X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=rt%2Fbin%2Frt-mailgate;h=de0529d84244aed9a90d4d965787b9ffcedb9c5a;hb=fb4ab1073f0d15d660c6cdc4e07afebf68ef3924;hp=8af8002278f5c7594ac102666f9bd9b66d8699e0;hpb=289340780927b5bac2c7604d7317c3063c6dd8cc;p=freeside.git diff --git a/rt/bin/rt-mailgate b/rt/bin/rt-mailgate index 8af800227..de0529d84 100755 --- a/rt/bin/rt-mailgate +++ b/rt/bin/rt-mailgate @@ -1,462 +1,141 @@ #!/usr/bin/perl -w -# BEGIN LICENSE BLOCK -# -# Copyright (c) 1996-2003 Jesse Vincent -# -# (Except where explictly superceded by other copyright notices) -# +# BEGIN BPS TAGGED BLOCK {{{ +# +# COPYRIGHT: +# +# This software is Copyright (c) 1996-2011 Best Practical Solutions, LLC +# +# +# (Except where explicitly superseded by other copyright notices) +# +# +# LICENSE: +# # This work is made available to you under the terms of Version 2 of # the GNU General Public License. A copy of that license should have # been provided with this software, but in any event can be snarfed # from www.gnu.org. -# +# # This work is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # General Public License for more details. -# -# Unless otherwise specified, all modifications, corrections or -# extensions to this work which alter its source code become the -# property of Best Practical Solutions, LLC when submitted for -# inclusion in the work. -# -# -# END LICENSE BLOCK - +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 or visit their web page on the internet at +# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html. +# +# +# CONTRIBUTION SUBMISSION POLICY: +# +# (The following paragraph is not intended to limit the rights granted +# to you to modify and distribute this software under the terms of +# the GNU General Public License and is only of importance to you if +# you choose to contribute your changes and enhancements to the +# community by submitting them to Best Practical Solutions, LLC.) +# +# By intentionally submitting any modifications, corrections or +# derivatives to this work, or any other work intended for use with +# Request Tracker, to Best Practical Solutions, LLC, you confirm that +# you are the copyright holder for those contributions and you grant +# Best Practical Solutions, LLC a nonexclusive, worldwide, irrevocable, +# royalty-free, perpetual, license to use, copy, create derivative +# works based on those contributions, and sublicense and distribute +# those contributions and any derivatives thereof. +# +# END BPS TAGGED BLOCK }}} =head1 NAME rt-mailgate - Mail interface to RT3. -=begin testing - -use RT::I18N; - -# Make sure that when we call the mailgate wrong, it tempfails - -ok(open(MAIL, "|/opt/rt3/bin/rt-mailgate --url http://bad.address"), "Opened the mailgate - The error below is expected - $@"); -print MAIL <> 8, 75, "The error message above is expected The mail gateway exited with a failure. yay"); - - -# {{{ Test new ticket creation by root who is privileged and superuser - -ok(open(MAIL, "|/opt/rt3/bin/rt-mailgate --url http://localhost".$RT::WebPath."/ --queue general --action correspond"), "Opened the mailgate - $@"); -print MAIL <> 8, 0, "The mail gateway exited normally. yay"); - -use RT::Tickets; -my $tickets = RT::Tickets->new($RT::SystemUser); -$tickets->OrderBy(FIELD => 'id', ORDER => 'DESC'); -$tickets->Limit(FIELD => 'id', OPERATOR => '>', VALUE => '0'); -my $tick = $tickets->First(); -ok (UNIVERSAL::isa($tick,'RT::Ticket')); -ok ($tick->Id, "found ticket ".$tick->Id); -ok ($tick->Subject eq 'This is a test of new ticket creation', "Created the ticket"); - -# }}} - - -# {{{This is a test of new ticket creation as an unknown user - -ok(open(MAIL, "|/opt/rt3/bin/rt-mailgate --url http://localhost".$RT::WebPath."/ --queue general --action correspond"), "Opened the mailgate - $@"); -print MAIL <> 8, 0, "The mail gateway exited normally. yay"); - -$tickets = RT::Tickets->new($RT::SystemUser); -$tickets->OrderBy(FIELD => 'id', ORDER => 'DESC'); -$tickets->Limit(FIELD => 'id' ,OPERATOR => '>', VALUE => '0'); -$tick = $tickets->First(); -ok ($tick->Id, "found ticket ".$tick->Id); -ok ($tick->Subject ne 'This is a test of new ticket creation as an unknown user', "failed to create the new ticket from an unprivileged account"); -my $u = RT::User->new($RT::SystemUser); -$u->Load('doesnotexist@example.com'); -ok( $u->Id == 0, " user does not exist and was not created by failed ticket submission"); - - -# }}} - -# {{{ now everybody can create tickets. can a random unkown user create tickets? - -my $g = RT::Group->new($RT::SystemUser); -$g->LoadSystemInternalGroup('Everyone'); -ok( $g->Id, "Found 'everybody'"); - -my ($val,$msg) = $g->PrincipalObj->GrantRight(Right => 'CreateTicket'); -ok ($val, "Granted everybody the right to create tickets - $msg"); - -sleep(60); # gotta sleep so the remote process' ACL cache times out - -ok(open(MAIL, "|/opt/rt3/bin/rt-mailgate --url http://localhost".$RT::WebPath."/ --queue general --action correspond"), "Opened the mailgate - $@"); -print MAIL <> 8, 0, "The mail gateway exited normally. yay"); - - -$tickets = RT::Tickets->new($RT::SystemUser); -$tickets->OrderBy(FIELD => 'id', ORDER => 'DESC'); -$tickets->Limit(FIELD => 'id' ,OPERATOR => '>', VALUE => '0'); -$tick = $tickets->First(); -ok ($tick->Id, "found ticket ".$tick->Id); -ok ($tick->Subject eq 'This is a test of new ticket creation as an unknown user', "failed to create the new ticket from an unprivileged account"); -my $u = RT::User->new($RT::SystemUser); -$u->Load('doesnotexist@example.com'); -ok( $u->Id != 0, " user does not exist and was created by ticket submission"); - -# }}} - - -# {{{ can another random reply to a ticket without being granted privs? answer should be no. - - -#($val,$msg) = $g->PrincipalObj->GrantRight(Right => 'CreateTicket'); -#ok ($val, "Granted everybody the right to create tickets - $msg"); -#sleep(60); # gotta sleep so the remote process' ACL cache times out - -ok(open(MAIL, "|/opt/rt3/bin/rt-mailgate --url http://localhost".$RT::WebPath."/ --queue general --action correspond"), "Opened the mailgate - $@"); -print MAIL <Id]}] This is a test of a reply as an unknown user - -Blah! -Foob! -EOF -close (MAIL); -#Check the return value -is ($? >> 8, 0, "The mail gateway exited normally. yay"); - -$u = RT::User->new($RT::SystemUser); -$u->Load('doesnotexist-2@example.com'); -ok( $u->Id == 0, " user does not exist and was not created by ticket correspondence submission"); -# }}} -# {{{ can another random reply to a ticket after being granted privs? answer should be yes - - -($val,$msg) = $g->PrincipalObj->GrantRight(Right => 'ReplyToTicket'); -ok ($val, "Granted everybody the right to reply to tickets - $msg"); -sleep(60); # gotta sleep so the remote process' ACL cache times out - -ok(open(MAIL, "|/opt/rt3/bin/rt-mailgate --url http://localhost".$RT::WebPath."/ --queue general --action correspond"), "Opened the mailgate - $@"); -print MAIL <Id]}] This is a test of a reply as an unknown user - -Blah! -Foob! -EOF -close (MAIL); -#Check the return value -is ($? >> 8, 0, "The mail gateway exited normally. yay"); - - -$u = RT::User->new($RT::SystemUser); -$u->Load('doesnotexist-2@example.com'); -ok( $u->Id != 0, " user exists and was created by ticket correspondence submission"); - -# }}} - -# {{{ can another random comment on a ticket without being granted privs? answer should be no. - - -#($val,$msg) = $g->PrincipalObj->GrantRight(Right => 'CreateTicket'); -#ok ($val, "Granted everybody the right to create tickets - $msg"); -#sleep(60); # gotta sleep so the remote process' ACL cache times out - -ok(open(MAIL, "|/opt/rt3/bin/rt-mailgate --url http://localhost".$RT::WebPath."/ --queue general --action comment"), "Opened the mailgate - $@"); -print MAIL <Id]}] This is a test of a comment as an unknown user - -Blah! -Foob! -EOF -close (MAIL); - -#Check the return value -is ($? >> 8, 0, "The mail gateway exited normally. yay"); - -$u = RT::User->new($RT::SystemUser); -$u->Load('doesnotexist-3@example.com'); -ok( $u->Id == 0, " user does not exist and was not created by ticket comment submission"); - -# }}} -# {{{ can another random reply to a ticket after being granted privs? answer should be yes - - -($val,$msg) = $g->PrincipalObj->GrantRight(Right => 'CommentOnTicket'); -ok ($val, "Granted everybody the right to reply to tickets - $msg"); -sleep(60); # gotta sleep so the remote process' ACL cache times out - -ok(open(MAIL, "|/opt/rt3/bin/rt-mailgate --url http://localhost".$RT::WebPath."/ --queue general --action comment"), "Opened the mailgate - $@"); -print MAIL <Id]}] This is a test of a comment as an unknown user - -Blah! -Foob! -EOF -close (MAIL); - -#Check the return value -is ($? >> 8, 0, "The mail gateway exited normally. yay"); - -$u = RT::User->new($RT::SystemUser); -$u->Load('doesnotexist-3@example.com'); -ok( $u->Id != 0, " user exists and was created by ticket comment submission"); - -# }}} - -# {{{ Testing preservation of binary attachments - -# Get a binary blob (Best Practical logo) - -# Create a mime entity with an attachment - -use MIME::Entity; -my $entity = MIME::Entity->build( From => 'root@localhost', - To => 'rt@localhost', - Subject => 'binary attachment test', - Data => ['This is a test of a binary attachment']); - -# currently in lib/t/autogen -$entity->attach(Path => '/opt/rt3/share/html/NoAuth/images/spacer.gif', - Type => 'image/gif', - Encoding => 'base64'); - -# Create a ticket with a binary attachment -ok(open(MAIL, "|/opt/rt3/bin/rt-mailgate --url http://localhost".$RT::WebPath."/ --queue general --action correspond"), "Opened the mailgate - $@"); - -$entity->print(\*MAIL); - -close (MAIL); - -#Check the return value -is ($? >> 8, 0, "The mail gateway exited normally. yay"); - -my $tickets = RT::Tickets->new($RT::SystemUser); -$tickets->OrderBy(FIELD => 'id', ORDER => 'DESC'); -$tickets->Limit(FIELD => 'id', OPERATOR => '>', VALUE => '0'); - $tick = $tickets->First(); -ok (UNIVERSAL::isa($tick,'RT::Ticket')); -ok ($tick->Id, "found ticket ".$tick->Id); -ok ($tick->Subject eq 'binary attachment test', "Created the ticket - ".$tick->Id); - -my $file = `cat ../../../html/NoAuth/images/spacer.gif`; -ok ($file, "Read in the logo image"); - - - use Digest::MD5; -warn "for the raw file the content is ".Digest::MD5::md5_base64($file); - - - -# Verify that the binary attachment is valid in the database -my $attachments = RT::Attachments->new($RT::SystemUser); -$attachments->Limit(FIELD => 'ContentType', VALUE => 'image/gif'); -ok ($attachments->Count == 1, 'Found only one gif in the database'); -my $attachment = $attachments->First; -my $acontent = $attachment->Content; - - warn "coming from the database, the content is ".Digest::MD5::md5_base64($acontent); - -is( $acontent, $file, 'The attachment isn\'t screwed up in the database.'); -# Log in as root -use Getopt::Long; -use LWP::UserAgent; - - -# Grab the binary attachment via the web ui -my $ua = LWP::UserAgent->new(); - -my $full_url = "http://localhost".$RT::WebPath."/Ticket/Attachment/".$attachment->TransactionId."/".$attachment->id."/spacer.gif?&user=root&pass=password"; -my $r = $ua->get( $full_url); - - -# Verify that the downloaded attachment is the same as what we uploaded. -is($file, $r->content, 'The attachment isn\'t screwed up in download'); - - - -# }}} - -# {{{ Simple I18N testing - -ok(open(MAIL, "|/opt/rt3/bin/rt-mailgate --url http://localhost".$RT::WebPath."/ --queue general --action correspond"), "Opened the mailgate - $@"); - -print MAIL <> 8, 0, "The mail gateway exited normally. yay"); - -my $unitickets = RT::Tickets->new($RT::SystemUser); -$unitickets->OrderBy(FIELD => 'id', ORDER => 'DESC'); -$unitickets->Limit(FIELD => 'id', OPERATOR => '>', VALUE => '0'); -my $unitick = $unitickets->First(); -ok (UNIVERSAL::isa($unitick,'RT::Ticket')); -ok ($unitick->Id, "found ticket ".$unitick->Id); -ok ($unitick->Subject eq 'This is a test of I18N ticket creation', "Created the ticket - ". $unitick->Subject); - - - -my $unistring = "\303\241\303\251\303\255\303\263\303\272"; -Encode::_utf8_on($unistring); -is ($unitick->Transactions->First->Content, $unitick->Transactions->First->Attachments->First->Content, "Content is ". $unitick->Transactions->First->Attachments->First->Content); -ok($unitick->Transactions->First->Attachments->First->Content =~ /$unistring/i, $unitick->Id." appears to be unicode ". $unitick->Transactions->First->Attachments->First->Id); -# supposedly I18N fails on the second message sent in. - -ok(open(MAIL, "|/opt/rt3/bin/rt-mailgate --url http://localhost".$RT::WebPath."/ --queue general --action correspond"), "Opened the mailgate - $@"); - -print MAIL <> 8, 0, "The mail gateway exited normally. yay"); - -my $tickets2 = RT::Tickets->new($RT::SystemUser); -$tickets2->OrderBy(FIELD => 'id', ORDER => 'DESC'); -$tickets2->Limit(FIELD => 'id', OPERATOR => '>', VALUE => '0'); -my $tick2 = $tickets2->First(); -ok (UNIVERSAL::isa($tick2,'RT::Ticket')); -ok ($tick2->Id, "found ticket ".$tick2->Id); -ok ($tick2->Subject eq 'This is a test of I18N ticket creation', "Created the ticket"); - - - -my $unistring = "\303\241\303\251\303\255\303\263\303\272"; -Encode::_utf8_on($unistring); - -ok ($tick2->Transactions->First->Content =~ $unistring, "It appears to be unicode - ".$tick2->Transactions->First->Content); - -# }}} - - -($val,$msg) = $g->PrincipalObj->RevokeRight(Right => 'CreateTicket'); -ok ($val, $msg); - - - -=end testing - =cut - use strict; +use warnings; + use Getopt::Long; use LWP::UserAgent; +use HTTP::Request::Common qw($DYNAMIC_FILE_UPLOAD); +$DYNAMIC_FILE_UPLOAD = 1; use constant EX_TEMPFAIL => 75; +use constant BUFFER_SIZE => 8192; my %opts; GetOptions( \%opts, "queue=s", "action=s", "url=s", "jar=s", "help", "debug", "extension=s", "timeout=i" ); -if ( $opts{help} ) { +if ( $opts{'help'} ) { require Pod::Usage; import Pod::Usage; pod2usage("RT Mail Gateway\n"); exit 1; # Don't want to succeed if this is really an email! } -for (qw(url)) { - die "$0 invoked improperly\n\nNo $_ provided to mail gateway!\n" unless $opts{$_}; +unless ( $opts{'url'} ) { + print STDERR "$0 invoked improperly\n\nNo 'url' provided to mail gateway!\n"; + exit 1; } -undef $/; -my $ua = LWP::UserAgent->new(); -$ua->cookie_jar( { file => $opts{jar} } ); +my $ua = new LWP::UserAgent; +$ua->cookie_jar( { file => $opts{'jar'} } ) if $opts{'jar'}; my %args = ( - queue => $opts{queue}, - action => $opts{action}, - SessionType => 'REST', # Surpress login box + SessionType => 'REST', # Surpress login box ); +foreach ( qw(queue action) ) { + $args{$_} = $opts{$_} if defined $opts{$_}; +}; + +if ( ($opts{'extension'} || '') =~ /^(?:action|queue|ticket)$/i ) { + $args{ lc $opts{'extension'} } = $ENV{'EXTENSION'} || $opts{$opts{'extension'}}; +} elsif ( $opts{'extension'} && $ENV{'EXTENSION'} ) { + print STDERR "Value of the --extension argument is not action, queue or ticket" + .", but environment variable EXTENSION is also defined. The former is ignored.\n"; +} -# Read the message in from STDIN -$args{'message'} = <>; - - -if ($opts{'extension'}) { - $args{$opts{'extension'}} = $ENV{'EXTENSION'}; +# add ENV{'EXTENSION'} as X-RT-MailExtension to the message header +if ( my $value = ( $ENV{'EXTENSION'} || $opts{'extension'} ) ) { + # prepare value to avoid MIME format breakage + # strip trailing newline symbols + $value =~ s/(\r*\n)+$//; + # make a correct multiline header field, + # with tabs in the beginning of each line + $value =~ s/(\r*\n)/$1\t/g; + $opts{'headers'} .= "X-RT-Mail-Extension: $value\n"; } -# Set up cookie here. +# Read the message in from STDIN +my %message = write_down_message(); +unless( $message{'filename'} ) { + $args{'message'} = [ + undef, '', + 'Content-Type' => 'application/octet-stream', + Content => ${ $message{'content'} }, + ]; +} else { + $args{'message'} = [ + $message{'filename'}, '', + 'Content-Type' => 'application/octet-stream', + ]; +} my $full_url = $opts{'url'}. "/REST/1.0/NoAuth/mail-gateway"; -warn "Connecting to $full_url" if $opts{'debug'}; - - +print STDERR "$0: connecting to $full_url\n" if $opts{'debug'}; -$ua->timeout(exists($opts{'timeout'}) ? $opts{'timeout'} : 180); -my $r = $ua->post( $full_url, {%args} ); +$ua->timeout( exists( $opts{'timeout'} )? $opts{'timeout'}: 180 ); +my $r = $ua->post( $full_url, \%args, Content_Type => 'form-data' ); check_failure($r); my $content = $r->content; -warn $content if ($opts{debug}); +print STDERR $content ."\n" if $opts{'debug'}; if ( $content !~ /^(ok|not ok)/ ) { # It's not the server's fault if the mail is bogus. We just want to know that # *something* came out of the server. - warn <is_success(); + return if $r->is_success; # This ordinarily oughtn't to be able to happen, suggests a bug in RT. # So only load these heavy modules when they're needed. @@ -482,17 +164,64 @@ sub check_failure { require HTML::FormatText; my $error = $r->error_as_HTML; - my $tree = HTML::TreeBuilder->new->parse($error); + my $tree = HTML::TreeBuilder->new->parse( $error ); $tree->eof; # It'll be a cold day in hell before RT sends out bounces in HTML - my $formatter = HTML::FormatText->new( leftmargin => 0, - rightmargin => 50 ); - warn $formatter->format($tree); - warn "This is $0 exiting because of an undefined server error" if ($opts{debug}); + my $formatter = HTML::FormatText->new( + leftmargin => 0, + rightmargin => 50, + ); + print STDERR $formatter->format( $tree ); + print STDERR "\n$0: undefined server error\n" if $opts{'debug'}; exit EX_TEMPFAIL; } +sub write_down_message { + use File::Temp qw(tempfile); + + local $@; + my ($fh, $filename) = eval { tempfile() }; + if ( !$fh || $@ ) { + print STDERR "$0: Couldn't create temp file, using memory\n"; + print STDERR "error: $@\n" if $@; + + my $message = \do { local (@ARGV, $/); }; + unless ( $$message =~ /\S/ ) { + print STDERR "$0: no message passed on STDIN\n"; + exit 0; + } + $$message = $opts{'headers'} . $$message if $opts{'headers'}; + return ( content => $message ); + } + + binmode $fh; + binmode \*STDIN; + + print $fh $opts{'headers'} if $opts{'headers'}; + + my $buf; my $empty = 1; + while(1) { + my $status = read \*STDIN, $buf, BUFFER_SIZE; + unless ( defined $status ) { + print STDERR "$0: couldn't read message: $!\n"; + exit EX_TEMPFAIL; + } elsif ( !$status ) { + last; + } + $empty = 0 if $buf =~ /\S/; + print $fh $buf; + }; + close $fh; + + if ( $empty ) { + print STDERR "$0: no message passed on STDIN\n"; + exit 0; + } + print STDERR "$0: temp file is '$filename'\n" if $opts{'debug'}; + return (filename => $filename); +} + =head1 SYNOPSIS @@ -500,7 +229,7 @@ sub check_failure { Usual invocation (from MTA): - rt-mailgate --action (correspond|comment) --queue queuename + rt-mailgate --action (correspond|comment|...) --queue queuename --url http://your.rt.server/ [ --debug ] [ --extension (queue|action|ticket) ] @@ -508,23 +237,37 @@ Usual invocation (from MTA): -See C for more. - =head1 OPTIONS =over 3 =item C<--action> -Specifies whether this is a correspondence or comment address. +Specifies what happens to email sent to this alias. The avaliable +basic actions are: C, C. + + +If you've set the RT configuration variable B<< C >>, +C and C are also available. You can execute two or more +actions on a single message using a C<-> separated list. RT will execute +the actions in the listed order. For example you can use C, +C or C as actions. + +Note that C and C actions ignore message text if used +alone. Include a C or C action if you want RT +to record the incoming message. + +The default action is C. =item C<--queue> -Reflects which queue this address handles. +This flag determines which queue this alias should create a ticket in if no ticket identifier +is found. =item C<--url> -The location of the web server for your RT instance. +This flag tells the mail gateway where it can find your RT server. You should +probably use the same URL that users use to log into RT. =item C<--extension> OPTIONAL @@ -585,13 +328,13 @@ there are situations in which you will want to authenticate users before allowing them to communicate with the system. You can do this via a plug-in mechanism in the RT configuration. -You can set the array C<@RT::MailPlugins> to be a list of plugins. The +You can set the array C<@MailPlugins> to be a list of plugins. The default plugin, if this is not given, is C - that is, authentication of the person is done based on the C header of the email. If you have additional filters or authentication mechanisms, you can list them here and they will be called in order: - @RT::MailPlugins = ( + Set( @MailPlugins => "Filter::SpamAssassin", "Auth::LDAP", # ... @@ -599,12 +342,12 @@ can list them here and they will be called in order: See the documentation for any additional plugins you have. -You may also put Perl subroutines into the C<@RT::MailPlugins> array, if +You may also put Perl subroutines into the C<@MailPlugins> array, if they behave as described below. =head1 WRITING PLUGINS -What's actually going on in the above is that C<@RT::MailPlugins> is a +What's actually going on in the above is that C<@MailPlugins> is a list of Perl modules; RT prepends C to the name, to form a package name, and then C's this module. The module is expected to provide a C subroutine, which takes a hash of @@ -615,6 +358,7 @@ several parameters: =item Message A C object representing the email + =item CurrentUser An C object @@ -644,5 +388,22 @@ the correspondent) or one, which is the normal mode of operation. Additionally, if C<-1> is returned, then the processing of the plug-ins stops immediately and the message is ignored. +=head1 ENVIRONMENT + +=over 4 + +=item EXTENSION + +Some MTAs will route mail sent to user-foo@host or user+foo@host to user@host +and present "foo" in the environment variable C. Mailgate adds value +of this variable to message in the C field of the message +header. + +See also C<--extension> option. Note that value of the environment variable is +always added to the message header when it's not empty even if C<--extension> +option is not provided. + +=back 4 + =cut