add RT ACL for bulk updating tickets, #72964

[freeside.git] / rt / share / html / Search / Bulk.html

%# BEGIN BPS TAGGED BLOCK {{{
%#
%# COPYRIGHT:
%#
%# This software is Copyright (c) 1996-2015 Best Practical Solutions, LLC
%#                                          <sales@bestpractical.com>
%#
%# (Except where explicitly superseded by other copyright notices)
%#
%#
%# LICENSE:
%#
%# This work is made available to you under the terms of Version 2 of
%# the GNU General Public License. A copy of that license should have
%# been provided with this software, but in any event can be snarfed
%# from www.gnu.org.
%#
%# This work is distributed in the hope that it will be useful, but
%# WITHOUT ANY WARRANTY; without even the implied warranty of
%# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
%# General Public License for more details.
%#
%# You should have received a copy of the GNU General Public License
%# along with this program; if not, write to the Free Software
%# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
%# 02110-1301 or visit their web page on the internet at
%# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html.
%#
%#
%# CONTRIBUTION SUBMISSION POLICY:
%#
%# (The following paragraph is not intended to limit the rights granted
%# to you to modify and distribute this software under the terms of
%# the GNU General Public License and is only of importance to you if
%# you choose to contribute your changes and enhancements to the
%# community by submitting them to Best Practical Solutions, LLC.)
%#
%# By intentionally submitting any modifications, corrections or
%# derivatives to this work, or any other work intended for use with
%# Request Tracker, to Best Practical Solutions, LLC, you confirm that
%# you are the copyright holder for those contributions and you grant
%# Best Practical Solutions,  LLC a nonexclusive, worldwide, irrevocable,
%# royalty-free, perpetual, license to use, copy, create derivative
%# works based on those contributions, and sublicense and distribute
%# those contributions and any derivatives thereof.
%#
%# END BPS TAGGED BLOCK }}}
<& /Elements/Header, Title => $title &>
<& /Elements/Tabs &>

<& /Elements/ListActions, actions => \@results &>
<form method="post" action="<% RT->Config->Get('WebPath') %>/Search/Bulk.html" enctype="multipart/form-data" name="BulkUpdate" id="BulkUpdate">
% foreach my $var (qw(Query Format OrderBy Order Rows Page SavedChartSearchId)) {
<input type="hidden" class="hidden" name="<%$var%>" value="<%$ARGS{$var} || ''%>" />
%}
<& /Elements/CollectionList, 
    Query => $Query,
    DisplayFormat => $Format,
    Format => $ARGS{'Format'},
    Verbatim => 1,
    AllowSorting => 1,
    OrderBy => $OrderBy,
    Order => $Order,
    Rows => $Rows,
    Page => $Page,
    BaseURL => RT->Config->Get('WebPath')."/Search/Bulk.html?",
    Class => 'RT::Tickets'
   &>

% $m->callback(CallbackName => 'AfterTicketList', ARGSRef => \%ARGS);

<hr />

<& /Elements/Submit, Label => loc('Update'), CheckboxNameRegex => '/^UpdateTicket\d+$/', CheckAll => 1, ClearAll => 1 &>
<br />
<&|/Widgets/TitleBox, title => $title &>
<table>
<tr>
<td valign="top">
<table>
<tr><td class="label"> <&|/l&>Make Owner</&>: </td>
<td class="value"> <& /Elements/SelectOwner, Name => "Owner", Default => $ARGS{Owner} || '' &>
(<input type="checkbox" class="checkbox" name="ForceOwnerChange"
 <% $ARGS{ForceOwnerChange} ? 'checked="checked"' : '' %> /> <&|/l&>Force change</&>) </td></tr>
<tr><td class="label"> <&|/l&>Add Requestor</&>: </td>
<td class="value"> <input name="AddRequestor" size="20" value="<% $ARGS{AddRequestor} || '' %>" /> </td></tr>
<tr><td class="label"> <&|/l&>Remove Requestor</&>: </td>
<td class="value"> <input name="DeleteRequestor" size="20" value="<% $ARGS{DeleteRequestor} || '' %>"/> </td></tr>
<tr><td class="label"> <&|/l&>Add Cc</&>: </td>
<td class="value"> <input name="AddCc" size="20" value="<% $ARGS{AddCc} || '' %>" /> </td></tr>
<tr><td class="label"> <&|/l&>Remove Cc</&>: </td>
<td class="value"> <input name="DeleteCc" size="20" value="<% $ARGS{DeleteCc} || '' %>" /> </td></tr>
<tr><td class="label"> <&|/l&>Add AdminCc</&>: </td>
<td class="value"> <input name="AddAdminCc" size="20" value="<% $ARGS{AddAdminCc} || '' %>" /> </td></tr>
<tr><td class="label"> <&|/l&>Remove AdminCc</&>: </td>
<td class="value"> <input name="DeleteAdminCc" size="20" value="<% $ARGS{DeleteAdminCc} || '' %>" /> </td></tr>
</table>
</td>
<td valign="top">
<table>
<tr><td class="label"> <&|/l&>Make subject</&>: </td>
<td class="value"> <input name="Subject" size="20" value="<% $ARGS{Subject} || '' %>"/> </td></tr>
<tr><td class="label"> <&|/l&>Make priority</&>: </td>
% my $rel = ($ARGS{Priority} =~ s/^R//);
<td class="value"> <& /Elements/SelectPriority, Name => "Priority", Default => $ARGS{Priority} &> 
<select name="Priority-Mode">
<option value="absolute" <% !$rel && 'selected' %>>absolute</option>
<option value="relative" <%  $rel && 'selected' %>>relative</option>
</select>
</td></tr>
<tr><td class="label"> <&|/l&>Make queue</&>: </td>
<td class="value"> <& /Elements/SelectQueue, Name => "Queue", Default => $ARGS{Queue} &> </td></tr>
<tr><td class="label"> <&|/l&>Make Status</&>: </td>
<td class="value"> <& /Elements/SelectStatus, Name => "Status", Default => $ARGS{Status}, Queues => $seen_queues &> </td></tr>
<tr><td class="label"> <&|/l&>Make date Starts</&>: </td>
<td class="value"> <& /Elements/SelectDate, Name => "Starts_Date", Default => $ARGS{Starts_Date} || '' &> </td></tr>
<tr><td class="label"> <&|/l&>Make date Started</&>: </td>
<td class="value"> <& /Elements/SelectDate, Name => "Started_Date", Default => $ARGS{Started_Date} || '' &> </td></tr>
<tr><td class="label"> <&|/l&>Make date Told</&>: </td>
<td class="value"> <& /Elements/SelectDate, Name => "Told_Date", Default => $ARGS{Told_Date} || '' &> </td></tr>
<tr><td class="label"> <&|/l&>Make date Due</&>: </td>
<td class="value"> <& /Elements/SelectDate, Name => "Due_Date", Default => $ARGS{Due_Date} || '' &> </td></tr>
<tr><td class="label"> <&|/l&>Make date Resolved</&>: </td>
<td class="value"> <& /Elements/SelectDate, Name => "Resolved_Date", Default => $ARGS{Resolved_Date} || '' &> </td></tr>
</table>

</td>
</tr>
</table>
</&>
<&| /Widgets/TitleBox, title => loc('Add comments or replies to selected tickets') &>
<table>
<tr><td align="right"><&|/l&>Update Type</&>:</td>
<td><select name="UpdateType">
  <option value="private" <% $ARGS{UpdateType} && $ARGS{UpdateType} eq 'private' ? 'selected="selected"' : '' %> ><&|/l&>Comments (Not sent to requestors)</&></option>
<option value="response" <% $ARGS{UpdateType} && $ARGS{UpdateType} eq 'response' ? 'selected="selected"' : '' %>><&|/l&>Reply to requestors</&></option>
</select> 
</td></tr>
<tr><td align="right"><&|/l&>Subject</&>:</td><td> <input name="UpdateSubject"
size="60" value="<% $ARGS{UpdateSubject} || "" %>" /></td></tr>
% while (my $CF = $TxnCFs->Next()) {
<tr>
<td align="right"><% $CF->Name %>:</td>
<td><& /Elements/EditCustomField, 
    CustomField => $CF, 
    NamePrefix => "Object-RT::Transaction--CustomField-",
    Default => $ARGS{"Object-RT::Transaction--CustomField-" . $CF->id . '-Values'} || 
            $ARGS{"Object-RT::Transaction--CustomField-" . $CF->id . '-Value'},
    &><em><% $CF->FriendlyType %></em></td>
</td></tr>
% } # end if while

<& /Ticket/Elements/AddAttachments, %ARGS &>

 <tr><td class="labeltop"><&|/l&>Message</&>:</td><td>
%# Currently, bulk update always starts with Comment not Reply selected, so we check this unconditionally
% my $IncludeSignature = RT->Config->Get('MessageBoxIncludeSignatureOnComment');
<& /Elements/MessageBox, Name => "UpdateContent", 
    $ARGS{UpdateContent} ? ( Default => $ARGS{UpdateContent}, IncludeSignature => 0 ) :
                        ( IncludeSignature => $IncludeSignature ),
        &>
 </td></tr>
 </table>

</&>

<%perl>
my $cfs = RT::CustomFields->new($session{'CurrentUser'});
$cfs->LimitToGlobal();
$cfs->LimitToQueue($_) for keys %$seen_queues;
</%perl>

% if ($cfs->Count) {
<&|/Widgets/TitleBox, title => loc('Edit Custom Fields'), color => "#336633"&>
<table>
<tr>
<th><&|/l&>Name</&></th>
<th><&|/l&>Add values</&></th>
<th><&|/l&>Delete values</&></th>
</tr>
% while (my $cf = $cfs->Next()) {
<tr>
<td class="label"><% loc($cf->Name) %><br />
<em>(<%$cf->FriendlyType%>)</em></td>
% my $rows = 5;
% my $cf_id = $cf->id;
% my @add = (NamePrefix => 'Bulk-Add-CustomField-', CustomField => $cf, Rows => $rows,
%   Multiple => ($cf->MaxValues ==1 ? 0 : 1) , Cols => 25, 
%   Default => $ARGS{"Bulk-Add-CustomField-$cf_id-Values"} || $ARGS{"Bulk-Add-CustomField-$cf_id-Value"}, );
% my @del = (NamePrefix => 'Bulk-Delete-CustomField-', CustomField => $cf,
%   Rows => $rows, Multiple => 1, Cols => 25,
%   Default => $ARGS{"Bulk-Delete-CustomField-$cf_id-Values"} || $ARGS{"Bulk-Delete-CustomField-$cf_id-Value"}, );
% if ($cf->Type eq 'Select') {
<td><& /Elements/EditCustomFieldSelect, @add &></td>
<td><& /Elements/EditCustomFieldSelect, @del &></td>
% } elsif ($cf->Type eq 'Combobox') {
<td><& /Elements/EditCustomFieldCombobox, @add &></td>
<td><& /Elements/EditCustomFieldCombobox, @del &></td>
% } elsif ($cf->Type eq 'Freeform') {
<td><& /Elements/EditCustomFieldFreeform, @add &></td>
<td><& /Elements/EditCustomFieldFreeform, @del &></td>
% } elsif ($cf->Type eq 'Text') {
<td><& /Elements/EditCustomFieldText, @add &></td>
<td>&nbsp;</td>
% } elsif ($cf->Type eq 'Date') {
<td><& /Elements/EditCustomFieldDate, @add, Default => undef &></td>
<td><& /Elements/EditCustomFieldDate, @del, Default => undef &></td>
% } elsif ($cf->Type eq 'DateTime') {
% # Pass datemanip format to prevent another tz date conversion
<td><& /Elements/EditCustomFieldDateTime, @add, Default => undef, Format => 'datemanip' &></td>
<td><& /Elements/EditCustomFieldDateTime, @del, Default => undef, Format => 'datemanip' &></td>
% } else {
%   $RT::Logger->crit("Unknown CustomField type: " . $cf->Type);
% }
</tr>
% }
</table>
</&>
% }

<&|/Widgets/TitleBox, title => loc('Edit Links'), color => "#336633"&>
<em><&|/l&>Enter tickets or URIs to link tickets to. Separate multiple entries with spaces.</&></em><br />
<& /Ticket/Elements/BulkLinks, Tickets => $Tickets, $ARGS{'AddMoreAttach'} ? %ARGS : () &>
</&>

<& /Elements/Submit, Label => loc('Update') &>


</form>


<%INIT>
unless ( defined $Rows ) {
    $Rows = $RowsPerPage;
    $ARGS{Rows} = $RowsPerPage;
}
my $title = loc("Update multiple tickets");

#freeside
unless ( $session{'CurrentUser'}
         ->HasRight( Right => 'BulkUpdateTickets', Object => RT->System) )
{
    Abort('You are not allowed to bulk-update tickets.');
}

# Iterate through the ARGS hash and remove anything with a null value.
map ( $ARGS{$_} =~ /^$/ && ( delete $ARGS{$_} ), keys %ARGS );

my (@results);

ProcessAttachments(ARGSRef => \%ARGS);

$Page ||= 1;

$Format ||= RT->Config->Get('DefaultSearchResultFormat');

# inject _CHECKBOX to the first field.
$Format =~ s/'?([^']+)'?,/'___CHECKBOX__$1',/;      #'

my $Tickets = RT::Tickets->new( $session{'CurrentUser'} );
$Tickets->FromSQL($Query);
if ( $OrderBy =~ /\|/ ) {

  # Multiple Sorts
  my @OrderBy = split /\|/, $OrderBy;
  my @Order   = split /\|/, $Order;
  $Tickets->OrderByCols(
    map { { FIELD => $OrderBy[$_], ORDER => $Order[$_] } }
      ( 0 .. $#OrderBy ) );
}
else {
  $Tickets->OrderBy( FIELD => $OrderBy, ORDER => $Order );
}

$Tickets->RowsPerPage($Rows) if ($Rows);
$Tickets->GotoPage( $Page - 1 );    # SB uses page 0 as the first page

Abort( loc("No search to operate on.") ) unless ($Tickets);

# build up a list of all custom fields for tickets that we're displaying, so
# we can display sane edit widgets.

my $fields      = {};
my $seen_queues = {};
while ( my $ticket = $Tickets->Next ) {
    next if $seen_queues->{ $ticket->Queue }++;

    my $custom_fields = $ticket->CustomFields;
    while ( my $field = $custom_fields->Next ) {
        $fields->{ $field->id } = $field;
    }
}

#Iterate through each ticket we've been handed
my @linkresults;

$Tickets->RedoSearch();

# pull out the labels for any custom fields we want to update

my $cf_del_keys;
@$cf_del_keys = grep { /^Bulk-Delete-CustomField/ } keys %ARGS;
my $cf_add_keys;
@$cf_add_keys = grep { /^Bulk-Add-CustomField/ } keys %ARGS;

if ( defined($ARGS{'Priority'})
     and ($ARGS{'Priority-Mode'} || '') eq 'relative' ) {
    # magic in Ticket::SetPriority
    $ARGS{'Priority'} = 'R'.$ARGS{'Priority'};
}
delete $ARGS{'Priority-Mode'};

unless ( $ARGS{'AddMoreAttach'} ) {
    # Add session attachments if any to be processed by ProcessUpdateMessage
    $ARGS{'UpdateAttachments'} = $session{'Attachments'} if ( $session{'Attachments'} );

    while ( my $Ticket = $Tickets->Next ) {
        next unless ( $ARGS{ "UpdateTicket" . $Ticket->Id } );

        #Update the links
        $ARGS{'id'} = $Ticket->id;

        my @updateresults = ProcessUpdateMessage(
                TicketObj => $Ticket,
                ARGSRef   => \%ARGS,
            );

        #Update the basics.
        my @basicresults =
          ProcessTicketBasics( TicketObj => $Ticket, ARGSRef => \%ARGS );
        my @dateresults =
          ProcessTicketDates( TicketObj => $Ticket, ARGSRef => \%ARGS );

        #Update the watchers
        my @watchresults =
          ProcessTicketWatchers( TicketObj => $Ticket, ARGSRef => \%ARGS );

        foreach my $type (qw(MergeInto DependsOn MemberOf RefersTo)) {
            $ARGS{ $Ticket->id . "-" . $type } = $ARGS{"Ticket-$type"};
            $ARGS{ $type . "-" . $Ticket->id } = $ARGS{"$type-Ticket"};
        }
        @linkresults =
          ProcessTicketLinks( TicketObj => $Ticket, ARGSRef => \%ARGS );
        foreach my $type (qw(MergeInto DependsOn MemberOf RefersTo)) {
            delete $ARGS{ $type . "-" . $Ticket->id };
            delete $ARGS{ $Ticket->id . "-" . $type };
        }

        my @cfresults;

        foreach my $list ( $cf_add_keys, $cf_del_keys ) {
            next unless $list->[0];


            my $op;
            if ( $list->[0] =~ /Add/ ) {
                $op = 'add';

            }
            elsif ( $list->[0] =~ /Del/ ) {
                $op = 'del';
            }
            else {
                $RT::Logger->crit(
                    "Got an op that was neither add nor delete. can never happen"
                      . $list->[0] );
                last;
            }

            foreach my $key (@$list) {
                my ( $cfid, $cf );
                next if $key =~ /CustomField-(\d+)-Category$/;
                if ( $key =~ /CustomField-(\d+)-/ ) {
                    $cfid = $1;
                    $cf   = RT::CustomField->new( $session{'CurrentUser'} );
                    $cf->Load($cfid);
                }
                else {next}
                my @values =
                  ref( $ARGS{$key} ) eq 'ARRAY'
                  ? @{ $ARGS{$key} }
                  : ( $ARGS{$key} );
                map { s/(\r\n|\r)/\n/g; } @values;    # fix the newlines
                     # now break the multiline values into multivalues
                @values = map { split( /\n/, $_ ) } @values
                  unless ( $cf->SingleValue );

                my $current_values = $Ticket->CustomFieldValues($cfid);

                if ( $cf->Type eq 'DateTime' || $cf->Type eq 'Date' ){
                    # Clear out empty string submissions to avoid
                    # Not set changed to Not set
                    @values = grep length, @values;
                }

                foreach my $value (@values) {

                    if ( $op eq 'del' ) {
                        if ( my $entry = $current_values->HasEntry($value) ) {
                            my ( $id, $msg ) = $Ticket->DeleteCustomFieldValue(
                                Field => $cfid,
                                ValueId => $entry->id,
                            );
                            push @cfresults, $msg;
                        }
                    }

                    elsif ( $op eq 'add' && !$current_values->HasEntry($value) ) {
                        my ( $id, $msg ) = $Ticket->AddCustomFieldValue(
                            Field => $cfid,
                            Value => $value
                        );
                        push @cfresults, $msg;
                    }
                }
            }
        }
        my @statusresults =
          ProcessTicketStatus( TicketObj => $Ticket, ARGSRef => \%ARGS );

          my @tempresults = (
            @watchresults,  @basicresults, @dateresults,
            @updateresults, @linkresults,  @cfresults,
            @statusresults
        );

        @tempresults =
          map { 
              $_ =~ /^Ticket \d+:/ ?  $_ : 
              loc( "Ticket [_1]: [_2]", $Ticket->Id, $_ ) 
            } @tempresults;

        @results = ( @results, @tempresults );
    }

    # Cleanup WebUI
    delete $session{'Attachments'};

    $Tickets->RedoSearch();
}

my $TxnCFs = RT::CustomFields->new( $session{CurrentUser} );
$TxnCFs->LimitToLookupType( RT::Transaction->CustomFieldLookupType );
$TxnCFs->LimitToGlobalOrObjectId( keys %$seen_queues );

</%INIT>
<%args>
$Format => undef
$Page => 1
$Rows => undef
$RowsPerPage => undef
$Order => 'ASC'
$OrderBy => 'id'
$Query => undef
$SavedSearchId => undef
$SavedChartSearchId => undef
</%args>