// +----------------------------------------------------------------------+ require_once dirname(__FILE__) . '/../init.php'; $tpl = new Template_Helper(); $tpl->setTemplate('view_note.tpl.html'); Auth::checkAuthentication(APP_COOKIE, 'index.php?err=5', true); $usr_id = Auth::getUserID(); $note_id = $_GET['id']; $note = Note::getDetails($note_id); if ($note == '') { $tpl->assign('note', ''); $tpl->displayTemplate(); exit; } else { $note['message'] = $note['not_note']; $issue_id = Note::getIssueID($note_id); $usr_id = Auth::getUserID(); } if (User::getRoleByUser($usr_id, Issue::getProjectID($issue_id)) < User::getRoleID('Standard User') || !Access::canViewInternalNotes($issue_id, Auth::getUserID())) { $tpl->setTemplate('permission_denied.tpl.html'); $tpl->displayTemplate(); exit; } $note = Note::getDetails($_GET['id']); $note['message'] = $note['not_note']; $issue_id = Note::getIssueID($_GET['id']); $tpl->assign(array('note' => $note, 'issue_id' => $issue_id, 'extra_title' => 'Note #' . Note::getNoteSequenceNumber($issue_id, $note_id) . ': ' . $note['not_title'], 'recipients' => Mail_Queue::getMessageRecipients('notes', $note_id))); if (!empty($issue_id)) { $sides = Note::getSideLinks($issue_id, $_GET['id']); $tpl->assign(array('previous' => $sides['previous'], 'next' => $sides['next'])); } $tpl->displayTemplate();
/** * Routes a note to the correct issue * * @param string $full_message The full note * @return mixed true or array(ERROR_CODE, ERROR_STRING) in case of failure */ public static function route_notes($full_message) { // save the full message for logging purposes Note::saveRoutedNote($full_message); // join the Content-Type line (for easier parsing?) if (preg_match('/^boundary=/m', $full_message)) { $pattern = "#(Content-Type: multipart/.+); ?\r?\n(boundary=.*)\$#im"; $replacement = '$1; $2'; $full_message = preg_replace($pattern, $replacement, $full_message); } list($headers) = Mime_Helper::splitHeaderBody($full_message); // need some validation here if (empty($full_message)) { return array(self::EX_NOINPUT, ev_gettext('Error: The email message was empty.') . "\n"); } // remove the reply-to: header if (preg_match('/^reply-to:.*/im', $full_message)) { $full_message = preg_replace("/^(reply-to:).*\n/im", '', $full_message, 1); } // check if the email routing interface is even supposed to be enabled $setup = Setup::get(); if ($setup['note_routing']['status'] != 'enabled') { return array(self::EX_CONFIG, ev_gettext('Error: The internal note routing interface is disabled.') . "\n"); } if (empty($setup['note_routing']['address_prefix'])) { return array(self::EX_CONFIG, ev_gettext('Error: Please configure the email address prefix.') . "\n"); } if (empty($setup['note_routing']['address_host'])) { return array(self::EX_CONFIG, ev_gettext('Error: Please configure the email address domain.') . "\n"); } $structure = Mime_Helper::decode($full_message, true, true); // find which issue ID this email refers to if (isset($structure->headers['to'])) { $issue_id = self::getMatchingIssueIDs($structure->headers['to'], 'note'); } // validation is always a good idea if (empty($issue_id) and isset($structure->headers['cc'])) { // we need to try the Cc header as well $issue_id = self::getMatchingIssueIDs($structure->headers['cc'], 'note'); } if (empty($issue_id)) { return array(self::EX_DATAERR, ev_gettext('Error: The routed note had no associated Eventum issue ID or had an invalid recipient address.') . "\n"); } $prj_id = Issue::getProjectID($issue_id); // check if the sender is allowed in this issue' project and if it is an internal user $sender_email = strtolower(Mail_Helper::getEmailAddress($structure->headers['from'])); $sender_usr_id = User::getUserIDByEmail($sender_email, true); if ((empty($sender_usr_id) || User::getRoleByUser($sender_usr_id, $prj_id) < User::ROLE_USER || User::isPartner($sender_usr_id) && !Access::canViewInternalNotes($issue_id, $sender_usr_id)) && !Workflow::canSendNote($prj_id, $issue_id, $sender_email, $structure)) { return array(self::EX_NOPERM, ev_gettext("Error: The sender of this email is not allowed in the project associated with issue #{$issue_id}.") . "\n"); } if (empty($sender_usr_id)) { $sender_usr_id = APP_SYSTEM_USER_ID; $unknown_user = $structure->headers['from']; } else { $unknown_user = false; } AuthCookie::setAuthCookie($sender_usr_id); AuthCookie::setProjectCookie($prj_id); // parse the Cc: list, if any, and add these internal users to the issue notification list $addresses = array(); $to_addresses = Mail_Helper::getEmailAddresses(@$structure->headers['to']); if (count($to_addresses)) { $addresses = $to_addresses; } $cc_addresses = Mail_Helper::getEmailAddresses(@$structure->headers['cc']); if (count($cc_addresses)) { $addresses = array_merge($addresses, $cc_addresses); } $cc_users = array(); foreach ($addresses as $email) { $cc_usr_id = User::getUserIDByEmail(strtolower($email), true); if (!empty($cc_usr_id) && User::getRoleByUser($cc_usr_id, $prj_id) >= User::ROLE_USER) { $cc_users[] = $cc_usr_id; } } $body = $structure->body; $reference_msg_id = Mail_Helper::getReferenceMessageID($headers); if (!empty($reference_msg_id)) { $parent_id = Note::getIDByMessageID($reference_msg_id); } else { $parent_id = false; } // insert the new note and send notification about it $_POST = array('title' => @$structure->headers['subject'], 'note' => $body, 'note_cc' => $cc_users, 'add_extra_recipients' => 'yes', 'message_id' => @$structure->headers['message-id'], 'parent_id' => $parent_id); // add the full email to the note if there are any attachments // this is needed because the front end code will display attachment links if (Mime_Helper::hasAttachments($structure)) { $_POST['full_message'] = $full_message; } $usr_id = Auth::getUserID(); $res = Note::insertFromPost($usr_id, $issue_id, $unknown_user, false); // need to handle attachments coming from notes as well if ($res != -1) { Support::extractAttachments($issue_id, $structure, true, $res); } // FIXME! $res == -2 is not handled History::add($issue_id, $usr_id, 'note_routed', 'Note routed from {user}', array('user' => $structure->headers['from'])); return true; }