RT 3.8.17 Documentation

• • IsGroup
  • IsUser
  • Object
  • GrantRight { Right => RIGHTNAME, Object => undef }
  • RevokeRight { Right => "RightName", Object => "object" }
  • sub CleanupInvalidDelegations { InsideTransaction => undef }
  • sub HasRight (Right => 'right' Object => undef)
  • _HasRight
  • RolesWithRight
  • InvalidateACLCache
  • _GetPrincipalTypeForACL
  • _ReferenceId

IsGroup

Returns true if this principal is a group. Returns undef, otherwise

IsUser

Returns true if this principal is a User. Returns undef, otherwise

Object

Returns the user or group associated with this principal

GrantRight { Right => RIGHTNAME, Object => undef }

A helper function which calls RT::ACE->Create

   Returns a tuple of (STATUS, MESSAGE);  If the call succeeded, STATUS is true. Otherwise it's 
   false.

RevokeRight { Right => "RightName", Object => "object" }

Delete a right that a user has

   Returns a tuple of (STATUS, MESSAGE);  If the call succeeded, STATUS is true. Otherwise it's 
      false.

sub CleanupInvalidDelegations { InsideTransaction => undef }

Revokes all ACE entries delegated by this principal which are inconsistent with this principal's current delegation rights. Does not perform permission checks, but takes no action and returns success if this principal still retains DelegateRights. Should only ever be called from inside the RT library.

If this principal is a group, recursively calls this method on each cached user member of itself.

If called from inside a transaction, specify a true value for the InsideTransaction parameter.

Returns a true value if the deletion succeeded; returns a false value and logs an internal error if the deletion fails (should not happen).

sub HasRight (Right => 'right' Object => undef)

Checks to see whether this principal has the right "Right" for the Object specified. If the Object parameter is omitted, checks to see whether the user has the right globally.

This still hard codes to check to see if a user has queue-level rights if we ask about a specific ticket.

This takes the params:

    Right => name of a right

    And either:

    Object => an RT style object (->id will get its id)

Returns 1 if a matching ACE was found.

Returns undef if no ACE was found.

_HasRight

Low level HasRight implementation, use HasRight method instead.

RolesWithRight

Returns list with names of roles that have right on set of objects. Takes Right, EquiveObjects, IncludeSystemRights and IncludeSuperusers arguments.

IncludeSystemRights is true by default, rights granted on system level are not accouned when option is set to false value.

IncludeSuperusers is true by default, SuperUser right is not checked if it's set to false value.

InvalidateACLCache

Cleans out and reinitializes the user rights cache

_GetPrincipalTypeForACL

Gets the principal type. if it's a user, it's a user. if it's a role group and it has a Type, return that. if it has no type, return group.

_ReferenceId

Returns a list uniquely representing an object or normal scalar.

For scalars, its string value is returned; for objects that has an id() method, its class name and Id are returned as a string separated by a "-".

← Back to index