1 # BEGIN BPS TAGGED BLOCK {{{
5 # This software is Copyright (c) 1996-2011 Best Practical Solutions, LLC
6 # <sales@bestpractical.com>
8 # (Except where explicitly superseded by other copyright notices)
13 # This work is made available to you under the terms of Version 2 of
14 # the GNU General Public License. A copy of that license should have
15 # been provided with this software, but in any event can be snarfed
18 # This work is distributed in the hope that it will be useful, but
19 # WITHOUT ANY WARRANTY; without even the implied warranty of
20 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 # General Public License for more details.
23 # You should have received a copy of the GNU General Public License
24 # along with this program; if not, write to the Free Software
25 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
26 # 02110-1301 or visit their web page on the internet at
27 # http://www.gnu.org/licenses/old-licenses/gpl-2.0.html.
30 # CONTRIBUTION SUBMISSION POLICY:
32 # (The following paragraph is not intended to limit the rights granted
33 # to you to modify and distribute this software under the terms of
34 # the GNU General Public License and is only of importance to you if
35 # you choose to contribute your changes and enhancements to the
36 # community by submitting them to Best Practical Solutions, LLC.)
38 # By intentionally submitting any modifications, corrections or
39 # derivatives to this work, or any other work intended for use with
40 # Request Tracker, to Best Practical Solutions, LLC, you confirm that
41 # you are the copyright holder for those contributions and you grant
42 # Best Practical Solutions, LLC a nonexclusive, worldwide, irrevocable,
43 # royalty-free, perpetual, license to use, copy, create derivative
44 # works based on those contributions, and sublicense and distribute
45 # those contributions and any derivatives thereof.
47 # END BPS TAGGED BLOCK }}}
49 package RT::Interface::Email::Auth::MailFrom;
50 use RT::Interface::Email qw(ParseSenderAddressFromHead CreateUser);
54 # This is what the ordinary, non-enhanced gateway does at the moment.
57 my %args = ( Message => undef,
66 # We don't need to do any external lookups
67 my ( $Address, $Name ) = ParseSenderAddressFromHead( $args{'Message'}->head );
69 $RT::Logger->error("Couldn't find sender's address");
70 return ( $args{'CurrentUser'}, -1 );
73 my $CurrentUser = new RT::CurrentUser;
74 $CurrentUser->LoadByEmail( $Address );
75 $CurrentUser->LoadByName( $Address ) unless $CurrentUser->Id;
76 if ( $CurrentUser->Id ) {
77 $RT::Logger->debug("Mail from user #". $CurrentUser->Id ." ($Address)" );
78 return ( $CurrentUser, 1 );
81 # If the user can't be loaded, we may need to create one. Figure out the acl situation.
82 my $unpriv = RT::Group->new( $RT::SystemUser );
83 $unpriv->LoadSystemInternalGroup('Unprivileged');
84 unless ( $unpriv->Id ) {
85 $RT::Logger->crit("Couldn't find the 'Unprivileged' internal group");
86 return ( $args{'CurrentUser'}, -1 );
89 my $everyone = RT::Group->new( $RT::SystemUser );
90 $everyone->LoadSystemInternalGroup('Everyone');
91 unless ( $everyone->Id ) {
92 $RT::Logger->crit("Couldn't find the 'Everyone' internal group");
93 return ( $args{'CurrentUser'}, -1 );
96 $RT::Logger->debug("Going to create user with address '$Address'" );
98 # but before we do that, we need to make sure that the created user would have the right
99 # to do what we're doing.
100 if ( $args{'Ticket'} && $args{'Ticket'}->Id ) {
101 my $qname = $args{'Queue'}->Name;
102 # We have a ticket. that means we're commenting or corresponding
103 if ( $args{'Action'} =~ /^comment$/i ) {
105 # check to see whether "Everyone" or "Unprivileged users" can comment on tickets
106 unless ( $everyone->PrincipalObj->HasRight( Object => $args{'Queue'},
107 Right => 'CommentOnTicket' )
108 || $unpriv->PrincipalObj->HasRight( Object => $args{'Queue'},
109 Right => 'CommentOnTicket' ) )
111 $RT::Logger->debug("Unprivileged users have no right to comment on ticket in queue '$qname'");
112 return ( $args{'CurrentUser'}, 0 );
115 elsif ( $args{'Action'} =~ /^correspond$/i ) {
117 # check to see whether "Everybody" or "Unprivileged users" can correspond on tickets
118 unless ( $everyone->PrincipalObj->HasRight( Object => $args{'Queue'},
119 Right => 'ReplyToTicket' )
120 || $unpriv->PrincipalObj->HasRight( Object => $args{'Queue'},
121 Right => 'ReplyToTicket' ) )
123 $RT::Logger->debug("Unprivileged users have no right to reply to ticket in queue '$qname'");
124 return ( $args{'CurrentUser'}, 0 );
127 elsif ( $args{'Action'} =~ /^take$/i ) {
129 # check to see whether "Everybody" or "Unprivileged users" can correspond on tickets
130 unless ( $everyone->PrincipalObj->HasRight( Object => $args{'Queue'},
131 Right => 'OwnTicket' )
132 || $unpriv->PrincipalObj->HasRight( Object => $args{'Queue'},
133 Right => 'OwnTicket' ) )
135 $RT::Logger->debug("Unprivileged users have no right to own ticket in queue '$qname'");
136 return ( $args{'CurrentUser'}, 0 );
140 elsif ( $args{'Action'} =~ /^resolve$/i ) {
142 # check to see whether "Everybody" or "Unprivileged users" can correspond on tickets
143 unless ( $everyone->PrincipalObj->HasRight( Object => $args{'Queue'},
144 Right => 'ModifyTicket' )
145 || $unpriv->PrincipalObj->HasRight( Object => $args{'Queue'},
146 Right => 'ModifyTicket' ) )
148 $RT::Logger->debug("Unprivileged users have no right to resolve ticket in queue '$qname'");
149 return ( $args{'CurrentUser'}, 0 );
154 $RT::Logger->warning("Action '". ($args{'Action'}||'') ."' is unknown");
155 return ( $args{'CurrentUser'}, 0 );
159 # We're creating a ticket
160 elsif ( $args{'Queue'} && $args{'Queue'}->Id ) {
161 my $qname = $args{'Queue'}->Name;
163 # check to see whether "Everybody" or "Unprivileged users" can create tickets in this queue
164 unless ( $everyone->PrincipalObj->HasRight( Object => $args{'Queue'},
165 Right => 'CreateTicket' )
166 || $unpriv->PrincipalObj->HasRight( Object => $args{'Queue'},
167 Right => 'CreateTicket' ) )
169 $RT::Logger->debug("Unprivileged users have no right to create ticket in queue '$qname'");
170 return ( $args{'CurrentUser'}, 0 );
174 $CurrentUser = CreateUser( undef, $Address, $Name, $Address, $args{'Message'} );
176 return ( $CurrentUser, 1 );
179 RT::Base->_ImportOverlays();