diff options
Diffstat (limited to 'rt/lib/RT/Interface/Email/Auth/MailFrom.pm')
| -rw-r--r-- | rt/lib/RT/Interface/Email/Auth/MailFrom.pm | 99 |
1 files changed, 46 insertions, 53 deletions
diff --git a/rt/lib/RT/Interface/Email/Auth/MailFrom.pm b/rt/lib/RT/Interface/Email/Auth/MailFrom.pm index 71cdf60..0673c73 100644 --- a/rt/lib/RT/Interface/Email/Auth/MailFrom.pm +++ b/rt/lib/RT/Interface/Email/Auth/MailFrom.pm @@ -1,8 +1,8 @@ # BEGIN BPS TAGGED BLOCK {{{ # # COPYRIGHT: -# -# This software is Copyright (c) 1996-2009 Best Practical Solutions, LLC +# +# This software is Copyright (c) 1996-2009 Best Practical Solutions, LLC # <jesse@bestpractical.com> # # (Except where explicitly superseded by other copyright notices) @@ -45,6 +45,7 @@ # those contributions and any derivatives thereof. # # END BPS TAGGED BLOCK }}} + package RT::Interface::Email::Auth::MailFrom; use RT::Interface::Email qw(ParseSenderAddressFromHead CreateUser); @@ -62,84 +63,74 @@ sub GetCurrentUser { # We don't need to do any external lookups my ( $Address, $Name ) = ParseSenderAddressFromHead( $args{'Message'}->head ); - - unless ($Address) { + unless ( $Address ) { + $RT::Logger->error("Couldn't find sender's address"); return ( $args{'CurrentUser'}, -1 ); } - my $CurrentUser = RT::CurrentUser->new(); - $CurrentUser->LoadByEmail($Address); - - unless ( $CurrentUser->Id ) { - $CurrentUser->LoadByName($Address); - } - + my $CurrentUser = new RT::CurrentUser; + $CurrentUser->LoadByEmail( $Address ); + $CurrentUser->LoadByName( $Address ) unless $CurrentUser->Id; if ( $CurrentUser->Id ) { + $RT::Logger->debug("Mail from user #". $CurrentUser->Id ." ($Address)" ); return ( $CurrentUser, 1 ); } - - # If the user can't be loaded, we may need to create one. Figure out the acl situation. - my $unpriv = RT::Group->new($RT::SystemUser); + my $unpriv = RT::Group->new( $RT::SystemUser ); $unpriv->LoadSystemInternalGroup('Unprivileged'); unless ( $unpriv->Id ) { - $RT::Logger->crit( "Auth::MailFrom couldn't find the 'Unprivileged' internal group" ); + $RT::Logger->crit("Couldn't find the 'Unprivileged' internal group"); return ( $args{'CurrentUser'}, -1 ); } - my $everyone = RT::Group->new($RT::SystemUser); + my $everyone = RT::Group->new( $RT::SystemUser ); $everyone->LoadSystemInternalGroup('Everyone'); unless ( $everyone->Id ) { - $RT::Logger->crit( "Auth::MailFrom couldn't find the 'Everyone' internal group"); + $RT::Logger->crit("Couldn't find the 'Everyone' internal group"); return ( $args{'CurrentUser'}, -1 ); } + $RT::Logger->debug("Going to create user with address '$Address'" ); + # but before we do that, we need to make sure that the created user would have the right # to do what we're doing. if ( $args{'Ticket'} && $args{'Ticket'}->Id ) { + my $qname = $args{'Queue'}->Name; # We have a ticket. that means we're commenting or corresponding if ( $args{'Action'} =~ /^comment$/i ) { # check to see whether "Everyone" or "Unprivileged users" can comment on tickets - unless ( $everyone->PrincipalObj->HasRight( - Object => $args{'Queue'}, - Right => 'CommentOnTicket' - ) - || $unpriv->PrincipalObj->HasRight( - Object => $args{'Queue'}, - Right => 'CommentOnTicket' - ) - ) { + unless ( $everyone->PrincipalObj->HasRight( Object => $args{'Queue'}, + Right => 'CommentOnTicket' ) + || $unpriv->PrincipalObj->HasRight( Object => $args{'Queue'}, + Right => 'CommentOnTicket' ) ) + { + $RT::Logger->debug("Unprivileged users have no right to comment on ticket in queue '$qname'"); return ( $args{'CurrentUser'}, 0 ); } } elsif ( $args{'Action'} =~ /^correspond$/i ) { # check to see whether "Everybody" or "Unprivileged users" can correspond on tickets - unless ( $everyone->PrincipalObj->HasRight(Object => $args{'Queue'}, - Right => 'ReplyToTicket' - ) - || $unpriv->PrincipalObj->HasRight( - Object => $args{'Queue'}, - Right => 'ReplyToTicket' - ) - ) { + unless ( $everyone->PrincipalObj->HasRight( Object => $args{'Queue'}, + Right => 'ReplyToTicket' ) + || $unpriv->PrincipalObj->HasRight( Object => $args{'Queue'}, + Right => 'ReplyToTicket' ) ) + { + $RT::Logger->debug("Unprivileged users have no right to reply to ticket in queue '$qname'"); return ( $args{'CurrentUser'}, 0 ); } - } elsif ( $args{'Action'} =~ /^take$/i ) { # check to see whether "Everybody" or "Unprivileged users" can correspond on tickets - unless ( $everyone->PrincipalObj->HasRight(Object => $args{'Queue'}, - Right => 'OwnTicket' - ) - || $unpriv->PrincipalObj->HasRight( - Object => $args{'Queue'}, - Right => 'OwnTicket' - ) - ) { + unless ( $everyone->PrincipalObj->HasRight( Object => $args{'Queue'}, + Right => 'OwnTicket' ) + || $unpriv->PrincipalObj->HasRight( Object => $args{'Queue'}, + Right => 'OwnTicket' ) ) + { + $RT::Logger->debug("Unprivileged users have no right to own ticket in queue '$qname'"); return ( $args{'CurrentUser'}, 0 ); } @@ -147,33 +138,35 @@ sub GetCurrentUser { elsif ( $args{'Action'} =~ /^resolve$/i ) { # check to see whether "Everybody" or "Unprivileged users" can correspond on tickets - unless ( $everyone->PrincipalObj->HasRight(Object => $args{'Queue'}, - Right => 'ModifyTicket' - ) - || $unpriv->PrincipalObj->HasRight( - Object => $args{'Queue'}, - Right => 'ModifyTicket' - ) - ) { + unless ( $everyone->PrincipalObj->HasRight( Object => $args{'Queue'}, + Right => 'ModifyTicket' ) + || $unpriv->PrincipalObj->HasRight( Object => $args{'Queue'}, + Right => 'ModifyTicket' ) ) + { + $RT::Logger->debug("Unprivileged users have no right to resolve ticket in queue '$qname'"); return ( $args{'CurrentUser'}, 0 ); } } else { + $RT::Logger->warning("Action '". ($args{'Action'}||'') ."' is unknown"); return ( $args{'CurrentUser'}, 0 ); } } # We're creating a ticket elsif ( $args{'Queue'} && $args{'Queue'}->Id ) { + my $qname = $args{'Queue'}->Name; # check to see whether "Everybody" or "Unprivileged users" can create tickets in this queue unless ( $everyone->PrincipalObj->HasRight( Object => $args{'Queue'}, Right => 'CreateTicket' ) - ) { + || $unpriv->PrincipalObj->HasRight( Object => $args{'Queue'}, + Right => 'CreateTicket' ) ) + { + $RT::Logger->debug("Unprivileged users have no right to create ticket in queue '$qname'"); return ( $args{'CurrentUser'}, 0 ); } - } $CurrentUser = CreateUser( undef, $Address, $Name, $Address, $args{'Message'} ); |