RT 5.0.6 Documentation
RT::Group
- NAME
- SYNOPSIS
- DESCRIPTION
- METHODS
- SelfDescription
- Load ID
- LoadUserDefinedGroup NAME
- LoadACLEquivalenceGroup PRINCIPAL
- LoadSystemInternalGroup NAME
- LoadRoleGroup
- Create
- _Create
- CreateUserDefinedGroup { Name => "name", Description => "Description"}
- ValidateName VALUE
- _ValidateNameForDomain VALUE DOMAIN
- _ValidateUserDefinedName VALUE
- _CreateACLEquivalenceGroup { Principal }
- CreateRoleGroup
- ValidateRoleGroup
- SingleMemberRoleGroup
- Delete
- SetDisabled BOOL
- DeepMembersObj
- MembersObj
- GroupMembersObj [Recursively => 1]
- UserMembersObj
- MemberEmailAddresses
- MemberEmailAddressesAsString
- AddMember PRINCIPAL_ID
- HasMember RT::Principal|id
- HasMemberRecursively RT::Principal|id
- DeleteMember PRINCIPAL_ID
- CurrentUserCanSee
- CurrentUserCanCreate
- CurrentUserCanModify
- PrincipalObj
- PrincipalId
- Label
- id
- Name
- SetName VALUE
- Description
- SetDescription VALUE
- Domain
- SetDomain VALUE
- Instance
- SetInstance VALUE
- Creator
- Created
- LastUpdatedBy
- LastUpdated
- URI
- CanonicalizeName NAME
NAME
RT::Group - RT's group object
SYNOPSIS
use RT::Group; my $group = RT::Group->new($CurrentUser);
DESCRIPTION
An RT group object.
METHODS
SelfDescription
Returns a user-readable description of what this group is for and what it's named.
Load ID
Load a group object from the database. Takes a single argument. If the argument is numerical, load by the column 'id'. Otherwise, complain and return.
LoadUserDefinedGroup NAME
Loads a system group from the database. The only argument is the group's name.
LoadACLEquivalenceGroup PRINCIPAL
Loads a user's ACL equivalence group. Takes a principal object or its ID. ACL equivalence groups are used to simplify the ACL system. Each user has one group that only he is a member of. Rights granted to the user are actually granted to that group. This greatly simplifies ACL checks. While this results in a somewhat more complex setup when creating users and granting ACLs, it _greatly_ simplifies ACL checks.
LoadSystemInternalGroup NAME
Loads a Pseudo group from the database. The only argument is the group's name.
LoadRoleGroup
Takes a paramhash of Object and Name and attempts to load the suitable role group for said object.
Create
You need to specify what sort of group you're creating by calling one of the other Create_____ routines.
_Create
Takes a paramhash with named arguments: Name, Description.
Returns a tuple of (Id, Message). If id is 0, the create failed
CreateUserDefinedGroup { Name => "name", Description => "Description"}
A helper subroutine which creates a system group
Returns a tuple of (Id, Message). If id is 0, the create failed
ValidateName VALUE
Enforces unique user defined group names when updating
_ValidateNameForDomain VALUE DOMAIN
Returns true if the group name isn't in use in the same domain, false otherwise.
_ValidateUserDefinedName VALUE
Returns true if the user defined group name isn't in use, false otherwise.
_CreateACLEquivalenceGroup { Principal }
A helper subroutine which creates a group containing only an individual user. This gets used by the ACL system to check rights. Yes, it denormalizes the data, but that's OK, as we totally win on performance.
Returns a tuple of (Id, Message). If id is 0, the create failed
CreateRoleGroup
A convenience method for creating a role group on an object.
This method expects to be called from inside of a database transaction! If you're calling it outside of one, you MUST pass a false value for InsideTransaction.
Takes a paramhash of:
- Name
-
Required. RT's core role types are
Requestor
,Cc
,AdminCc
, andOwner
. Extensions may add their own. - Object
-
Optional. The object on which this role applies, used to set Domain and Instance automatically.
- Domain
-
Optional. The class on which this role applies, with
-Role
appended. RT's supported core role group domains areRT::Ticket-Role
,RT::Queue-Role
, andRT::System-Role
.Not required if you pass an Object.
- Instance
-
Optional. The numeric ID of the object (of the class encoded in Domain) on which this role applies. If Domain is
RT::System-Role
, Instance should be1
.Not required if you pass an Object.
- InsideTransaction
-
Optional. Defaults to true in expectation of usual call sites. If you call this method while not inside a transaction, you
MUST
pass a false value for this parameter.
You must pass either an Object or both Domain and Instance.
Returns a tuple of (id, Message). If id is false, the create failed and Message should contain an error string.
ValidateRoleGroup
Takes a param hash containing Domain and Type which are expected to be values passed into "CreateRoleGroup". Returns true if the specified Type is a registered role on the specified Domain. Otherwise returns false.
SingleMemberRoleGroup
Delete
Delete this object
SetDisabled BOOL
If passed a positive value, this group will be disabled. No rights it commutes or grants will be honored. It will not appear in most group listings.
This routine finds all the cached group members that are members of this group (recursively) and disables them.
DeepMembersObj
Returns an RT::CachedGroupMembers object of this group's members, including all members of subgroups.
MembersObj
Returns an RT::GroupMembers object of this group's direct members.
GroupMembersObj [Recursively => 1]
Returns an RT::Groups object of this group's members. By default returns groups including all subgroups, but could be changed with Recursively
named argument.
Note that groups are not filtered by type and result may contain as well system groups and others.
UserMembersObj
Returns an RT::Users object of this group's members, by default returns users including all members of subgroups, but could be changed with Recursively
named argument.
MemberEmailAddresses
Returns an array of the email addresses of all of this group's members
MemberEmailAddressesAsString
Returns a comma delimited string of the email addresses of all users who are members of this group.
AddMember PRINCIPAL_ID
AddMember adds a principal to this group. It takes a single principal id. Returns a two value array. the first value is true on successful addition or 0 on failure. The second value is a textual status msg.
HasMember RT::Principal|id
Takes an RT::Principal object or its id returns a GroupMember Id if that user is a member of this group. Returns undef if the user isn't a member of the group or if the current user doesn't have permission to find out. Arguably, it should differentiate between ACL failure and non membership.
HasMemberRecursively RT::Principal|id
Takes an RT::Principal object or its id and returns true if that user is a member of this group. Returns undef if the user isn't a member of the group or if the current user doesn't have permission to find out. Arguably, it should differentiate between ACL failure and non membership.
DeleteMember PRINCIPAL_ID
Takes the principal id of a current user or group. If the current user has appropriate rights, removes that GroupMember from this group. Returns a two value array. the first value is true on successful addition or 0 on failure. The second value is a textual status msg.
Optionally takes a hash of key value flags, such as RecordTransaction.
CurrentUserCanSee
Unfortunately, for historical reasons, users have always been able to examine groups they have indirect access to, even if they do not have SeeGroup explicitly.
We do require "SeeGroup" to see transactions of current group.
CurrentUserCanCreate
Returns true if the current user can create a new group, using AdminGroup.
CurrentUserCanModify
Returns true if the current user can modify the group, using AdminGroup.
PrincipalObj
Returns the principal object for this user. returns an empty RT::Principal if there's no principal object matching this user. The response is cached. PrincipalObj should never ever change.
PrincipalId
Returns this user's PrincipalId
Label
Returns the group name suitable for displaying to end users. Override this instead of "Name", which is used internally.
id
Returns the current value of id. (In the database, id is stored as int(11).)
Name
Returns the current value of Name. (In the database, Name is stored as varchar(200).)
SetName VALUE
Set Name to VALUE. Returns (1, 'Status message') on success and (0, 'Error Message') on failure. (In the database, Name will be stored as a varchar(200).)
Description
Returns the current value of Description. (In the database, Description is stored as varchar(255).)
SetDescription VALUE
Set Description to VALUE. Returns (1, 'Status message') on success and (0, 'Error Message') on failure. (In the database, Description will be stored as a varchar(255).)
Domain
Returns the current value of Domain. (In the database, Domain is stored as varchar(64).)
SetDomain VALUE
Set Domain to VALUE. Returns (1, 'Status message') on success and (0, 'Error Message') on failure. (In the database, Domain will be stored as a varchar(64).)
Instance
Returns the current value of Instance. (In the database, Instance is stored as int(11).)
SetInstance VALUE
Set Instance to VALUE. Returns (1, 'Status message') on success and (0, 'Error Message') on failure. (In the database, Instance will be stored as a int(11).)
Creator
Returns the current value of Creator. (In the database, Creator is stored as int(11).)
Created
Returns the current value of Created. (In the database, Created is stored as datetime.)
LastUpdatedBy
Returns the current value of LastUpdatedBy. (In the database, LastUpdatedBy is stored as int(11).)
LastUpdated
Returns the current value of LastUpdated. (In the database, LastUpdated is stored as datetime.)
URI
Returns this group's URI
CanonicalizeName NAME
Strip leading/trailing spaces and returns the updated name.
← Back to index