X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=FS%2FFS%2FTicketSystem.pm;h=a6daf7e06c158f22ca79c8456c641470812410d9;hp=9d11ff47bbec5de4e775af49bbaf5d49c1cb6ca9;hb=c58b5c1cef23066263aae5c506824310866ef64b;hpb=3f8dd846e92d44fc461d91d5fd5e012a770370d1

diff --git a/FS/FS/TicketSystem.pm b/FS/FS/TicketSystem.pm
index 9d11ff47b..a6daf7e06 100644
--- a/FS/FS/TicketSystem.pm
+++ b/FS/FS/TicketSystem.pm
@@ -35,8 +35,31 @@ sub _upgrade_data {
   
   FS::TicketSystem->init;
   my $session = FS::TicketSystem->session();
-  my $CurrentUser = $session->{'CurrentUser'}
-    or die 'freeside-upgrade must run as a valid RT user';
+  # bypass RT ACLs--we're going to do lots of things
+  my $CurrentUser = $RT::SystemUser;
+
+  # selfservice user
+  my $User = RT::User->new($CurrentUser);
+  $User->Load('%%%SELFSERVICE_USER%%%');
+  if (!defined($User->Id)) {
+    my ($val, $msg) = $User->Create(
+      'Name' => '%%%SELFSERVICE_USER%%%',
+      'Gecos' => '%%%SELFSERVICE_USER%%%',
+      'Privileged' => 1,
+      # any other fields needed?
+    );
+    die $msg if !$val;
+  }
+  my $Principal = $User->PrincipalObj; # can this ever fail?
+  my @rights = ( qw(ShowTicket SeeQueue ModifyTicket ReplyToTicket) );
+  foreach (@rights) {
+    next if $Principal->HasRight( 'Right' => $_, Object => $RT::System );
+    my ($val, $msg) = $Principal->GrantRight(
+      'Right' => $_,
+      'Object' => $RT::System,
+    );
+    die $msg if !$val;
+  }
 
   # EscalateQueue custom field and friends
   my $CF = RT::CustomField->new($CurrentUser);