From daa40aa18148720d7b12e76c0490796d867aff06 Mon Sep 17 00:00:00 2001
From: Jared Hancock <jared@osticket.com>
Date: Mon, 14 Apr 2014 15:08:26 -0500
Subject: [PATCH] email: Reject tickets for unregistered users
This is a slight edit over the previous implementation of the same feature.
Previously, an "account" was required, which implies a user account with a
password. This implementation simply requires a user record. Importing of
users by organization domain is still supported -- even if the user does not
yet exist.
---
include/class.organization.php | 9 +++++++++
include/class.ticket.php | 23 ++++++++++++++++-------
include/class.user.php | 15 +++++++--------
3 files changed, 32 insertions(+), 15 deletions(-)
diff --git a/include/class.organization.php b/include/class.organization.php
index 4f55f290b..334228955 100644
--- a/include/class.organization.php
+++ b/include/class.organization.php
@@ -166,6 +166,15 @@ class Organization extends OrganizationModel {
return false;
}
+ static function forDomain($domain) {
+ foreach (static::objects()
+ ->filter(array('domain__contains'=>$domain)) as $org) {
+ if ($org->isMappedToDomain($domain)) {
+ return $org;
+ }
+ }
+ }
+
function to_json() {
$info = array(
diff --git a/include/class.ticket.php b/include/class.ticket.php
index 0bf1e57d7..57cfe653c 100644
--- a/include/class.ticket.php
+++ b/include/class.ticket.php
@@ -2300,19 +2300,28 @@ class Ticket {
// Allow vars to be changed in ticket filter and applied to the user
// account created or detected
+ if (!$user && $vars['email'])
+ $user = User::lookupByEmail($vars['email']);
+
if (!$user) {
+ // Reject emails if not from registered clients (if
+ // configured)
+ if ($source == 'email' && !$cfg->acceptUnregisteredEmail()) {
+ list($mailbox, $domain) = explode('@', $vars['email'], 2);
+ // Users not yet created but linked to an organization
+ // are still acceptable
+ if (!Organization::forDomain($domain)) {
+ return $reject_ticket(
+ sprintf('Ticket rejected (%s) (unregistered client)',
+ $vars['email']));
+ }
+ }
+
$user_form = UserForm::getUserForm()->getForm($vars);
if (!$user_form->isValid($field_filter('user'))
|| !($user=User::fromVars($user_form->getClean())))
$errors['user'] = 'Incomplete client information';
}
-
- // Reject emails if not from registered clients (if configured)
- if (!$cfg->acceptUnregisteredEmail() && !$user->getAccount()) {
- return $reject_ticket(
- sprintf('Ticket rejected (%s) (unregistered client)',
- $vars['email']));
- }
}
// Any error above is fatal.
diff --git a/include/class.user.php b/include/class.user.php
index 8adb24ea0..ac544e8f4 100644
--- a/include/class.user.php
+++ b/include/class.user.php
@@ -144,7 +144,7 @@ class User extends UserModel {
static function fromVars($vars) {
// Try and lookup by email address
- $user = User::lookup(array('emails__address'=>$vars['email']));
+ $user = static::lookupByEmail($vars['email']);
if (!$user) {
$user = User::create(array(
'name'=>$vars['name'],
@@ -156,13 +156,8 @@ class User extends UserModel {
));
// Is there an organization registered for this domain
list($mailbox, $domain) = explode('@', $vars['email'], 2);
- foreach (Organization::objects()
- ->filter(array('domain__contains'=>$domain)) as $org) {
- if ($org->isMappedToDomain($domain)) {
- $user->setOrganization($org);
- break;
- }
- }
+ if ($org = Organization::forDomain($domain))
+ $user->setOrganization($org);
$user->save(true);
$user->emails->add($user->default_email);
@@ -396,6 +391,10 @@ class User extends UserModel {
// Delete user
return parent::delete();
}
+
+ static function lookupByEmail($email) {
+ return self::lookup(array('emails__address'=>$email));
+ }
}
class PersonsName {
--
GitLab