From 289e2da3922f9441d45e6ef7b619d0f8412bd22d Mon Sep 17 00:00:00 2001 From: Martin Edenhofer Date: Thu, 29 Oct 2015 13:08:06 +0100 Subject: [PATCH] Applied role based permissions. --- lib/import/otrs.rb | 42 ++++++++++++++++++++++++++++++++++++------ 1 file changed, 36 insertions(+), 6 deletions(-) diff --git a/lib/import/otrs.rb b/lib/import/otrs.rb index c0156671f..2d33d6957 100644 --- a/lib/import/otrs.rb +++ b/lib/import/otrs.rb @@ -1046,8 +1046,10 @@ module Import::OTRS end def self.get_roles_ids(user, groups, roles, _queues) - roles = ['Agent'] - role_ids = [] + local_roles = ['Agent'] + local_role_ids = [] + + # apply group permissions user['GroupIDs'].each {|group_id, permissions| groups.each {|group_lookup| @@ -1055,21 +1057,49 @@ module Import::OTRS next if !permissions if group_lookup['Name'] == 'admin' && permissions.include?('rw') - roles.push 'Admin' + local_roles.push 'Admin' end next if group_lookup['Name'] !~ /^(stats|report)/ next if !( permissions.include?('ro') || permissions.include?('rw') ) - roles.push 'Report' + local_roles.push 'Report' } } - roles.each {|role| + + # apply role permissions + user['RoleIDs'].each {|role_id| + + # get groups of role + roles.each {|role| + next if role['ID'] != role_id + + # verify group names + role['GroupIDs'].each {|group_id, permissions| + groups.each {|group_lookup| + + next if group_id != group_lookup['ID'] + next if !permissions + + if group_lookup['Name'] == 'admin' && permissions.include?('rw') + local_roles.push 'Admin' + end + + next if group_lookup['Name'] !~ /^(stats|report)/ + next if !( permissions.include?('ro') || permissions.include?('rw') ) + + local_roles.push 'Report' + } + } + } + } + + local_roles.each {|role| role_lookup = Role.lookup( name: role ) next if !role_lookup role_ids.push role_lookup.id } - role_ids + local_role_ids end # sync customers