summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--app/models/mail_handler.rb22
-rw-r--r--extra/mail_handler/rdm-mailhandler.rb12
-rw-r--r--lib/tasks/email.rake6
-rw-r--r--test/unit/mail_handler_test.rb20
4 files changed, 52 insertions, 8 deletions
diff --git a/app/models/mail_handler.rb b/app/models/mail_handler.rb
index cda556f8e..2ecf3734e 100644
--- a/app/models/mail_handler.rb
+++ b/app/models/mail_handler.rb
@@ -34,6 +34,8 @@ class MailHandler < ActionMailer::Base
@@handler_options[:allow_override] << 'project' unless @@handler_options[:issue].has_key?(:project)
# Status overridable by default
@@handler_options[:allow_override] << 'status' unless @@handler_options[:issue].has_key?(:status)
+
+ @@handler_options[:no_permission_check] = (@@handler_options[:no_permission_check].to_s == '1' ? true : false)
super email
end
@@ -120,7 +122,10 @@ class MailHandler < ActionMailer::Base
status = (get_keyword(:status) && IssueStatus.find_by_name(get_keyword(:status)))
# check permission
- raise UnauthorizedAction unless user.allowed_to?(:add_issues, project)
+ unless @@handler_options[:no_permission_check]
+ raise UnauthorizedAction unless user.allowed_to?(:add_issues, project)
+ end
+
issue = Issue.new(:author => user, :project => project, :tracker => tracker, :category => category, :priority => priority)
# check workflow
if status && issue.new_statuses_allowed_to(user).include?(status)
@@ -163,8 +168,10 @@ class MailHandler < ActionMailer::Base
issue = Issue.find_by_id(issue_id)
return unless issue
# check permission
- raise UnauthorizedAction unless user.allowed_to?(:add_issue_notes, issue.project) || user.allowed_to?(:edit_issues, issue.project)
- raise UnauthorizedAction unless status.nil? || user.allowed_to?(:edit_issues, issue.project)
+ unless @@handler_options[:no_permission_check]
+ raise UnauthorizedAction unless user.allowed_to?(:add_issue_notes, issue.project) || user.allowed_to?(:edit_issues, issue.project)
+ raise UnauthorizedAction unless status.nil? || user.allowed_to?(:edit_issues, issue.project)
+ end
# add the note
journal = issue.init_journal(user, plain_text_body)
@@ -191,7 +198,12 @@ class MailHandler < ActionMailer::Base
message = Message.find_by_id(message_id)
if message
message = message.root
- if user.allowed_to?(:add_messages, message.project) && !message.locked?
+
+ unless @@handler_options[:no_permission_check]
+ raise UnauthorizedAction unless user.allowed_to?(:add_messages, message.project)
+ end
+
+ if !message.locked?
reply = Message.new(:subject => email.subject.gsub(%r{^.*msg\d+\]}, '').strip,
:content => plain_text_body)
reply.author = user
@@ -200,7 +212,7 @@ class MailHandler < ActionMailer::Base
add_attachments(reply)
reply
else
- raise UnauthorizedAction
+ logger.info "MailHandler: ignoring reply from [#{sender_email}] to a locked topic" if logger && logger.info
end
end
end
diff --git a/extra/mail_handler/rdm-mailhandler.rb b/extra/mail_handler/rdm-mailhandler.rb
index 91bb771b9..fe9460a6b 100644
--- a/extra/mail_handler/rdm-mailhandler.rb
+++ b/extra/mail_handler/rdm-mailhandler.rb
@@ -20,6 +20,8 @@
# ignore: email is ignored (default)
# accept: accept as anonymous user
# create: create a user account
+# --no-permission-check disable permission checking when receiving
+# the email
# -h, --help show this help
# -v, --verbose show extra information
# -V, --version show version information and exit
@@ -69,7 +71,7 @@ end
class RedmineMailHandler
VERSION = '0.1'
- attr_accessor :verbose, :issue_attributes, :allow_override, :unknown_user, :url, :key
+ attr_accessor :verbose, :issue_attributes, :allow_override, :unknown_user, :no_permission_check, :url, :key
def initialize
self.issue_attributes = {}
@@ -86,7 +88,8 @@ class RedmineMailHandler
[ '--category', GetoptLong::REQUIRED_ARGUMENT],
[ '--priority', GetoptLong::REQUIRED_ARGUMENT],
[ '--allow-override', '-o', GetoptLong::REQUIRED_ARGUMENT],
- [ '--unknown-user', GetoptLong::REQUIRED_ARGUMENT]
+ [ '--unknown-user', GetoptLong::REQUIRED_ARGUMENT],
+ [ '--no-permission-check', GetoptLong::NO_ARGUMENT]
)
opts.each do |opt, arg|
@@ -107,6 +110,8 @@ class RedmineMailHandler
self.allow_override = arg.dup
when '--unknown-user'
self.unknown_user = arg.dup
+ when '--no-permission-check'
+ self.no_permission_check = '1'
end
end
@@ -118,7 +123,8 @@ class RedmineMailHandler
data = { 'key' => key, 'email' => email,
'allow_override' => allow_override,
- 'unknown_user' => unknown_user }
+ 'unknown_user' => unknown_user,
+ 'no_permission_check' => no_permission_check}
issue_attributes.each { |attr, value| data["issue[#{attr}]"] = value }
debug "Posting to #{uri}..."
diff --git a/lib/tasks/email.rake b/lib/tasks/email.rake
index 487ce506b..37fbd4261 100644
--- a/lib/tasks/email.rake
+++ b/lib/tasks/email.rake
@@ -27,6 +27,8 @@ General options:
ignore: email is ignored (default)
accept: accept as anonymous user
create: create a user account
+ no_permission_check=1 disable permission checking when receiving
+ the email
Issue attributes control options:
project=PROJECT identifier of the target project
@@ -55,6 +57,7 @@ END_DESC
%w(project status tracker category priority).each { |a| options[:issue][a.to_sym] = ENV[a] if ENV[a] }
options[:allow_override] = ENV['allow_override'] if ENV['allow_override']
options[:unknown_user] = ENV['unknown_user'] if ENV['unknown_user']
+ options[:no_permission_check] = ENV['no_permission_check'] if ENV['no_permission_check']
MailHandler.receive(STDIN.read, options)
end
@@ -68,6 +71,8 @@ General options:
ignore: email is ignored (default)
accept: accept as anonymous user
create: create a user account
+ no_permission_check=1 disable permission checking when receiving
+ the email
Available IMAP options:
host=HOST IMAP server host (default: 127.0.0.1)
@@ -123,6 +128,7 @@ END_DESC
%w(project status tracker category priority).each { |a| options[:issue][a.to_sym] = ENV[a] if ENV[a] }
options[:allow_override] = ENV['allow_override'] if ENV['allow_override']
options[:unknown_user] = ENV['unknown_user'] if ENV['unknown_user']
+ options[:no_permission_check] = ENV['no_permission_check'] if ENV['no_permission_check']
Redmine::IMAP.check(imap_options, options)
end
diff --git a/test/unit/mail_handler_test.rb b/test/unit/mail_handler_test.rb
index 79cddd93c..a4ae37345 100644
--- a/test/unit/mail_handler_test.rb
+++ b/test/unit/mail_handler_test.rb
@@ -165,6 +165,26 @@ class MailHandlerTest < ActiveSupport::TestCase
end
end
+ def test_add_issue_by_anonymous_user_on_private_project
+ Role.anonymous.add_permission!(:add_issues)
+ assert_no_difference 'User.count' do
+ assert_no_difference 'Issue.count' do
+ assert_equal false, submit_email('ticket_by_unknown_user.eml', :issue => {:project => 'onlinestore'}, :unknown_user => 'accept')
+ end
+ end
+ end
+
+ def test_add_issue_by_anonymous_user_on_private_project_without_permission_check
+ assert_no_difference 'User.count' do
+ assert_difference 'Issue.count' do
+ issue = submit_email('ticket_by_unknown_user.eml', :issue => {:project => 'onlinestore'}, :no_permission_check => '1', :unknown_user => 'accept')
+ assert issue.is_a?(Issue)
+ assert issue.author.anonymous?
+ assert !issue.project.is_public?
+ end
+ end
+ end
+
def test_add_issue_by_created_user
Setting.default_language = 'en'
assert_difference 'User.count' do