2015-08-10 00:10:41 +00:00
|
|
|
# Copyright (C) 2012-2014 Zammad Foundation, http://zammad-foundation.org/
|
|
|
|
|
|
|
|
class FormController < ApplicationController
|
|
|
|
|
|
|
|
def config
|
|
|
|
return if !enabled?
|
|
|
|
|
|
|
|
api_path = Rails.configuration.api_path
|
|
|
|
http_type = Setting.get('http_type')
|
|
|
|
fqdn = Setting.get('fqdn')
|
|
|
|
|
|
|
|
endpoint = "#{http_type}://#{fqdn}#{api_path}/form_submit"
|
|
|
|
|
|
|
|
config = {
|
|
|
|
enabled: Setting.get('form_ticket_create'),
|
|
|
|
endpoint: endpoint,
|
|
|
|
}
|
|
|
|
|
2016-10-06 19:01:48 +00:00
|
|
|
if params[:test] && current_user && current_user.permissions?('admin.channel_formular')
|
|
|
|
config[:enabled] = true
|
|
|
|
end
|
|
|
|
|
2015-08-10 00:10:41 +00:00
|
|
|
render json: config, status: :ok
|
|
|
|
end
|
|
|
|
|
|
|
|
def submit
|
|
|
|
return if !enabled?
|
|
|
|
|
|
|
|
# validate input
|
|
|
|
errors = {}
|
|
|
|
if !params[:name] || params[:name].empty?
|
|
|
|
errors['name'] = 'required'
|
|
|
|
end
|
|
|
|
if !params[:email] || params[:email].empty?
|
|
|
|
errors['email'] = 'required'
|
|
|
|
end
|
|
|
|
if params[:email] !~ /@/
|
|
|
|
errors['email'] = 'invalid'
|
|
|
|
end
|
2016-02-01 10:28:44 +00:00
|
|
|
if params[:email] =~ /(>|<|\||\!|"|§|'|\$|%|&|\(|\)|\?|\s)/
|
2015-08-10 12:08:06 +00:00
|
|
|
errors['email'] = 'invalid'
|
|
|
|
end
|
2015-08-10 08:56:55 +00:00
|
|
|
if !params[:title] || params[:title].empty?
|
|
|
|
errors['title'] = 'required'
|
|
|
|
end
|
2015-08-10 00:10:41 +00:00
|
|
|
if !params[:body] || params[:body].empty?
|
|
|
|
errors['body'] = 'required'
|
|
|
|
end
|
|
|
|
|
2016-02-01 09:23:55 +00:00
|
|
|
# realtime verify
|
|
|
|
if !errors['email']
|
|
|
|
begin
|
|
|
|
checker = EmailVerifier::Checker.new(params[:email])
|
|
|
|
checker.connect
|
|
|
|
if !checker.verify
|
|
|
|
errors['email'] = "Unable to send to '#{params[:email]}'"
|
|
|
|
end
|
|
|
|
rescue => e
|
2016-02-01 10:28:44 +00:00
|
|
|
message = e.to_s
|
|
|
|
Rails.logger.info "Can't verify email #{params[:email]}: #{message}"
|
|
|
|
|
|
|
|
# ignore 450, graylistings
|
|
|
|
if message !~ /450/
|
|
|
|
errors['email'] = message
|
|
|
|
end
|
2016-02-01 09:23:55 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2015-08-10 00:10:41 +00:00
|
|
|
if errors && !errors.empty?
|
|
|
|
render json: {
|
|
|
|
errors: errors
|
|
|
|
}, status: :ok
|
|
|
|
return
|
|
|
|
end
|
|
|
|
|
|
|
|
name = params[:name].strip
|
|
|
|
email = params[:email].strip.downcase
|
|
|
|
|
|
|
|
customer = User.find_by(email: email)
|
|
|
|
if !customer
|
2016-08-12 16:39:09 +00:00
|
|
|
role_ids = Role.signup_role_ids
|
2015-08-10 00:10:41 +00:00
|
|
|
customer = User.create(
|
|
|
|
firstname: name,
|
|
|
|
lastname: '',
|
|
|
|
email: email,
|
|
|
|
password: '',
|
|
|
|
active: true,
|
2016-08-12 16:39:09 +00:00
|
|
|
role_ids: role_ids,
|
2015-08-10 00:10:41 +00:00
|
|
|
updated_by_id: 1,
|
|
|
|
created_by_id: 1,
|
|
|
|
)
|
|
|
|
end
|
|
|
|
|
2016-10-06 16:56:10 +00:00
|
|
|
# set current user
|
|
|
|
UserInfo.current_user_id = customer.id
|
|
|
|
|
2015-08-10 00:10:41 +00:00
|
|
|
ticket = Ticket.create(
|
|
|
|
group_id: 1,
|
|
|
|
customer_id: customer.id,
|
2015-08-10 08:56:55 +00:00
|
|
|
title: params[:title],
|
2015-08-10 00:10:41 +00:00
|
|
|
)
|
|
|
|
article = Ticket::Article.create(
|
|
|
|
ticket_id: ticket.id,
|
2016-02-01 09:23:55 +00:00
|
|
|
type_id: Ticket::Article::Type.find_by(name: 'web').id,
|
|
|
|
sender_id: Ticket::Article::Sender.find_by(name: 'Customer').id,
|
2015-08-10 00:10:41 +00:00
|
|
|
body: params[:body],
|
2015-08-10 08:56:55 +00:00
|
|
|
subject: params[:title],
|
2015-08-10 00:10:41 +00:00
|
|
|
internal: false,
|
|
|
|
)
|
|
|
|
|
2017-01-09 14:16:29 +00:00
|
|
|
if params[:file]
|
|
|
|
params[:file].each { |file|
|
|
|
|
Store.add(
|
|
|
|
object: 'Ticket::Article',
|
|
|
|
o_id: article.id,
|
|
|
|
data: File.read(file.tempfile),
|
|
|
|
filename: file.original_filename,
|
|
|
|
preferences: {
|
2017-01-09 14:47:27 +00:00
|
|
|
'Mime-Type' => file.content_type,
|
2017-01-09 14:16:29 +00:00
|
|
|
}
|
|
|
|
)
|
|
|
|
}
|
|
|
|
end
|
|
|
|
|
2016-10-06 16:56:10 +00:00
|
|
|
UserInfo.current_user_id = 1
|
|
|
|
|
2017-01-09 12:45:22 +00:00
|
|
|
result = {
|
|
|
|
ticket: {
|
|
|
|
id: ticket.id,
|
|
|
|
number: ticket.number
|
|
|
|
}
|
|
|
|
}
|
2015-08-10 00:10:41 +00:00
|
|
|
render json: result, status: :ok
|
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
def enabled?
|
2016-10-06 19:01:48 +00:00
|
|
|
return true if params[:test] && current_user && current_user.permissions?('admin.channel_formular')
|
2015-08-10 00:10:41 +00:00
|
|
|
return true if Setting.get('form_ticket_create')
|
|
|
|
response_access_deny
|
|
|
|
false
|
|
|
|
end
|
|
|
|
|
|
|
|
end
|