%# Don't be humble ... you're not that great. -- Golda Meir
<& /Edit/Elements/PopHeader, Title => loc('Permission Settings'), Action => 'index.html' &>
<&|/l&>Available Rights:&>
<&|/l&>Current Rights:&>
% foreach my $right (@$OffList) {
<% loc($right) %>
% }
<& /Edit/Elements/ListButtons &>
% my $x;
% foreach my $right (@$List) {
% $x .= " $right";
<% loc($right) %>
% }
<& /Edit/Elements/PopFooter &>
<%INIT>
my $Object = $RT::System;
my $List = [];
my $OffList = [];
if ($Queue) {
$Object = RT::Queue->new($session{'CurrentUser'});
$Object->Load($Queue) || Abort(loc("Couldn't load queue [_1]",$Queue));
}
elsif ($ObjectGroup) {
$Object = RT::Group->new($session{'CurrentUser'});
$Object->Load($ObjectGroup) || Abort(loc("Couldn't load group [_1]",$ObjectGroup));
}
elsif ($Report) {
require RTx::Report;
$Object = RTx::Report->new($session{'CurrentUser'});
$Object->Load($Report) || Abort(loc("Couldn't load group [_1]",$Report));
}
elsif (length($Report)) {
require RTx::Reports;
$Object = $RTx::Reports;
}
my ($right, $ACLDesc, $AppliesTo, %Rights, %OffRights);
my $princ = RT::Principal->new($RT::SystemUser);
my $PrincipalId = ($User || $Group);
$princ->Load($PrincipalId);
if ($princ->PrincipalType eq 'User') {
my $group = RT::Group->new($RT::SystemUser);
$group->LoadACLEquivalenceGroup($princ);
$PrincipalId = $group->PrincipalId;
}
my $ACLObj = RT::ACL->new($session{'CurrentUser'});
$ACLObj->LimitToObject( $Object );
$ACLObj->LimitToPrincipal( Id => $PrincipalId );
$ACLObj->GotoFirstItem;
$ACLObj->RedoSearch;
if ($Continuation) {
$List = $session{RightList};
$OffList = $session{RightOffList};
}
else {
if (ref($Object) && UNIVERSAL::can($Object, 'AvailableRights')) {
%OffRights = %{$Object->AvailableRights};
}
while (my $right = $ACLObj->Next) {
my $name = $right->RightName or next;
$Rights{$name}++;
delete $OffRights{$name};
}
@$List = sort keys %Rights;
@$OffList = sort keys %OffRights;
}
if ($Action eq 'Add') {
@$OffList = grep {
my $id = $_;
my $ok = (grep { $_ eq $id } @Off);
push @$List, $_ if $ok;
!$ok;
} @$OffList;
}
elsif ($Action eq 'AddAll') {
push @$List, @$OffList;
@$OffList = ();
}
elsif ($Action eq 'Delete') {
@$List = grep {
my $id = $_;
my $ok = (grep { $_ eq $id } @On);
push @$OffList, $_ if $ok;
!$ok;
} @$List;
}
elsif ($Action eq 'DeleteAll') {
push @$OffList, @$List;
@$List = ();
}
elsif ($Action eq 'Commit') {
foreach my $right (@$OffList) {
my $ace = RT::ACE->new( $session{CurrentUser} );
$ace->LoadByValues(
RightName => $right,
Object => $Object,
PrincipalType => 'Group',
PrincipalId => $PrincipalId,
);
$ace->Delete if $ace->Id;
}
foreach my $right (@$List) {
my $ace = RT::ACE->new( $session{CurrentUser} );
$ace->Create(
RightName => $right,
Object => $Object,
PrincipalType => 'Group',
PrincipalId => $PrincipalId,
);
}
$m->print('');
$m->abort;
}
$session{RightList} = $List;
$session{RightOffList} = $OffList;
%INIT>
<%ARGS>
$Action => ''
$User => ''
$Group => ''
$Queue => 0
$Report => undef
$ObjectGroup => 0
$Continuation => 0
@On => ()
@Off => ()
%ARGS>