1 %# BEGIN BPS TAGGED BLOCK {{{
5 %# This software is Copyright (c) 1996-2017 Best Practical Solutions, LLC
6 %# <sales@bestpractical.com>
8 %# (Except where explicitly superseded by other copyright notices)
13 %# This work is made available to you under the terms of Version 2 of
14 %# the GNU General Public License. A copy of that license should have
15 %# been provided with this software, but in any event can be snarfed
18 %# This work is distributed in the hope that it will be useful, but
19 %# WITHOUT ANY WARRANTY; without even the implied warranty of
20 %# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 %# General Public License for more details.
23 %# You should have received a copy of the GNU General Public License
24 %# along with this program; if not, write to the Free Software
25 %# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
26 %# 02110-1301 or visit their web page on the internet at
27 %# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html.
30 %# CONTRIBUTION SUBMISSION POLICY:
32 %# (The following paragraph is not intended to limit the rights granted
33 %# to you to modify and distribute this software under the terms of
34 %# the GNU General Public License and is only of importance to you if
35 %# you choose to contribute your changes and enhancements to the
36 %# community by submitting them to Best Practical Solutions, LLC.)
38 %# By intentionally submitting any modifications, corrections or
39 %# derivatives to this work, or any other work intended for use with
40 %# Request Tracker, to Best Practical Solutions, LLC, you confirm that
41 %# you are the copyright holder for those contributions and you grant
42 %# Best Practical Solutions, LLC a nonexclusive, worldwide, irrevocable,
43 %# royalty-free, perpetual, license to use, copy, create derivative
44 %# works based on those contributions, and sublicense and distribute
45 %# those contributions and any derivatives thereof.
47 %# END BPS TAGGED BLOCK }}}
48 %# REST/1.0/search/dhandler
57 my $type = $m->dhandler_arg;
58 my ( $status, $output );
60 if ( $type =~ /^(ticket|queue|user|group)$/i ) {
67 && !$session{CurrentUser}->HasRight(
68 Object => $RT::System,
69 Right => 'AdminUsers',
74 $status = "403 Forbidden";
75 $output = "Permission denied";
79 my $class = 'RT::' . ucfirst $type . 's';
80 my $objects = $class->new( $session{CurrentUser} );
82 # Parse and validate any field specifications.
83 require RT::Interface::REST;
84 my $field = RT::Interface::REST->field_spec;
85 my ( %fields, @fields );
88 unless ( $fields =~ /^(?:$field,)*$field$/ ) {
89 $status = "400 Bad Request";
90 $output = "Invalid field specification: $fields";
93 @fields = map lc, split /\s*,\s*/, $fields;
94 @fields{@fields} = ();
95 unless ( exists $fields{id} ) {
96 unshift @fields, "id";
102 if ( $format !~ /^[isl]$/ ) {
103 $status = "400 Bad request";
104 $output = "Unknown listing format: $format. (Use i, s, or l.)\n";
113 if ( $type eq 'group' ) {
114 $objects->LimitToUserDefinedGroups;
117 if ( defined $query && length $query ) {
118 if ( $type eq 'ticket' ) {
120 eval { ( $n, $s ) = $objects->FromSQL($query); };
121 if ( $@ || $n == 0 ) {
123 $status = "400 Bad request";
124 $output = "Invalid query: '$s'.\n";
129 require Text::ParseWords;
130 my ( $field, $op, $value ) = Text::ParseWords::shellwords($query);
132 /^(?:[!<>]?=|[<>]|(NOT )?LIKE|STARTSWITH|ENDSWITH|MATCHES)$/i )
134 $status = "400 Bad Request";
135 $output = "Invalid operator specification: $op";
139 if ( ! $search_whitelist{$type}{lc $field} ) {
140 $status = "400 Bad Request";
141 $output = "Invalid field specification: $field";
146 if ( $field && $op && defined $value ) {
147 if ( $field eq 'Disabled' ) {
149 if ( $type eq 'queue' ) {
150 $objects->FindAllRows;
158 $objects->LimitToDeleted;
162 if ( $type eq 'queue' ) {
166 $objects->LimitToEnabled;
180 $output = "Invalid query specification: $query";
186 if ( $type eq 'queue' ) {
189 elsif ( $type eq 'user' ) {
190 $objects->LimitToPrivileged;
195 my ( $order, $field ) = $orderby =~ /^([\+\-])?(.+)/;
196 $order = $order && $order eq '-' ? 'DESC' : 'ASC';
197 $objects->OrderBy( FIELD => $field, ORDER => $order );
200 while ( my $object = $objects->Next ) {
201 next if $type eq 'user' && ( $object->id == RT->SystemUser->id || $object->id == RT->Nobody->id );
204 my $id = $object->Id;
205 if ( $format eq "i" ) {
206 $output .= "$type/" . $id . "\n";
208 elsif ( $format eq "s" ) {
210 my $result = $m->comp(
211 "/REST/1.0/Forms/$type/default",
216 my ( $notes, $order, $key_values, $errors ) = @$result;
218 # If it's the first time through, add our header
220 $output .= join( "\t", @$order ) . "\n";
223 # Cut off the annoying $type/ before the id;
224 $key_values->{'id'} = $id;
228 ref $key_values->{$_} eq 'ARRAY'
229 ? join( ', ', @{ $key_values->{$_} } )
235 if ( $type eq 'ticket' ) {
236 $output .= $object->Id . ": " . $object->Subject . "\n";
239 $output .= $object->Id . ": " . $object->Name . "\n";
245 "/REST/1.0/Forms/$type/default",
250 my ( $c, $o, $k, $e ) = @$d;
251 push @output, [ $c, $o, $k ];
254 if ( $n == 0 && $format ne "i" ) {
255 $output = "No matching results.\n";
258 $output = form_compose( \@output ) if @output;
261 $status = "500 Server Error";
262 $output = "Unsupported object type.";
267 $m->out("RT/". $RT::VERSION . " " . $status ."\n\n");
272 my %search_whitelist = (
275 grep { $RT::Record::_TABLE_ATTR->{'RT::Queue'}{$_}{read} }
276 keys %{ $RT::Record::_TABLE_ATTR->{'RT::Queue'} }
281 grep { $RT::Record::_TABLE_ATTR->{'RT::User'}{$_}{read} }
282 keys %{ $RT::Record::_TABLE_ATTR->{'RT::User'} }
287 grep { $RT::Record::_TABLE_ATTR->{'RT::Group'}{$_}{read} }
288 keys %{ $RT::Record::_TABLE_ATTR->{'RT::Group'} }