limit ticket creation queue dropdowns based on ACL, RT#7778

[freeside.git] / rt / share / html / Ticket / Create.html

%# BEGIN BPS TAGGED BLOCK {{{
%# 
%# COPYRIGHT:
%# 
%# This software is Copyright (c) 1996-2009 Best Practical Solutions, LLC
%#                                          <jesse@bestpractical.com>
%# 
%# (Except where explicitly superseded by other copyright notices)
%# 
%# 
%# LICENSE:
%# 
%# This work is made available to you under the terms of Version 2 of
%# the GNU General Public License. A copy of that license should have
%# been provided with this software, but in any event can be snarfed
%# from www.gnu.org.
%# 
%# This work is distributed in the hope that it will be useful, but
%# WITHOUT ANY WARRANTY; without even the implied warranty of
%# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
%# General Public License for more details.
%# 
%# You should have received a copy of the GNU General Public License
%# along with this program; if not, write to the Free Software
%# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
%# 02110-1301 or visit their web page on the internet at
%# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html.
%# 
%# 
%# CONTRIBUTION SUBMISSION POLICY:
%# 
%# (The following paragraph is not intended to limit the rights granted
%# to you to modify and distribute this software under the terms of
%# the GNU General Public License and is only of importance to you if
%# you choose to contribute your changes and enhancements to the
%# community by submitting them to Best Practical Solutions, LLC.)
%# 
%# By intentionally submitting any modifications, corrections or
%# derivatives to this work, or any other work intended for use with
%# Request Tracker, to Best Practical Solutions, LLC, you confirm that
%# you are the copyright holder for those contributions and you grant
%# Best Practical Solutions,  LLC a nonexclusive, worldwide, irrevocable,
%# royalty-free, perpetual, license to use, copy, create derivative
%# works based on those contributions, and sublicense and distribute
%# those contributions and any derivatives thereof.
%# 
%# END BPS TAGGED BLOCK }}}
<& /Elements/Header,
    Title => $title,
    onload => "function () { hide(document.getElementById('Ticket-Create-details')) }" &>
<& /Elements/Tabs, 
    current_toptab => "Ticket/Create.html", 
    Title => $title,
    actions => $actions &>
<& /Elements/ListActions, actions => \@results &>
<form action="<% RT->Config->Get('WebPath') %>/Ticket/Create.html" method="post" enctype="multipart/form-data" name="TicketCreate">
<input type="hidden" class="hidden" name="id" value="new" />
% $m->callback( CallbackName => 'FormStart', QueueObj => $QueueObj, ARGSRef => \%ARGS );
% if ($gnupg_widget) {
<& /Elements/GnuPG/SignEncryptWidget:ShowIssues, self => $gnupg_widget &>
% }
<div id="Ticket-Create-basics">
<a name="basics"></a>
<&| /Widgets/TitleBox, title => $title &>
<table border="0" cellpadding="0" cellspacing="0">
<tr><td class="label"><&|/l&>Queue</&>:</td>
%#<td class="value"><& Elements/ShowQueue, QueueObj => $QueueObj &>
%#<input type="hidden" class="hidden" name="Queue" value="<% $QueueObj->Name %>" />
<td class="value"><& /Elements/SelectQueue, 
  Name => 'Queue', 
  Default => $QueueObj->Name,
  ShowNullOption => 0,
  ShowAllQueues => 0,
  OnChange => "document.getElementsByName('id')[0].value = ''; form.submit()" &>
</td>
<td class="label"><&|/l&>Status</&>:
</td>
<td class="value">
<& /Elements/SelectStatus, Name => "Status", Default => $ARGS{Status}||'new', DefaultValue => 0, SkipDeleted => 1 &>
</td>
<td class="label">
<&|/l&>Owner</&>:
</td>
<td class="value">
<& /Elements/SelectOwner, Name => "Owner", QueueObj => $QueueObj, Default => $ARGS{Owner}||$RT::Nobody->Id, DefaultValue => 0 &>
</td>
% $m->callback( CallbackName => 'AfterOwner', ARGSRef => \%ARGS );
</tr>
<tr>
<td class="label">
<&|/l&>Requestors</&>:
</td>
<td class="value" colspan="5">
<& /Elements/EmailInput, Name => 'Requestors', Size => '40', Default => $ARGS{Requestors} || $session{CurrentUser}->EmailAddress &>
</td>
</tr>
<tr>
<td class="label">
<&|/l&>Cc</&>:
</td>
<td class="value" colspan="3"><& /Elements/EmailInput, Name => 'Cc', Size => '40', Default => $ARGS{Cc} &></td>
<td class="comment" colspan="2"><i><font size="-2">
<&|/l&>(Sends a carbon-copy of this update to a comma-delimited list of email addresses. These people <strong>will</strong> receive future updates.)</&></font></i>
</td>
</tr>
<tr>
<td class="label">
<&|/l&>Admin Cc</&>:
</td>
<td class="value" colspan="3"><& /Elements/EmailInput, Name => 'AdminCc', Size => '40', Default => $ARGS{AdminCc} &></td>
<td class="comment" colspan="2"><i><font size="-2">
<&|/l&>(Sends a carbon-copy of this update to a comma-delimited list of administrative email addresses. These people <strong>will</strong> receive future updates.)</&></font></i>
</td>
</tr>
<tr>
<td class="label">
<&|/l&>Subject</&>:
</td>
<td class="value" colspan="5">
<input name="Subject" size="60" maxsize="200" value="<%$ARGS{Subject} || ''%>" />
% $m->callback( %ARGS, CallbackName => 'AfterSubject' );
</td>
</tr>
<tr>
<td colspan="6">
<& /Ticket/Elements/EditCustomFields, %ARGS, QueueObj => $QueueObj &>
</td>
</tr>
<& /Ticket/Elements/EditTransactionCustomFields, %ARGS, QueueObj => $QueueObj &>
<tr>
% if (exists $session{'Attachments'}) {
<td class="label">
<&|/l&>Attached file</&>:
</td>
<td colspan="5">
<&|/l&>Check box to delete</&><br />
% foreach my $attach_name (keys %{$session{'Attachments'}}) {
<input type="checkbox" class="checkbox" name="DeleteAttach-<%$attach_name%>" value="1" /><%$attach_name%><br />
% } # end of foreach
</td>
</tr>
<tr>
% } # end of if
<td class="label">
<&|/l&>Attach file</&>:
</td>
<td class="value" colspan="5">
<input type="file" name="Attach" />
<input type="submit" class="button" name="AddMoreAttach" value="<&|/l&>Add More Files</&>" />
</td>
</tr>

% if ( $gnupg_widget ) {
<tr><td>&nbsp;</td><td colspan="5">
<& /Elements/GnuPG/SignEncryptWidget, self => $gnupg_widget, QueueObj => $QueueObj &>
</td></tr>
% }

<tr>
<td colspan="6">
<&|/l&>Describe the issue below</&>:<br />
% $m->callback( %ARGS, QueueObj => $QueueObj, CallbackName => 'BeforeMessageBox' );
% if (exists $ARGS{Content}) {
<& /Elements/MessageBox, Default => $ARGS{Content}, IncludeSignature => 0 &>
% } else {
<& /Elements/MessageBox, QuoteTransaction => $QuoteTransaction &>
%}
% $m->callback( %ARGS, QueueObj => $QueueObj, CallbackName => 'AfterMessageBox' );

<br />
</td>
</tr>
</table>
</&>
<& /Elements/Submit, Label => loc("Create")&>
</div>

<div id="Ticket-Create-details">
<a name="details"></a>
<table width="100%" border="0">
<tr>
<td width="50%" valign="top" class="boxcontainer">
    <div class="ticket-info-basics">
          <&| /Widgets/TitleBox, title => loc('The Basics'), 
                title_class=> 'inverse',  
                color => "#993333" &>
<table border="0">
<tr><td class="label"><&|/l&>Priority</&>:</td>
<td><& /Elements/SelectPriority,
    Name => "InitialPriority",
    Default => $ARGS{InitialPriority} ? $ARGS{InitialPriority} : $QueueObj->InitialPriority,
&></td></tr>
<tr><td class="label"><&|/l&>Final Priority</&>:</td>
<td><& /Elements/SelectPriority,
    Name => "FinalPriority",
    Default => $ARGS{FinalPriority} ? $ARGS{FinalPriority} : $QueueObj->FinalPriority,
&></td></tr>
<tr><td class="label"><&|/l&>Time Estimated</&>:</td>
<td>
<& /Elements/EditTimeValue, Name => 'TimeEstimated', Default => $ARGS{TimeEstimated} || '', InUnits => $ARGS{'TimeEstimated-TimeUnits'} &>

</td></tr>
<tr><td class="label"><&|/l&>Time Worked</&>:</td>
<td>
<& /Elements/EditTimeValue, Name => 'TimeWorked', Default => $ARGS{TimeWorked} || '', InUnits => $ARGS{'TimeWorked-TimeUnits'} &>
</td></tr>
<tr>
<td class="label"><&|/l&>Time Left</&>:</td>
<td>
<& /Elements/EditTimeValue, Name => 'TimeLeft', Default => $ARGS{TimeLeft} || '', InUnits => $ARGS{'TimeLeft-TimeUnits'} &>
</td></tr>
</table>
</&>
<br />
<div class="ticket-info-dates">
<&|/Widgets/TitleBox, title => loc("Dates"),
                title_class=> 'inverse',  
                 color => "#663366" &>

<table>
<tr><td class="label"><&|/l&>Starts</&>:</td><td><& /Elements/SelectDate, Name => "Starts", Default => $ARGS{Starts} || '' &></td></tr>
<tr><td class="label"><&|/l&>Due</&>:</td><td><& /Elements/SelectDate, Name => "Due", Default => $ARGS{Due} || '' &></td></tr>
</table>
</&>
</div>
</div>
<br />
</td>

<td valign="top" class="boxcontainer">
<div class="ticket-info-links">
<&| /Widgets/TitleBox, title => loc('Links'), title_class=> 'inverse' &>

<em><&|/l&>(Enter ticket ids or URLs, separated with spaces)</&></em>
<table border="0">
<tr><td class="label"><&|/l&>Depends on</&></td><td><input size="10" name="new-DependsOn" value="<% $ARGS{'new-DependsOn'} || '' %>" /></td></tr>
<tr><td class="label"><&|/l&>Depended on by</&></td><td><input size="10" name="DependsOn-new" value="<% $ARGS{'DependsOn-new'} || '' %>" /></td></tr>
<tr><td class="label"><&|/l&>Parents</&></td><td><input size="10" name="new-MemberOf" value="<% $ARGS{'new-MemberOf'} || '' %>" /></td></tr>
<tr><td class="label"><&|/l&>Children</&></td><td><input size="10" name="MemberOf-new" value="<% $ARGS{'MemberOf-new'} || '' %>" /></td></tr>
<tr><td class="label"><&|/l&>Refers to</&></td><td><input size="10" name="new-RefersTo" value="<% $ARGS{'new-RefersTo'} || '' %>" /></td></tr>
<tr><td class="label"><&|/l&>Referred to by</&></td><td><input size="10" name="RefersTo-new" value="<% $ARGS{'RefersTo-new'} || '' %>" /></td></tr>


</table>
</&>
</div>
<br />

</td>
</tr>
</table>
<& /Elements/Submit, Label => loc("Create") &>
</div>
</form>

<%INIT>
$m->callback( CallbackName => "Init", ARGSRef => \%ARGS );
my $Queue = $ARGS{Queue};

my $CloneTicketObj;
if ($CloneTicket) {
    $CloneTicketObj = RT::Ticket->new( $session{CurrentUser} );
    $CloneTicketObj->Load($CloneTicket)
        or Abort( loc("Ticket could not be loaded") );

    my $clone = {
        Requestors => join( ',', $CloneTicketObj->RequestorAddresses ),
        Cc         => join( ',', $CloneTicketObj->CcAddresses ),
        AdminCc    => join( ',', $CloneTicketObj->AdminCcAddresses ),
        InitialPriority => $CloneTicketObj->Priority,
    };

    $clone->{$_} = $CloneTicketObj->$_()
        for qw/Owner Subject FinalPriority TimeEstimated TimeWorked
        Status TimeLeft/;

    $clone->{$_} = $CloneTicketObj->$_->AsString
        for grep { $CloneTicketObj->$_->Unix }
        map      { $_ . "Obj" } qw/Starts Started Due Resolved/;

    my $members = $CloneTicketObj->Members;
    my ( @members, @members_of, @refers, @refers_by, @depends, @depends_by );
    my $refers = $CloneTicketObj->RefersTo;
    while ( my $refer = $refers->Next ) {
        push @refers, $refer->LocalTarget;
    }
    $clone->{'new-RefersTo'} = join ' ', @refers;

    my $refers_by = $CloneTicketObj->ReferredToBy;
    while ( my $refer_by = $refers_by->Next ) {
        push @refers_by, $refer_by->LocalBase;
    }
    $clone->{'RefersTo-new'} = join ' ', @refers_by;
    if (0) {    # Temporarily disabled
        my $depends = $CloneTicketObj->DependsOn;
        while ( my $depend = $depends->Next ) {
            push @depends, $depend->LocalTarget;
        }
        $clone->{'new-DependsOn'} = join ' ', @depends;

        my $depends_by = $CloneTicketObj->DependedOnBy;
        while ( my $depend_by = $depends_by->Next ) {
            push @depends_by, $depend_by->LocalBase;
        }
        $clone->{'DependsOn-new'} = join ' ', @depends_by;

        while ( my $member = $members->Next ) {
            push @members, $member->LocalBase;
        }
        $clone->{'MemberOf-new'} = join ' ', @members;

        my $members_of = $CloneTicketObj->MemberOf;
        while ( my $member_of = $members_of->Next ) {
            push @members_of, $member_of->LocalTarget;
        }
        $clone->{'new-MemberOf'} = join ' ', @members_of;

    }

    my $cfs = $CloneTicketObj->QueueObj->TicketCustomFields();
    while ( my $cf = $cfs->Next ) {
        my $cf_id     = $cf->id;
        my $cf_values = $CloneTicketObj->CustomFieldValues( $cf->id );
        my @cf_values;
        while ( my $cf_value = $cf_values->Next ) {
            push @cf_values, $cf_value->Content;
        }
        $clone->{"Object-RT::Ticket--CustomField-$cf_id-Value"} = join "\n",
            @cf_values;
    }

    for ( keys %$clone ) {
        $ARGS{$_} = $clone->{$_} if not defined $ARGS{$_};
    }

}

my @results;

my $title = loc("Create a new ticket");

my $QueueObj = new RT::Queue($session{'CurrentUser'});
$QueueObj->Load($Queue) || Abort(loc("Queue could not be loaded."));

$m->callback( QueueObj => $QueueObj, title => \$title, results => \@results, ARGSRef => \%ARGS );

$QueueObj->Disabled && Abort(loc("Cannot create tickets in a disabled queue."));

my $CFs = $QueueObj->TicketCustomFields();

my $ValidCFs = $m->comp(
    '/Elements/ValidateCustomFields',
    CustomFields => $CFs,
    ARGSRef => \%ARGS
);

# {{{ deal with deleting uploaded attachments
foreach my $key (keys %ARGS) {
    if ($key =~ m/^DeleteAttach-(.+)$/) {
        delete $session{'Attachments'}{$1};
    }
    $session{'Attachments'} = { %{$session{'Attachments'} || {}} };
}
# }}}

# {{{ store the uploaded attachment in session
if ($ARGS{'Attach'}) {                  # attachment?
    my $attachment = MakeMIMEEntity(
        AttachmentFieldName => 'Attach'
    );

    my $file_path = Encode::decode_utf8("$ARGS{'Attach'}");
    $session{'Attachments'} = {
        %{$session{'Attachments'} || {}},
        $file_path => $attachment,
    };
}
# }}}

# delete temporary storage entry to make WebUI clean
unless (keys %{$session{'Attachments'}} and $ARGS{'id'} eq 'new') {
    delete $session{'Attachments'};
}

my $checks_failure = 0;

my $gnupg_widget = $m->comp('/Elements/GnuPG/SignEncryptWidget:new', Arguments => \%ARGS );
$m->comp( '/Elements/GnuPG/SignEncryptWidget:Process',
    self      => $gnupg_widget,
    QueueObj  => $QueueObj,
);


if ( !exists $ARGS{'AddMoreAttach'} && ($ARGS{'id'}||'') eq 'new' ) {
    my $status = $m->comp('/Elements/GnuPG/SignEncryptWidget:Check',
        self      => $gnupg_widget,
        Operation => 'Create',
        QueueObj  => $QueueObj,
    );
    $checks_failure = 1 unless $status;
}

# check email addresses for RT's
{
    foreach my $field ( qw(Requestors Cc AdminCc) ) {
        my $value = $ARGS{ $field };
        next unless defined $value && length $value;

        my @emails = Email::Address->parse( $value );
        foreach my $email ( grep RT::EmailParser->IsRTAddress($_->address), @emails ) {
            push @results, loc("[_1] is an address RT receives mail at. Adding it as a '[_2]' would create a mail loop", $email->format, loc($field =~ /^(.*?)s?$/) );
            $checks_failure = 1;
            $email = undef;
        }
        $ARGS{ $field } = join ', ', map $_->format, grep defined, @emails;
    }
}

my $skip_create = 0;
$m->callback( CallbackName => 'BeforeCreate', ARGSRef => \%ARGS, skip_create => \$skip_create, 
              checks_failure => $checks_failure, results => \@results );

if ((!exists $ARGS{'AddMoreAttach'}) and (defined($ARGS{'id'}) and $ARGS{'id'} eq 'new')) { # new ticket?
    if ( $ValidCFs && !$checks_failure && !$skip_create ) {
        $m->comp('Display.html', %ARGS);
        $RT::Logger->crit("After display call; error is $@");
        $m->abort();
    }
    elsif ( !$ValidCFs ) {
        # Invalid CFs
        while (my $CF = $CFs->Next) {
            my $msg = $m->notes('InvalidField-' . $CF->Id) or next;
            push @results, $CF->Name . ': ' . $msg;
        }
    }
}

my $actions = {
    A => {
        html => q[<a href="#basics" onclick="return switchVisibility('Ticket-Create-basics','Ticket-Create-details');">] . loc('Show basics') . q[</a>],
    },
    B => {
        html => q[<a href="#details" onclick="return switchVisibility('Ticket-Create-details','Ticket-Create-basics');">] . loc('Show details') . q[</a>],
    },
};
</%INIT>

<%ARGS>
$DependsOn => undef
$DependedOnBy => undef
$MemberOf => undef
$QuoteTransaction => undef
$CloneTicket => undef
</%ARGS>