Re: [otrs] ACLs via web interface

Tue, 26 Jan 2010 11:38:11 -0800

Hi,

On 26.01.2010, at 10:43, Михаил Лукин wrote:

A number of basic ACLs is what we need most of the time. As I understand, simple ACL is just Perl dictionary of dictionaries (they are called "dictionaries" in Python, in Perl it is maybe Hash or smth like this, I don't remember).

For example, I need to limit choices of SLAs and Priorities by customer department or title (customer data is in LDAP), and it's gonna be a lot of similar and very simple ACLs.

On another hand, I would be completely satisfied if I could place those ACLs somewhere out of Config.pm (f.e. CustomConfig01.pm for ACLs, CustomConfig02.pm for backends and so on).

On Tue, Jan 26, 2010 at 12:26 PM, Shawn Beasley <[email protected]> wrote:
Hi Mihail,

On Jan 26, 2010, at 10:17 , Михаил Лукин wrote:

> There is a nice example of editing ACL via Sysconfig (Ticket -> Core::TicketACL)
> Is there an OTRS package or something else to allow Add/Edit new ACLs via web interface (Sysconfig)?

Unfortunately, not currently. It should be easy to implement a static number of basic configurable ACLs. Due to the complexity, it makes it harder to implement this in its full power.

I am sure there will be a Sysconfig Group which does allow ACL configuration, it should be very easy.

However, currently you can remove the ACLs from Config.pm, actually as everything else, by saving a new file (e.g. ACL.pm) in $OTRS_HOME/Kernel/Config/Files/
Just make sure the syntax is ok. Im my cases i just copy the ZZZAuto.pm basic structure and put in the ACLs that I want to be active.

My current ACL.pm file is attached and is working but not tested in production environments yet.

# --
# Kernel/Config/ACLs.pm - config file for ACLs
# Copyright (C) 2001-2009 OTRS AG, http://otrs.org/
# --
# $Id: ACLs.pm.dist,v 0.01 2010/01/25 18:59:11 nl Exp $
# --
# This software comes with ABSOLUTELY NO WARRANTY. For details, see
# the enclosed file COPYING for license information (AGPL). If you
# did not receive this file, see http://www.gnu.org/licenses/agpl.txt.
# --

package Kernel::Config::ACLs;

use strict;
use warnings;

# -----------------------------------------------------------------------
# start of ACL configurations
# -----------------------------------------------------------------------

#    $Self->{TicketAcl}->{'ACL-CustomerID-based-Queues'} = {
#        Properties => {
#            Ticket => {
#                Queue => ['Postmaster'],
#            },
#            Frontend => {
#                Action => ['CustomerTicketMessage'],
#            },
#            CustomerUser => {
#                UserCustomerID => ['otrs.com'],
#            },
#        },
#
#	  PossibleNot => {
#	    Ticket => {
#	      State => ['closed unsuccessful'],
#	      Queue => ['Misc'],
#	    },
#	  },
#
#        Possible => {
#            Action => {
#                AgentTicketClose => 0,
#           },
#	       Ticket => {
#	           Queue => ['[RegExp]^Misc'],
#	       },
#        },
#    };


#    $Self->{TicketAcl}->{'ACL-Tickets-nicht-schliessen'} = {
#        Properties => {
#            # no properties => match always
#        },
#        PossibleNot => {
#            Ticket => {
#                State => [
#                    '[RegExp]^closed',
#                    '[RegExp]^pending\ auto'
#                ],
#            },
#        },
#        Possible => {
#            Action => {
#                AgentTicketClose  => 0,
#            },
#        },
#    };


#    $Self->{TicketAcl}->{'ACL-Tickets-ohne-Service-Spezifikation-nicht-schliessen'} = {
#        Properties => {
#            Ticket => {
#                Service => ['[RegExp][a-zA-Z0-9]'],
#            },
#        },
#        PossibleNot => {
#            Ticket => {
#                State => [
#                    # allow all StateTypes
#                ],
#            },
#        },
#        Possible => {
#            Action => {
#                AgentTicketClose  => 1,
#            },
#        },
#    };


#$Self->{TicketAcl}->{'A'} = {	 
#    Properties => {
##        User => {
##            Group_rw => ['faq'],
##        },
#    },
#    Possible => {
#        Action => {
#            AgentTicketPriority => 0,
#        },
#    },
#};


#$Self->{TicketAcl}->{'ACL-ITSMField'} = {
#    Properties => {
#        Ticket => {
#            Type => ['Inciewrrwerwerewrdent'],
#        },
#        Frontend => {
#            Action => ['AgentTicketNote'],
#        },        
#    },
#    Possible => {
#        Ticket => {
#            State => ['open'],
#        },
#        $Self->{'Ticket::Frontend::AgentTicketNote'}->{'TicketFreeText'} =  {
#            '1' => '1',
#            '10' => '0',
#            '11' => '0',
#            '12' => '1',
#            '13' => '0',
#            '14' => '0',
#            '15' => '0',
#            '16' => '0',
#            '2' => '1',
#            '3' => '1',
#            '4' => '1',
#            '5' => '1',
#            '6' => '1',
#            '7' => '1',
#            '8' => '1',
#            '9' => '1',
#        },
#    },
#};


#	$Self->{TicketAcl}->{'ACL-customer-status'} = {	 
#	  Properties => {
#            CustomerUser => {
#                UserCustomerID => ['otrs.com'],
#            },
#	  },	 
#	  Possible => {
#            Action => {
#                AgentTicketClose  => 1,
#            },
#	  },
#	};


#$Self->{TicketAcl}->{'kdsfskdfh'} = {	 
#    Properties => {
#        Queue => {
#            Name => ['Misc'],
#        },
#    },
#    Possible => {
#        Ticket => {
#            Priority => ['1 very low'],
#        },
#    },
#};


$Self->{TicketAcl}->{'kdsfskdfh'} = {	 
    'Properties' => {
        'Queue' => {
            'Name' => ['Servicedesk'],
        },
    },
    Possible => {
        Ticket => {
            Priority => ['1 very low'],
        },

    },
};


# -----------------------------------------------------------------------
# end of ACL configurations
# -----------------------------------------------------------------------
1;

Nils Leideck

-- 
Nils Leideck
Senior Consultant

[email protected]
[email protected]


http://webint.cryptonode.de / a Fractal project

CU @ CeBIT 2010 in Hannover, Germany and get to know more about OTRS 
at booth no. C37 in hall 2 from March 2-6, 2010!






---------------------------------------------------------------------
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs

NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW!
http://www.otrs.com/en/support/enterprise-subscription/

Reply via email to