diff options
Diffstat (limited to 'rt/lib/RT/Ticket_Overlay.pm')
| -rw-r--r-- | rt/lib/RT/Ticket_Overlay.pm | 181 |
1 files changed, 137 insertions, 44 deletions
diff --git a/rt/lib/RT/Ticket_Overlay.pm b/rt/lib/RT/Ticket_Overlay.pm index 90f83a8a8..dad94375f 100644 --- a/rt/lib/RT/Ticket_Overlay.pm +++ b/rt/lib/RT/Ticket_Overlay.pm @@ -2,7 +2,7 @@ # # COPYRIGHT: # -# This software is Copyright (c) 1996-2009 Best Practical Solutions, LLC +# This software is Copyright (c) 1996-2007 Best Practical Solutions, LLC # <jesse@bestpractical.com> # # (Except where explicitly superseded by other copyright notices) @@ -24,7 +24,7 @@ # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA # 02110-1301 or visit their web page on the internet at -# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html. +# http://www.gnu.org/copyleft/gpl.html. # # # CONTRIBUTION SUBMISSION POLICY: @@ -716,6 +716,68 @@ sub Create { # }}} + # {{{ Deal with auto-customer association + + #unless we already have (a) customer(s)... + unless ( $self->Customers->Count ) { + + #first find any requestors with emails but *without* customer targets + my @NoCust_Requestors = + grep { $_->EmailAddress && ! $_->Customers->Count } + @{ $self->_Requestors->UserMembersObj->ItemsArrayRef }; + + for my $Requestor (@NoCust_Requestors) { + + #perhaps the stuff in here should be in a User method?? + my @Customers = + &RT::URI::freeside::email_search( email=>$Requestor->EmailAddress ); + + foreach my $custnum ( map $_->{'custnum'}, @Customers ) { + + ## false laziness w/RT/Interface/Web_Vendor.pm + my @link = ( 'Type' => 'MemberOf', + 'Target' => "freeside://freeside/cust_main/$custnum", + ); + + my( $val, $msg ) = $Requestor->_AddLink(@link); + #XXX should do something with $msg# push @non_fatal_errors, $msg; + + } + + } + + #find any requestors with customer targets + + my %cust_target = (); + + my @Requestors = + grep { $_->Customers->Count } + @{ $self->_Requestors->UserMembersObj->ItemsArrayRef }; + + foreach my $Requestor ( @Requestors ) { + foreach my $cust_link ( @{ $Requestor->Customers->ItemsArrayRef } ) { + $cust_target{ $cust_link->Target } = 1; + } + } + + #and then auto-associate this ticket with those customers + + foreach my $cust_target ( keys %cust_target ) { + + my @link = ( 'Type' => 'MemberOf', + #'Target' => "freeside://freeside/cust_main/$custnum", + 'Target' => $cust_target, + ); + + my( $val, $msg ) = $self->_AddLink(@link); + push @non_fatal_errors, $msg; + + } + + } + + # }}} + # {{{ Add all the custom fields foreach my $arg ( keys %args ) { @@ -1341,43 +1403,52 @@ sub AddWatcher { @_ ); - return ( 0, "No principal specified" ) - unless $args{'Email'} or $args{'PrincipalId'}; - - if ( !$args{'PrincipalId'} and $args{'Email'} ) { - my $user = RT::User->new( $self->CurrentUser ); - $user->LoadByEmail( $args{'Email'} ); - if ( $user->id ) { - $args{'PrincipalId'} = $user->PrincipalId; - delete $args{'Email'}; - } - } + # XXX, FIXME, BUG: if only email is provided then we only check + # for ModifyTicket right, but must try to get PrincipalId and + # check Watch* rights too if user exist # {{{ Check ACLS - # ModifyTicket allow you to add any watcher - return $self->_AddWatcher(%args) - if $self->CurrentUserHasRight('ModifyTicket'); - #If the watcher we're trying to add is for the current user - if ( $self->CurrentUser->PrincipalId == ($args{'PrincipalId'} || 0) ) { - # If it's an AdminCc and they have 'WatchAsAdminCc' + if ( $self->CurrentUser->PrincipalId == ($args{'PrincipalId'} || 0) + or lc( $self->CurrentUser->UserObj->EmailAddress ) + eq lc( RT::User->CanonicalizeEmailAddress( $args{'Email'} ) || '' ) ) + { + # If it's an AdminCc and they don't have + # 'WatchAsAdminCc' or 'ModifyTicket', bail if ( $args{'Type'} eq 'AdminCc' ) { - return $self->_AddWatcher( %args ) - if $self->CurrentUserHasRight('WatchAsAdminCc'); + unless ( $self->CurrentUserHasRight('ModifyTicket') + or $self->CurrentUserHasRight('WatchAsAdminCc') ) { + return ( 0, $self->loc('Permission Denied')) + } } - # If it's a Requestor or Cc and they have 'Watch' - elsif ( $args{'Type'} eq 'Cc' || $args{'Type'} eq 'Requestor' ) { - return $self->_AddWatcher( %args ) - if $self->CurrentUserHasRight('Watch'); + # If it's a Requestor or Cc and they don't have + # 'Watch' or 'ModifyTicket', bail + elsif ( ( $args{'Type'} eq 'Cc' ) or ( $args{'Type'} eq 'Requestor' ) ) { + + unless ( $self->CurrentUserHasRight('ModifyTicket') + or $self->CurrentUserHasRight('Watch') ) { + return ( 0, $self->loc('Permission Denied')) + } } else { - $RT::Logger->warning( "AddWatcher got passed a bogus type" ); + $RT::Logger->warning( "$self -> AddWatcher got passed a bogus type"); return ( 0, $self->loc('Error in parameters to Ticket->AddWatcher') ); } } - return ( 0, $self->loc("Permission Denied") ); + # If the watcher isn't the current user + # and the current user doesn't have 'ModifyTicket' + # bail + else { + unless ( $self->CurrentUserHasRight('ModifyTicket') ) { + return ( 0, $self->loc("Permission Denied") ); + } + } + + # }}} + + return ( $self->_AddWatcher(%args) ); } #This contains the meat of AddWatcher. but can be called from a routine like @@ -1740,6 +1811,25 @@ sub Requestors { # }}} +# {{{ sub _Requestors + +=head2 _Requestors + +Private non-ACLed variant of Reqeustors so that we can look them up for the +purposes of customer auto-association during create. + +=cut + +sub _Requestors { + my $self = shift; + + my $group = RT::Group->new($RT::SystemUser); + $group->LoadTicketRoleGroup(Type => 'Requestor', Ticket => $self->Id); + return ($group); +} + +# }}} + # {{{ sub Cc =head2 Cc @@ -2418,7 +2508,7 @@ sub _RecordNote { unless ( ($args{'MIMEObj'}->head->get('Message-ID') || '') =~ /<(rt-.*?-\d+-\d+)\.(\d+-0-0)\@\Q$RT::Organization>/ ) { - $args{'MIMEObj'}->head->replace( 'RT-Message-ID', + $args{'MIMEObj'}->head->set( 'RT-Message-ID', "<rt-" . $RT::VERSION . "-" . $$ . "-" @@ -2464,7 +2554,13 @@ sub _Links { unless ( $self->{"$field$type"} ) { $self->{"$field$type"} = new RT::Links( $self->CurrentUser ); - if ( $self->CurrentUserHasRight('ShowTicket') ) { + + #not sure what this ACL was supposed to do... but returning the + # bare (unlimited) RT::Links certainly seems wrong, it causes the + # $Ticket->Customers method during creation to return results for every + # ticket... + #if ( $self->CurrentUserHasRight('ShowTicket') ) { + # Maybe this ticket is a merged ticket my $Tickets = new RT::Tickets( $self->CurrentUser ); # at least to myself @@ -2481,7 +2577,7 @@ sub _Links { $self->{"$field$type"}->Limit( FIELD => 'Type', VALUE => $type ) if ($type); - } + #} } return ( $self->{"$field$type"} ); } @@ -3773,21 +3869,18 @@ See L<RT::Record> sub CustomFieldValues { my $self = shift; my $field = shift; - - return $self->SUPER::CustomFieldValues( $field ) - if !$field || $field =~ /^\d+$/; - - my $cf = RT::CustomField->new( $self->CurrentUser ); - $cf->LoadByNameAndQueue( Name => $field, Queue => $self->Queue ); - unless ( $cf->id ) { - $cf->LoadByNameAndQueue( Name => $field, Queue => 0 ); + if ( $field and $field !~ /^\d+$/ ) { + my $cf = RT::CustomField->new( $self->CurrentUser ); + $cf->LoadByNameAndQueue( Name => $field, Queue => $self->Queue ); + unless ( $cf->id ) { + $cf->LoadByNameAndQueue( Name => $field, Queue => 0 ); + } + unless ( $cf->id ) { + # If we didn't find a valid cfid, give up. + return RT::CustomFieldValues->new($self->CurrentUser); + } } - - # If we didn't find a valid cfid, give up. - return RT::ObjectCustomFieldValues->new( $self->CurrentUser ) - unless $cf->id; - - return $self->SUPER::CustomFieldValues( $cf->id ); + return $self->SUPER::CustomFieldValues($field); } # }}} |