RT 4.0.25 Documentation

This version has reached its end of life and is out of support. Please contact us for upgrade assistance.

RT::Interface::Web

Go to latest version →

NAME

NAME

RT::Interface::Web

ClearSquished

Removes the cached CSS and JS entries, forcing them to be regenerated on next use.

EscapeUTF8 SCALARREF

does a css-busting but minimalist escaping of whatever html you're passing in.

EscapeURI SCALARREF

Escapes URI component according to RFC2396

EncodeJSON SCALAR

Encodes the SCALAR to JSON and returns a JSON string. SCALAR may be a simple value or a reference.

WebCanonicalizeInfo();

Different web servers set different environmental varibles. This function must return something suitable for REMOTE_USER. By default, just downcase $ENV{'REMOTE_USER'}

WebExternalAutoInfo($user);

Returns a hash of user attributes, used when WebExternalAuto is set.

LoginError ERROR

Pushes a login error into the Actions session store and returns the hash key.

SetNextPage ARGSRef [PATH]

Intuits and stashes the next page in the sesssion hash. If PATH is specified, uses that instead of the value of IntuitNextPage(). Returns the hash value.

FetchNextPage HASHKEY

Returns the stashed next page hashref for the given hash.

RemoveNextPage HASHKEY

Removes the stashed next page for the given hash and returns it.

TangentForLogin ARGSRef [HASH]

Redirects to /NoAuth/Login.html, setting the value of IntuitNextPage as the next page. Takes a hashref of request %ARGS as the first parameter. Optionally takes all other parameters as a hash which is dumped into query params.

TangentForLoginWithError ERROR

Localizes the passed error message, stashes it with LoginError and then calls TangentForLogin with the appropriate results key.

IntuitNextPage

Attempt to figure out the path to which we should return the user after a tangent. The current request URL is used, or failing that, the WebURL configuration variable.

MaybeShowInstallModePage

This function, called exclusively by RT's autohandler, dispatches a request to RT's Installation workflow, only if Install Mode is enabled in the configuration file.

If it serves a page, it stops mason processing. Otherwise, mason just keeps running through the autohandler

MaybeShowNoAuthPage \%ARGS

This function, called exclusively by RT's autohandler, dispatches a request to the page a user requested (but only if it matches the "noauth" regex.

If it serves a page, it stops mason processing. Otherwise, mason just keeps running through the autohandler

MaybeRejectPrivateComponentRequest

This function will reject calls to private components, like those under /Elements. If the requested path is a private component then we will abort with a 403 error.

ShowRequestedPage \%ARGS

This function, called exclusively by RT's autohandler, dispatches a request to the page a user requested (making sure that unpriviled users can only see self-service pages.

LoadSessionFromCookie

Load or setup a session cookie for the current user.

Redirect URL

This routine ells the current user's browser to redirect to URL. Additionally, it unties the user's currently active session, helping to avoid A bug in Apache::Session 1.81 and earlier which clobbers sessions if we try to use a cached DBI statement handle twice at the same time.

CacheControlExpiresHeaders

set both Cache-Control and Expires http headers

StaticFileHeaders

Send the browser a few headers to try to get it to (somewhat agressively) cache RT's static Javascript and CSS files.

This routine could really use _accurate_ heuristics. (XXX TODO)

ComponentPathIsSafe PATH

Takes PATH and returns a boolean indicating that the user-specified partial component path is safe.

Currently "safe" means that the path does not start with a dot (.), does not contain a slash-dot /., and does not contain any nulls.

PathIsSafe

Takes a Path => path and returns a boolean indicating that the path is safely within RT's control or not. The path must be relative.

This function does not consult the filesystem at all; it is merely a logical sanity checking of the path. This explicitly does not handle symlinks; if you have symlinks in RT's webroot pointing outside of it, then we assume you know what you are doing.

SendStaticFile

Takes a File => path and a Type => Content-type

If Type isn't provided and File is an image, it will figure out a sane Content-type, otherwise it will send application/octet-stream

Will set caching headers using StaticFileHeaders

_NormalizeHost

Takes a URI and creates a URI object that's been normalized to handle common problems such as localhost vs 127.0.0.1

loc ARRAY

loc is a nice clean global routine which calls $session{'CurrentUser'}->loc() with whatever it's called with. If there is no $session{'CurrentUser'}, it creates a temporary user, so we have something to get a localisation handle through

loc_fuzzy STRING

loc_fuzzy is for handling localizations of messages that may already contain interpolated variables, typically returned from libraries outside RT's control. It takes the message string and extracts the variable array automatically by matching against the candidate entries inside the lexicon file.

MaybeRedirectToApproval Path => 'path', Whitelist => REGEX, ARGSRef => HASHREF

If the ticket specified by $ARGSRef->{id} is an approval ticket, redirect to the approvals display page, preserving any arguments.

Paths matching Whitelist are let through.

This is a no-op if the ForceApprovalsView option isn't enabled.

CreateTicket ARGS

Create a new ticket, using Mason's %ARGS. returns @results.

LoadTicket id

Takes a ticket id as its only variable. if it's handed an array, it takes the first value.

Returns an RT::Ticket object as the current user.

ProcessUpdateMessage

Takes paramhash with fields ARGSRef, TicketObj and SkipSignatureOnly.

Don't write message if it only contains current user's signature and SkipSignatureOnly argument is true. Function anyway adds attachments and updates time worked field even if skips message. The default value is true.

MakeMIMEEntity PARAMHASH

Takes a paramhash Subject, Body and AttachmentFieldName.

Also takes Form, Cc and Type as optional paramhash keys.

  Returns a MIME::Entity.

ParseDateToISO

Takes a date in an arbitrary format. Returns an ISO date and time in GMT

ProcessACLs

ProcessACLs expects values from a series of checkboxes that describe the full set of rights a principal should have on an object.

It expects form inputs with names like SetRights-PrincipalId-ObjType-ObjId instead of with the prefixes Grant/RevokeRight. Each input should be an array listing the rights the principal should have, and ProcessACLs will modify the current rights to match. Additionally, the previously unused CheckACL input listing PrincipalId-ObjType-ObjId is now used to catch cases when all the rights are removed from a principal and as such no SetRights input is submitted.

_ParseACLNewPrincipal

Takes a hashref of %ARGS and a principal type (user or group). Looks for the presence of rights being added on a principal of the specified type, and returns undef if no new principal is being granted rights. Otherwise loads up an RT::User or RT::Group object and returns it. Note that the object may not be successfully loaded, and you should check -id> yourself.

    package HTML::Mason::Commands;
    # Let tables through
    push @SCRUBBER_ALLOWED_TAGS, qw(TABLE THEAD TBODY TFOOT TR TD TH);
    1;

JSON

Redispatches to "EncodeJSON" in RT::Interface::Web

← Back to index