ACL#

NAME#

Kernel::System::ACL::DB::ACL

DESCRIPTION#

ACL DB ACL backend

PUBLIC INTERFACE#

new()#

create a ACL object. Do not use it directly, instead use:

my $ACLObject = $Kernel::OM->Get('Kernel::System::ACL::DB::ACL');

ACLAdd()#

add new ACL

returns the id of the created ACL if success or undef otherwise

my $ID = $ACL->ACLAdd(
    Name           => 'NameOfACL',          # mandatory
    Comment        => 'Comment',            # optional
    Description    => 'Description',        # optional
    StopAfterMatch => 1,                    # optional
    ConfigMatch    => $ConfigMatchHashRef,  # optional
    ConfigChange   => $ConfigChangeHashRef, # optional
    ValidID        => 1,                    # mandatory
    UserID         => 123,                  # mandatory
);

Returns:

$ID = 567;

ACLDelete()#

delete an ACL

returns 1 if success or undef otherwise

my $Success = $ACLObject->ACLDelete(
    ID      => 123,
    UserID  => 123,
);

ACLGet()#

get ACL attributes

my $ACL = $ACLObject->ACLGet(
    ID              => 123,          # ID or name is needed
    Name            => 'ACL1',
    UserID          => 123,          # mandatory
);

Returns:

$ACL = {
    ID             => 123,
    Name           => 'some name',
    Comment        => 'Comment',
    Description    => 'Description',
    StopAfterMatch => 1,
    ConfigMatch    => $ConfigMatchHashRef,
    ConfigChange   => $ConfigChangeHashRef,
    ValidID        => 1,
    CreateTime     => '2012-07-04 15:08:00',
    ChangeTime     => '2012-07-04 15:08:00',
    CreateBy       => 'user_login',
    ChangeBy       => 'user_login',
};

ACLUpdate()#

update ACL attributes

returns 1 if success or undef otherwise

my $Success = $ACLObject->ACLUpdate(
    ID             => 123,                  # mandatory
    Name           => 'NameOfACL',          # mandatory
    Comment        => 'Comment',            # optional
    Description    => 'Description',        # optional
    StopAfterMatch => 1,                    # optional
    ValidID        => 'ValidID',            # mandatory
    ConfigMatch    => $ConfigMatchHashRef,  # optional
    ConfigChange   => $ConfigChangeHashRef, # optional
    UserID         => 123,                  # mandatory
);

ACLList()#

get an ACL list

my $List = $ACLObject->ACLList(
    ValidIDs        => ['1','2'],           # optional, to filter ACLs that match listed valid IDs
    UserID          => 1,
);

Returns:

$List = {
    1 => 'NameOfACL',
}

ACLListGet()#

get an ACL list with all ACL details

my $List = $ACLObject->ACLListGet(
    UserID   => 1,
    ValidIDs => ['1','2'], # optional, to filter ACLs that match listed valid IDs
);

Returns:

$List = [
    {
        ID            => 123,
        Name          => 'some name',
        Comment       => 'Comment',
        Description   => 'Description',
        ValidID       => 1,
        ConfigMatch   => $ConfigMatchHashRef,
        ConfigChange  => $ConfigChangeHashRef,
        CreateTime    => '2012-07-04 15:08:00',
        ChangeTime    => '2012-07-04 15:08:00',
    },
    {
        ID            => 123,
        Name          => 'some name',
        Comment       => 'Comment',
        Description   => 'Description',
        ValidID       => 1,
        ConfigMatch   => $ConfigMatchHashRef,
        ConfigChange  => $ConfigChangeHashRef,
        CreateTime    => '2012-07-04 15:08:00',
        ChangeTime    => '2012-07-04 15:08:00',
    },
];

ACLsNeedSync()#

Check if there are ACLs that are not yet deployed

my $SyncCount = $ACLObject->ACLsNeedSync();

Returns:

$SyncCount = 0 || Number of ALCs that need to be synced

ACLsNeedSyncReset()#

Reset synchronization information for ACLs.

ACLDump()#

gets a complete ACL information dump from the DB

my $ACLDump = $ACLObject->ACLDump(
    ResultType  => 'SCALAR'                     # 'SCALAR' || 'HASH' || 'FILE'
    Location    => '/opt/znuny/var/myfile.txt'   # mandatory for ResultType = 'FILE'
    UserID      => 1,
);
Returns:

$ACLDump = ‘/opt/znuny/var/myfile.txt’; # or undef if can’t write the file

ACLImport()#

import an ACL YAML file/content

my $ACLImport = $ACLObject->ACLImport(
    Content                   => $YAMLContent, # mandatory, YAML format
    OverwriteExistingEntities => 0,            # 0 || 1
    UserID                    => 1,            # mandatory
);

Returns:

$ACLImport = {
    Success      => 1,                         # 1 if success or undef if operation could not
                                               #    be performed
    Message     => 'The Message to show.',     # error message
    AddedACLs   => 'ACL1, ACL2',               # list of ACLs correctly added
    UpdatedACLs => 'ACL3, ACL4',               # list of ACLs correctly updated
    ACLErrors   => 'ACL5',                     # list of ACLs that could not be added or updated
};

_ACLItemOutput()#

converts an ACL structure to perl code suitable to be saved on a perl file.

my $Output = $ACLObject->_ACLItemOutput (
    Key => 'some ACL name',
    Value => {
        Properties => {
            Ticket => {
                Priority => [ 'some priority' ],
                Queue    => [ 'some queue' ],
            },
        },
        PropertiesDatabase => { },                      # similar to Properties or empty hash ref
        Possible => {
            Ticket => {
            Queue => [ 'some other queue' ],
        },
        PossibleNot => { },                             # similar to Possible or empty hash ref
        PossibleAdd => { },                             # similar to Possible or empty hash ref
        StopAfterMatch => 0,                            # 0 or 1
    },
    Comment    => 'some comment',
    CreateTime => '2014-06-03 19:03:57',
    ChangeTime => '2014-06-03 19:51:17',
    CreateBy   => 'some user login',
    ChangeBy   => 'some user login',
);

returns:

$Output = '
    # Created: 2014-06-03 19:03:57 (some user login)
    # Changed: 2014-06-03 19:51:17 (some user login)
    # Comment: some comment
    $Self->{TicketAcl}->{"100-Example-ACL"} = {
      \\'Possible\\' => {
        \\'Ticket\\' => {
          \\'Queue\\' => [
            \\'some other queue\\'
          ]
        }
      },
      \\'PossibleAdd\\' => {},
      \\'PossibleNot\\' => {},
      \\'Properties\\' => {
        \\'Ticket\\' => {
          \\'Priority\\' => [
            \\'some priority\\'
          ],
          \\'Queue\\' => [
            \\'some queue\\'
          ]
        }
      },
      \\'PropertiesDatabase\\' => {},
      \\'StopAfterMatch\\' => 0
    };
    ';

_ACLMigrateFrom33()#

Updates ACLs structure my changing the Possible->Action hash ref to a PossibleNot->Action array ref with just the elements that where set to 0 in the original ACL:

my $ACL = $ACLObject->_ACLMigrateFrom33 (
    $ACL => {
        ID          => 123,
        Name        => 'some name',
        Description => '',
        Comment     => 'Comment',
        ConfigMatch => {
            Properties' => {},
        },
        ConfigChange => {
            Possible => {}
                Action => {
                    AgentTicketPhone   => 1,
                    AgentTicketPrint   => 0,
                    AgentTicketZoom    => 1,
                    AgentTicketCLose   => 0,
                    AgentTicketCompose => 0,
                },
            },
            PossibleNot => {},
        },
        StopAfterMatch => 1,
        ValidID        => 1,
        CreateTime     => '2013-09-20 11:56:05',
        CreateBy       => 'root@localhost',
        ChangeTime     => '2014-06-16 11:31:55',
        ChangeBy       => 'root@localhost',
    };
    UserID => 123,
)

Returns:

$ACL = {
    ID          => 123,
    Name        => 'some name',
    Description => '',
    Comment     => 'Comment',
    ConfigMatch => {
        Properties' => {},
    },
    ConfigChange => {
        Possible => {},
        PossibleNot => {
            Action => [
                'AgentTicketCLose',
                'AgentTicketCompose',
                'AgentTicketPrint'
            ],
        },
    }
    StopAfterMatch => 1,
    ValidID        => 1,
    CreateBy       => 'root@localhost',
    CreateTime     => '2013-09-20 11:56:05',
    ChangeTime     => '2014-06-16 11:31:55',
    ChangeBy       => 'root@localhost',
};