Group#
NAME#
Kernel::System::Group - group and roles lib
DESCRIPTION#
All group and roles functions. E. g. to add groups or to get a member list of a group.
PUBLIC INTERFACE#
new()#
Don’t use the constructor directly, use the ObjectManager instead:
my $GroupObject = $Kernel::OM->Get('Kernel::System::Group');
GroupLookup()#
get id or name for group
my $Group = $GroupObject->GroupLookup(
GroupID => $GroupID,
);
my $GroupID = $GroupObject->GroupLookup(
Group => $Group,
);
GroupAdd()#
to add a group
my $ID = $GroupObject->GroupAdd(
Name => 'example-group',
Comment => 'comment describing the group', # optional
ValidID => 1,
UserID => 123,
);
GroupGet()#
returns a hash with group data
my %GroupData = $GroupObject->GroupGet(
ID => 2,
);
This returns something like:
%GroupData = (
'Name' => 'admin',
'ID' => 2,
'ValidID' => '1',
'CreateTime' => '2010-04-07 15:41:15',
'ChangeTime' => '2010-04-07 15:41:15',
'Comment' => 'Group of all administrators.',
);
GroupUpdate()#
update of a group
my $Success = $GroupObject->GroupUpdate(
ID => 123,
Name => 'example-group',
Comment => 'comment describing the group', # optional
ValidID => 1,
UserID => 123,
);
GroupList()#
returns a hash of all groups
my %Groups = $GroupObject->GroupList(
Valid => 1, # (optional) default 0
);
the result looks like
%Groups = (
'1' => 'users',
'2' => 'admin',
'3' => 'stats',
'4' => 'secret',
);
GroupDataList()#
returns a hash of all group data
my %GroupDataList = $GroupObject->GroupDataList();
the result looks like
%GroupDataList = (
1 => {
ID => 1,
Name => 'Group 1',
Comment => 'The Comment of Group 1',
ValidID => 1,
CreateTime => '2014-01-01 00:20:00',
CreateBy => 1,
ChangeTime => '2014-01-02 00:10:00',
ChangeBy => 1,
},
2 => {
ID => 2,
Name => 'Group 2',
Comment => 'The Comment of Group 2',
ValidID => 1,
CreateTime => '2014-11-01 10:00:00',
CreateBy => 1,
ChangeTime => '2014-11-02 01:00:00',
ChangeBy => 1,
},
);
RoleLookup()#
get id or name for role
my $Role = $GroupObject->RoleLookup(
RoleID => $RoleID,
);
my $RoleID = $GroupObject->RoleLookup(
Role => $Role,
);
RoleGet()#
returns a hash with role data
my %RoleData = $GroupObject->RoleGet(
ID => 2,
);
This returns something like:
%RoleData = (
'Name' => 'role_helpdesk_agent',
'ID' => 2,
'ValidID' => '1',
'CreateTime' => '2010-04-07 15:41:15',
'ChangeTime' => '2010-04-07 15:41:15',
'Comment' => 'Role for help-desk people.',
);
RoleAdd()#
to add a new role
my $RoleID = $GroupObject->RoleAdd(
Name => 'example-role',
Comment => 'comment describing the role', # optional
ValidID => 1,
UserID => 123,
);
RoleUpdate()#
update of a role
my $Success = $GroupObject->RoleUpdate(
ID => 123,
Name => 'example-group',
Comment => 'comment describing the role', # optional
ValidID => 1,
UserID => 123,
);
RoleList()#
returns a hash of all roles
my %Roles = $GroupObject->RoleList(
Valid => 1,
);
the result looks like
%Roles = (
'1' => 'role_helpdesk_agent',
'2' => 'role_systemsmanagement_agent',
'3' => 'role_otrs_admin',
'4' => 'role_faq_manager',
);
RoleDataList()#
returns a hash of all role data
my %RoleDataList = $GroupObject->RoleDataList();
the result looks like
%RoleDataList = (
1 => {
ID => 1,
Name => 'Role 1',
Comment => 'The Comment of Role 1',
ValidID => 1,
CreateTime => '2014-01-01 00:20:00',
CreateBy => 1,
ChangeTime => '2014-01-02 00:10:00',
ChangeBy => 1,
},
2 => {
ID => 2,
Name => 'Role 2',
Comment => 'The Comment of Role 2',
ValidID => 1,
CreateTime => '2014-11-01 10:00:00',
CreateBy => 1,
ChangeTime => '2014-11-02 01:00:00',
ChangeBy => 1,
},
);
PermissionCheck()#
Check if a user has a certain permission for a certain group.
my $HasPermission = $GroupObject->PermissionCheck(
UserID => $UserID,
GroupName => $GroupName,
Type => 'move_into', # ro|move_into|create|note|owner|priority|rw
);
PermissionUserInvolvedGet()#
returns a list of users with the given permissions
my %Users = $GroupObject->PermissionUserInvolvedGet(
UserID => $ID,
Type => 'move_into', # ro|move_into|create|note|owner|priority|rw
);
PermissionUserGet()#
Get groups of the given user.
my %Groups = $GroupObject->PermissionUserGet(
UserID => $ID,
Type => 'move_into', # ro|move_into|create|note|owner|priority|rw
);
PermissionGroupGet()#
Get users of the given group.
my %Users = $GroupObject->PermissionGroupGet(
GroupID => $ID,
Type => 'move_into', # ro|move_into|create|note|owner|priority|rw
);
PermissionGroupUserAdd()#
add new permissions or update existing one to the given group of a given user
my $Success = $GroupObject->PermissionGroupUserAdd(
GID => 12,
UID => 6,
Permission => {
ro => 1,
move_into => 1,
create => 1,
note => 1,
owner => 1,
priority => 0,
rw => 0,
},
UserID => 123,
);
PermissionGroupUserGet()#
returns a list with all users of a group
my %UserList = $GroupObject->PermissionGroupUserGet(
GroupID => $GroupID,
Type => 'move_into', # ro|move_into|create|note|owner|priority|rw
);
%UserList = (
1 => 'User1',
2 => 'User2',
3 => 'User3',
);
PermissionUserGroupGet()#
returns a list of groups a user is member of
my %GroupList = $GroupObject->PermissionUserGroupGet(
UserID => 123,
Type => 'move_into', # ro|move_into|create|note|owner|priority|rw
);
%GroupList = (
1 => 'Group1',
2 => 'Group2',
3 => 'Group3',
);
PermissionGroupRoleAdd()#
add new permissions or update existing one to the given group of a given role
my $Success = $GroupObject->PermissionGroupRoleAdd(
GID => 12,
RID => 6,
Permission => {
ro => 1,
move_into => 1,
create => 1,
note = 1,
owner => 1,
priority => 0,
rw => 0,
},
UserID => 123,
);
PermissionGroupRoleGet()#
returns a list with all roles of a group
my %RoleList = $GroupObject->PermissionGroupRoleGet(
GroupID => $GroupID,
Type => 'move_into', # ro|move_into|create|note|owner|priority|rw
);
%RoleList = (
1 => 'Role1',
2 => 'Role2',
3 => 'Role3',
);
PermissionRoleGroupGet()#
returns a list with all groups of a role
my %GroupList = $GroupObject->PermissionRoleGroupGet(
RoleID => 12,
Type => 'move_into', # ro|move_into|create|note|owner|priority|rw
);
%GroupList = (
1 => 'Group1',
2 => 'Group2',
3 => 'Group3',
);
PermissionRoleUserAdd()#
add new permissions or update existing one to the given group of a given role
my $Success = $GroupObject->PermissionRoleUserAdd(
UID => 12,
RID => 6,
Active => 1,
UserID => 123,
);
PermissionRoleUserGet()#
returns a list with all users of a role
my %UserList = $GroupObject->PermissionRoleUserGet(
RoleID => $RoleID,
);
%UserList = (
1 => 'User1',
2 => 'User2',
3 => 'User3',
);
PermissionUserRoleGet()#
returns a list with all roles of a user
my %RoleList = $GroupObject->PermissionUserRoleGet(
UserID => $UserID,
);
%RoleList = (
1 => 'Role1',
2 => 'Role2',
3 => 'Role3',
);
GroupMemberAdd()#
Function for backward compatibility. Redirected to PermissionGroupUserAdd().
GroupMemberList()#
Function for backward compatibility. Redirected to PermissionUserGet() and PermissionGroupGet().
GroupMemberInvolvedList()#
Function for backward compatibility. Redirected to PermissionUserInvolvedGet().
GroupGroupMemberList()#
Function for backward compatibility. Redirected to PermissionUserGroupGet() and PermissionGroupUserGet().
GroupRoleMemberList()#
Function for backward compatibility. Redirected to PermissionRoleGroupGet() and PermissionGroupRoleGet().
GroupRoleMemberAdd()#
Function for backward compatibility. Redirected to PermissionGroupRoleAdd().
GroupUserRoleMemberList()#
Function for backward compatibility. Redirected to PermissionUserRoleGet() and PermissionRoleUserGet().
GroupUserRoleMemberAdd()#
Function for backward compatibility. Redirected to PermissionRoleUserAdd().
_DBGroupUserGet()#
returns the content of the database table group_user
my %Data = $GroupObject->_DBGroupUserGet(
Type => 'UserGroupPerm', # UserGroupPerm|UserPermGroup|GroupPermUser
);
Example if Type is UserGroupPerm:
$Data{$UserID}->{$GroupID}->{$Permission}
%Data = (
32 => {
34 => [
'create',
'move_into',
'owner',
'ro',
],
},
276 => {
277 => [
'rw',
],
},
);
Example if Type is UserPermGroup:
$Data{$UserID}->{$Permission}->{$GroupID}
%Data = (
32 => {
owner => [ 34 ],
create => [ 34 ],
ro => [ 34 ],
move_into => [ 34 ],
},
276 => {
rw => [ 277 ],
},
);
Example if Type is GroupPermUser:
$Data{$GroupID}->{$Permission}->{$UserID}
%Data = (
127 => {
owner => [ 128 ],
create => [ 128 ],
ro => [ 128 ],
move_into => [ 128 ],
},
90 => {
rw => [ 91 ],
},
);
_DBGroupRoleGet()#
returns the content of the database table group_role
my %Data = $GroupObject->_DBGroupRoleGet(
Type => 'RoleGroupPerm', # RoleGroupPerm|RolePermGroup|GroupPermRole
);
Example if Type is RoleGroupPerm:
$Data{$RoleID}->{$GroupID}->{$Permission}
%Data = (
32 => {
34 => [
'create',
'move_into',
'owner',
'ro',
],
},
276 => {
277 => [
'rw',
],
},
);
Example if Type is RolePermGroup:
$Data{$RoleID}->{$Permission}->{$GroupID}
%Data = (
32 => {
owner => [ 34 ],
create => [ 34 ],
ro => [ 34 ],
move_into => [ 34 ],
},
276 => {
rw => [ 277 ],
},
);
Example if Type is GroupPermRole:
$Data{$GroupID}->{$Permission}->{$RoleID}
%Data = (
127 => {
owner => [ 128 ],
create => [ 128 ],
ro => [ 128 ],
move_into => [ 128 ],
},
90 => {
rw => [ 91 ],
},
);
_DBRoleUserGet()#
returns the content of the database table role_user
my %Data = $GroupObject->_DBRoleUserGet(
Type => 'RoleUser', # UserRole|RoleUser|UserRoleHash
);
Example if Type is UserRole:
$Data{$UserID}->{$RoleID}
%Data = (
559 => [ 557 ],
127 => [ 125 ],
32 => [ 31 ],
443 => [ 442 ],
);
Example if Type is RoleUser:
$Data{$RoleID}->{$UserID}
%Data = (
559 => [ 560 ],
127 => [ 128 ],
32 => [ 33, 34 ],
443 => [ 444, 445 ],
);
Example if Type is UserRoleHash:
$Data{$UserID}->{$RoleID} = 1
%Data = (
559 => {
557 => 1,
},
127 => {
125 => 1,
},
32 => {
31 => 1,
},
443 => {
442 => 1,
},
);
_PermissionTypeList()#
returns a list of valid system permissions.
%PermissionTypeList = $GroupObject->_PermissionTypeList(
Type => 'close', # (optional)
);