ $RTxSysObj ]); -is($groups->Count, 1, "RTxGroupRight found for RTxObj2"); - - - -=end testing =cut @@ -452,10 +360,12 @@ sub _JoinGroupMembersForGroupRights { QUOTEVALUE => 0, ); } -sub _JoinACL { return (shift)->RT::Users::_JoinACL( @_ ) } -sub _GetEquivObjects { return (shift)->RT::Users::_GetEquivObjects( @_ ) } -sub WithGroupRight { return (shift)->RT::Users::WhoHaveGroupRight( @_ ) } -sub WithRoleRight { return (shift)->RT::Users::WhoHaveRoleRight( @_ ) } +sub _JoinACL { return (shift)->RT::Users::_JoinACL( @_ ) } +sub _RoleClauses { return (shift)->RT::Users::_RoleClauses( @_ ) } +sub _WhoHaveRoleRightSplitted { return (shift)->RT::Users::_WhoHaveRoleRightSplitted( @_ ) } +sub _GetEquivObjects { return (shift)->RT::Users::_GetEquivObjects( @_ ) } +sub WithGroupRight { return (shift)->RT::Users::WhoHaveGroupRight( @_ ) } +sub WithRoleRight { return (shift)->RT::Users::WhoHaveRoleRight( @_ ) } # {{{ sub LimitToEnabled @@ -467,12 +377,13 @@ Only find items that haven\'t been disabled sub LimitToEnabled { my $self = shift; - - $self->Limit( ALIAS => $self->PrincipalsAlias, - FIELD => 'Disabled', - VALUE => '0', - OPERATOR => '=', - ); + + $self->{'handled_disabled_column'} = 1; + $self->Limit( + ALIAS => $self->PrincipalsAlias, + FIELD => 'Disabled', + VALUE => '0', + ); } # }}} @@ -487,13 +398,14 @@ Only find items that have been deleted. sub LimitToDeleted { my $self = shift; - $self->{'find_disabled_rows'} = 1; - $self->Limit( ALIAS => $self->PrincipalsAlias, - FIELD => 'Disabled', - OPERATOR => '=', - VALUE => 1, - ); + $self->{'handled_disabled_column'} = $self->{'find_disabled_rows'} = 1; + $self->Limit( + ALIAS => $self->PrincipalsAlias, + FIELD => 'Disabled', + VALUE => 1, + ); } + # }}} # {{{ sub Next