%# Don't be humble ... you're not that great. -- Golda Meir <& /Edit/Elements/PopHeader, Title => loc('Permission Settings'), Action => 'index.html' &>
<& /Edit/Elements/ListButtons &>
<&|/l&>Available Rights:
  <&|/l&>Current Rights:
<& /Edit/Elements/PopFooter &> <%INIT> my $Object = $RT::System; my $List = []; my $OffList = []; if ($Queue) { $Object = RT::Queue->new($session{'CurrentUser'}); $Object->Load($Queue) || Abort(loc("Couldn't load queue [_1]",$Queue)); } elsif ($ObjectGroup) { $Object = RT::Group->new($session{'CurrentUser'}); $Object->Load($ObjectGroup) || Abort(loc("Couldn't load group [_1]",$ObjectGroup)); } elsif ($Report) { require RTx::Report; $Object = RTx::Report->new($session{'CurrentUser'}); $Object->Load($Report) || Abort(loc("Couldn't load group [_1]",$Report)); } elsif (length($Report)) { require RTx::Reports; $Object = $RTx::Reports; } my ($right, $ACLDesc, $AppliesTo, %Rights, %OffRights); my $princ = RT::Principal->new($RT::SystemUser); my $PrincipalId = ($User || $Group); $princ->Load($PrincipalId); if ($princ->PrincipalType eq 'User') { my $group = RT::Group->new($RT::SystemUser); $group->LoadACLEquivalenceGroup($princ); $PrincipalId = $group->PrincipalId; } my $ACLObj = RT::ACL->new($session{'CurrentUser'}); $ACLObj->LimitToObject( $Object ); $ACLObj->LimitToPrincipal( Id => $PrincipalId ); $ACLObj->GotoFirstItem; $ACLObj->RedoSearch; if ($Continuation) { $List = $session{RightList}; $OffList = $session{RightOffList}; } else { if (ref($Object) && UNIVERSAL::can($Object, 'AvailableRights')) { %OffRights = %{$Object->AvailableRights}; } while (my $right = $ACLObj->Next) { my $name = $right->RightName or next; $Rights{$name}++; delete $OffRights{$name}; } @$List = sort keys %Rights; @$OffList = sort keys %OffRights; } if ($Action eq 'Add') { @$OffList = grep { my $id = $_; my $ok = (grep { $_ eq $id } @Off); push @$List, $_ if $ok; !$ok; } @$OffList; } elsif ($Action eq 'AddAll') { push @$List, @$OffList; @$OffList = (); } elsif ($Action eq 'Delete') { @$List = grep { my $id = $_; my $ok = (grep { $_ eq $id } @On); push @$OffList, $_ if $ok; !$ok; } @$List; } elsif ($Action eq 'DeleteAll') { push @$OffList, @$List; @$List = (); } elsif ($Action eq 'Commit') { foreach my $right (@$OffList) { my $ace = RT::ACE->new( $session{CurrentUser} ); $ace->LoadByValues( RightName => $right, Object => $Object, PrincipalType => 'Group', PrincipalId => $PrincipalId, ); $ace->Delete if $ace->Id; } foreach my $right (@$List) { my $ace = RT::ACE->new( $session{CurrentUser} ); $ace->Create( RightName => $right, Object => $Object, PrincipalType => 'Group', PrincipalId => $PrincipalId, ); } $m->print(''); $m->abort; } $session{RightList} = $List; $session{RightOffList} = $OffList; <%ARGS> $Action => '' $User => '' $Group => '' $Queue => 0 $Report => undef $ObjectGroup => 0 $Continuation => 0 @On => () @Off => ()