diff options
| author | ivan <ivan> | 2004-03-11 02:05:38 +0000 | 
|---|---|---|
| committer | ivan <ivan> | 2004-03-11 02:05:38 +0000 | 
| commit | eb9668a6f3181ee02cb335272c5ee4616e61fd09 (patch) | |
| tree | f5a22d9141723fd9e2fdb40430e4a38743b72604 /rt/html/REST/1.0/ticket/comment | |
| parent | 25953817e61fd252c18241699c0b6cdc3fa54121 (diff) | |
| parent | 289340780927b5bac2c7604d7317c3063c6dd8cc (diff) | |
This commit was generated by cvs2svn to compensate for changes in r3241,
which included commits to RCS files with non-trunk default branches.
Diffstat (limited to 'rt/html/REST/1.0/ticket/comment')
| -rw-r--r-- | rt/html/REST/1.0/ticket/comment | 149 | 
1 files changed, 149 insertions, 0 deletions
| diff --git a/rt/html/REST/1.0/ticket/comment b/rt/html/REST/1.0/ticket/comment new file mode 100644 index 000000000..9d1b06246 --- /dev/null +++ b/rt/html/REST/1.0/ticket/comment @@ -0,0 +1,149 @@ +%# BEGIN LICENSE BLOCK +%#  +%# Copyright (c) 1996-2003 Jesse Vincent <jesse@bestpractical.com> +%#  +%# (Except where explictly superceded by other copyright notices) +%#  +%# This work is made available to you under the terms of Version 2 of +%# the GNU General Public License. A copy of that license should have +%# been provided with this software, but in any event can be snarfed +%# from www.gnu.org. +%#  +%# This work is distributed in the hope that it will be useful, but +%# WITHOUT ANY WARRANTY; without even the implied warranty of +%# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU +%# General Public License for more details. +%#  +%# Unless otherwise specified, all modifications, corrections or +%# extensions to this work which alter its source code become the +%# property of Best Practical Solutions, LLC when submitted for +%# inclusion in the work. +%#  +%#  +%# END LICENSE BLOCK +%# REST/1.0/ticket/comment +%# +<%ARGS> +$content +</%ARGS> +<%INIT> +use MIME::Entity; +use LWP::MediaTypes; +use RT::Interface::REST; +use File::Temp qw(tempfile); + +my $ticket = new RT::Ticket $session{CurrentUser}; +my $object = $r->path_info; +my $status = "200 Ok"; +my $output; +my $action; + +# http://.../REST/1.0/ticket/comment/1 +my ($c, $o, $k, $e) = @{ form_parse($content)->[0] }; +if ($e || !$o) { +    if (!$o) { +        $output = "Empty form submitted.\n"; +    } +    else { +        $c = "# Syntax error."; +        $output = form_compose([[$c, $o, $k, $e]]); +    } +    $status = "400 Bad Request"; +    goto OUTPUT; +} + +$object =~ s#^/##; +$object ||= $k->{Ticket}; +unless ($object =~ /^\d+/) { +    $output = "Invalid ticket id: `$object'.\n"; +    $status = "400 Bad Request"; +    goto OUTPUT; +} +if ($k->{Ticket} && $object ne $k->{Ticket}) { +    $output = "The submitted form and URL specify different tickets.\n"; +    $status = "400 Bad Request"; +    goto OUTPUT; +} + +($action = $k->{Action}) =~ s/^(.)(.*)$/\U$1\L$2\E/; +unless ($action =~ /^(?:Comment|Correspond)$/) { +    $output = "Invalid action: `$action'.\n"; +    $status = "400 Bad Request"; +    goto OUTPUT; +} + +my $text = $k->{Text}; +my @atts = @{ vsplit($k->{Attachment}) }; + +if (!$k->{Text} && @atts == 0) { +        $status = "400 Bad Request"; +        $output = "Empty comment with no attachments submitted.\n"; +        goto OUTPUT; +} + +my $cgi = $m->cgi_object; +my $ent = MIME::Entity->build(Type => "multipart/mixed"); +$ent->attach(Data => $k->{Text}) if $k->{Text}; + +my $i = 1; +foreach my $att (@atts) { +    local $/=undef; +    my $file = $att; +    $file =~ s#^.*[\\/]##; + +    my $fh = $cgi->upload("attachment_$i"); +    if ($fh) { +        my $buf; +        my ($w, $tmp) = tempfile(); +        my $info = $cgi->uploadInfo(); + +        while (sysread($fh, $buf, 8192)) { +            syswrite($w, $buf); +        } + +        $ent->attach( +            Path => $tmp, +            Type => $info->{'Content-Type'} || guess_media_type($tmp), +            Filename => $file, +            Disposition => "attachment" +        ); +    } +    else { +        $status = "400 Bad Request"; +        $output = "No attachment for $att.\n"; +        goto OUTPUT; +    } + +    $i++; +} + +$ticket->Load($object); +unless ($ticket->Id) { +    $output = "Couldn't load ticket id: `$object'.\n"; +    $status = "404 Ticket not found"; +    goto OUTPUT; +} +unless ($ticket->CurrentUserHasRight('ModifyTicket') || +        ($action eq "Comment" && +         $ticket->CurrentUserHasRight("CommentOnTicket")) || +        ($action eq "Correspond" && +         $ticket->CurrentUserHasRight("ReplyToTicket"))) +{ +    $output = "You are not allowed to $action on ticket $object.\n"; +    $status = "403 Permission denied"; +    goto OUTPUT; +} + +my $cc = join ", ", @{ vsplit($k->{Cc}) }; +my $bcc = join ", ", @{ vsplit($k->{Bcc}) }; +my ($n, $s) = $ticket->$action(MIMEObj => $ent, +                               CcMessageTo => $cc, +                               BccMessageTo => $bcc, +                               TimeTaken => $k->{TimeWorked} || 0); +$output = $s; + +OUTPUT: +</%INIT> +RT/<% $RT::VERSION %> <% $status %> + +<% $output |n %> | 
