X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=rt%2Fshare%2Fhtml%2FNoAuth%2Frss%2Fdhandler;h=729f97064000968570add2a9a4f976829eb97a25;hb=de9d037528895f7151a9aead6724ce2df95f9586;hp=1446e6cc4c5eb48a406845943c56ba2114e3645f;hpb=919e930aa9279b3c5cd12b593889cd6de79d67bf;p=freeside.git

diff --git a/rt/share/html/NoAuth/rss/dhandler b/rt/share/html/NoAuth/rss/dhandler
index 1446e6cc4..729f97064 100644
--- a/rt/share/html/NoAuth/rss/dhandler
+++ b/rt/share/html/NoAuth/rss/dhandler
@@ -2,7 +2,7 @@
 %#
 %# COPYRIGHT:
 %#
-%# This software is Copyright (c) 1996-2015 Best Practical Solutions, LLC
+%# This software is Copyright (c) 1996-2017 Best Practical Solutions, LLC
 %#                                          <sales@bestpractical.com>
 %#
 %# (Except where explicitly superseded by other copyright notices)
@@ -45,4 +45,37 @@
 %# those contributions and any derivatives thereof.
 %#
 %# END BPS TAGGED BLOCK }}}
-<& /Search/Elements/ResultsRSSView, %ARGS &>
+<%init>
+my $path = $m->dhandler_arg;
+
+my $notfound = sub {
+    my $mesg = shift;
+    $r->headers_out->{'Status'} = '404 Not Found';
+    $RT::Logger->info("Error encountered in rss generation: $mesg");
+    $m->clear_and_abort;
+};
+
+$notfound->("Invalid path: $path") unless $path =~ m!^([^/]+)/([^/]+)/?!;
+
+my ( $name, $auth ) = ( $1, $2 );
+
+# Unescape parts
+$name =~ s/\%([0-9a-z]{2})/chr(hex($1))/gei;
+
+# convert to perl strings
+$name = Encode::decode( "UTF-8", $name);
+
+my $user = RT::User->new(RT->SystemUser);
+$user->Load($name);
+$notfound->("Invalid user: $user") unless $user->id;
+
+$notfound->("Invalid authstring")
+  unless $user->ValidateAuthString( $auth,
+          $ARGS{Query} . $ARGS{Order} . $ARGS{OrderBy} );
+
+my $cu = RT::CurrentUser->new;
+$cu->Load($user);
+local $session{'CurrentUser'} = $cu;
+
+$m->comp("/Search/Elements/ResultsRSSView", %ARGS);
+</%init>