RT 4.2.13 Documentation

RT::Interface::Web

Go to latest version →

NAME

RT::Interface::Web

SquishedCSS $style

SquishedJS

JSFiles

ClearSquished

Removes the cached CSS and JS entries, forcing them to be regenerated on next use.

EscapeHTML SCALARREF

does a css-busting but minimalist escaping of whatever html you're passing in.

EscapeURI SCALARREF

Escapes URI component according to RFC2396

EncodeJSON SCALAR

Encodes the SCALAR to JSON and returns a JSON Unicode (not UTF-8) string. SCALAR may be a simple value or a reference.

WebCanonicalizeInfo();

Different web servers set different environmental varibles. This function must return something suitable for REMOTE_USER. By default, just downcase $ENV{'REMOTE_USER'}

WebRemoteUserAutocreateInfo($user);

Returns a hash of user attributes, used when WebRemoteUserAutocreate is set.

LoginError ERROR

Pushes a login error into the Actions session store and returns the hash key.

SetNextPage ARGSRef [PATH]

Intuits and stashes the next page in the sesssion hash. If PATH is specified, uses that instead of the value of IntuitNextPage(). Returns the hash value.

FetchNextPage HASHKEY

Returns the stashed next page hashref for the given hash.

RemoveNextPage HASHKEY

Removes the stashed next page for the given hash and returns it.

TangentForLogin ARGSRef [HASH]

Redirects to /NoAuth/Login.html, setting the value of IntuitNextPage as the next page. Takes a hashref of request %ARGS as the first parameter. Optionally takes all other parameters as a hash which is dumped into query params.

TangentForLoginURL [HASH]

Returns a URL suitable for tangenting for login. Optionally takes a hash which is dumped into query params.

TangentForLoginWithError ERROR

Localizes the passed error message, stashes it with LoginError and then calls TangentForLogin with the appropriate results key.

IntuitNextPage

Attempt to figure out the path to which we should return the user after a tangent. The current request URL is used, or failing that, the WebURL configuration variable.

MaybeShowInstallModePage

This function, called exclusively by RT's autohandler, dispatches a request to RT's Installation workflow, only if Install Mode is enabled in the configuration file.

If it serves a page, it stops mason processing. Otherwise, mason just keeps running through the autohandler

MaybeShowNoAuthPage \%ARGS

This function, called exclusively by RT's autohandler, dispatches a request to the page a user requested (but only if it matches the "noauth" regex.

If it serves a page, it stops mason processing. Otherwise, mason just keeps running through the autohandler

MaybeRejectPrivateComponentRequest

This function will reject calls to private components, like those under /Elements. If the requested path is a private component then we will abort with a 403 error.

ShowRequestedPage \%ARGS

This function, called exclusively by RT's autohandler, dispatches a request to the page a user requested (making sure that unpriviled users can only see self-service pages.

LoadSessionFromCookie

Load or setup a session cookie for the current user.

GetWebURLFromRequest

People may use different web urls instead of $WebURL in config. Return the web url current user is using.

Redirect URL

This routine ells the current user's browser to redirect to URL. Additionally, it unties the user's currently active session, helping to avoid A bug in Apache::Session 1.81 and earlier which clobbers sessions if we try to use a cached DBI statement handle twice at the same time.

GetStaticHeaders

return an arrayref of Headers (currently, Cache-Control and Expires).

CacheControlExpiresHeaders

set both Cache-Control and Expires http headers

StaticFileHeaders

Send the browser a few headers to try to get it to (somewhat agressively) cache RT's static Javascript and CSS files.

This routine could really use _accurate_ heuristics. (XXX TODO)

ComponentPathIsSafe PATH

Takes PATH and returns a boolean indicating that the user-specified partial component path is safe.

Currently "safe" means that the path does not start with a dot (.), does not contain a slash-dot /., and does not contain any nulls.

PathIsSafe

Takes a Path => path and returns a boolean indicating that the path is safely within RT's control or not. The path must be relative.

This function does not consult the filesystem at all; it is merely a logical sanity checking of the path. This explicitly does not handle symlinks; if you have symlinks in RT's webroot pointing outside of it, then we assume you know what you are doing.

SendStaticFile

Takes a File => path and a Type => Content-type

If Type isn't provided and File is an image, it will figure out a sane Content-type, otherwise it will send application/octet-stream

Will set caching headers using StaticFileHeaders

_NormalizeHost

Takes a URI and creates a URI object that's been normalized to handle common problems such as localhost vs 127.0.0.1

RewriteInlineImages PARAMHASH

Turns <img src="cid:..."> elements in HTML into working images pointing back to RT's stored copy.

Takes the following parameters:

Content

Scalar ref of the HTML content to rewrite. Modified in place to support the most common use-case.

Attachment

The RT::Attachment object from which the Content originates.

Array ref of related RT::Attachment objects to use for Content-ID matching.

Defaults to the result of the Siblings method on the passed Attachment.

AttachmentPath (optional)

The base path to use when rewriting src attributes.

Defaults to $WebPath/Ticket/Attachment

In scalar context, returns the number of elements rewritten.

In list content, returns the attachments IDs referred to by the rewritten <img> elements, in the order found. There may be duplicates.

GetCustomFieldInputName(CustomField => $cf_object, Object => $object, Grouping => $grouping_name)

Returns the standard custom field input name; this is complementary to "_ParseObjectCustomFieldArgs". Takes the following arguments:

CustomField => RT::CustomField object

Required.

Object => object

The object that the custom field is applied to; optional. If omitted, defaults to a new object of the appropriate class for the custom field.

Grouping => CF grouping

The grouping that the custom field is being rendered in. Groupings allow a custom field to appear in more than one location per form.

GetCustomFieldInputNamePrefix(CustomField => $cf_object, Object => $object, Grouping => $grouping_name)

Returns the standard custom field input name prefix(without "Value" or alike suffix)

loc ARRAY

loc is a nice clean global routine which calls $session{'CurrentUser'}->loc() with whatever it's called with. If there is no $session{'CurrentUser'}, it creates a temporary user, so we have something to get a localisation handle through

loc_fuzzy STRING

loc_fuzzy is for handling localizations of messages that may already contain interpolated variables, typically returned from libraries outside RT's control. It takes the message string and extracts the variable array automatically by matching against the candidate entries inside the lexicon file.

MaybeRedirectToApproval Path => 'path', Whitelist => REGEX, ARGSRef => HASHREF

If the ticket specified by $ARGSRef->{id} is an approval ticket, redirect to the approvals display page, preserving any arguments.

Paths matching Whitelist are let through.

This is a no-op if the ForceApprovalsView option isn't enabled.

CreateTicket ARGS

Create a new ticket, using Mason's %ARGS. returns @results.

LoadTicket id

Takes a ticket id as its only variable. if it's handed an array, it takes the first value.

Returns an RT::Ticket object as the current user.

ProcessUpdateMessage

Takes paramhash with fields ARGSRef, TicketObj and SkipSignatureOnly.

Don't write message if it only contains current user's signature and SkipSignatureOnly argument is true. Function anyway adds attachments and updates time worked field even if skips message. The default value is true.

MakeMIMEEntity PARAMHASH

Takes a paramhash Subject, Body and AttachmentFieldName.

Also takes Form, Cc and Type as optional paramhash keys.

  Returns a MIME::Entity.

ParseDateToISO

Takes a date in an arbitrary format. Returns an ISO date and time in GMT

ProcessACLs

ProcessACLs expects values from a series of checkboxes that describe the full set of rights a principal should have on an object.

It expects form inputs with names like SetRights-PrincipalId-ObjType-ObjId instead of with the prefixes Grant/RevokeRight. Each input should be an array listing the rights the principal should have, and ProcessACLs will modify the current rights to match. Additionally, the previously unused CheckACL input listing PrincipalId-ObjType-ObjId is now used to catch cases when all the rights are removed from a principal and as such no SetRights input is submitted.

_ParseACLNewPrincipal

Takes a hashref of %ARGS and a principal type (user or group). Looks for the presence of rights being added on a principal of the specified type, and returns undef if no new principal is being granted rights. Otherwise loads up an RT::User or RT::Group object and returns it. Note that the object may not be successfully loaded, and you should check -id> yourself.

UpdateRecordObj ( ARGSRef => \%ARGS, Object => RT::Record, AttributesRef => \@attribs)

@attribs is a list of ticket fields to check and update if they differ from the Object's current values. ARGSRef is a ref to HTML::Mason's %ARGS.

Returns an array of success/failure messages

ProcessTicketBasics ( TicketObj => $Ticket, ARGSRef => \%ARGS );

Returns an array of results messages.

ProcessTicketWatchers ( TicketObj => $Ticket, ARGSRef => \%ARGS );

Returns an array of results messages.

ProcessTicketDates ( TicketObj => $Ticket, ARGSRef => \%ARGS );

Returns an array of results messages.

Returns an array of results messages.

ProcessLinksForCreate

Takes a hash with a single key, ARGSRef, the value of which is a hashref to %ARGS.

Converts and returns submitted args in the form of new-LINKTYPE and LINKTYPE-new into their appropriate directional link types. For example, new-DependsOn becomes DependsOn and DependsOn-new becomes DependedOnBy. The incoming arg values are split on whitespace and normalized into arrayrefs before being returned.

Primarily used by object creation pages for transforming incoming form inputs from /Elements/EditLinks into arguments appropriate for individual record Create methods.

Returns a hashref in scalar context and a hash in list context.

ProcessTransactionSquelching

Takes a hashref of the submitted form arguments, %ARGS.

Returns a hash of squelched addresses.

_UploadedFile ( $arg );

Takes a CGI parameter name; if a file is uploaded under that name, return a hash reference suitable for AddCustomFieldValue's use: ( Value = $filename, LargeContent => $content, ContentType => $type )>.

Returns undef if no files were uploaded in the $arg field.

GetPrincipalsMap OBJECT, CATEGORIES

Returns an array suitable for passing to /Admin/Elements/EditRights with the principal collections mapped from the categories given.

_load_container_object ( $type, $id );

Instantiate container object for saving searches.

_parse_saved_search ( $arg );

Given a serialization string for saved search, and returns the container object and the search id.

ScrubHTML content

Removes unsafe and undesired HTML from the passed content

_NewScrubber

Returns a new HTML::Scrubber object.

If you need to be more lax about what HTML tags and attributes are allowed, create /opt/rt4/local/lib/RT/Interface/Web_Local.pm with something like the following:

    package HTML::Mason::Commands;
    # Let tables through
    push @SCRUBBER_ALLOWED_TAGS, qw(TABLE THEAD TBODY TFOOT TR TD TH);
    1;

JSON

Redispatches to "EncodeJSON" in RT::Interface::Web

← Back to index