https://rt-wiki.bestpractical.com/index.php?title=WhoHasRightsToWhat&feed=atom&action=history
WhoHasRightsToWhat - Revision history
2024-03-29T09:54:49Z
Revision history for this page on the wiki
MediaWiki 1.37.2
https://rt-wiki.bestpractical.com/index.php?title=WhoHasRightsToWhat&diff=4205&oldid=prev
Admin: 2 revisions imported
2016-04-06T20:39:42Z
<p>2 revisions imported</p>
<p><b>New page</b></p><div>=== This has been replaced by the much more extensive RTx::RightsMatrix, which can be downloaded from CPAN. ===<br />
<br />
If you have many queues or custom fields it can quickly become confusing as to who has rights to what. This is the first version of a Mason component that will help you make sense of it all. Please report bugs to todd [[at]] chaka.net.<br />
<br />
Drop this in [=html/Admin/Global/[[ViewTicketRights]].html]<br />
<br />
<nowiki>% my $Title = loc("Ticket Rights for [_1]: [_2]", $principal-&gt;IsUser ? loc('User') : loc('Group'), $principal-&gt;Object-&gt;Name ? $principal-&gt;Object-&gt;Name : $principal-&gt;Object-&gt;Type);<br />
&lt;&amp; /Elements/Header, Title=&gt;$Title &amp;&gt;<br />
&lt;&amp; /User/Elements/Tabs,<br />
current_tab =&gt; 'Admin/Global/ViewTicketRights.html',<br />
Title=&gt;$Title &amp;&gt;<br />
&lt;table border="1" cellspacing="0"&gt;<br />
&lt;tr&gt;<br />
&lt;th colspan="2" &gt;Custom Field&lt;/th&gt;<br />
&lt;th colspan="&lt;% scalar @queues %&gt;" &gt;Ticket Queue&lt;/th&gt;<br />
&lt;/tr&gt;<br />
&lt;tr&gt;<br />
&lt;td&gt;Name&lt;/td&gt;<br />
&lt;td&gt;Description&lt;/td&gt;<br />
% foreach my $queue ( @queues ) {<br />
&lt;td&gt;&lt;b&gt;&lt;% $queue-&gt;Name %&gt;&lt;/b&gt;<br />
&lt;br&gt;(<br />
&lt;% $principal-&gt;HasRight(Object =&gt; $queue, Right =&gt; 'ShowTicket') ? 'r' : '' %&gt;<br />
&lt;% $principal-&gt;HasRight(Object =&gt; $queue, Right =&gt; 'ModifyTicket') ? 'w' : '' %&gt;<br />
&lt;% $principal-&gt;HasRight(Object =&gt; $queue, Right =&gt; 'CreateTicket') ? 'c' : '' %&gt;<br />
&lt;% $principal-&gt;HasRight(Object =&gt; $queue, Right =&gt; 'DeleteTicket') ? 'd' : '' %&gt; )&lt;/td&gt;<br />
% }<br />
&lt;/tr&gt;<br />
<br />
% my $i;<br />
% while (my $cf = $cfs-&gt;Next) {<br />
% $i++;<br />
&lt;tr class="&lt;% $i%2 ? 'oddline' : 'evenline'%&gt;" &gt;<br />
&lt;td&gt;&lt;b&gt;&lt;% $cf-&gt;Name %&gt;&lt;/b&gt;&lt;/td&gt; &lt;td&gt;&lt;% $cf-&gt;Description %&gt;&lt;/td&gt;<br />
% foreach my $queue ( @queues ) {<br />
% my $ocfs = RT::ObjectCustomFields-&gt;new($RT::SystemUser);<br />
% $ocfs-&gt;Limit( FIELD =&gt; 'CustomField', VALUE =&gt; $cf-&gt;Id );<br />
% $ocfs-&gt;Limit( FIELD =&gt; 'ObjectId', VALUE =&gt; 0 );<br />
% $ocfs-&gt;Limit( FIELD =&gt; 'ObjectId', VALUE =&gt; $queue-&gt;Id );<br />
% if ($ocfs-&gt;Count) {<br />
&lt;td align="center"&gt;<br />
&lt;b&gt;<br />
&lt;% $principal-&gt;HasRight(Object =&gt; $cf, Right =&gt; 'SeeCustomField') ? 'r' : '' %&gt;<br />
&lt;% $principal-&gt;HasRight(Object =&gt; $cf, Right =&gt; 'ModifyCustomField') ? 'w' : '' %&gt;<br />
&lt;% $principal-&gt;HasRight(Object =&gt; $cf, Right =&gt; 'AdminCustomField') ? 'a' : '' %&gt;<br />
&lt;/b&gt;<br />
&lt;/td&gt;<br />
% }<br />
% else {<br />
&lt;td align="center"&gt;-&lt;/td&gt;<br />
% }<br />
% }<br />
&lt;/tr&gt;<br />
% }<br />
&lt;/table&gt;<br />
<br />
<br />
&lt;h3&gt;Key:&lt;/h3&gt;<br />
For an queue the possible permissions are:<br />
&lt;table border="1"&gt;<br />
&lt;tr&gt;<br />
&lt;td&gt;r&lt;/td&gt;&lt;td&gt;ShowTicket&lt;/td&gt;&lt;td&gt;Can see tickets of that queue&lt;/td&gt;<br />
&lt;/tr&gt;<br />
&lt;tr&gt;<br />
&lt;td&gt;w&lt;/td&gt;&lt;td&gt;ModifyTicket&lt;/td&gt;&lt;td&gt;Can edit/modify tickets of that queue&lt;/td&gt;<br />
&lt;/tr&gt;<br />
&lt;tr&gt;<br />
&lt;td&gt;c&lt;/td&gt;&lt;td&gt;CreateTicket&lt;/td&gt;&lt;td&gt;Can create tickets of that queue&lt;/td&gt;<br />
&lt;/tr&gt;<br />
&lt;tr&gt;<br />
&lt;td&gt;d&lt;/td&gt;&lt;td&gt;DeleteTicket&lt;/td&gt;&lt;td&gt;Can delete tickets of that queue&lt;/td&gt;<br />
&lt;/tr&gt;<br />
&lt;/table&gt;<br />
&lt;p&gt;<br />
<br />
For a custom field the possible permissions are:<br />
&lt;table border="1"&gt;<br />
&lt;tr&gt;<br />
&lt;td&gt;r&lt;/td&gt;&lt;td&gt;SeeCustomField&lt;/td&gt;&lt;td&gt;Can see that custom field for that queue&lt;/td&gt;<br />
&lt;/tr&gt;<br />
&lt;tr&gt;<br />
&lt;td&gt;w&lt;/td&gt;&lt;td&gt;ModifyCustomField&lt;/td&gt;&lt;td&gt;Can edit/moidfy that custom field for that queue&lt;/td&gt;<br />
&lt;/tr&gt;<br />
&lt;tr&gt;<br />
&lt;td&gt;a&lt;/td&gt;&lt;td&gt;AdminCustomField&lt;/td&gt;&lt;td&gt;Can administer that custom field for that queue&lt;/td&gt;<br />
&lt;/tr&gt;<br />
&lt;/table&gt;<br />
&lt;p&gt;<br />
<br />
A dash(-) in the table means that custom field does not apply to that queue.&lt;br&gt;<br />
An empty cell in the table means that you have no permissions for that custom field and queue combination.<br />
<br />
&lt;FORM METHOD=POST ACTION="ViewTicketRights.html" ENCTYPE="multipart/form-data"&gt;<br />
&lt;INPUT TYPE=HIDDEN NAME=id VALUE=""&gt;<br />
<br />
&lt;&amp; /Elements/TitleBoxStart, title =&gt; loc('View rights for'), color=&gt; "#993333", width =&gt; "100%" &amp;&gt;<br />
Select User or Group:<br />
&lt;SELECT NAME="Principal"&gt;<br />
&lt;OPTION VALUE=""&gt;-<br />
&lt;OPTION VALUE="&lt;%$session{CurrentUser}-&gt;id%&gt;"&gt;&lt;%$session{CurrentUser}-&gt;Name%&gt;<br />
&lt;OPTION VALUE="3"&gt;Everyone<br />
&lt;OPTION VALUE="4"&gt;Privileged Users<br />
&lt;OPTION VALUE="5"&gt;Unprivileged Users<br />
%while (my $group = $groups-&gt;Next) {<br />
%next unless $session{CurrentUser}-&gt;HasRight(Right =&gt; 'AdminGroup', Object =&gt; $group) or $group-&gt;HasMember($session{CurrentUser}-&gt;PrincipalObj);<br />
&lt;OPTION VALUE="&lt;%$group-&gt;id%&gt;"&gt;&lt;%$group-&gt;Name%&gt;<br />
%}<br />
&lt;/SELECT&gt;<br />
%if ($session{CurrentUser}-&gt;HasRight(Right =&gt; 'AdminUsers', Object =&gt; $RT::System)) {<br />
- or -<br />
Enter username: &lt;INPUT NAME="User"&gt;<br />
%}<br />
&lt;&amp; /Elements/TitleBoxEnd &amp;&gt;<br />
<br />
&lt;&amp; /Elements/Submit&amp;&gt;<br />
&lt;/form&gt;<br />
<br />
&lt;%INIT&gt;<br />
my $VERSION = 0.91;<br />
<br />
my $principal;<br />
if ($ARGS{Principal}) {<br />
$principal = RT::Principal-&gt;new($session{CurrentUser});<br />
my ($rv, $msg) = $principal-&gt;Load($ARGS{Principal});<br />
if (! $rv) {<br />
$m-&gt;comp("/Elements/Error", Why =&gt; loc("Principal not found"));<br />
$m-&gt;abort;<br />
}<br />
}<br />
elsif ($ARGS{User}) {<br />
my $user = RT::User-&gt;new($session{CurrentUser});<br />
my ($rv, $msg) = $user-&gt;Load($ARGS{User});<br />
if (! $rv) {<br />
$m-&gt;comp("/Elements/Error", Why =&gt; loc("User [_1] not found", $ARGS{User}));<br />
$m-&gt;abort;<br />
}<br />
$principal = $user-&gt;PrincipalObj;<br />
}<br />
else {<br />
$principal = $session{CurrentUser}-&gt;PrincipalObj;<br />
}<br />
<br />
my $cfs = RT::CustomFields-&gt;new($session{CurrentUser});<br />
$cfs-&gt;LimitToLookupType('RT::Queue-RT::Ticket');<br />
$cfs-&gt;OrderBy(FIELD =&gt; 'Name');<br />
<br />
my $queues = RT::Queues-&gt;new($session{CurrentUser});<br />
$queues-&gt;UnLimit;<br />
my @queues;<br />
while (my $queue = $queues-&gt;Next) { push @queues, $queue; }<br />
<br />
my $groups = new RT::Groups($session{'CurrentUser'});<br />
$groups-&gt;Limit(FIELD =&gt; 'Domain', VALUE =&gt; 'UserDefined');<br />
<br />
<br />
&lt;/%INIT&gt;<br />
&lt;%ARGS&gt;<br />
$User =&gt; undef<br />
&lt;/%ARGS&gt;<br />
</nowiki></div>
Admin