-
Notifications
You must be signed in to change notification settings - Fork 1.6k
/
api.tickets.php
229 lines (189 loc) · 7.97 KB
/
api.tickets.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
<?php
include_once INCLUDE_DIR.'class.api.php';
include_once INCLUDE_DIR.'class.ticket.php';
class TicketApiController extends ApiController {
# Supported arguments -- anything else is an error. These items will be
# inspected _after_ the fixup() method of the ApiXxxDataParser classes
# so that all supported input formats should be supported
function getRequestStructure($format, $data=null) {
$supported = array(
"alert", "autorespond", "source", "topicId",
"attachments" => array("*" =>
array("name", "type", "data", "encoding", "size")
),
"message", "ip", "priorityId"
);
# Fetch dynamic form field names for the given help topic and add
# the names to the supported request structure
if (isset($data['topicId'])
&& ($topic = Topic::lookup($data['topicId']))
&& ($forms = $topic->getForms())) {
foreach ($forms as $form)
foreach ($form->getDynamicFields() as $field)
$supported[] = $field->get('name');
}
# Ticket form fields
# TODO: Support userId for existing user
if(($form = TicketForm::getInstance()))
foreach ($form->getFields() as $field)
$supported[] = $field->get('name');
# User form fields
if(($form = UserForm::getInstance()))
foreach ($form->getFields() as $field)
$supported[] = $field->get('name');
if(!strcasecmp($format, 'email')) {
$supported = array_merge($supported, array('header', 'mid',
'emailId', 'to-email-id', 'ticketId', 'reply-to', 'reply-to-name',
'in-reply-to', 'references', 'thread-type',
'mailflags' => array('bounce', 'auto-reply', 'spam', 'viral'),
'recipients' => array('*' => array('name', 'email', 'source'))
));
$supported['attachments']['*'][] = 'cid';
}
return $supported;
}
/*
Validate data - overwrites parent's validator for additional validations.
*/
function validate(&$data, $format, $strict=true) {
global $ost;
//Call parent to Validate the structure
if(!parent::validate($data, $format, $strict) && $strict)
$this->exerr(400, __('Unexpected or invalid data received'));
// Use the settings on the thread entry on the ticket details
// form to validate the attachments in the email
$tform = TicketForm::objects()->one()->getForm();
$messageField = $tform->getField('message');
$fileField = $messageField->getWidget()->getAttachments();
// Nuke attachments IF API files are not allowed.
if (!$messageField->isAttachmentsEnabled())
$data['attachments'] = array();
//Validate attachments: Do error checking... soft fail - set the error and pass on the request.
if ($data['attachments'] && is_array($data['attachments'])) {
foreach($data['attachments'] as &$file) {
if ($file['encoding'] && !strcasecmp($file['encoding'], 'base64')) {
if(!($file['data'] = base64_decode($file['data'], true)))
$file['error'] = sprintf(__('%s: Poorly encoded base64 data'),
Format::htmlchars($file['name']));
}
// Validate and save immediately
try {
$F = $fileField->uploadAttachment($file);
$file['id'] = $F->getId();
}
catch (FileUploadError $ex) {
$file['error'] = $file['name'] . ': ' . $ex->getMessage();
}
}
unset($file);
}
return true;
}
function create($format) {
if(!($key=$this->requireApiKey()) || !$key->canCreateTickets())
return $this->exerr(401, __('API key not authorized'));
$ticket = null;
if(!strcasecmp($format, 'email')) {
# Handle remote piped emails - could be a reply...etc.
$ticket = $this->processEmail();
} else {
# Parse request body
$ticket = $this->createTicket($this->getRequest($format));
}
if(!$ticket)
return $this->exerr(500, __("Unable to create new ticket: unknown error"));
$this->response(201, $ticket->getNumber());
}
/* private helper functions */
function createTicket($data) {
# Pull off some meta-data
$alert = (bool) (isset($data['alert']) ? $data['alert'] : true);
$autorespond = (bool) (isset($data['autorespond']) ? $data['autorespond'] : true);
# Assign default value to source if not defined, or defined as NULL
$data['source'] = isset($data['source']) ? $data['source'] : 'API';
# Create the ticket with the data (attempt to anyway)
$errors = array();
$ticket = Ticket::create($data, $errors, $data['source'], $autorespond, $alert);
# Return errors (?)
if (count($errors)) {
if(isset($errors['errno']) && $errors['errno'] == 403)
return $this->exerr(403, __('Ticket denied'));
else
return $this->exerr(
400,
__("Unable to create new ticket: validation errors").":\n"
.Format::array_implode(": ", "\n", $errors)
);
} elseif (!$ticket) {
return $this->exerr(500, __("Unable to create new ticket: unknown error"));
}
return $ticket;
}
function processEmail($data=false) {
if (!$data)
$data = $this->getEmailRequest();
$seen = false;
if (($entry = ThreadEntry::lookupByEmailHeaders($data, $seen))
&& ($message = $entry->postEmail($data))
) {
if ($message instanceof ThreadEntry) {
return $message->getThread()->getObject();
}
else if ($seen) {
// Email has been processed previously
return $entry->getThread()->getObject();
}
}
// Allow continuation of thread without initial message or note
elseif (($thread = Thread::lookupByEmailHeaders($data))
&& ($message = $thread->postEmail($data))
) {
return $thread->getObject();
}
// All emails which do not appear to be part of an existing thread
// will always create new "Tickets". All other objects will need to
// be created via the web interface or the API
return $this->createTicket($data);
}
}
//Local email piping controller - no API key required!
class PipeApiController extends TicketApiController {
//Overwrite grandparent's (ApiController) response method.
function response($code, $resp) {
//Use postfix exit codes - instead of HTTP
switch($code) {
case 201: //Success
$exitcode = 0;
break;
case 400:
$exitcode = 66;
break;
case 401: /* permission denied */
case 403:
$exitcode = 77;
break;
case 415:
case 416:
case 417:
case 501:
$exitcode = 65;
break;
case 503:
$exitcode = 69;
break;
case 500: //Server error.
default: //Temp (unknown) failure - retry
$exitcode = 75;
}
//echo "$code ($exitcode):$resp";
//We're simply exiting - MTA will take care of the rest based on exit code!
exit($exitcode);
}
function process() {
$pipe = new PipeApiController();
if(($ticket=$pipe->processEmail()))
return $pipe->response(201, $ticket->getNumber());
return $pipe->exerr(416, __('Request failed - retry again!'));
}
}
?>