Skip to content

Commit

Permalink
Merge branch '5.0/serialize-custom-role-acl' into 5.0-trunk
Browse files Browse the repository at this point in the history
  • Loading branch information
@cbrandtbuffalo
cbrandtbuffalo committed Apr 13, 2023
2 parents 0acdad1 + d542b38 commit ed21e4f
Show file tree
Hide file tree
Showing 3 changed files with 59 additions and 4 deletions.
15 changes: 12 additions & 3 deletions lib/RT/Handle.pm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1570,10 +1570,19 @@ sub InsertData {
$princ->LoadUserDefinedGroup( $item->{'GroupId'} );
} elsif ( $item->{'GroupDomain'} eq 'SystemInternal' ) {
$princ->LoadSystemInternalGroup( $item->{'GroupType'} );
} elsif ( $item->{'GroupDomain'} eq 'RT::System-Role' ) {
$princ->LoadRoleGroup( Object => RT->System, Name => $item->{'GroupType'} );
} elsif ( $item->{'GroupDomain'} =~ /-Role$/ ) {
$princ->LoadRoleGroup( Object => $object, Name => $item->{'GroupType'} );
my $name;
if ( $item->{'GroupType'} =~ /^RT::CustomRole-(.+)/ ) {
my $custom_role = RT::CustomRole->new( RT->SystemUser );
$custom_role->Load($1);
if ( $custom_role->Id ) {
$name = 'RT::CustomRole-' . $custom_role->Id;
}
else {
RT->Logger->error("Unable to load CustomRole $1");
}
}
$princ->LoadRoleGroup( Object => $object, Name => $name || $item->{'GroupType'} );
} else {
$princ->Load( $item->{'GroupId'} );
}
Expand Down
13 changes: 12 additions & 1 deletion lib/RT/Migrate/Serializer/JSON.pm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -318,7 +318,18 @@ sub CanonicalizeACLs {
$ace->{GroupId} = $group->Name;
}
if ($domain eq 'SystemInternal' || $domain =~ /-Role$/) {
$ace->{GroupType} = $group->Name;
my $group_type;
if ( $group->Name =~ /^RT::CustomRole-(\d+)/ ) {
my $custom_role = RT::CustomRole->new( RT->SystemUser );
$custom_role->Load($1);
if ( $custom_role->Id ) {
$group_type = 'RT::CustomRole-' . $custom_role->Name;
}
else {
RT->Logger->error("Could not load custom role: $1");
}
}
$ace->{GroupType} = $group_type || $group->Name;
}
}
}
Expand Down
35 changes: 35 additions & 0 deletions t/api/initialdata-roundtrip.t
View file
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,25 @@ my @tests = (
($ok, $msg) = $inner->PrincipalObj->GrantRight(Object => $inner, Right => 'SeeGroup');
ok($ok, $msg);

my $managers = RT::CustomRole->new(RT->SystemUser);
($ok, $msg) = $managers->Create(
Name => 'Managers',
);
ok($ok, $msg);

($ok, $msg) = $managers->AddToObject(ObjectId => $general->Id);
ok($ok, $msg);

$general->Load($general->Id); # Reload to update roles cache
( $ok, $msg )
= $general->RoleGroup( $managers->GroupType, Create => 1 )
->PrincipalObj->GrantRight( Object => $general, Right => 'ModifyCustomField' );
ok( $ok, $msg );
( $ok, $msg )
= RT->System->RoleGroup( $managers->GroupType )
->PrincipalObj->GrantRight( Object => RT->System, Right => 'SeeCustomField' );
ok( $ok, $msg );

},
present => sub {
my $outer = RT::Group->new(RT->SystemUser);
Expand Down Expand Up @@ -144,6 +163,22 @@ my @tests = (
ok($inner->PrincipalObj->HasRight(Object => $inner, Right => 'SeeGroup'), 'inner SeeGroup right');
ok($user->PrincipalObj->HasRight(Object => $inner, Right => 'SeeGroup'), 'user SeeGroup right');
ok(!$unrelated->PrincipalObj->HasRight(Object => $inner, Right => 'SeeGroup'), 'unrelated SeeGroup right');

my $managers = RT::CustomRole->new(RT->SystemUser);
$managers->Load('Managers');
ok($managers->Id, 'Loaded Managers');

$general->Load($general->Id); # Reload to update roles cache
ok(
$general->RoleGroup( $managers->GroupType )
->PrincipalObj->HasRight( Object => $general, Right => 'ModifyCustomField' ),
'custom role ModifyCustomField right'
);
ok(
RT->System->RoleGroup( $managers->GroupType )
->PrincipalObj->HasRight( Object => RT->System, Right => 'SeeCustomField' ),
'custom role SeeCustomField right'
);
},
},

Expand Down

0 comments on commit ed21e4f

Please sign in to comment.