Kernel::System::Group

NAME

Kernel::System::Group – group and roles lib

DESCRIPTION

All group and roles functions. E. g. to add groups or to get a member list of a group.

PUBLIC INTERFACE

new()

Don't use the constructor directly, use the ObjectManager instead:

    my $GroupObject = $Kernel::OM->Get('Kernel::System::Group');

GroupLookup()

get id or name for group

    my $Group = $GroupObject->GroupLookup(
        GroupID => $GroupID,
    );

    my $GroupID = $GroupObject->GroupLookup(
        Group => $Group,
    );

GroupAdd()

to add a group

    my $ID = $GroupObject->GroupAdd(
        Name    => 'example-group',
        Comment => 'comment describing the group',   # optional
        ValidID => 1,
        UserID  => 123,
    );

GroupGet()

returns a hash with group data

    my %GroupData = $GroupObject->GroupGet(
        ID => 2,
    );

This returns something like:

    %GroupData = (
        'Name'       => 'admin',
        'ID'         => 2,
        'ValidID'    => '1',
        'CreateTime' => '2010-04-07 15:41:15',
        'ChangeTime' => '2010-04-07 15:41:15',
        'Comment'    => 'Group of all administrators.',
    );

GroupUpdate()

update of a group

    my $Success = $GroupObject->GroupUpdate(
        ID      => 123,
        Name    => 'example-group',
        Comment => 'comment describing the group',   # optional
        ValidID => 1,
        UserID  => 123,
    );

GroupList()

returns a hash of all groups

    my %Groups = $GroupObject->GroupList(
        Valid => 1,   # (optional) default 0
    );

the result looks like

    %Groups = (
        '1' => 'users',
        '2' => 'admin',
        '3' => 'stats',
        '4' => 'secret',
    );

GroupDataList()

returns a hash of all group data

    my %GroupDataList = $GroupObject->GroupDataList();

the result looks like

    %GroupDataList = (
        1 => {
            ID         => 1,
            Name       => 'Group 1',
            Comment    => 'The Comment of Group 1',
            ValidID    => 1,
            CreateTime => '2014-01-01 00:20:00',
            CreateBy   => 1,
            ChangeTime => '2014-01-02 00:10:00',
            ChangeBy   => 1,
        },
        2 => {
            ID         => 2,
            Name       => 'Group 2',
            Comment    => 'The Comment of Group 2',
            ValidID    => 1,
            CreateTime => '2014-11-01 10:00:00',
            CreateBy   => 1,
            ChangeTime => '2014-11-02 01:00:00',
            ChangeBy   => 1,
        },
    );

RoleLookup()

get id or name for role

    my $Role = $GroupObject->RoleLookup(
        RoleID => $RoleID,
    );

    my $RoleID = $GroupObject->RoleLookup(
        Role => $Role,
    );

RoleGet()

returns a hash with role data

    my %RoleData = $GroupObject->RoleGet(
        ID => 2,
    );

This returns something like:

    %RoleData = (
        'Name'       => 'role_helpdesk_agent',
        'ID'         => 2,
        'ValidID'    => '1',
        'CreateTime' => '2010-04-07 15:41:15',
        'ChangeTime' => '2010-04-07 15:41:15',
        'Comment'    => 'Role for help-desk people.',
    );

RoleAdd()

to add a new role

    my $RoleID = $GroupObject->RoleAdd(
        Name    => 'example-role',
        Comment => 'comment describing the role',   # optional
        ValidID => 1,
        UserID  => 123,
    );

RoleUpdate()

update of a role

    my $Success = $GroupObject->RoleUpdate(
        ID      => 123,
        Name    => 'example-group',
        Comment => 'comment describing the role',   # optional
        ValidID => 1,
        UserID  => 123,
    );

RoleList()

returns a hash of all roles

    my %Roles = $GroupObject->RoleList(
        Valid => 1,
    );

the result looks like

    %Roles = (
        '1' => 'role_helpdesk_agent',
        '2' => 'role_systemsmanagement_agent',
        '3' => 'role_otrs_admin',
        '4' => 'role_faq_manager',
    );

RoleDataList()

returns a hash of all role data

    my %RoleDataList = $GroupObject->RoleDataList();

the result looks like

    %RoleDataList = (
        1 => {
            ID         => 1,
            Name       => 'Role 1',
            Comment    => 'The Comment of Role 1',
            ValidID    => 1,
            CreateTime => '2014-01-01 00:20:00',
            CreateBy   => 1,
            ChangeTime => '2014-01-02 00:10:00',
            ChangeBy   => 1,
        },
        2 => {
            ID         => 2,
            Name       => 'Role 2',
            Comment    => 'The Comment of Role 2',
            ValidID    => 1,
            CreateTime => '2014-11-01 10:00:00',
            CreateBy   => 1,
            ChangeTime => '2014-11-02 01:00:00',
            ChangeBy   => 1,
        },
    );

PermissionCheck()

Check if a user has a certain permission for a certain group.

    my $HasPermission = $GroupObject->PermissionCheck(
        UserID    => $UserID,
        GroupName => $GroupName,    # also possible to give an array reference with multiple group names.
        Type      => 'move_into',   # ro|move_into|create|note|owner|priority|rw
    );

    or

    my $HasPermission = $GroupObject->PermissionCheck(
        UserID    => $UserID,
        GroupName => [ $GroupName, $GroupName ],    # also possible to give an array reference with multiple group names.
        Type      => 'rw',   # ro|move_into|create|note|owner|priority|rw
    );

PermissionUserInvolvedGet()

returns a list of users with the given permissions

    my %Users = $GroupObject->PermissionUserInvolvedGet(
        UserID => $ID,
        Type   => 'move_into', # ro|move_into|create|note|owner|priority|rw
    );

PermissionUserGet()

Get groups of the given user.

    my %Groups = $GroupObject->PermissionUserGet(
        UserID => $ID,
        Type   => 'move_into', # ro|move_into|create|note|owner|priority|rw
    );

PermissionGroupGet()

Get users of the given group.

    my %Users = $GroupObject->PermissionGroupGet(
        GroupID => $ID,
        Type    => 'move_into', # ro|move_into|create|note|owner|priority|rw
    );

PermissionGroupUserAdd()

add new permissions or update existing one to the given group of a given user

    my $Success = $GroupObject->PermissionGroupUserAdd(
        GID => 12,
        UID => 6,
        Permission => {
            ro        => 1,
            move_into => 1,
            create    => 1,
            note      => 1,
            owner     => 1,
            priority  => 0,
            rw        => 0,
        },
        UserID => 123,
    );

PermissionGroupUserGet()

returns a list with all users of a group

    my %UserList = $GroupObject->PermissionGroupUserGet(
        GroupID => $GroupID,
        Type    => 'move_into',  # ro|move_into|create|note|owner|priority|rw
    );

    %UserList = (
        1 => 'User1',
        2 => 'User2',
        3 => 'User3',
    );

PermissionUserGroupGet()

returns a list of groups a user is member of

    my %GroupList = $GroupObject->PermissionUserGroupGet(
        UserID => 123,
        Type   => 'move_into',  # ro|move_into|create|note|owner|priority|rw
    );

    %GroupList = (
        1 => 'Group1',
        2 => 'Group2',
        3 => 'Group3',
    );

PermissionGroupRoleAdd()

add new permissions or update existing one to the given group of a given role

    my $Success = $GroupObject->PermissionGroupRoleAdd(
        GID => 12,
        RID => 6,
        Permission => {
            ro        => 1,
            move_into => 1,
            create    => 1,
            note      =  1,
            owner     => 1,
            priority  => 0,
            rw        => 0,
        },
        UserID => 123,
    );

PermissionGroupRoleGet()

returns a list with all roles of a group

    my %RoleList = $GroupObject->PermissionGroupRoleGet(
        GroupID => $GroupID,
        Type    => 'move_into',  # ro|move_into|create|note|owner|priority|rw
    );

    %RoleList = (
        1 => 'Role1',
        2 => 'Role2',
        3 => 'Role3',
    );

PermissionRoleGroupGet()

returns a list with all groups of a role

    my %GroupList = $GroupObject->PermissionRoleGroupGet(
        RoleID => 12,
        Type   => 'move_into',  # ro|move_into|create|note|owner|priority|rw
    );

    %GroupList = (
        1 => 'Group1',
        2 => 'Group2',
        3 => 'Group3',
    );

PermissionRoleUserAdd()

add new permissions or update existing one to the given group of a given role

    my $Success = $GroupObject->PermissionRoleUserAdd(
        UID    => 12,
        RID    => 6,
        Active => 1,
        UserID => 123,
    );

PermissionRoleUserGet()

returns a list with all users of a role

    my %UserList = $GroupObject->PermissionRoleUserGet(
        RoleID => $RoleID,
    );

    %UserList = (
        1 => 'User1',
        2 => 'User2',
        3 => 'User3',
    );

PermissionUserRoleGet()

returns a list with all roles of a user

    my %RoleList = $GroupObject->PermissionUserRoleGet(
        UserID => $UserID,
    );

    %RoleList = (
        1 => 'Role1',
        2 => 'Role2',
        3 => 'Role3',
    );

GroupMemberAdd()

Function for backward compatibility. Redirected to PermissionGroupUserAdd().

GroupMemberList()

Function for backward compatibility. Redirected to PermissionUserGet() and PermissionGroupGet().

GroupMemberInvolvedList()

Function for backward compatibility. Redirected to PermissionUserInvolvedGet().

GroupGroupMemberList()

Function for backward compatibility. Redirected to PermissionUserGroupGet() and PermissionGroupUserGet().

GroupRoleMemberList()

Function for backward compatibility. Redirected to PermissionRoleGroupGet() and PermissionGroupRoleGet().

GroupRoleMemberAdd()

Function for backward compatibility. Redirected to PermissionGroupRoleAdd().

GroupUserRoleMemberList()

Function for backward compatibility. Redirected to PermissionUserRoleGet() and PermissionRoleUserGet().

GroupUserRoleMemberAdd()

Function for backward compatibility. Redirected to PermissionRoleUserAdd().

Scroll to Top