From 437023ac79bebcf74501fe466015ab9e29dbe3a0 Mon Sep 17 00:00:00 2001 From: Thorsten Eckel Date: Wed, 13 Jan 2016 17:14:28 +0100 Subject: [PATCH] Fixed bug: Invalid API keys are validated as correct. --- app/controllers/import_otrs_controller.rb | 31 +++++++++++++++-------- 1 file changed, 20 insertions(+), 11 deletions(-) diff --git a/app/controllers/import_otrs_controller.rb b/app/controllers/import_otrs_controller.rb index 7b84208a2..24a174659 100644 --- a/app/controllers/import_otrs_controller.rb +++ b/app/controllers/import_otrs_controller.rb @@ -22,9 +22,7 @@ class ImportOtrsController < ApplicationController 'Connection refused' => 'Connection refused!', } - url_parts = params[:url].split(';') - - response = UserAgent.request( url_parts[0] ) + response = UserAgent.request( params[:url] ) if !response.success? && response.code.to_s !~ /^40.$/ message_human = '' @@ -44,16 +42,27 @@ class ImportOtrsController < ApplicationController result = {} if response.body =~ /zammad migrator/ - key_parts = url_parts[1].split('=') + migrator_response = JSON.parse(response.body) - Setting.set('import_backend', 'otrs') - Setting.set('import_otrs_endpoint', url_parts[0]) - Setting.set('import_otrs_endpoint_key', key_parts[1]) + if migrator_response['Success'] == 1 - result = { - result: 'ok', - url: params[:url], - } + url_parts = params[:url].split(';') + key_parts = url_parts[1].split('=') + + Setting.set('import_backend', 'otrs') + Setting.set('import_otrs_endpoint', url_parts[0]) + Setting.set('import_otrs_endpoint_key', key_parts[1]) + + result = { + result: 'ok', + url: params[:url], + } + else + result = { + result: 'invalid', + message_human: migrator_response['Error'] + } + end elsif response.body =~ /(otrs\sag|otrs\.com|otrs\.org)/i result = { result: 'invalid',