My agents authenticate via LDAP and have their accounts created
automatically. I would like to also add group rights at the time their
account is created. I added the following code to User.pm:
At the very start
-----------------------------------
use Kernel::System::Group;
my %CommonObject = ();
$CommonObject{GroupObject} = Kernel::System::Group->new(%CommonObject);
Inside of sub UserAdd (just after the user is added)
----------------------------------------------------
$CommonObject{GroupObject}->GroupMemberAdd(
UID => $UserID,
GID => 1,
UserID => 2,
Permission => {
ro => 0,
move_into => 0,
create => 0,
owner => 0,
priority => 0,
rw => 1,
}
);
$CommonObject{GroupObject}->GroupMemberAdd(
UID => $UserID,
GID => 4,
UserID => 2,
Permission => {
ro => 0,
move_into => 0,
create => 0,
owner => 0,
priority => 0,
rw => 1,
}
);
For right now, I want every agent to have access to the FAQ and User groups.
Later, if the system grows more complex, I will add logic to this section
that will add group rights based off of the groups an Agent belongs to in my
LDAP database. So, that is my bright idea, but when I tried to restart
apache, it refused to start. There were no errors as to why, so I started
commenting out lines of code. The offending code is the first few lines
where "CommonObject" is created. Have I specified it correctly? Incorrect?
Is what I am trying to do even a good idea? Or will group rights be
recreated for the user every time they log in because of the sub
SyncLDAP2Database (since it calls UserAdd every time)? Even if rights are
created every single time, is that a problem? Any suggestions on how to
automatically add group rights?
_______________________________________________
OTRS mailing list: dev - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/dev
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/dev
