kolan
/
Redmine
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Adds a 'no_permission_check' option to the MailHandler. 

Used with the 'project' option, it allows anyone to submit emails to a private inbox project (#4407).

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3195 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
Jean-Philippe Lang 2009-12-19 14:08:48 +00:00
parent 9d120c872c
commit 06ca18b042
4 changed files with 52 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
app/models/mail_handler.rb
View File

@ -34,6 +34,8 @@ class MailHandler < ActionMailer::Base
@@handler_options[:allow_override] << 'project' unless @@handler_options[:issue].has_key?(:project) @@handler_options[:allow_override] << 'project' unless @@handler_options[:issue].has_key?(:project)
# Status overridable by default # Status overridable by default
@@handler_options[:allow_override] << 'status' unless @@handler_options[:issue].has_key?(:status) @@handler_options[:allow_override] << 'status' unless @@handler_options[:issue].has_key?(:status)
@@handler_options[:no_permission_check] = (@@handler_options[:no_permission_check].to_s == '1' ? true : false)
super email super email
end end
@ -120,7 +122,10 @@ class MailHandler < ActionMailer::Base
status = (get_keyword(:status) && IssueStatus.find_by_name(get_keyword(:status))) status = (get_keyword(:status) && IssueStatus.find_by_name(get_keyword(:status)))
# check permission # check permission
raise UnauthorizedAction unless user.allowed_to?(:add_issues, project) unless @@handler_options[:no_permission_check]
raise UnauthorizedAction unless user.allowed_to?(:add_issues, project)
end
issue = Issue.new(:author => user, :project => project, :tracker => tracker, :category => category, :priority => priority) issue = Issue.new(:author => user, :project => project, :tracker => tracker, :category => category, :priority => priority)
# check workflow # check workflow
if status && issue.new_statuses_allowed_to(user).include?(status) if status && issue.new_statuses_allowed_to(user).include?(status)
@ -163,8 +168,10 @@ class MailHandler < ActionMailer::Base
issue = Issue.find_by_id(issue_id) issue = Issue.find_by_id(issue_id)
return unless issue return unless issue
# check permission # check permission
raise UnauthorizedAction unless user.allowed_to?(:add_issue_notes, issue.project) || user.allowed_to?(:edit_issues, issue.project) unless @@handler_options[:no_permission_check]
raise UnauthorizedAction unless status.nil? || user.allowed_to?(:edit_issues, issue.project) raise UnauthorizedAction unless user.allowed_to?(:add_issue_notes, issue.project) || user.allowed_to?(:edit_issues, issue.project)
raise UnauthorizedAction unless status.nil? || user.allowed_to?(:edit_issues, issue.project)
end
# add the note # add the note
journal = issue.init_journal(user, plain_text_body) journal = issue.init_journal(user, plain_text_body)
@ -191,7 +198,12 @@ class MailHandler < ActionMailer::Base
message = Message.find_by_id(message_id) message = Message.find_by_id(message_id)
if message if message
message = message.root message = message.root
if user.allowed_to?(:add_messages, message.project) && !message.locked?
unless @@handler_options[:no_permission_check]
raise UnauthorizedAction unless user.allowed_to?(:add_messages, message.project)
end
if !message.locked?
reply = Message.new(:subject => email.subject.gsub(%r{^.*msg\d+\]}, '').strip, reply = Message.new(:subject => email.subject.gsub(%r{^.*msg\d+\]}, '').strip,
:content => plain_text_body) :content => plain_text_body)
reply.author = user reply.author = user
@ -200,7 +212,7 @@ class MailHandler < ActionMailer::Base
add_attachments(reply) add_attachments(reply)
reply reply
else else
raise UnauthorizedAction logger.info "MailHandler: ignoring reply from [#{sender_email}] to a locked topic" if logger && logger.info
end end
end end
end end

12
extra/mail_handler/rdm-mailhandler.rb
View File

@ -20,6 +20,8 @@
# ignore: email is ignored (default) # ignore: email is ignored (default)
# accept: accept as anonymous user # accept: accept as anonymous user
# create: create a user account # create: create a user account
# --no-permission-check disable permission checking when receiving
# the email
# -h, --help show this help # -h, --help show this help
# -v, --verbose show extra information # -v, --verbose show extra information
# -V, --version show version information and exit # -V, --version show version information and exit
@ -69,7 +71,7 @@ end
class RedmineMailHandler class RedmineMailHandler
VERSION = '0.1' VERSION = '0.1'
attr_accessor :verbose, :issue_attributes, :allow_override, :unknown_user, :url, :key attr_accessor :verbose, :issue_attributes, :allow_override, :unknown_user, :no_permission_check, :url, :key
def initialize def initialize
self.issue_attributes = {} self.issue_attributes = {}
@ -86,7 +88,8 @@ class RedmineMailHandler
[ '--category', GetoptLong::REQUIRED_ARGUMENT], [ '--category', GetoptLong::REQUIRED_ARGUMENT],
[ '--priority', GetoptLong::REQUIRED_ARGUMENT], [ '--priority', GetoptLong::REQUIRED_ARGUMENT],
[ '--allow-override', '-o', GetoptLong::REQUIRED_ARGUMENT], [ '--allow-override', '-o', GetoptLong::REQUIRED_ARGUMENT],
[ '--unknown-user', GetoptLong::REQUIRED_ARGUMENT] [ '--unknown-user', GetoptLong::REQUIRED_ARGUMENT],
[ '--no-permission-check', GetoptLong::NO_ARGUMENT]
) )
opts.each do |opt, arg| opts.each do |opt, arg|
@ -107,6 +110,8 @@ class RedmineMailHandler
self.allow_override = arg.dup self.allow_override = arg.dup
when '--unknown-user' when '--unknown-user'
self.unknown_user = arg.dup self.unknown_user = arg.dup
when '--no-permission-check'
self.no_permission_check = '1'
end end
end end
@ -118,7 +123,8 @@ class RedmineMailHandler
data = { 'key' => key, 'email' => email, data = { 'key' => key, 'email' => email,
'allow_override' => allow_override, 'allow_override' => allow_override,
'unknown_user' => unknown_user } 'unknown_user' => unknown_user,
'no_permission_check' => no_permission_check}
issue_attributes.each { |attr, value| data["issue[#{attr}]"] = value } issue_attributes.each { |attr, value| data["issue[#{attr}]"] = value }
debug "Posting to #{uri}..." debug "Posting to #{uri}..."

6
lib/tasks/email.rake
View File

@ -27,6 +27,8 @@ General options:
ignore: email is ignored (default) ignore: email is ignored (default)
accept: accept as anonymous user accept: accept as anonymous user
create: create a user account create: create a user account
no_permission_check=1 disable permission checking when receiving
the email
Issue attributes control options: Issue attributes control options:
project=PROJECT identifier of the target project project=PROJECT identifier of the target project
@ -55,6 +57,7 @@ END_DESC
%w(project status tracker category priority).each { |a| options[:issue][a.to_sym] = ENV[a] if ENV[a] } %w(project status tracker category priority).each { |a| options[:issue][a.to_sym] = ENV[a] if ENV[a] }
options[:allow_override] = ENV['allow_override'] if ENV['allow_override'] options[:allow_override] = ENV['allow_override'] if ENV['allow_override']
options[:unknown_user] = ENV['unknown_user'] if ENV['unknown_user'] options[:unknown_user] = ENV['unknown_user'] if ENV['unknown_user']
options[:no_permission_check] = ENV['no_permission_check'] if ENV['no_permission_check']
MailHandler.receive(STDIN.read, options) MailHandler.receive(STDIN.read, options)
end end
@ -68,6 +71,8 @@ General options:
ignore: email is ignored (default) ignore: email is ignored (default)
accept: accept as anonymous user accept: accept as anonymous user
create: create a user account create: create a user account
no_permission_check=1 disable permission checking when receiving
the email
Available IMAP options: Available IMAP options:
host=HOST IMAP server host (default: 127.0.0.1) host=HOST IMAP server host (default: 127.0.0.1)
@ -123,6 +128,7 @@ END_DESC
%w(project status tracker category priority).each { |a| options[:issue][a.to_sym] = ENV[a] if ENV[a] } %w(project status tracker category priority).each { |a| options[:issue][a.to_sym] = ENV[a] if ENV[a] }
options[:allow_override] = ENV['allow_override'] if ENV['allow_override'] options[:allow_override] = ENV['allow_override'] if ENV['allow_override']
options[:unknown_user] = ENV['unknown_user'] if ENV['unknown_user'] options[:unknown_user] = ENV['unknown_user'] if ENV['unknown_user']
options[:no_permission_check] = ENV['no_permission_check'] if ENV['no_permission_check']
Redmine::IMAP.check(imap_options, options) Redmine::IMAP.check(imap_options, options)
end end

20
test/unit/mail_handler_test.rb
View File

@ -165,6 +165,26 @@ class MailHandlerTest < ActiveSupport::TestCase
end end
end end
def test_add_issue_by_anonymous_user_on_private_project
Role.anonymous.add_permission!(:add_issues)
assert_no_difference 'User.count' do
assert_no_difference 'Issue.count' do
assert_equal false, submit_email('ticket_by_unknown_user.eml', :issue => {:project => 'onlinestore'}, :unknown_user => 'accept')
end
end
end
def test_add_issue_by_anonymous_user_on_private_project_without_permission_check
assert_no_difference 'User.count' do
assert_difference 'Issue.count' do
issue = submit_email('ticket_by_unknown_user.eml', :issue => {:project => 'onlinestore'}, :no_permission_check => '1', :unknown_user => 'accept')
assert issue.is_a?(Issue)
assert issue.author.anonymous?
assert !issue.project.is_public?
end
end
end
def test_add_issue_by_created_user def test_add_issue_by_created_user
Setting.default_language = 'en' Setting.default_language = 'en'
assert_difference 'User.count' do assert_difference 'User.count' do