init III
This commit is contained in:
@@ -0,0 +1,107 @@
|
||||
# --
|
||||
# Copyright (C) 2001-2019 OTRS AG, https://otrs.com/
|
||||
# --
|
||||
# This software comes with ABSOLUTELY NO WARRANTY. For details, see
|
||||
# the enclosed file COPYING for license information (GPL). If you
|
||||
# did not receive this file, see https://www.gnu.org/licenses/gpl-3.0.txt.
|
||||
# --
|
||||
|
||||
package Kernel::System::ITSMChange::ITSMWorkOrder::Permission::ChangeManagerCheck;
|
||||
|
||||
use strict;
|
||||
use warnings;
|
||||
|
||||
our @ObjectDependencies = (
|
||||
'Kernel::System::Group',
|
||||
'Kernel::System::Log',
|
||||
);
|
||||
|
||||
=head1 NAME
|
||||
|
||||
Kernel::System::ITSMChange::ITSMWorkOrder::Permission::ChangeManagerCheck - change manager based permission check
|
||||
|
||||
=head1 PUBLIC INTERFACE
|
||||
|
||||
=head2 new()
|
||||
|
||||
Create an object.
|
||||
|
||||
use Kernel::System::ObjectManager;
|
||||
local $Kernel::OM = Kernel::System::ObjectManager->new();
|
||||
my $CheckObject = $Kernel::OM->Get('Kernel::System::ITSMChange::ITSMWorkOrder::Permission::ChangeManagerCheck');
|
||||
|
||||
=cut
|
||||
|
||||
sub new {
|
||||
my ( $Type, %Param ) = @_;
|
||||
|
||||
# allocate new hash for object
|
||||
my $Self = {};
|
||||
bless( $Self, $Type );
|
||||
|
||||
return $Self;
|
||||
}
|
||||
|
||||
=head2 Run()
|
||||
|
||||
This method does the check. C<ro> and C<rw> access is granted
|
||||
when the agent has the C<priv> in the 'itsm-change-manager' group.
|
||||
|
||||
my $HasAccess = $CheckObject->Run(
|
||||
UserID => 123,
|
||||
Type => 'rw', # 'ro' or 'rw'
|
||||
WorkOrderID => 4444,
|
||||
);
|
||||
|
||||
=cut
|
||||
|
||||
sub Run {
|
||||
my ( $Self, %Param ) = @_;
|
||||
|
||||
# check needed stuff
|
||||
for my $Argument (qw(UserID Type WorkOrderID)) {
|
||||
if ( !$Param{$Argument} ) {
|
||||
$Kernel::OM->Get('Kernel::System::Log')->Log(
|
||||
Priority => 'error',
|
||||
Message => "Need $Argument!",
|
||||
);
|
||||
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
# the check is based upon the change manager
|
||||
my $GroupID = $Kernel::OM->Get('Kernel::System::Group')->GroupLookup(
|
||||
Group => 'itsm-change-manager',
|
||||
);
|
||||
|
||||
# deny access, when the group is not found
|
||||
return if !$GroupID;
|
||||
|
||||
# get user groups, where the user has the appropriate privilege
|
||||
my %Groups = $Kernel::OM->Get('Kernel::System::Group')->GroupMemberList(
|
||||
UserID => $Param{UserID},
|
||||
Type => $Param{Type},
|
||||
Result => 'HASH',
|
||||
);
|
||||
|
||||
# allow ro and rw access if the agent is a change manager
|
||||
return 1 if $Groups{$GroupID};
|
||||
|
||||
# no need to check if the agent is the actual manager of the change of the workorder
|
||||
|
||||
# deny access otherwise
|
||||
return;
|
||||
}
|
||||
|
||||
=head1 TERMS AND CONDITIONS
|
||||
|
||||
This software is part of the OTRS project (L<https://otrs.org/>).
|
||||
|
||||
This software comes with ABSOLUTELY NO WARRANTY. For details, see
|
||||
the enclosed file COPYING for license information (GPL). If you
|
||||
did not receive this file, see L<https://www.gnu.org/licenses/gpl-3.0.txt>.
|
||||
|
||||
=cut
|
||||
|
||||
1;
|
||||
Reference in New Issue
Block a user