- my ($val, $msg, $exist) = $self->SUPER::_AddLink(%args);
- return ($val, $msg) if !$val || $exist;
+ # {{{ If the other URI is an RT::Ticket, we want to make sure the user
+ # can modify it too...
+ my $other_ticket_uri = RT::URI->new($self->CurrentUser);
+
+ if ( $args{'Target'} ) {
+ $other_ticket_uri->FromURI( $args{'Target'} );
+
+ }
+ elsif ( $args{'Base'} ) {
+ $other_ticket_uri->FromURI( $args{'Base'} );
+ }
+
+ unless ( $other_ticket_uri->Resolver && $other_ticket_uri->Scheme ) {
+ my $msg = $args{'Target'} ? $self->loc("Couldn't resolve target '[_1]' into a URI.", $args{'Target'})
+ : $self->loc("Couldn't resolve base '[_1]' into a URI.", $args{'Base'});
+ $RT::Logger->warning( "$self $msg\n" );
+
+ return( 0, $msg );
+ }
+
+ if ( $other_ticket_uri->Resolver->Scheme eq 'fsck.com-rt') {
+ my $object = $other_ticket_uri->Resolver->Object;
+
+ if ( UNIVERSAL::isa( $object, 'RT::Ticket' )
+ && $object->id
+ && !$object->CurrentUserHasRight('ModifyTicket') )
+ {
+ return ( 0, $self->loc("Permission Denied") );
+ }
+
+ }
+
+ # }}}
+
+ my ($val, $Msg) = $self->SUPER::_AddLink(%args);
+
+ if (!$val) {
+ return ($val, $Msg);
+ }