Change to ZZZACL.pm has broken ACL

Moderator: crythias

Locked
numerouno
Znuny newbie
Posts: 26
Joined: 19 Jun 2014, 13:02
Znuny Version: OTRS 4.0.3

Change to ZZZACL.pm has broken ACL

Post by numerouno »

Hello all,

I manually changed ZZZACL.pm now when I 'deploy ACLs' from OTRS GUI it breaks OTRS returning 'Internal error' to 50% of pages.

If I delete ZZZACL.pm then OTRS works but I have lost my ACLs.

Can anyone advise a fix to allow me to redeploy ACLs in this situation.

Thank you, Ben
Top
reneeb
Znuny guru
Posts: 5018
Joined: 13 Mar 2011, 09:54
Znuny Version: 6.0.x
Real Name: Renée Bäcker
Company: Perl-Services.de
Contact:
Contact reneeb

Re: Change to ZZZACL.pm has broken ACL

Post by reneeb »

show code...

what did you change?
Perl / Znuny development: http://perl-services.de
Free Znuny add ons from the community: http://opar.perl-services.de
Commercial add ons: http://feature-addons.de
Top
numerouno
Znuny newbie
Posts: 26
Joined: 19 Jun 2014, 13:02
Znuny Version: OTRS 4.0.3

Re: Change to ZZZACL.pm has broken ACL

Post by numerouno »

The change was to an existing ACL rule, after deleting ZZZACL.pm then using GUI function 'deploy ACLs' recreates ZZZACL.pm file.

However something is still broken, current ZZZACL.pm code which breaks OTRS:

Code: Select all

# OTRS config file (automatically generated)
# VERSION:1.1
package Kernel::Config::Files::ZZZACL;
use strict;
use warnings;
no warnings 'redefine';
use utf8;
sub Load {
    my ($File, $Self) = @_;

# Created: 2015-07-15 11:05:12 (ben)
# Changed: 2015-07-15 11:05:12 (ben)
$Self->{TicketAcl}->{"Admin queue restirction - IT Support"} = {
  'Possible' => {
    'Ticket' => {
      'Queue' => [
        'IT Support'
      ]
    }
  },
  'PossibleAdd' => {},
  'PossibleNot' => {},
  'Properties' => {},
  'PropertiesDatabase' => {
    'User' => {
      'UserLogin' => [
        'jay'
      ]
    }
  },
  'StopAfterMatch' => 0
};

# Created: 2015-07-15 11:05:12 (ben)
# Changed: 2015-07-15 11:05:12 (ben)
$Self->{TicketAcl}->{"Admin queue restriction - Support"} = {
  'Possible' => {},
  'PossibleAdd' => {},
  'PossibleNot' => {
    'Ticket' => {
      'Queue' => [
        'IT Support'
      ]
    }
  },
  'Properties' => {},
  'PropertiesDatabase' => {
    'User' => {
      'UserLogin' => [
        'ben',
        'nikhil'
      ]
    }
  },
  'StopAfterMatch' => 0
};

# Created: 2015-07-15 11:05:12 (ben)
# Changed: 2015-07-15 11:05:12 (ben)
$Self->{TicketAcl}->{"Department Field"} = {
  'Possible' => {},
  'PossibleAdd' => {},
  'PossibleNot' => {
    'Ticket' => {
      'DynamicField' => [
        'Department'
      ]
    }
  },
  'Properties' => {},
  'PropertiesDatabase' => {
    'User' => {
      'Role' => [
        'L1 Support',
        'Admin'
      ]
    }
  },
  'StopAfterMatch' => 0
};

# Created: 2015-07-15 11:05:12 (ben)
# Changed: 2015-07-15 11:05:12 (ben)
$Self->{TicketAcl}->{"DynamicFieldSource restrict - Support"} = {
  'Possible' => {},
  'PossibleAdd' => {},
  'PossibleNot' => {
    'Ticket' => {
      'DynamicFieldSource' => [
        'Chat',
        'In person',
        'Phone'
      ]
    }
  },
  'Properties' => {},
  'PropertiesDatabase' => {
    'User' => {
      'Group' => [
        'L1 Support',
        'L2 Support'
      ]
    }
  },
  'StopAfterMatch' => 0
};

# Created: 2015-07-15 11:05:12 (ben)
# Changed: 2015-07-15 11:05:12 (ben)
$Self->{TicketAcl}->{"DynamicFieldSource restrictt - IT Support"} = {
  'Possible' => {
    'Ticket' => {
      'DynamicField_Source' => [
        'In person',
        'Phone',
        'Chat'
      ]
    }
  },
  'PossibleAdd' => {},
  'PossibleNot' => {},
  'Properties' => {},
  'PropertiesDatabase' => {
    'Queue' => {
      'IT Support' => []
    }
  },
  'StopAfterMatch' => 0
};

# Created: 2015-07-15 11:05:12 (ben)
# Changed: 2015-07-15 11:05:12 (ben)
$Self->{TicketAcl}->{"Restrict Source dynamic field"} = {
  'Possible' => {},
  'PossibleAdd' => {},
  'PossibleNot' => {
    'Ticket' => {
      'DynamicField_Source' => [
        '[regexp]^*'
      ]
    }
  },
  'Properties' => {},
  'PropertiesDatabase' => {
    'User' => {
      'Role' => [
        'IT Support'
      ]
    }
  },
  'StopAfterMatch' => 0
};

# Created: 2015-07-15 11:05:12 (ben)
# Changed: 2015-07-15 11:05:12 (ben)
$Self->{TicketAcl}->{"Restrict State - IT Support"} = {
  'Possible' => {},
  'PossibleAdd' => {},
  'PossibleNot' => {
    'Ticket' => {
      'State' => [
        'New',
        'L2 Investigation',
        'L1 Investigation',
        'Awaiting Patch Release',
        'Awaiting Patch Deployment',
        'Awaiting L3 Investigation',
        'Awaiting L2 Investigation',
        'Awaiting Internal Info',
        'Awaiting DBA Investigation',
        'Awaiting Customer Info',
        'Awaiting Acknowledgement',
        'Analyzed',
        'Under Observation',
        'Pending auto close+',
        'Support Suspended',
        'False Positive Alert'
      ]
    }
  },
  'Properties' => {
    'User' => {
      'Role' => [
        'IT Support'
      ]
    }
  },
  'PropertiesDatabase' => {},
  'StopAfterMatch' => 0
};

# Created: 2015-07-15 11:05:12 (ben)
# Changed: 2015-07-15 11:05:12 (ben)
$Self->{TicketAcl}->{"Restrict State - L1/L2 Support"} = {
  'Possible' => {},
  'PossibleAdd' => {},
  'PossibleNot' => {
    'Ticket' => {
      'State' => [
        'Open',
        'Under Investigation',
        'Ongoing',
        'Pending - Vendor',
        'Pending - Employee',
        'Solved',
        'Pending - Approval'
      ]
    }
  },
  'Properties' => {
    'User' => {
      'Role' => [
        'L1 Support',
        'L2 Support'
      ]
    }
  },
  'PropertiesDatabase' => {},
  'StopAfterMatch' => 0
};

# Created: 2015-07-15 11:05:12 (ben)
# Changed: 2015-07-15 11:05:12 (ben)
$Self->{TicketAcl}->{"Restrict Type - IT Support"} = {
  'Possible' => {
    'Ticket' => {
      'Type' => [
        'Help/Assistance',
        'Procurement',
        'Incident',
        'Change',
        'Monitoring'
      ]
    }
  },
  'PossibleAdd' => {},
  'PossibleNot' => {
    'Ticket' => {
      'Type' => [
        '*TBD*',
        '3rd Party Issue',
        'Usage',
        'Preventive Maintenance',
        'Modified Configuration',
        'Information',
        'Out-of-Scope',
        'Enhancement',
        'Administration',
        'Bug',
        '3rd Party Deployment Support '
      ]
    }
  },
  'Properties' => {},
  'PropertiesDatabase' => {
    'User' => {
      'Role' => [
        'IT Support'
      ]
    }
  },
  'StopAfterMatch' => 0
};

# Created: 2015-07-15 11:05:12 (ben)
# Changed: 2015-07-15 11:05:12 (ben)
$Self->{TicketAcl}->{"Restrict Type - L1/L2 Support"} = {
  'Possible' => {},
  'PossibleAdd' => {},
  'PossibleNot' => {
    'Ticket' => {
      'Type' => [
        'Help/Assistance',
        'Incident',
        'Procurement',
        'Monitoring',
        'Change'
      ]
    }
  },
  'Properties' => {},
  'PropertiesDatabase' => {
    'User' => {
      'Role' => [
        'L1 Support',
        'L2 Support'
      ]
    }
  },
  'StopAfterMatch' => 0
};

# Created: 2015-07-15 11:05:12 (ben)
# Changed: 2015-07-15 11:05:12 (ben)
$Self->{TicketAcl}->{"Restrict changebuilder"} = {
  'Possible' => {},
  'PossibleAdd' => {},
  'PossibleNot' => {},
  'Properties' => {},
  'PropertiesDatabase' => {},
  'StopAfterMatch' => 0
};

# Created: 2015-07-15 11:05:12 (ben)
# Changed: 2015-07-15 11:05:12 (ben)
$Self->{TicketAcl}->{"Service restriction  - IT Support"} = {
  'Possible' => {},
  'PossibleAdd' => {},
  'PossibleNot' => {
    'Ticket' => {
      'Service' => [
        'MT-Platinum'
      ]
    }
  },
  'Properties' => {},
  'PropertiesDatabase' => {
    'User' => {
      'Role' => [
        'IT Support'
      ]
    }
  },
  'StopAfterMatch' => 0
};

# Created: 2015-07-15 11:05:12 (ben)
# Changed: 2015-07-15 11:05:12 (ben)
$Self->{TicketAcl}->{"Service restriction  - Support"} = {
  'Possible' => {
    'Ticket' => {
      'Service' => [
        'MT-Platinum'
      ]
    }
  },
  'PossibleAdd' => {},
  'PossibleNot' => {},
  'Properties' => {},
  'PropertiesDatabase' => {
    'User' => {
      'Role' => [
        'L1 Support',
        'L2 Support'
      ]
    }
  },
  'StopAfterMatch' => 0
};

}
1;
Top
RStraub
Znuny guru
Posts: 2210
Joined: 13 Mar 2014, 09:16
Znuny Version: 6.0.14
Real Name: Rolf Straub

Re: Change to ZZZACL.pm has broken ACL

Post by RStraub »

Please use the "

Code: Select all

" tags.


What exactly does broken mean? Can you post us an apache log while "otrs breaks" ?
Currently using: OTRS 6.0.14 -- MariaDB -- Ubuntu 16 LTS
Top
numerouno
Znuny newbie
Posts: 26
Joined: 19 Jun 2014, 13:02
Znuny Version: OTRS 4.0.3

Re: Change to ZZZACL.pm has broken ACL

Post by numerouno »

When using OTRS 50% time page returns Error 500 - Internal Error page.

apache error log shows>
[Wed Jul 15 13:43:45 2015] [error] Attempt to reload /opt/otrs/Kernel/Config/Files/ZZZACL.pm aborted.\nCompilation failed in require at /opt/otrs//Kernel/Config/Defaults.pm line 2033.\n
[Wed Jul 15 13:43:47 2015] [error] Attempt to reload /opt/otrs/Kernel/Config/Files/ZZZACL.pm aborted.\nCompilation failed in require at /opt/otrs//Kernel/Config/Defaults.pm line 2033.\n

Thank you for help.
Top
RStraub
Znuny guru
Posts: 2210
Joined: 13 Mar 2014, 09:16
Znuny Version: 6.0.14
Real Name: Rolf Straub

Re: Change to ZZZACL.pm has broken ACL

Post by RStraub »

It seems OTRS cannot read or finde the file.

You could try to:
1) Make sure the permissions are set correctly
2) Run the rebuild config script
3) run the delete cache script
4) restart or reload the apache
Currently using: OTRS 6.0.14 -- MariaDB -- Ubuntu 16 LTS
Top
numerouno
Znuny newbie
Posts: 26
Joined: 19 Jun 2014, 13:02
Znuny Version: OTRS 4.0.3

Re: Change to ZZZACL.pm has broken ACL

Post by numerouno »

Thank you so much for help.

Had done everything on your list except restart apache.

Restarting apache has fixed the issue.
Top
Locked

Return to “Help”