RE: [dev] Auto Assing Group Rights

Thu, 08 Apr 2004 11:58:09 -0700 

Tyler Hepworth wrote:
> My agents authenticate via LDAP and have their accounts
> created automatically.  I would like to also add group rights
> at the time their account is created.  I added the following
> code to User.pm:
> 
> At the very start
> -----------------------------------
> use Kernel::System::Group;
> 
> my %CommonObject = ();
> $CommonObject{GroupObject}  =
> Kernel::System::Group->new(%CommonObject);
> 
> 
> Inside of sub UserAdd (just after the user is added)
> ----------------------------------------------------
>             $CommonObject{GroupObject}->GroupMemberAdd(            
>               UID => $UserID, GID => 1,
>               UserID => 2,
>               Permission => {
>                       ro => 0,
>                       move_into => 0,
>                       create => 0,
>                       owner => 0,
>                       priority => 0,
>                       rw => 1,
>               }
>             );
>             $CommonObject{GroupObject}->GroupMemberAdd(            
>               UID => $UserID, GID => 4,
>               UserID => 2,
>               Permission => {
>                       ro => 0,
>                       move_into => 0,
>                       create => 0,
>                       owner => 0,
>                       priority => 0,
>                       rw => 1,
>               }
>             );
> 
> For right now, I want every agent to have access to the FAQ
> and User groups. Later, if the system grows more complex, I
> will add logic to this section that will add group rights
> based off of the groups an Agent belongs to in my LDAP
> database.  So, that is my bright idea, but when I tried to
> restart apache, it refused to start.  There were no errors as
> to why, so I started commenting out lines of code.  The
> offending code is the first few lines where "CommonObject" is
> created.  Have I specified it correctly?  Incorrect? Is what
> I am trying to do even a good idea?  Or will group rights be
> recreated for the user every time they log in because of the
> sub SyncLDAP2Database (since it calls UserAdd every time)?
> Even if rights are created every single time, is that a
> problem?  Any suggestions on how to automatically add group rights?
> 


Nevermind,  I got it worked out.

Added the following to sub new:

$Self->{GroupObject} = Kernel::System::Group->new(%Param);


And the following to sub UserAdd:

            $Self->{GroupObject}->GroupMemberAdd(
                UID => $UserID,
                GID => 1,
                UserID => 2,
                Permission => {
                        ro => 0,
                        move_into => 0,
                        create => 0,
                        owner => 0,
                        priority => 0,
                        rw => 1,
                }
            );
            $Self->{GroupObject}->GroupMemberAdd(
                UID => $UserID,
                GID => 4,
                UserID => 2,
                Permission => {
                        ro => 0,
                        move_into => 0,
                        create => 0,
                        owner => 0,
                        priority => 0,
                        rw => 1,
                }
            );

Works like a champ! :-)

_______________________________________________
OTRS mailing list: dev - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/dev
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/dev

Reply via email to