RT 5.0.1 Documentation


Go to latest version →



SquishedCSS $style




Removes the cached CSS and JS entries, forcing them to be regenerated on next use.


does a css-busting but minimalist escaping of whatever html you're passing in.


Escapes URI component according to RFC2396


Encodes the SCALAR to JSON and returns a JSON Unicode (not UTF-8) string. SCALAR may be a simple value or a reference.


Different web servers set different environmental varibles. This function must return something suitable for REMOTE_USER. By default, just downcase REMOTE_USER env


Returns a hash of user attributes, used when WebRemoteUserAutocreate is set.

LoginError ERROR

Pushes a login error into the Actions session store and returns the hash key.

SetNextPage ARGSRef [PATH]

Intuits and stashes the next page in the sesssion hash. If PATH is specified, uses that instead of the value of IntuitNextPage(). Returns the hash value.

FetchNextPage HASHKEY

Returns the stashed next page hashref for the given hash.

RemoveNextPage HASHKEY

Removes the stashed next page for the given hash and returns it.

TangentForLogin ARGSRef [HASH]

Redirects to /NoAuth/Login.html, setting the value of IntuitNextPage as the next page. Takes a hashref of request %ARGS as the first parameter. Optionally takes all other parameters as a hash which is dumped into query params.

TangentForLoginURL [HASH]

Returns a URL suitable for tangenting for login. Optionally takes a hash which is dumped into query params.

TangentForLoginWithError ERROR

Localizes the passed error message, stashes it with LoginError and then calls TangentForLogin with the appropriate results key.


Attempt to figure out the path to which we should return the user after a tangent. The current request URL is used, or failing that, the WebURL configuration variable.


This function, called exclusively by RT's autohandler, dispatches a request to RT's Installation workflow, only if Install Mode is enabled in the configuration file.

If it serves a page, it stops mason processing. Otherwise, mason just keeps running through the autohandler

MaybeShowNoAuthPage \%ARGS

This function, called exclusively by RT's autohandler, dispatches a request to the page a user requested (but only if it matches the "noauth" regex.

If it serves a page, it stops mason processing. Otherwise, mason just keeps running through the autohandler


This function will reject calls to private components, like those under /Elements. If the requested path is a private component then we will abort with a 403 error.

ShowRequestedPage \%ARGS

This function, called exclusively by RT's autohandler, dispatches a request to the page a user requested (making sure that unpriviled users can only see self-service pages.


Load or setup a session cookie for the current user.


People may use different web urls instead of $WebURL in config. Return the web url current user is using.

Redirect URL

This routine tells the current user's browser to redirect to URL. Additionally, it unties the user's currently active session, helping to avoid A bug in Apache::Session 1.81 and earlier which clobbers sessions if we try to use a cached DBI statement handle twice at the same time.


return an arrayref of Headers (currently, Cache-Control and Expires).


set both Cache-Control and Expires http headers


Send the browser a few headers to try to get it to (somewhat agressively) cache RT's static Javascript and CSS files.

This routine could really use _accurate_ heuristics. (XXX TODO)

ComponentPathIsSafe PATH

Takes PATH and returns a boolean indicating that the user-specified partial component path is safe.

Currently "safe" means that the path does not start with a dot (.), does not contain a slash-dot /., and does not contain any nulls.


Takes a Path => path and returns a boolean indicating that the path is safely within RT's control or not. The path must be relative.

This function does not consult the filesystem at all; it is merely a logical sanity checking of the path. This explicitly does not handle symlinks; if you have symlinks in RT's webroot pointing outside of it, then we assume you know what you are doing.


Takes a File => path and a Type => Content-type

If Type isn't provided and File is an image, it will figure out a sane Content-type, otherwise it will send application/octet-stream

Will set caching headers using StaticFileHeaders


Takes a URI and creates a URI object that's been normalized to handle common problems such as localhost vs

RewriteInlineImages PARAMHASH

Turns <img src="cid:..."> elements in HTML into working images pointing back to RT's stored copy.

Takes the following parameters:


Scalar ref of the HTML content to rewrite. Modified in place to support the most common use-case.


The RT::Attachment object from which the Content originates.

Array ref of related RT::Attachment objects to use for Content-ID matching.

Defaults to the result of the Siblings method on the passed Attachment.

AttachmentPath (optional)

The base path to use when rewriting src attributes.

Defaults to $WebPath/Ticket/Attachment

In scalar context, returns the number of elements rewritten.

In list content, returns the attachments IDs referred to by the rewritten <img> elements, in the order found. There may be duplicates.

GetCustomFieldInputName(CustomField => $cf_object, Object => $object, Grouping => $grouping_name)

Returns the standard custom field input name; this is complementary to "_ParseObjectCustomFieldArgs". Takes the following arguments:

CustomField => RT::CustomField object


Object => object

The object that the custom field is applied to; optional. If omitted, defaults to a new object of the appropriate class for the custom field.

Grouping => CF grouping

The grouping that the custom field is being rendered in. Groupings allow a custom field to appear in more than one location per form.

GetCustomFieldInputNamePrefix(CustomField => $cf_object, Object => $object, Grouping => $grouping_name)

Returns the standard custom field input name prefix(without "Value" or alike suffix)


loc is a nice clean global routine which calls $session{'CurrentUser'}->loc() with whatever it's called with. If there is no $session{'CurrentUser'}, it creates a temporary user, so we have something to get a localisation handle through

loc_fuzzy STRING

loc_fuzzy is for handling localizations of messages that may already contain interpolated variables, typically returned from libraries outside RT's control. It takes the message string and extracts the variable array automatically by matching against the candidate entries inside the lexicon file.

MaybeRedirectToApproval Path => 'path', Whitelist => REGEX, ARGSRef => HASHREF

If the ticket specified by $ARGSRef->{id} is an approval ticket, redirect to the approvals display page, preserving any arguments.

Paths matching Whitelist are let through.

This is a no-op if the ForceApprovalsView option isn't enabled.

CreateTicket ARGS

Create a new ticket, using Mason's %ARGS. returns @results.

LoadTicket id

Takes a ticket id as its only variable. if it's handed an array, it takes the first value.

Returns an RT::Ticket object as the current user.


Takes paramhash with fields ARGSRef, TicketObj and SkipSignatureOnly.

Don't write message if it only contains current user's signature and SkipSignatureOnly argument is true. Function anyway adds attachments and updates time worked field even if skips message. The default value is true.


Takes a paramhash Subject, Body and AttachmentFieldName.

Also takes Form, Cc and Type as optional paramhash keys.

  Returns a MIME::Entity.


Takes a date in an arbitrary format. Returns an ISO date and time in GMT


ProcessACLs expects values from a series of checkboxes that describe the full set of rights a principal should have on an object.

It expects form inputs with names like SetRights-PrincipalId-ObjType-ObjId instead of with the prefixes Grant/RevokeRight. Each input should be an array listing the rights the principal should have, and ProcessACLs will modify the current rights to match. Additionally, the previously unused CheckACL input listing PrincipalId-ObjType-ObjId is now used to catch cases when all the rights are removed from a principal and as such no SetRights input is submitted.


Takes a hashref of %ARGS and a principal type (user or group). Looks for the presence of rights being added on a principal of the specified type, and returns undef if no new principal is being granted rights. Otherwise loads up an RT::User or RT::Group object and returns it. Note that the object may not be successfully loaded, and you should check -id> yourself.

UpdateRecordObj ( ARGSRef => \%ARGS, Object => RT::Record, AttributesRef => \@attribs)

@attribs is a list of ticket fields to check and update if they differ from the Object's current values. ARGSRef is a ref to HTML::Mason's %ARGS.

Returns an array of success/failure messages

ProcessTicketBasics ( TicketObj => $Ticket, ARGSRef => \%ARGS );

Returns an array of results messages.

ProcessTicketWatchers ( TicketObj => $Ticket, ARGSRef => \%ARGS );

Returns an array of results messages.

ProcessTicketDates ( TicketObj => $Ticket, ARGSRef => \%ARGS );

Returns an array of results messages.

Returns an array of results messages.


Takes a hash with a single key, ARGSRef, the value of which is a hashref to %ARGS.

Converts and returns submitted args in the form of new-LINKTYPE and LINKTYPE-new into their appropriate directional link types. For example, new-DependsOn becomes DependsOn and DependsOn-new becomes DependedOnBy. The incoming arg values are split on whitespace and normalized into arrayrefs before being returned.

Primarily used by object creation pages for transforming incoming form inputs from /Elements/EditLinks into arguments appropriate for individual record Create methods.

Returns a hashref in scalar context and a hash in list context.


Takes a hashref of the submitted form arguments, %ARGS.

Returns a hash of squelched addresses.

_UploadedFile ( $arg );

Takes a CGI parameter name; if a file is uploaded under that name, return a hash reference suitable for AddCustomFieldValue's use: ( Value = $filename, LargeContent => $content, ContentType => $type )>.

Returns undef if no files were uploaded in the $arg field.


Returns an array suitable for passing to /Admin/Elements/EditRights with the principal collections mapped from the categories given.

The return value is an array of arrays, where the inner arrays are like:

    [ 'Category name' => $CollectionObj => 'DisplayColumn' => 1 ]

The last value is a boolean determining if the value of DisplayColumn should be loc()-ed before display.


Convenience method to stash per-user query results in the user session. This is used for rights-intensive queries that change infrequently, such as generating the list of queues a user has access to.

The method handles populating the session cache and clearing it based on CacheNeedsUpdate. It returns the cache key so callers can use $session directly after it has been created or updated.


_load_container_object ( $type, $id );

Instantiate container object for saving searches.

_parse_saved_search ( $arg );

Given a serialization string for saved search, and returns the container object and the search id.

ScrubHTML content

Removes unsafe and undesired HTML from the passed content


Redispatches to "EncodeJSON" in RT::Interface::Web

LoadTransaction id

Takes a transaction id as its only variable. if it's handed an array, it takes the first value.

Returns an RT::Transaction object as the current user.


Processes global and user-level configuration options to find the default queue for the current user.

Accepts no arguments, returns the ID of the default queue, if found, or undef.


Update global and user-level dashboard preferences.

For arguments, takes submitted args from the page and a hashref of available items.

Gets additional information for submitted items from the hashref of available items, since the args can't contain all information about the item.


Returns the list of reports registered with RT.

ProcessCustomDateRanges ARGSRef => ARGSREF, UserPreference => 0|1

For system database configuration, it adds corresponding arguments to the passed ARGSRef, and the following code on EditConfig.html page will do the real update job.

For user preference, it updates attributes accordingly.

Returns an array of results messages.

ProcessAuthToken ARGSRef => ARGSREF

Returns an array of results messages.

CachedCustomFieldValues FIELD

Similar to FIELD->Values, but caches the return value of FIELD->Values in $m->notes in anticipation of it being used again.

← Back to index