// +----------------------------------------------------------------------+
require_once dirname(__FILE__) . '/../init.php';
$tpl = new Template_Helper();
$tpl->setTemplate('view_note.tpl.html');
Auth::checkAuthentication(APP_COOKIE, 'index.php?err=5', true);
$usr_id = Auth::getUserID();
$note_id = $_GET['id'];
$note = Note::getDetails($note_id);
if ($note == '') {
$tpl->assign('note', '');
$tpl->displayTemplate();
exit;
} else {
$note['message'] = $note['not_note'];
$issue_id = Note::getIssueID($note_id);
$usr_id = Auth::getUserID();
}
if (User::getRoleByUser($usr_id, Issue::getProjectID($issue_id)) < User::getRoleID('Standard User') || !Access::canViewInternalNotes($issue_id, Auth::getUserID())) {
$tpl->setTemplate('permission_denied.tpl.html');
$tpl->displayTemplate();
exit;
}
$note = Note::getDetails($_GET['id']);
$note['message'] = $note['not_note'];
$issue_id = Note::getIssueID($_GET['id']);
$tpl->assign(array('note' => $note, 'issue_id' => $issue_id, 'extra_title' => 'Note #' . Note::getNoteSequenceNumber($issue_id, $note_id) . ': ' . $note['not_title'], 'recipients' => Mail_Queue::getMessageRecipients('notes', $note_id)));
if (!empty($issue_id)) {
$sides = Note::getSideLinks($issue_id, $_GET['id']);
$tpl->assign(array('previous' => $sides['previous'], 'next' => $sides['next']));
}
$tpl->displayTemplate();
/**
* Routes a note to the correct issue
*
* @param string $full_message The full note
* @return mixed true or array(ERROR_CODE, ERROR_STRING) in case of failure
*/
public static function route_notes($full_message)
{
// save the full message for logging purposes
Note::saveRoutedNote($full_message);
// join the Content-Type line (for easier parsing?)
if (preg_match('/^boundary=/m', $full_message)) {
$pattern = "#(Content-Type: multipart/.+); ?\r?\n(boundary=.*)\$#im";
$replacement = '$1; $2';
$full_message = preg_replace($pattern, $replacement, $full_message);
}
list($headers) = Mime_Helper::splitHeaderBody($full_message);
// need some validation here
if (empty($full_message)) {
return array(self::EX_NOINPUT, ev_gettext('Error: The email message was empty.') . "\n");
}
// remove the reply-to: header
if (preg_match('/^reply-to:.*/im', $full_message)) {
$full_message = preg_replace("/^(reply-to:).*\n/im", '', $full_message, 1);
}
// check if the email routing interface is even supposed to be enabled
$setup = Setup::get();
if ($setup['note_routing']['status'] != 'enabled') {
return array(self::EX_CONFIG, ev_gettext('Error: The internal note routing interface is disabled.') . "\n");
}
if (empty($setup['note_routing']['address_prefix'])) {
return array(self::EX_CONFIG, ev_gettext('Error: Please configure the email address prefix.') . "\n");
}
if (empty($setup['note_routing']['address_host'])) {
return array(self::EX_CONFIG, ev_gettext('Error: Please configure the email address domain.') . "\n");
}
$structure = Mime_Helper::decode($full_message, true, true);
// find which issue ID this email refers to
if (isset($structure->headers['to'])) {
$issue_id = self::getMatchingIssueIDs($structure->headers['to'], 'note');
}
// validation is always a good idea
if (empty($issue_id) and isset($structure->headers['cc'])) {
// we need to try the Cc header as well
$issue_id = self::getMatchingIssueIDs($structure->headers['cc'], 'note');
}
if (empty($issue_id)) {
return array(self::EX_DATAERR, ev_gettext('Error: The routed note had no associated Eventum issue ID or had an invalid recipient address.') . "\n");
}
$prj_id = Issue::getProjectID($issue_id);
// check if the sender is allowed in this issue' project and if it is an internal user
$sender_email = strtolower(Mail_Helper::getEmailAddress($structure->headers['from']));
$sender_usr_id = User::getUserIDByEmail($sender_email, true);
if ((empty($sender_usr_id) || User::getRoleByUser($sender_usr_id, $prj_id) < User::ROLE_USER || User::isPartner($sender_usr_id) && !Access::canViewInternalNotes($issue_id, $sender_usr_id)) && !Workflow::canSendNote($prj_id, $issue_id, $sender_email, $structure)) {
return array(self::EX_NOPERM, ev_gettext("Error: The sender of this email is not allowed in the project associated with issue #{$issue_id}.") . "\n");
}
if (empty($sender_usr_id)) {
$sender_usr_id = APP_SYSTEM_USER_ID;
$unknown_user = $structure->headers['from'];
} else {
$unknown_user = false;
}
AuthCookie::setAuthCookie($sender_usr_id);
AuthCookie::setProjectCookie($prj_id);
// parse the Cc: list, if any, and add these internal users to the issue notification list
$addresses = array();
$to_addresses = Mail_Helper::getEmailAddresses(@$structure->headers['to']);
if (count($to_addresses)) {
$addresses = $to_addresses;
}
$cc_addresses = Mail_Helper::getEmailAddresses(@$structure->headers['cc']);
if (count($cc_addresses)) {
$addresses = array_merge($addresses, $cc_addresses);
}
$cc_users = array();
foreach ($addresses as $email) {
$cc_usr_id = User::getUserIDByEmail(strtolower($email), true);
if (!empty($cc_usr_id) && User::getRoleByUser($cc_usr_id, $prj_id) >= User::ROLE_USER) {
$cc_users[] = $cc_usr_id;
}
}
$body = $structure->body;
$reference_msg_id = Mail_Helper::getReferenceMessageID($headers);
if (!empty($reference_msg_id)) {
$parent_id = Note::getIDByMessageID($reference_msg_id);
} else {
$parent_id = false;
}
// insert the new note and send notification about it
$_POST = array('title' => @$structure->headers['subject'], 'note' => $body, 'note_cc' => $cc_users, 'add_extra_recipients' => 'yes', 'message_id' => @$structure->headers['message-id'], 'parent_id' => $parent_id);
// add the full email to the note if there are any attachments
// this is needed because the front end code will display attachment links
if (Mime_Helper::hasAttachments($structure)) {
$_POST['full_message'] = $full_message;
}
$usr_id = Auth::getUserID();
$res = Note::insertFromPost($usr_id, $issue_id, $unknown_user, false);
// need to handle attachments coming from notes as well
if ($res != -1) {
Support::extractAttachments($issue_id, $structure, true, $res);
}
// FIXME! $res == -2 is not handled
History::add($issue_id, $usr_id, 'note_routed', 'Note routed from {user}', array('user' => $structure->headers['from']));
return true;
}
