Skip to content
Snippets Groups Projects
Commit 0e48b7ce authored by Jared Hancock's avatar Jared Hancock
Browse files

email: Reject tickets from unregistered clients

parent dac1f12c
Branches
Tags
No related merge requests found
...@@ -155,6 +155,7 @@ class OsticketConfig extends Config { ...@@ -155,6 +155,7 @@ class OsticketConfig extends Config {
'add_email_collabs' => true, 'add_email_collabs' => true,
'clients_only' => false, 'clients_only' => false,
'client_registration' => 'closed', 'client_registration' => 'closed',
'accept_unregistered_email' => true,
); );
function OsticketConfig($section=null) { function OsticketConfig($section=null) {
...@@ -548,6 +549,10 @@ class OsticketConfig extends Config { ...@@ -548,6 +549,10 @@ class OsticketConfig extends Config {
return ($this->get('use_email_priority')); return ($this->get('use_email_priority'));
} }
function acceptUnregisteredEmail() {
return $this->get('accept_unregistered_email');
}
function addCollabsViaEmail() { function addCollabsViaEmail() {
return ($this->get('add_email_collabs')); return ($this->get('add_email_collabs'));
} }
...@@ -960,6 +965,7 @@ class OsticketConfig extends Config { ...@@ -960,6 +965,7 @@ class OsticketConfig extends Config {
'enable_mail_polling'=>isset($vars['enable_mail_polling'])?1:0, 'enable_mail_polling'=>isset($vars['enable_mail_polling'])?1:0,
'strip_quoted_reply'=>isset($vars['strip_quoted_reply'])?1:0, 'strip_quoted_reply'=>isset($vars['strip_quoted_reply'])?1:0,
'use_email_priority'=>isset($vars['use_email_priority'])?1:0, 'use_email_priority'=>isset($vars['use_email_priority'])?1:0,
'accept_unregistered_email'=>isset($vars['accept_unregistered_email'])?1:0,
'add_email_collabs'=>isset($vars['add_email_collabs'])?1:0, 'add_email_collabs'=>isset($vars['add_email_collabs'])?1:0,
'reply_separator'=>$vars['reply_separator'], 'reply_separator'=>$vars['reply_separator'],
)); ));
......
...@@ -2157,6 +2157,14 @@ class Ticket { ...@@ -2157,6 +2157,14 @@ class Ticket {
}; };
}; };
$reject_ticket = function($message) use (&$errors) {
$errors = array(
'errno' => 403,
'err' => 'This help desk is for use by authorized users only');
$ost->logWarning('Ticket Denied', $message);
return 0;
};
// Create and verify the dynamic form entry for the new ticket // Create and verify the dynamic form entry for the new ticket
$form = TicketForm::getNewInstance(); $form = TicketForm::getNewInstance();
// If submitting via email, ensure we have a subject and such // If submitting via email, ensure we have a subject and such
...@@ -2193,12 +2201,7 @@ class Ticket { ...@@ -2193,12 +2201,7 @@ class Ticket {
//Make sure the email address is not banned //Make sure the email address is not banned
if (TicketFilter::isBanned($vars['email'])) { if (TicketFilter::isBanned($vars['email'])) {
$errors = array( return $reject_ticket('Banned email - '.$vars['email']);
'errno' => 403,
'err' => 'This help desk is for use by authorized
users only');
$ost->logWarning('Ticket denied', 'Banned email - '.$vars['email']);
return 0;
} }
//Make sure the open ticket limit hasn't been reached. (LOOP CONTROL) //Make sure the open ticket limit hasn't been reached. (LOOP CONTROL)
...@@ -2220,17 +2223,11 @@ class Ticket { ...@@ -2220,17 +2223,11 @@ class Ticket {
//Init ticket filters... //Init ticket filters...
$ticket_filter = new TicketFilter($origin, $vars); $ticket_filter = new TicketFilter($origin, $vars);
// Make sure email contents should not be rejected // Make sure email contents should not be rejected
if($ticket_filter if ($ticket_filter
&& ($filter=$ticket_filter->shouldReject())) { && ($filter=$ticket_filter->shouldReject())) {
$errors = array( return $reject_ticket(
'errno' => 403, sprintf('Ticket rejected ( %s) by filter "%s"',
'err' => "This help desk is for use by authorized users $vars['email'], $filter->getName()));
only");
$ost->logWarning('Ticket denied',
sprintf('Ticket rejected ( %s) by filter "%s"',
$vars['email'], $filter->getName()));
return 0;
} }
$id=0; $id=0;
...@@ -2281,10 +2278,18 @@ class Ticket { ...@@ -2281,10 +2278,18 @@ class Ticket {
|| !($user=User::fromVars($user_form->getClean()))) || !($user=User::fromVars($user_form->getClean())))
$errors['user'] = 'Incomplete client information'; $errors['user'] = 'Incomplete client information';
} }
// Reject emails if not from registered clients (if configured)
if (!$cfg->acceptUnregisteredEmail() && !$user->getAccount()) {
return $reject_ticket(
sprintf('Ticket rejected (%s) (unregistered client)',
$vars['email']));
}
} }
//Any error above is fatal. // Any error above is fatal.
if($errors) return 0; if ($errors)
return 0;
# Some things will need to be unpacked back into the scope of this # Some things will need to be unpacked back into the scope of this
# function # function
......
...@@ -117,6 +117,12 @@ if(!defined('OSTADMININC') || !$thisstaff || !$thisstaff->isAdmin() || !$config) ...@@ -117,6 +117,12 @@ if(!defined('OSTADMININC') || !$thisstaff || !$thisstaff->isAdmin() || !$config)
<i class="help-tip icon-question-sign" href="#use_email_priority"></i> <i class="help-tip icon-question-sign" href="#use_email_priority"></i>
</td> </td>
</tr> </tr>
<tr>
<td width="180">Accept Unregistered Email:</td>
<td><input type="checkbox" name="accept_unregistered_email" <?php
echo $config['accept_unregistered_email'] ? 'checked="checked"' : ''; ?>/>
Allow emailed tickets from clients without an account
</tr>
<tr> <tr>
<td width="180">Accept Email Collaborators:</td> <td width="180">Accept Email Collaborators:</td>
<td><input type="checkbox" name="add_email_collabs" <?php <td><input type="checkbox" name="add_email_collabs" <?php
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment