105 lines
2.4 KiB
Perl
105 lines
2.4 KiB
Perl
# --
|
|
# Copyright (C) 2001-2019 OTRS AG, https://otrs.com/
|
|
# --
|
|
# This software comes with ABSOLUTELY NO WARRANTY. For details, see
|
|
# the enclosed file COPYING for license information (GPL). If you
|
|
# did not receive this file, see https://www.gnu.org/licenses/gpl-3.0.txt.
|
|
# --
|
|
|
|
package Kernel::System::ITSMConfigItem::Permission::ClassGroupCheck;
|
|
|
|
use strict;
|
|
use warnings;
|
|
|
|
our @ObjectDependencies = (
|
|
'Kernel::System::GeneralCatalog',
|
|
'Kernel::System::Group',
|
|
'Kernel::System::Log',
|
|
);
|
|
|
|
=head1 NAME
|
|
|
|
Kernel::System::ITSMConfigItem::Permission::ClassGroupCheck - check if a user belongs to a group
|
|
|
|
=head1 PUBLIC INTERFACE
|
|
|
|
=head2 new()
|
|
|
|
create an object
|
|
|
|
use Kernel::System::ObjectManager;
|
|
local $Kernel::OM = Kernel::System::ObjectManager->new();
|
|
my $CheckObject = $Kernel::OM->Get('Kernel::System::ITSMConfigItem::Permission::ClassGroupCheck');
|
|
|
|
=cut
|
|
|
|
sub new {
|
|
my ( $Type, %Param ) = @_;
|
|
|
|
# allocate new hash for object
|
|
my $Self = {};
|
|
bless( $Self, $Type );
|
|
|
|
return $Self;
|
|
}
|
|
|
|
=head2 Run()
|
|
|
|
this method does the check if the use belongs to a given group
|
|
|
|
my $HasAccess = $CheckObject->Run(
|
|
UserID => 123,
|
|
Type => 'ro',
|
|
ClassID => 'ITSM::ConfigItem::Class::Computer',
|
|
);
|
|
|
|
=cut
|
|
|
|
sub Run {
|
|
my ( $Self, %Param ) = @_;
|
|
|
|
# check needed stuff
|
|
for my $Needed (qw(UserID Type ClassID)) {
|
|
if ( !$Param{$Needed} ) {
|
|
$Kernel::OM->Get('Kernel::System::Log')->Log(
|
|
Priority => 'error',
|
|
Message => "Need $Needed!",
|
|
);
|
|
return;
|
|
}
|
|
}
|
|
|
|
# get Class data
|
|
my $ClassItem = $Kernel::OM->Get('Kernel::System::GeneralCatalog')->ItemGet(
|
|
ItemID => $Param{ClassID},
|
|
);
|
|
|
|
# get user groups
|
|
my @GroupIDs = $Kernel::OM->Get('Kernel::System::Group')->GroupMemberList(
|
|
UserID => $Param{UserID},
|
|
Type => $Param{Type},
|
|
Result => 'ID',
|
|
Cached => 1,
|
|
);
|
|
|
|
# looking for group id, return access if user is in group
|
|
for my $GroupID (@GroupIDs) {
|
|
return 1 if $ClassItem->{Permission} && $GroupID eq $ClassItem->{Permission};
|
|
}
|
|
|
|
# return no access
|
|
return;
|
|
}
|
|
|
|
1;
|
|
|
|
=head1 TERMS AND CONDITIONS
|
|
|
|
This Software is part of the OTRS project (L<http://otrs.org/>).
|
|
|
|
This software comes with ABSOLUTELY NO WARRANTY. For details, see
|
|
the enclosed file COPYING for license information (GPL). If you
|
|
did not receive this file, see L<https://www.gnu.org/licenses/gpl-3.0.txt>.
|
|
|
|
=cut
|