Creating Group and giving Rights

JJussi · January 29, 2010, 11:15am

Hi to list,
(I’m not very good Perl programmer, so this question may be (too) simple)

I can create group easily:

my $group = new RT::Group($RT::SystemUser);
my $gid = $group->CreateUserDefinedGroup(
Name => $vars{nimi},
Description => $vars{kuvaus},
);

To give rights to that group I (try) to use:

my @gacl=(‘ShowTicket’,‘CreateTicket’,‘SeeQueue’,‘ReplyToTicket’);
my $principal = new RT::Principal($RT::SystemUser);
my $pid = $principal->Create(
PrincipalType => ‘Group’,
ObjectId => $gid,
Disabled => ‘0’,
);

foreach (@gacl)
{
$xxx->GrandRight( Right => $_, Object => $gid);
}

That $xxx is problem… I need Principal-Object there, but
CreateUserDefinedGroup returns GroupID. How I can get that Object?

JJussi

Hoogstraten_Ton · January 29, 2010, 2:32pm

JJussi,

If I look at the code quickly I’d say you need $principal there you
defined with RT::Principal. Please correct me if I’m wrong.

Cheers,

Ton-----Original Message-----
From: rt-users-bounces@lists.bestpractical.com
[mailto:rt-users-bounces@lists.bestpractical.com] On Behalf Of JJussi
Sent: Friday, January 29, 2010 12:16 PM
To: rt-users@lists.bestpractical.com
Subject: [rt-users] Creating Group and giving Rights.

Hi to list,
(I’m not very good Perl programmer, so this question may be (too)
simple)

I can create group easily:

my $group = new RT::Group($RT::SystemUser);
my $gid = $group->CreateUserDefinedGroup(
Name => $vars{nimi},
Description => $vars{kuvaus},
);

To give rights to that group I (try) to use:

my @gacl=(‘ShowTicket’,‘CreateTicket’,‘SeeQueue’,‘ReplyToTicket’);
my $principal = new RT::Principal($RT::SystemUser);
my $pid = $principal->Create(
PrincipalType => ‘Group’,
ObjectId => $gid,
Disabled => ‘0’,
);

foreach (@gacl)
{
$xxx->GrandRight( Right => $_, Object => $gid);
}

That $xxx is problem… I need Principal-Object there, but
CreateUserDefinedGroup returns GroupID. How I can get that Object?

JJussi
http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users

Community help: http://wiki.bestpractical.com
Commercial support: sales@bestpractical.com

2010 RT Training Sessions!
San Francisco, CA, USA - Feb 22 & 23
Dublin, Ireland - Mar 15 & 16
Boston, MA, USA - April 5 & 6
Washington DC, USA - Oct 25 & 26

Discover RT’s hidden secrets with RT Essentials from O’Reilly Media.
Buy a copy at http://rtbook.bestpractical.com

JJussi · January 30, 2010, 8:09pm

Hi list!

What, nowbody have any good answers. To how I, can give rights to just created
group…
And I thought that I’m poor programmer…On Friday, 29. Januaryta 2010 13:15:37 JJussi wrote:

Hi to list,
(I’m not very good Perl programmer, so this question may be (too) simple)

I can create group easily:

my $group = new RT::Group($RT::SystemUser);
my $gid = $group->CreateUserDefinedGroup(
Name => $vars{nimi},
Description => $vars{kuvaus},
);

To give rights to that group I (try) to use:

my @gacl=(‘ShowTicket’,‘CreateTicket’,‘SeeQueue’,‘ReplyToTicket’);
my $principal = new RT::Principal($RT::SystemUser);
my $pid = $principal->Create(
PrincipalType => ‘Group’,
ObjectId => $gid,
Disabled => ‘0’,
);

foreach (@gacl)
{
$xxx->GrandRight( Right => $_, Object => $gid);
}

That $xxx is problem… I need Principal-Object there, but
CreateUserDefinedGroup returns GroupID. How I can get that Object?

JJussi

Jarno_Huuskonen · February 1, 2010, 6:31am

Hi,> On Friday, 29. January 2010 13:15:37 JJussi wrote:

Hi to list,
(I’m not very good Perl programmer, so this question may be (too) simple)

I can create group easily:

my $group = new RT::Group($RT::SystemUser);
my $gid = $group->CreateUserDefinedGroup(
Name => $vars{nimi},
Description => $vars{kuvaus},
);

To give rights to that group I (try) to use:

my @gacl=(‘ShowTicket’,‘CreateTicket’,‘SeeQueue’,‘ReplyToTicket’);
my $principal = new RT::Principal($RT::SystemUser);
my $pid = $principal->Create(
PrincipalType => ‘Group’,
ObjectId => $gid,
Disabled => ‘0’,
);

foreach (@gacl)
{
$xxx->GrandRight( Right => $_, Object => $gid);
}

That $xxx is problem… I need Principal-Object there, but
CreateUserDefinedGroup returns GroupID. How I can get that Object?

What are you trying to achieve ? Are you trying to give the new group
permissions to some queueu ?

Something like this works for me:

my $queue = RT::Queue->new($RT::SystemUser);
$queue->Load($queuename);

foreach my $tmp_right (@group_rights) {
my ($status, $msg) = $group->PrincipalObj->GrantRight(
Right => $tmp_right,
Object => $queue);

}

Jarno Huuskonen

JJussi · February 1, 2010, 8:08am

Hi,

Hi to list,
(I’m not very good Perl programmer, so this question may be (too) simple)

I can create group easily:

my $group = new RT::Group($RT::SystemUser);
my $gid = $group->CreateUserDefinedGroup(
Name => $vars{nimi},
Description => $vars{kuvaus},
);

To give rights to that group I (try) to use:

my @gacl=(‘ShowTicket’,‘CreateTicket’,‘SeeQueue’,‘ReplyToTicket’);
my $principal = new RT::Principal($RT::SystemUser);
my $pid = $principal->Create(
PrincipalType => ‘Group’,
ObjectId => $gid,
Disabled => ‘0’,
);

foreach (@gacl)
{
$xxx->GrandRight( Right => $_, Object => $gid);
}

That $xxx is problem… I need Principal-Object there, but
CreateUserDefinedGroup returns GroupID. How I can get that Object?

What are you trying to achieve ? Are you trying to give the new group
permissions to some queueu ?

Situation, where queue have group-rights.
So, at ACL -table we get one line per every right…
*principaltype = “Group”
*principalid = Groups-id
*rightname = … ReplyToTicket
*objecttype = “RT:Queue”
*objectid = …

Something like this works for me:

my $queue = RT::Queue->new($RT::SystemUser);
$queue->Load($queuename);

foreach my $tmp_right (@group_rights) {
my ($status, $msg) = $group->PrincipalObj->GrantRight(
Right => $tmp_right,
Object => $queue);

}

This didn’t work… What ever I try to do, I get: RT::Principal::GrandRight
Unimplemented in main.

JJussi

Kenn_Crocker · February 1, 2010, 4:33pm

JJussi,

I use the WebUI. It’s waaaaaaaay easier. The programming is already
done, so why re-create the same wheel?

Kenn
LBNLOn 1/30/2010 12:09 PM, JJussi wrote:

Hi list!

What, nowbody have any good answers. To how I, can give rights to just created
group…
And I thought that I’m poor programmer…

On Friday, 29. Januaryta 2010 13:15:37 JJussi wrote:

Hi to list,
(I’m not very good Perl programmer, so this question may be (too) simple)

I can create group easily:

my $group = new RT::Group($RT::SystemUser);
my $gid = $group->CreateUserDefinedGroup(
Name => $vars{nimi},
Description => $vars{kuvaus},
);

To give rights to that group I (try) to use:

my @gacl=(‘ShowTicket’,‘CreateTicket’,‘SeeQueue’,‘ReplyToTicket’);
my $principal = new RT::Principal($RT::SystemUser);
my $pid = $principal->Create(
PrincipalType => ‘Group’,
ObjectId => $gid,
Disabled => ‘0’,
);

foreach (@gacl)
{
$xxx->GrandRight( Right => $_, Object => $gid);
}

That $xxx is problem… I need Principal-Object there, but
CreateUserDefinedGroup returns GroupID. How I can get that Object?

Jarno_Huuskonen · February 1, 2010, 5:42pm

Something like this works for me:

my $queue = RT::Queue->new($RT::SystemUser);
$queue->Load($queuename);

foreach my $tmp_right (@group_rights) {
my ($status, $msg) = $group->PrincipalObj->GrantRight(
Right => $tmp_right,
Object => $queue);

}

This didn’t work… What ever I try to do, I get: RT::Principal::GrandRight
Unimplemented in main.

Have you tried getting the $group with something like this:

my $group = RT::Group->new($RT::SystemUser);
$group->LoadUserDefinedGroup($groupname);
if (! $group->id) {
die qq([ERROR] group “$groupname” not found\n);
}

BTW I’ve created groups with this:
my $newgrp = RT::Group->new($RT::SystemUser);
my ($status, $msg) = $newgrp->_Create( Name => $groupname,
Description => ‘description here’,
Domain => ‘UserDefined’,
Type => ‘’, Instance => 0, );

-Jarno

Jarno Huuskonen

Joop · February 1, 2010, 5:44pm

Ken Crocker wrote:

JJussi,

I use the WebUI. It’s waaaaaaaay easier. The programming is already
done, so why re-create the same wheel?
Well, ever tried to change a couple of hundred users and/or groups that
way

I wrote a script which sets rights on groups/queues/global. Will try to
dig it up and post to the wiki, even its a bit rough.

Regards,

Joop

JJussi · February 2, 2010, 8:39am

Hi!
Is there somewhere document what would tell what are correlations between
database tables and information there?
f.ex. Principals vs. ACL. Both have PrincipalType and PrincipalId (ACL have
PrincipalId and Principals have id/ObjectId).
Or do I need to read thru all source codes and collect information from
there…

Because reading source codes, I notice that some functions what I need (to
change or extract information) are missing.On Monday, 1. Februaryta 2010 19:44:55 Joop van de Wege wrote:

Ken Crocker wrote:

JJussi,

I use the WebUI. It’s waaaaaaaay easier. The programming is already
done, so why re-create the same wheel?

Well, ever tried to change a couple of hundred users and/or groups that
way

I wrote a script which sets rights on groups/queues/global. Will try to
dig it up and post to the wiki, even its a bit rough.

Regards,

Joop

JJussi

Dominic_Hargreaves · February 2, 2010, 8:48am

Because reading source codes, I notice that some functions what I need (to
change or extract information) are missing.

One stumbling block is that most of the useful methods for the Foo object
are all in files named Foo_Overlay.pm; Foo.pm contains (approximately)
just the stub code generated by DBIx::SearchBuilder describing the
schema.

Dominic Hargreaves, Systems Development and Support Team
Computing Services, University of Oxford

signature.asc (197 Bytes)

Kenn_Crocker · February 2, 2010, 3:07pm

JJussi,

You’re talking about documentation that explains the relationship
between data and function. I haven’t seen it. I’ve had to develop my own
info on that based on what I assume. Not good enough to send out. Sorry.

Kenn
LBNLOn 2/2/2010 12:39 AM, JJussi wrote:

Hi!
Is there somewhere document what would tell what are correlations between
database tables and information there?
f.ex. Principals vs. ACL. Both have PrincipalType and PrincipalId (ACL have
PrincipalId and Principals have id/ObjectId).
Or do I need to read thru all source codes and collect information from
there…

Because reading source codes, I notice that some functions what I need (to
change or extract information) are missing.

On Monday, 1. Februaryta 2010 19:44:55 Joop van de Wege wrote:

Ken Crocker wrote:

JJussi,

I use the WebUI. It’s waaaaaaaay easier. The programming is already
done, so why re-create the same wheel?

Well, ever tried to change a couple of hundred users and/or groups that
way

I wrote a script which sets rights on groups/queues/global. Will try to
dig it up and post to the wiki, even its a bit rough.

Regards,

Joop

Gary_Hall · February 3, 2010, 7:28pm

JJussi,

In the RT Essentials book, there’s a Logical Model diagram on p. 120
that shows
the relationships between the objects (and, hence, the DB tables) that
comprise
RT.

Gary Hall