Assign Global Rights to Group?

RT Users
1

We find that the best way for us to manage user rights is to create a number
of groups, assign global rights to the groups, and then assign users to the
appropriate group.

I’m trying to work out how to assign global rights to a group via a Perl
script, but I’m not having much luck. A simple case might look something
like this, I think:

#!/usr/bin/perl

use strict;
use warnings;

use lib “/usr/share/request-tracker4/lib”;

use RT;

RT::LoadConfig();
RT::Init();

use RT::Group;
use RT::User;
use RT::Principal;

my ($group, $status, $msg);

$group = RT::Group->new( $RT::SystemUser );
$group->LoadUserDefinedGroup( “Group2” );
die “couldn’t load group” unless $group->id;
print("SelfDescription : " . $group->SelfDescription() . “\n”);

$group->GrantRight(Object => , Right => “CreateTicket”);

This works up to and including the print. So the problem, of course, is
that the GrantRight call is obviously incomplete. I haven’t figured out
what the Object should be. And maybe there is some additional work to set
it up. Suggestions on where to get started to understand this?

Ken

2

We find that the best way for us to manage user rights is to create a number
of groups, assign global rights to the groups, and then assign users to the
appropriate group.

I’m trying to work out how to assign global rights to a group via a Perl
script, but I’m not having much luck. A simple case might look something
like this, I think:

$group = RT::Group->new( $RT::SystemUser );
$group->LoadUserDefinedGroup( “Group2” );
die “couldn’t load group” unless $group->id;
print("SelfDescription : " . $group->SelfDescription() . “\n”);

$group->GrantRight(Object => , Right => “CreateTicket”);

This works up to and including the print. So the problem, of course, is
that the GrantRight call is obviously incomplete. I haven’t figured out
what the Object should be.

use:

$group->PrincipalObj->GrantRight(Object => $RT::System, Right => “CreateTicket”);

Easter-eggs Sp�cialiste GNU/Linux
44-46 rue de l’Ouest - 75014 Paris - France - M�tro Gait�
Phone: +33 (0) 1 43 35 00 37 - Fax: +33 (0) 1 43 35 00 76
mailto:elacour@easter-eggs.com - http://www.easter-eggs.com

3

We find that the best way for us to manage user rights is to create a
number of groups, assign global rights to the groups, and then assign
users to the appropriate group.

I’m trying to work out how to assign global rights to a group via a
Perl script, but I’m not having much luck. A simple case might look
something like this, I think:

$group = RT::Group->new( $RT::SystemUser );
$group->LoadUserDefinedGroup( “Group2” ); die “couldn’t load group”
unless $group->id; print("SelfDescription : " .
$group->SelfDescription() . “\n”);

$group->GrantRight(Object => , Right => “CreateTicket”);

This works up to and including the print. So the problem, of course,
is that the GrantRight call is obviously incomplete. I haven’t
figured out what the Object should be.

Emmanuel Lacour wrote:

use:

$group->PrincipalObj->GrantRight(Object => $RT::System, Right =>
“CreateTicket”);

Thanks! So this works for me:

#!/usr/bin/perl

RT perl script

use strict;
use warnings;

use lib “/usr/share/request-tracker4/lib”;

use RT;

RT::LoadConfig();
RT::Init();

The command line looks like this:

./grantRightToGroup.pl --rightname=CreateTicket --groupname=bedrock

use RT::Group;
use Getopt::Long;
use RT::Principal;
use RT::System;

my ($rightname, $groupname, $group);
my ($status, $msg);

GetOptions (
“rightname=s” => $rightname,
“groupname=s” => $groupname
);

Load user defined(public) group

$group = RT::Group->new( $RT::SystemUser );
$group->LoadUserDefinedGroup( $groupname );
die “couldn’t load group” unless $group->id;

Grant a right to a group

($status, $msg) = $group->PrincipalObj->GrantRight(Object => $RT::System,
Right => $rightname);
die “problem $msg” unless $status;

Ken Johnson