X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=FS%2FFS%2FTicketSystem%2FRT_Internal.pm;h=6fb2c187de835db9f7b75e211add7623d5cb0927;hb=a63a7c017dd67aba394bd97605aa12b9321542f7;hp=e2dfce373df8fe557d99af9150359a2c1dd984b1;hpb=77d86a9c7df669870ff2cb2f15ba055aa28f1e99;p=freeside.git diff --git a/FS/FS/TicketSystem/RT_Internal.pm b/FS/FS/TicketSystem/RT_Internal.pm index e2dfce373..6fb2c187d 100644 --- a/FS/FS/TicketSystem/RT_Internal.pm +++ b/FS/FS/TicketSystem/RT_Internal.pm @@ -50,7 +50,7 @@ sub access_right { sub session { my( $self, $session ) = @_; - if ( $session && $session->{'Current_User'} ) { # does this even work? + if ( $session && $session->{'CurrentUser'} ) { # does this even work? warn "$me session: using existing session and CurrentUser: \n". Dumper($session->{'CurrentUser'}) if $DEBUG; @@ -92,6 +92,7 @@ sub init { # this needs to be done on each fork warn "$me init: initializing RT\n" if $DEBUG; { + local $SIG{__WARN__}; local $SIG{__DIE__}; eval 'RT::Init("NoSignalHandlers"=>1);'; } @@ -110,7 +111,7 @@ properly. # create an RT::Tickets object for a specified custnum or svcnum sub _tickets_search { - my ( $self, $type, $number, $limit, $priority ) = @_; + my( $self, $type, $number, $limit, $priority, $status ) = @_; $type =~ /^Customer|Service$/ or die "invalid type: $type"; $number =~ /^\d+$/ or die "invalid custnum/svcnum: $number"; @@ -135,9 +136,28 @@ sub _tickets_search { } } - $rtql .= ' AND ( ' . - join(' OR ', map { "Status = '$_'" } $self->statuses) . - ' )'; + my @statuses; + if ( defined($status) && $status ) { + if ( ref($status) ) { + if ( ref($status) eq 'HASH' ) { + @statuses = grep $status->{$_}, keys %$status; + } elsif ( ref($status) eq 'ARRAY' ) { + @statuses = @$status; + } else { + #what should be the failure mode here? die? return no tickets? + die 'unknown status ref '. ref($status); + } + } else { + @statuses = ( $status ); + } + @statuses = grep /^\w+$/, @statuses; #injection prevention + } else { + @statuses = $self->statuses; + } + + $rtql .= ' AND ( '. + join(' OR ', map { "Status = '$_'" } @statuses). + ' ) '; warn "$me _customer_tickets_search:\n$rtql\n" if $DEBUG; $Tickets->FromSQL($rtql); @@ -434,23 +454,21 @@ sub get_ticket_object { my $self = shift; my ($session, %opt) = @_; $session = $self->session(shift); - my $Ticket = RT::Ticket->new($session->{CurrentUser}); - $Ticket->Load($opt{'ticket_id'}); - return if ( !$Ticket->id ); - my $custnum = $opt{'custnum'}; - if ( defined($custnum) && $custnum =~ /^\d+$/ ) { - # probably the most efficient way to check ticket ownership - my $Link = RT::Link->new($session->{CurrentUser}); - $Link->LoadByCols( LocalBase => $opt{'ticket_id'}, - Type => 'MemberOf', - Target => "freeside://freeside/cust_main/$custnum", - ); - return if ( !$Link->id ); + # use a small search here so we can check ticket ownership + my $query; + if ( $opt{'ticket_id'} =~ /^(\d+)$/ ) { + $query = "id = $1"; + } else { + return; } - return $Ticket; + if ( $opt{'custnum'} =~ /^(\d+)$/ ) { + $query .= " AND Customer.number = $1"; # also checks ownership via services + } + my $Tickets = RT::Tickets->new($session->{CurrentUser}); + $Tickets->FromSQL($query); + return $Tickets->First; } - =item correspond_ticket SESSION_HASHREF, OPTION => VALUE ... Class method. Correspond on a ticket. If there is an error, returns the scalar @@ -588,7 +606,7 @@ sub _web_external_auth { # we failed to successfully create the user. abort abort abort. delete $session->{'CurrentUser'}; - die "can't auto-create RT user"; #an error message would be nice :/ + die "can't auto-create RT user: $msg"; #an error message would be nice :/ #$m->abort() unless $RT::WebFallbackToInternalAuth; #$m->comp( '/Elements/Login', %ARGS, # Error => loc( 'Cannot create user: [_1]', $msg ) );