andre/scripts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9a4d4c549bd20d5982c6eb7c172df93342d11ba1
scripts/Perl OTRS/Kernel/System/ITSMConfigItem/Permission.pm
Andre Geißler 1462d52e13 init III
2024-10-14 00:08:40 +02:00

148 lines
4.2 KiB
Perl
Raw Blame History

# --
# Copyright (C) 2001-2019 OTRS AG, https://otrs.com/
# --
# This software comes with ABSOLUTELY NO WARRANTY. For details, see
# the enclosed file COPYING for license information (GPL). If you
# did not receive this file, see https://www.gnu.org/licenses/gpl-3.0.txt.
# --
package Kernel::System::ITSMConfigItem::Permission;
use strict;
use warnings;
our $ObjectManagerDisabled = 1;
=head1 NAME
Kernel::System::ITSMConfigItem::Permission - module for ITSMConfigItem.pm with Permission functions
=head1 DESCRIPTION
All Permission functions.
=head1 PUBLIC INTERFACE
=head2 Permission()
returns whether the user has permissions or not
my $Access = $ConfigItemObject->Permission(
Type => 'ro',
Scope => 'Class', # Class || Item
ClassID => 123, # if Scope is 'Class'
ItemID => 123, # if Scope is 'Item'
UserID => 123,
);
or without logging, for example for to check if a link/action should be shown
my $Access = $ConfigItemObject->Permission(
Type => 'ro',
Scope => 'Class', # Class || Item
ClassID => 123, # if Scope is 'Class'
ItemID => 123, # if Scope is 'Item'
LogNo => 1,
UserID => 123,
);
=cut
sub Permission {
my ( $Self, %Param ) = @_;
# check needed stuff
for my $Needed (qw(Type Scope UserID)) {
if ( !$Param{$Needed} ) {
$Kernel::OM->Get('Kernel::System::Log')->Log(
Priority => 'error',
Message => "Need $Needed!",
);
return;
}
}
# check for existence of ItemID or ClassID dependent
# on the Scope
if (
( $Param{Scope} eq 'Class' && !$Param{ClassID} )
|| ( $Param{Scope} eq 'Item' && !$Param{ItemID} )
)
{
$Kernel::OM->Get('Kernel::System::Log')->Log(
Priority => 'error',
Message => "Need ClassID if Scope is 'Class' or ItemID if Scope is 'Item'!",
);
return;
}
# run all ITSMConfigItem Permission modules
if (
ref $Kernel::OM->Get('Kernel::Config')->Get( 'ITSMConfigItem::Permission::' . $Param{Scope} ) eq 'HASH'
)
{
my %Modules = %{
$Kernel::OM->Get('Kernel::Config')->Get( 'ITSMConfigItem::Permission::' . $Param{Scope} )
};
MODULE:
for my $Module ( sort keys %Modules ) {
# load module
next MODULE
if !$Kernel::OM->Get('Kernel::System::Main')->Require( $Modules{$Module}->{Module} );
# create object
my $ModuleObject = $Modules{$Module}->{Module}->new();
# execute Run()
my $AccessOk = $ModuleObject->Run(%Param);
# check granted option (should I say ok)
if ( $AccessOk && $Modules{$Module}->{Granted} ) {
# access ok
return 1;
}
# return because access is false but it's required
if ( !$AccessOk && $Modules{$Module}->{Required} ) {
if ( !$Param{LogNo} ) {
$Kernel::OM->Get('Kernel::System::Log')->Log(
Priority => 'notice',
Message => "Permission denied because module "
. "($Modules{$Module}->{Module}) is required "
. "(UserID: $Param{UserID} '$Param{Type}' "
. "on $Param{Scope}: " . $Param{ $Param{Scope} . 'ID' } . ")!",
);
}
# access not ok
return;
}
}
}
# don't grant access
if ( !$Param{LogNo} ) {
$Kernel::OM->Get('Kernel::System::Log')->Log(
Priority => 'notice',
Message => "Permission denied (UserID: $Param{UserID} '$Param{Type}' "
. "on $Param{Scope}: " . $Param{ $Param{Scope} . 'ID' } . ")!",
);
}
return;
}
1;
=head1 TERMS AND CONDITIONS
This software is part of the OTRS project (L<https://otrs.org/>).
This software comes with ABSOLUTELY NO WARRANTY. For details, see
the enclosed file COPYING for license information (GPL). If you
did not receive this file, see L<https://www.gnu.org/licenses/gpl-3.0.txt>.
=cut
Reference in New Issue View Git Blame Copy Permalink