Our company policies require that a customer cannot see other customers
besides those who shares access to same queues he can watch.
Yet, users working for same company must be able to see tickets created
by other employes of that company. The only way to achieve such
functionality is to make them ‘privileged’ users. As a downside of such
approach we have a situation where any user searching for a ticket can
see all other customers in ‘Owner is’ criteria drop-down list.
To make things a little more complicated, some users can have access to
more than one queue.
I have found a proper way of fixing this situation by restricting the
drop-down list to only those users who has ‘OwnTicket’ right in queues
accessible for CurrentUser. It works perfectly o.k. from the point of
view of ultimate result: only valid accounts are displayed.
But the code is way too slow be considered acceptable: it takes 10-18
seconds to build the final list from approx. 30 queues and 80 users! Who
would ever want waiting so long every time a ticket search requested? Heh…
The code I've tried is shown below (never mind the naming conventions -
this is for testing only). As one can see, two different fetching
techniques were tried giving the same timing.
The ultimate question is: can it be made faster?
=== cut ===
<%init>
my @users;
my $stime = time;
my $ql = RT::Queues->new($session{'CurrentUser'});
$ql->LimitToEnabled;
my @ql;
while (my $q = $ql->Next) {
push @ql, $q;
}
my %uall;
foreach my $q (@ql) {
print STDERR "Queue: ", $q->Name, "\n";
my $ul = RT::Users->new($session{'CurrentUser'});
$ul->WhoHaveRight(Object => $q, Right => 'OwnTicket',
IncludeSuperusers => 1,
IncludeSubgroupMembers => 1,
);
if (0) {
my @qul = @{$ul->ItemsArrayRef};
@uall{map {$_->Name} @qul} = @qul;
} else {
while (my $u = $ul->Next) {
$uall{$u->Name} = $u;
}
}
}
@users = map {$uall{$_}} sort keys %uall;
my $etime = time;
print STDERR "4: ", $etime - $stime, "\n";
</%init>
=== cut ===
/Vadim Belman