+
+ $self->{'handled_disabled_column'} = 1;
+ $self->Limit(
+ ALIAS => $self->PrincipalsAlias,
+ FIELD => 'Disabled',
+ VALUE => '0',
+ );
+}
+
+=head2 LimitToDeleted
+
+Only find items that have been deleted.
+
+=cut
+
+sub LimitToDeleted {
+ my $self = shift;
+
+ $self->{'handled_disabled_column'} = $self->{'find_disabled_rows'} = 1;
+ $self->Limit(
+ ALIAS => $self->PrincipalsAlias,
+ FIELD => 'Disabled',
+ VALUE => 1,
+ );
+}
+
+
+
+=head2 LimitToEmail
+
+Takes one argument. an email address. limits the returned set to
+that email address
+
+=cut
+
+sub LimitToEmail {
+ my $self = shift;
+ my $addr = shift;
+ $self->Limit( FIELD => 'EmailAddress', VALUE => "$addr" );
+}
+
+
+
+=head2 MemberOfGroup PRINCIPAL_ID
+
+takes one argument, a group's principal id. Limits the returned set
+to members of a given group
+
+=cut
+
+sub MemberOfGroup {
+ my $self = shift;
+ my $group = shift;
+
+ return $self->loc("No group specified") if ( !defined $group );
+
+ my $groupalias = $self->NewAlias('CachedGroupMembers');
+
+ # Join the principal to the groups table
+ $self->Join( ALIAS1 => $self->PrincipalsAlias,
+ FIELD1 => 'id',
+ ALIAS2 => $groupalias,
+ FIELD2 => 'MemberId' );
+ $self->Limit( ALIAS => $groupalias,
+ FIELD => 'Disabled',
+ VALUE => 0 );
+
+ $self->Limit( ALIAS => "$groupalias",
+ FIELD => 'GroupId',
+ VALUE => "$group",
+ OPERATOR => "=" );
+}
+
+
+
+=head2 LimitToPrivileged
+
+Limits to users who can be made members of ACLs and groups
+
+=cut
+
+sub LimitToPrivileged {
+ my $self = shift;
+ $self->MemberOfGroup( RT->PrivilegedUsers->id );
+}
+
+=head2 LimitToUnprivileged
+
+Limits to unprivileged users only
+
+=cut
+
+sub LimitToUnprivileged {
+ my $self = shift;
+ $self->MemberOfGroup( RT->UnprivilegedUsers->id);
+}
+
+
+sub Limit {
+ my $self = shift;
+ my %args = @_;
+ $args{'CASESENSITIVE'} = 0 unless exists $args{'CASESENSITIVE'};
+ return $self->SUPER::Limit( %args );
+}
+
+=head2 WhoHaveRight { Right => 'name', Object => $rt_object , IncludeSuperusers => undef, IncludeSubgroupMembers => undef, IncludeSystemRights => undef, EquivObjects => [ ] }
+
+
+find all users who the right Right for this group, either individually
+or as members of groups
+
+If passed a queue object, with no id, it will find users who have that right for _any_ queue
+
+=cut
+
+# XXX: should be generalized
+sub _JoinGroupMembers
+{
+ my $self = shift;
+ my %args = (
+ IncludeSubgroupMembers => 1,
+ @_
+ );
+
+ my $principals = $self->PrincipalsAlias;
+
+ # The cachedgroupmembers table is used for unrolling group memberships
+ # to allow fast lookups. if we bind to CachedGroupMembers, we'll find
+ # all members of groups recursively. if we don't we'll find only 'direct'
+ # members of the group in question
+ my $group_members;
+ if ( $args{'IncludeSubgroupMembers'} ) {
+ $group_members = $self->NewAlias('CachedGroupMembers');
+ }
+ else {
+ $group_members = $self->NewAlias('GroupMembers');
+ }
+
+ $self->Join(
+ ALIAS1 => $group_members,
+ FIELD1 => 'MemberId',
+ ALIAS2 => $principals,
+ FIELD2 => 'id'
+ );
+ $self->Limit(
+ ALIAS => $group_members,
+ FIELD => 'Disabled',
+ VALUE => 0,
+ ) if $args{'IncludeSubgroupMembers'};
+
+ return $group_members;
+}
+
+# XXX: should be generalized
+sub _JoinGroups
+{
+ my $self = shift;
+ my %args = (@_);
+
+ my $group_members = $self->_JoinGroupMembers( %args );
+ my $groups = $self->NewAlias('Groups');
+ $self->Join(
+ ALIAS1 => $groups,
+ FIELD1 => 'id',
+ ALIAS2 => $group_members,
+ FIELD2 => 'GroupId'
+ );
+
+ return $groups;
+}
+
+# XXX: should be generalized
+sub _JoinACL
+{
+ my $self = shift;
+ my %args = (
+ Right => undef,
+ IncludeSuperusers => undef,
+ @_,
+ );
+
+ if ( $args{'Right'} ) {
+ my $canonic = RT::ACE->CanonicalizeRightName( $args{'Right'} );
+ unless ( $canonic ) {
+ $RT::Logger->error("Invalid right. Couldn't canonicalize right '$args{'Right'}'");
+ }
+ else {
+ $args{'Right'} = $canonic;
+ }
+ }
+
+ my $acl = $self->NewAlias('ACL');
+ $self->Limit(
+ ALIAS => $acl,
+ FIELD => 'RightName',
+ OPERATOR => ( $args{Right} ? '=' : 'IS NOT' ),
+ VALUE => $args{Right} || 'NULL',
+ ENTRYAGGREGATOR => 'OR'
+ );
+ if ( $args{'IncludeSuperusers'} and $args{'Right'} ) {
+ $self->Limit(
+ ALIAS => $acl,
+ FIELD => 'RightName',
+ OPERATOR => '=',
+ VALUE => 'SuperUser',
+ ENTRYAGGREGATOR => 'OR'
+ );
+ }
+ return $acl;