projects / freeside.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
import rt 3.8.7
[freeside.git] / rt / lib / RT / Interface / Email / Auth / MailFrom.pm
diff --git a/rt/lib/RT/Interface/Email/Auth/MailFrom.pm b/rt/lib/RT/Interface/Email/Auth/MailFrom.pm
index 71cdf60..0673c73 100644 (file)
--- a/rt/lib/RT/Interface/Email/Auth/MailFrom.pm
+++ b/rt/lib/RT/Interface/Email/Auth/MailFrom.pm
@@ -1,8 +1,8 @@
 # BEGIN BPS TAGGED BLOCK {{{
 # 
 # COPYRIGHT:
-#  
-# This software is Copyright (c) 1996-2009 Best Practical Solutions, LLC 
+# 
+# This software is Copyright (c) 1996-2009 Best Practical Solutions, LLC
 #                                          <jesse@bestpractical.com>
 # 
 # (Except where explicitly superseded by other copyright notices)
@@ -45,6 +45,7 @@
 # those contributions and any derivatives thereof.
 # 
 # END BPS TAGGED BLOCK }}}
+
 package RT::Interface::Email::Auth::MailFrom;
 use RT::Interface::Email qw(ParseSenderAddressFromHead CreateUser);
 
@@ -62,84 +63,74 @@ sub GetCurrentUser {
 
     # We don't need to do any external lookups
     my ( $Address, $Name ) = ParseSenderAddressFromHead( $args{'Message'}->head );
-
-    unless ($Address) {
+    unless ( $Address ) {
+        $RT::Logger->error("Couldn't find sender's address");
         return ( $args{'CurrentUser'}, -1 );
     }
 
-    my $CurrentUser = RT::CurrentUser->new();
-    $CurrentUser->LoadByEmail($Address);
-
-    unless ( $CurrentUser->Id ) {
-        $CurrentUser->LoadByName($Address);
-    }
-
+    my $CurrentUser = new RT::CurrentUser;
+    $CurrentUser->LoadByEmail( $Address );
+    $CurrentUser->LoadByName( $Address ) unless $CurrentUser->Id;
     if ( $CurrentUser->Id ) {
+        $RT::Logger->debug("Mail from user #". $CurrentUser->Id ." ($Address)" );
         return ( $CurrentUser, 1 );
     }
-    
-
 
     # If the user can't be loaded, we may need to create one. Figure out the acl situation.
-    my $unpriv = RT::Group->new($RT::SystemUser);
+    my $unpriv = RT::Group->new( $RT::SystemUser );
     $unpriv->LoadSystemInternalGroup('Unprivileged');
     unless ( $unpriv->Id ) {
-        $RT::Logger->crit( "Auth::MailFrom couldn't find the 'Unprivileged' internal group" );
+        $RT::Logger->crit("Couldn't find the 'Unprivileged' internal group");
         return ( $args{'CurrentUser'}, -1 );
     }
 
-    my $everyone = RT::Group->new($RT::SystemUser);
+    my $everyone = RT::Group->new( $RT::SystemUser );
     $everyone->LoadSystemInternalGroup('Everyone');
     unless ( $everyone->Id ) {
-        $RT::Logger->crit( "Auth::MailFrom couldn't find the 'Everyone' internal group");
+        $RT::Logger->crit("Couldn't find the 'Everyone' internal group");
         return ( $args{'CurrentUser'}, -1 );
     }
 
+    $RT::Logger->debug("Going to create user with address '$Address'" );
+
     # but before we do that, we need to make sure that the created user would have the right
     # to do what we're doing.
     if ( $args{'Ticket'} && $args{'Ticket'}->Id ) {
+        my $qname = $args{'Queue'}->Name;
         # We have a ticket. that means we're commenting or corresponding
         if ( $args{'Action'} =~ /^comment$/i ) {
 
             # check to see whether "Everyone" or "Unprivileged users" can comment on tickets
-            unless ( $everyone->PrincipalObj->HasRight(
-                                                      Object => $args{'Queue'},
-                                                      Right => 'CommentOnTicket'
-                     )
-                     || $unpriv->PrincipalObj->HasRight(
-                                                      Object => $args{'Queue'},
-                                                      Right => 'CommentOnTicket'
-                     )
-              ) {
+            unless ( $everyone->PrincipalObj->HasRight( Object => $args{'Queue'},
+                                                        Right => 'CommentOnTicket' )
+                     || $unpriv->PrincipalObj->HasRight( Object => $args{'Queue'},
+                                                         Right => 'CommentOnTicket' ) )
+            {
+                $RT::Logger->debug("Unprivileged users have no right to comment on ticket in queue '$qname'");
                 return ( $args{'CurrentUser'}, 0 );
             }
         }
         elsif ( $args{'Action'} =~ /^correspond$/i ) {
 
             # check to see whether "Everybody" or "Unprivileged users" can correspond on tickets
-            unless ( $everyone->PrincipalObj->HasRight(Object => $args{'Queue'},
-                                                       Right  => 'ReplyToTicket'
-                     )
-                     || $unpriv->PrincipalObj->HasRight(
-                                                       Object => $args{'Queue'},
-                                                       Right  => 'ReplyToTicket'
-                     )
-              ) {
+            unless ( $everyone->PrincipalObj->HasRight( Object => $args{'Queue'},
+                                                        Right  => 'ReplyToTicket' )
+                     || $unpriv->PrincipalObj->HasRight( Object => $args{'Queue'},
+                                                         Right  => 'ReplyToTicket' ) )
+            {
+                $RT::Logger->debug("Unprivileged users have no right to reply to ticket in queue '$qname'");
                 return ( $args{'CurrentUser'}, 0 );
             }
-
         }
         elsif ( $args{'Action'} =~ /^take$/i ) {
 
             # check to see whether "Everybody" or "Unprivileged users" can correspond on tickets
-            unless ( $everyone->PrincipalObj->HasRight(Object => $args{'Queue'},
-                                                       Right  => 'OwnTicket'
-                     )
-                     || $unpriv->PrincipalObj->HasRight(
-                                                       Object => $args{'Queue'},
-                                                       Right  => 'OwnTicket'
-                     )
-              ) {
+            unless ( $everyone->PrincipalObj->HasRight( Object => $args{'Queue'},
+                                                        Right  => 'OwnTicket' )
+                     || $unpriv->PrincipalObj->HasRight( Object => $args{'Queue'},
+                                                         Right  => 'OwnTicket' ) )
+            {
+                $RT::Logger->debug("Unprivileged users have no right to own ticket in queue '$qname'");
                 return ( $args{'CurrentUser'}, 0 );
             }
 
@@ -147,33 +138,35 @@ sub GetCurrentUser {
         elsif ( $args{'Action'} =~ /^resolve$/i ) {
 
             # check to see whether "Everybody" or "Unprivileged users" can correspond on tickets
-            unless ( $everyone->PrincipalObj->HasRight(Object => $args{'Queue'},
-                                                       Right  => 'ModifyTicket'
-                     )
-                     || $unpriv->PrincipalObj->HasRight(
-                                                       Object => $args{'Queue'},
-                                                       Right  => 'ModifyTicket'
-                     )
-              ) {
+            unless ( $everyone->PrincipalObj->HasRight( Object => $args{'Queue'},
+                                                        Right  => 'ModifyTicket' )
+                     || $unpriv->PrincipalObj->HasRight( Object => $args{'Queue'},
+                                                         Right  => 'ModifyTicket' ) )
+            {
+                $RT::Logger->debug("Unprivileged users have no right to resolve ticket in queue '$qname'");
                 return ( $args{'CurrentUser'}, 0 );
             }
 
         }
         else {
+            $RT::Logger->warning("Action '". ($args{'Action'}||'') ."' is unknown");
             return ( $args{'CurrentUser'}, 0 );
         }
     }
 
     # We're creating a ticket
     elsif ( $args{'Queue'} && $args{'Queue'}->Id ) {
+        my $qname = $args{'Queue'}->Name;
 
         # check to see whether "Everybody" or "Unprivileged users" can create tickets in this queue
         unless ( $everyone->PrincipalObj->HasRight( Object => $args{'Queue'},
                                                     Right  => 'CreateTicket' )
-          ) {
+                 || $unpriv->PrincipalObj->HasRight( Object => $args{'Queue'},
+                                                     Right  => 'CreateTicket' ) )
+        {
+            $RT::Logger->debug("Unprivileged users have no right to create ticket in queue '$qname'");
             return ( $args{'CurrentUser'}, 0 );
         }
-
     }
 
     $CurrentUser = CreateUser( undef, $Address, $Name, $Address, $args{'Message'} );
Freeside billing, trouble ticketing, network monitoring and provisioning