From ce785c40141f25ab750b2dbbd1c67afaa8b61355 Mon Sep 17 00:00:00 2001 From: Jens Pfeifer Date: Tue, 14 Jan 2025 13:09:16 +0000 Subject: [PATCH] Improved ACL checks in ticket overview modules. --- AUTHORS.md | 1 + CHANGES.md | 1 + Kernel/Output/HTML/TicketOverview/Medium.pm | 101 +++-------------- Kernel/Output/HTML/TicketOverview/Preview.pm | 110 +++---------------- Kernel/Output/HTML/TicketOverview/Small.pm | 26 +++-- 5 files changed, 50 insertions(+), 189 deletions(-) diff --git a/AUTHORS.md b/AUTHORS.md index 1f7fb1515b..802f515d9b 100644 --- a/AUTHORS.md +++ b/AUTHORS.md @@ -41,6 +41,7 @@ The following persons contributed to Znuny: * Henrik Vetter * IB Development Team * Igor Djuric +* Ivo Oliveira <128880860+Bashizz@users.noreply.github.com> * Jan Steinweg * JannisKleinrensing <71767611+JannisKleinrensing@users.noreply.github.com> * Jaroslav Balaz diff --git a/CHANGES.md b/CHANGES.md index 54b8a1a755..eba8fe24b9 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,4 +1,5 @@ # 7.1.4 2024-??-?? + - 2024-12-23 Improved ACL checks in ticket overview modules. - 2024-12-10 System configuration option SendmailEncodingForce is now a selection instead of a text field. - 2024-12-10 Fixed "From" and "To" not being expandable for an article in ticket zoom. Thanks to Oliver Freyermuth (@olifre) for reporting. [#605](https://github.com/znuny/Znuny/issues/605) - 2024-12-09 Fixed multiple notifications being sent for empty process tickets (event NotificationNewTicket). diff --git a/Kernel/Output/HTML/TicketOverview/Medium.pm b/Kernel/Output/HTML/TicketOverview/Medium.pm index 2178bd6e0b..179a865475 100644 --- a/Kernel/Output/HTML/TicketOverview/Medium.pm +++ b/Kernel/Output/HTML/TicketOverview/Medium.pm @@ -479,19 +479,7 @@ sub _Show { sort keys %Actions; } - my $ACL = $TicketObject->TicketAcl( - Data => \%PossibleActions, - Action => $Self->{Action}, - TicketID => $Article{TicketID}, - ReturnType => 'Action', - ReturnSubType => '-', - UserID => $Self->{UserID}, - ); - my %AclAction = %PossibleActions; - if ($ACL) { - %AclAction = $TicketObject->TicketAclActionData(); - } # get main object my $MainObject = $Kernel::OM->Get('Kernel::System::Main'); @@ -500,6 +488,22 @@ sub _Show { my @ActionItems; if ( ref $ConfigObject->Get('Ticket::Frontend::PreMenuModule') eq 'HASH' ) { my %Menus = %{ $ConfigObject->Get('Ticket::Frontend::PreMenuModule') }; + + if (%Menus) { + my $ACL = $TicketObject->TicketAcl( + Data => \%PossibleActions, + Action => $Self->{Action}, + TicketID => $Article{TicketID}, + ReturnType => 'Action', + ReturnSubType => '-', + UserID => $Self->{UserID}, + ); + + if ($ACL) { + %AclAction = $TicketObject->TicketAclActionData(); + } + } + MENU: for my $Menu ( sort keys %Menus ) { @@ -676,78 +680,6 @@ sub _Show { } } - # create output - $LayoutObject->Block( - Name => 'AgentAnswer', - Data => { - %Param, - %Article, - %AclAction, - }, - ); - - if ( - $ConfigObject->Get('Frontend::Module')->{AgentTicketCompose} - && ( !defined $AclAction{AgentTicketCompose} || $AclAction{AgentTicketCompose} ) - ) - { - my $Access = 1; - my $Config = $ConfigObject->Get("Ticket::Frontend::AgentTicketCompose"); - if ( $Config->{Permission} ) { - my $Ok = $TicketObject->TicketPermission( - Type => $Config->{Permission}, - TicketID => $Param{TicketID}, - UserID => $Self->{UserID}, - LogNo => 1, - ); - if ( !$Ok ) { - $Access = 0; - } - if ($Access) { - $LayoutObject->Block( - Name => 'AgentAnswerCompose', - Data => { - %Param, - %Article, - %AclAction, - }, - ); - } - } - } - if ( - $ConfigObject->Get('Frontend::Module')->{AgentTicketPhoneOutbound} - && ( - !defined $AclAction{AgentTicketPhoneOutbound} - || $AclAction{AgentTicketPhoneOutbound} - ) - ) - { - my $Access = 1; - my $Config = $ConfigObject->Get("Ticket::Frontend::AgentTicketPhoneOutbound"); - if ( $Config->{Permission} ) { - my $OK = $TicketObject->TicketPermission( - Type => $Config->{Permission}, - TicketID => $Param{TicketID}, - UserID => $Self->{UserID}, - LogNo => 1, - ); - if ( !$OK ) { - $Access = 0; - } - } - if ($Access) { - $LayoutObject->Block( - Name => 'AgentAnswerPhoneOutbound', - Data => { - %Param, - %Article, - %AclAction, - }, - ); - } - } - # ticket type if ( $ConfigObject->Get('Ticket::Type') ) { $LayoutObject->Block( @@ -1064,7 +996,6 @@ sub _Show { Data => { %Param, %Article, - %AclAction, }, ); diff --git a/Kernel/Output/HTML/TicketOverview/Preview.pm b/Kernel/Output/HTML/TicketOverview/Preview.pm index c1e44e2918..273c0467e4 100644 --- a/Kernel/Output/HTML/TicketOverview/Preview.pm +++ b/Kernel/Output/HTML/TicketOverview/Preview.pm @@ -513,19 +513,7 @@ sub _Show { sort keys %Actions; } - my $ACL = $TicketObject->TicketAcl( - Data => \%PossibleActions, - Action => $Self->{Action}, - TicketID => $Article{TicketID}, - ReturnType => 'Action', - ReturnSubType => '-', - UserID => $Self->{UserID}, - ); - my %AclAction = %PossibleActions; - if ($ACL) { - %AclAction = $TicketObject->TicketAclActionData(); - } # get main object my $MainObject = $Kernel::OM->Get('Kernel::System::Main'); @@ -534,6 +522,22 @@ sub _Show { my @ActionItems; if ( ref $ConfigObject->Get('Ticket::Frontend::PreMenuModule') eq 'HASH' ) { my %Menus = %{ $ConfigObject->Get('Ticket::Frontend::PreMenuModule') }; + + if (%Menus) { + my $ACL = $TicketObject->TicketAcl( + Data => \%PossibleActions, + Action => $Self->{Action}, + TicketID => $Article{TicketID}, + ReturnType => 'Action', + ReturnSubType => '-', + UserID => $Self->{UserID}, + ); + + if ($ACL) { + %AclAction = $TicketObject->TicketAclActionData(); + } + } + MENU: for my $Menu ( sort keys %Menus ) { @@ -769,77 +773,6 @@ sub _Show { } } - # create output - $LayoutObject->Block( - Name => 'AgentAnswer', - Data => { - %Param, - %Article, - %AclAction, - }, - ); - if ( - $ConfigObject->Get('Frontend::Module')->{AgentTicketCompose} - && ( !defined $AclAction{AgentTicketCompose} || $AclAction{AgentTicketCompose} ) - ) - { - my $Access = 1; - my $Config = $ConfigObject->Get('Ticket::Frontend::AgentTicketCompose'); - if ( $Config->{Permission} ) { - my $Ok = $TicketObject->Permission( - Type => $Config->{Permission}, - TicketID => $Param{TicketID}, - UserID => $Self->{UserID}, - LogNo => 1, - ); - if ( !$Ok ) { - $Access = 0; - } - if ($Access) { - $LayoutObject->Block( - Name => 'AgentAnswerCompose', - Data => { - %Param, - %Article, - %AclAction, - }, - ); - } - } - } - if ( - $ConfigObject->Get('Frontend::Module')->{AgentTicketPhoneOutbound} - && ( - !defined $AclAction{AgentTicketPhoneOutbound} - || $AclAction{AgentTicketPhoneOutbound} - ) - ) - { - my $Access = 1; - my $Config = $ConfigObject->Get('Ticket::Frontend::AgentTicketPhoneOutbound'); - if ( $Config->{Permission} ) { - my $OK = $TicketObject->Permission( - Type => $Config->{Permission}, - TicketID => $Param{TicketID}, - UserID => $Self->{UserID}, - LogNo => 1, - ); - if ( !$OK ) { - $Access = 0; - } - } - if ($Access) { - $LayoutObject->Block( - Name => 'AgentAnswerPhoneOutbound', - Data => { - %Param, - %Article, - %AclAction, - }, - ); - } - } - # ticket type if ( $ConfigObject->Get('Ticket::Type') ) { $LayoutObject->Block( @@ -1191,7 +1124,6 @@ sub _Show { Data => { %Param, %Article, - %AclAction, }, ); } @@ -1259,14 +1191,7 @@ sub _Show { ); # check if compose link should be shown - if ( - $ConfigObject->Get('Frontend::Module')->{AgentTicketCompose} - && ( - !defined $AclAction{AgentTicketCompose} - || $AclAction{AgentTicketCompose} - ) - ) - { + if ( $ConfigObject->Get('Frontend::Module')->{AgentTicketCompose} ) { my $Access = 1; my $Config = $ConfigObject->Get('Ticket::Frontend::AgentTicketCompose'); if ( $Config->{Permission} ) { @@ -1319,7 +1244,6 @@ sub _Show { Data => { %Param, %Article, - %AclAction, }, ); return \$Output; diff --git a/Kernel/Output/HTML/TicketOverview/Small.pm b/Kernel/Output/HTML/TicketOverview/Small.pm index f03872dccc..1b69f4e569 100644 --- a/Kernel/Output/HTML/TicketOverview/Small.pm +++ b/Kernel/Output/HTML/TicketOverview/Small.pm @@ -542,23 +542,27 @@ sub Run { sort keys %Actions; } - my $ACL = $TicketObject->TicketAcl( - Data => \%PossibleActions, - Action => $Self->{Action}, - TicketID => $Article{TicketID}, - ReturnType => 'Action', - ReturnSubType => '-', - UserID => $Self->{UserID}, - ); my %AclAction = %PossibleActions; - if ($ACL) { - %AclAction = $TicketObject->TicketAclActionData(); - } # run ticket pre menu modules my @ActionItems; if ( ref $ConfigObject->Get('Ticket::Frontend::PreMenuModule') eq 'HASH' ) { my %Menus = %{ $ConfigObject->Get('Ticket::Frontend::PreMenuModule') }; + + if (%Menus) { + my $ACL = $TicketObject->TicketAcl( + Data => \%PossibleActions, + Action => $Self->{Action}, + TicketID => $Article{TicketID}, + ReturnType => 'Action', + ReturnSubType => '-', + UserID => $Self->{UserID}, + ); + if ($ACL) { + %AclAction = $TicketObject->TicketAclActionData(); + } + } + my @Items; MENU: for my $Menu ( sort keys %Menus ) {