%# Don't be humble ... you're not that great. -- Golda Meir
<& /Edit/Elements/PopHeader, Title => loc('Permission Settings'), Action => 'index.html' &>
<input type="hidden" name="User" value="<% $User %>">
<input type="hidden" name="Group" value="<% $Group %>">
<input type="hidden" name="Queue" value="<% $Queue %>">
<input type="hidden" name="ObjectGroup" value="<% $ObjectGroup %>">
<table width="100%" border="0" cellspacing="5" cellpadding="0" class="poptable">
<tr>
<td>
<table border="0" cellspacing="0" cellpadding="0" align="center">
<tr>
<td valign="top" width="155" height="2">
<div align="left"><&|/l&>Available Rights:</&> </div>
</td>
<td width="90" height="2"> </td>
<td valign="top" height="2" width="158"> <&|/l&>Current Rights:</&> </td>
</tr>
<tr>
<td valign="top" width="155">
<select name="Off" size="25" multiple style="width:200px; height:320px">
% foreach my $right (@$OffList) {
<OPTION VALUE="<% $right %>"><% loc($right) %></OPTION>
% }
</select>
</td>
<& /Edit/Elements/ListButtons &>
<td valign="top" height="32" width="158">
<select name="On" size="25" multiple style="width:200px; height:320px">
% my $x;
% foreach my $right (@$List) {
% $x .= " $right";
<OPTION VALUE="<% $right %>"><% loc($right) %></OPTION>
% }
</select>
</td>
</tr>
</table>
</td>
</tr>
</table>
<& /Edit/Elements/PopFooter &>
<%INIT>
my $Object = $RT::System;
my $List = [];
my $OffList = [];
if ($Queue) {
$Object = RT::Queue->new($session{'CurrentUser'});
$Object->Load($Queue) || Abort(loc("Couldn't load queue [_1]",$Queue));
}
elsif ($ObjectGroup) {
$Object = RT::Group->new($session{'CurrentUser'});
$Object->Load($ObjectGroup) || Abort(loc("Couldn't load group [_1]",$ObjectGroup));
}
my ($right, $ACLDesc, $AppliesTo, %Rights, %OffRights);
my $princ = RT::Principal->new($RT::SystemUser);
my $PrincipalId = ($User || $Group);
$princ->Load($PrincipalId);
if ($princ->PrincipalType eq 'User') {
my $group = RT::Group->new($RT::SystemUser);
$group->LoadACLEquivalenceGroup($princ);
$PrincipalId = $group->PrincipalId;
}
my $ACLObj = RT::ACL->new($session{'CurrentUser'});
$ACLObj->LimitToObject( $Object );
$ACLObj->LimitToPrincipal( Id => $PrincipalId );
$ACLObj->GotoFirstItem;
$ACLObj->RedoSearch;
if ($Continuation) {
$List = $session{RightList};
$OffList = $session{RightOffList};
}
else {
if (ref($Object) && UNIVERSAL::can($Object, 'AvailableRights')) {
%OffRights = %{$Object->AvailableRights};
}
while (my $right = $ACLObj->Next) {
my $name = $right->RightName or next;
$Rights{$name}++;
delete $OffRights{$name};
}
@$List = sort keys %Rights;
@$OffList = sort keys %OffRights;
}
if ($Action eq 'Add') {
@$OffList = grep {
my $id = $_;
my $ok = (grep { $_ eq $id } @Off);
push @$List, $_ if $ok;
!$ok;
} @$OffList;
}
elsif ($Action eq 'AddAll') {
push @$List, @$OffList;
@$OffList = ();
}
elsif ($Action eq 'Delete') {
@$List = grep {
my $id = $_;
my $ok = (grep { $_ eq $id } @On);
push @$OffList, $_ if $ok;
!$ok;
} @$List;
}
elsif ($Action eq 'DeleteAll') {
push @$OffList, @$List;
@$List = ();
}
elsif ($Action eq 'Commit') {
foreach my $right (@$OffList) {
my $ace = RT::ACE->new( $session{CurrentUser} );
$ace->LoadByValues(
RightName => $right,
Object => $Object,
PrincipalType => 'Group',
PrincipalId => $PrincipalId,
);
$ace->Delete if $ace->Id;
}
foreach my $right (@$List) {
my $ace = RT::ACE->new( $session{CurrentUser} );
$ace->Create(
RightName => $right,
Object => $Object,
PrincipalType => 'Group',
PrincipalId => $PrincipalId,
);
}
$m->print('<script>window.close();</script>');
$m->abort;
}
$session{RightList} = $List;
$session{RightOffList} = $OffList;
</%INIT>
<%ARGS>
$Action => ''
$User => ''
$Group => ''
$Queue => 0
$ObjectGroup => 0
$Continuation => 0
@On => ()
@Off => ()
</%ARGS>