RT 3.8.17 Documentation

RT::Interface::Web

EscapeUTF8 SCALARREF

does a css-busting but minimalist escaping of whatever html you're passing in.

EscapeURI SCALARREF

Escapes URI component according to RFC2396

WebCanonicalizeInfo();

Different web servers set different environmental varibles. This function must return something suitable for REMOTE_USER. By default, just downcase $ENV{'REMOTE_USER'}

WebExternalAutoInfo($user);

Returns a hash of user attributes, used when WebExternalAuto is set.

LoginError ERROR

Pushes a login error into the Actions session store and returns the hash key.

SetNextPage ARGSRef [PATH]

Intuits and stashes the next page in the sesssion hash. If PATH is specified, uses that instead of the value of IntuitNextPage(). Returns the hash value.

FetchNextPage HASHKEY

Returns the stashed next page hashref for the given hash.

RemoveNextPage HASHKEY

Removes the stashed next page for the given hash and returns it.

TangentForLogin ARGSRef [HASH]

Redirects to /NoAuth/Login.html, setting the value of IntuitNextPage as the next page. Takes a hashref of request %ARGS as the first parameter. Optionally takes all other parameters as a hash which is dumped into query params.

TangentForLoginWithError ERROR

Localizes the passed error message, stashes it with LoginError and then calls TangentForLogin with the appropriate results key.

IntuitNextPage

Attempt to figure out the path to which we should return the user after a tangent. The current request URL is used, or failing that, the WebURL configuration variable.

MaybeShowInstallModePage

This function, called exclusively by RT's autohandler, dispatches a request to RT's Installation workflow, only if Install Mode is enabled in the configuration file.

If it serves a page, it stops mason processing. Otherwise, mason just keeps running through the autohandler

MaybeShowNoAuthPage \%ARGS

This function, called exclusively by RT's autohandler, dispatches a request to the page a user requested (but only if it matches the "noauth" regex.

If it serves a page, it stops mason processing. Otherwise, mason just keeps running through the autohandler

MaybeRejectPrivateComponentRequest

This function will reject calls to private components, like those under /Elements. If the requested path is a private component then we will abort with a 403 error.

ShowRequestedPage \%ARGS

This function, called exclusively by RT's autohandler, dispatches a request to the page a user requested (making sure that unpriviled users can only see self-service pages.

LoadSessionFromCookie

Load or setup a session cookie for the current user.

Redirect URL

This routine ells the current user's browser to redirect to URL. Additionally, it unties the user's currently active session, helping to avoid A bug in Apache::Session 1.81 and earlier which clobbers sessions if we try to use a cached DBI statement handle twice at the same time.

StaticFileHeaders

Send the browser a few headers to try to get it to (somewhat agressively) cache RT's static Javascript and CSS files.

This routine could really use _accurate_ heuristics. (XXX TODO)

ComponentPathIsSafe PATH

Takes PATH and returns a boolean indicating that the user-specified partial component path is safe.

Currently "safe" means that the path does not start with a dot (.), does not contain a slash-dot /., and does not contain any nulls.

PathIsSafe

Takes a Path => path and returns a boolean indicating that the path is safely within RT's control or not. The path must be relative.

This function does not consult the filesystem at all; it is merely a logical sanity checking of the path. This explicitly does not handle symlinks; if you have symlinks in RT's webroot pointing outside of it, then we assume you know what you are doing.

SendStaticFile

Takes a File => path and a Type => Content-type

If Type isn't provided and File is an image, it will figure out a sane Content-type, otherwise it will send application/octet-stream

Will set caching headers using StaticFileHeaders

_NormalizeHost

Takes a URI and creates a URI object that's been normalized to handle common problems such as localhost vs 127.0.0.1

loc ARRAY

loc is a nice clean global routine which calls $session{'CurrentUser'}->loc() with whatever it's called with. If there is no $session{'CurrentUser'}, it creates a temporary user, so we have something to get a localisation handle through

loc_fuzzy STRING

loc_fuzzy is for handling localizations of messages that may already contain interpolated variables, typically returned from libraries outside RT's control. It takes the message string and extracts the variable array automatically by matching against the candidate entries inside the lexicon file.

CreateTicket ARGS

Create a new ticket, using Mason's %ARGS. returns @results.

LoadTicket id

Takes a ticket id as its only variable. if it's handed an array, it takes the first value.

Returns an RT::Ticket object as the current user.

ProcessUpdateMessage

Takes paramhash with fields ARGSRef, TicketObj and SkipSignatureOnly.

Don't write message if it only contains current user's signature and SkipSignatureOnly argument is true. Function anyway adds attachments and updates time worked field even if skips message. The default value is true.

MakeMIMEEntity PARAMHASH

Takes a paramhash Subject, Body and AttachmentFieldName.

Also takes Form, Cc and Type as optional paramhash keys.

  Returns a MIME::Entity.

    package HTML::Mason::Commands;
    # Let tables through
    push @SCRUBBER_ALLOWED_TAGS, qw(TABLE THEAD TBODY TFOOT TR TD TH);
    1;

← Back to index