Merge remote-tracking branch 'upstream/develop' into develop

This commit is contained in:
Garret Wassermann 2019-02-15 19:45:18 -05:00
commit f6fe5a7834
8 changed files with 279 additions and 166 deletions

View File

@ -275,8 +275,11 @@ class TicketForm(AbstractTicketForm):
""" """
Add any custom fields that are defined to the form. Add any custom fields that are defined to the form.
""" """
queue_choices = kwargs.pop("queue_choices")
super().__init__(*args, **kwargs) super().__init__(*args, **kwargs)
self.fields['queue'].choices = [('', '--------')] + [(q.id, q.title) for q in Queue.objects.all()]
self.fields['queue'].choices = queue_choices
if helpdesk_settings.HELPDESK_STAFF_ONLY_TICKET_OWNERS: if helpdesk_settings.HELPDESK_STAFF_ONLY_TICKET_OWNERS:
assignable_users = User.objects.filter(is_active=True, is_staff=True).order_by(User.USERNAME_FIELD) assignable_users = User.objects.filter(is_active=True, is_staff=True).order_by(User.USERNAME_FIELD)
else: else:

View File

@ -0,0 +1,12 @@
<h1 style='font-family: "Trebuchet MS", Arial, sans-serif; font-size: 14pt; color: #6593C0'>{% block header %}Helpdesk{% endblock %}</h1>
{% block content %}{% endblock %}
<p style='font-family: "Trebuchet MS", Arial, sans-serif; font-size: 11pt;'>Dobrý den,</p>
<p style='font-family: "Trebuchet MS", Arial, sans-serif; font-size: 11pt;'><b>{{ queue.title }}</b>{% if queue.email_address %}<br><a href='mailto:{{ queue.email_address }}'>{{ queue.email_address }}</a>{% endif %}</p>
<p style='font-family: "Trebuchet MS", Arial, sans-serif; font-size: 9pt; color: #808080;'>
Tento automaticky generovaný e-mail Vám byl odeslán jako uživateli naší podpory
v souladu s naší politikou ochrany soukromých dat.
Prosím napište nám, pokud si myslíte, že posílat Vám tento e-mail je chyba.</p>

View File

@ -0,0 +1,8 @@
Dobrý den,
{{ queue.title }}{% if queue.email_address %}
{{ queue.email_address }}{% endif %}
Tento automaticky generovaný e-mail Vám byl odeslán jako uživateli naší podpory
v souladu s naší politikou ochrany soukromých dat.
Prosím napište nám, pokud si myslíte, že posílat Vám tento e-mail je chyba.

View File

@ -0,0 +1,29 @@
To: helpdesk@auto-mat.cz
From: Timothy Hobbs <timothy.hobbs@auto-mat.cz>
Subject: Attachment without body
Openpgp: preference=signencrypt
Message-ID: <b05893cd-77b5-3450-4b84-9a1ad5119def@auto-mat.cz>
Date: Fri, 15 Feb 2019 13:58:05 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101
Thunderbird/60.4.0
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="------------7E95F315EB4B016F5948B17F"
Content-Language: en-US
This is a multi-part message in MIME format.
--------------7E95F315EB4B016F5948B17F
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
--------------7E95F315EB4B016F5948B17F
Content-Type: text/plain; charset=UTF-8;
name="baf"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename="baf"
WW91IHNob3VsZG4ndCBzZWUgdGhpcy4K
--------------7E95F315EB4B016F5948B17F--

View File

@ -0,0 +1,159 @@
Delivered-To: djangohelpdesk@example.com
Received: by 10.25.26.207 with SMTP id a198csp5858981lfa;
Wed, 8 Nov 2017 13:30:22 -0800 (PST)
X-Received: by 10.107.107.3 with SMTP id g3mr2603398ioc.250.1510176622046;
Wed, 08 Nov 2017 13:30:22 -0800 (PST)
ARC-Seal: i=2; a=rsa-sha256; t=1510176621; cv=pass;
d=google.com; s=arc-20160816;
b=qQ8kBj8+yIoWcJwFNHUlJDYz7P2NfILAxFsn9uPYzXNn/aRw695T1aNFgGL75KUhkA
nDw+h49SUGKDh9ehC+DEiPjwJIxAoz+86rqGWV6XPGW4gQ7GUkHs96CxWndTSD0hdcOl
vygeZrsgzpIOvDxJWrujDPZzcEjsPC2qy3KGsTqtbZGEsNhhRUD8rs/hBVVXaGBatLF+
Sz2krwBZz8Lm+mWRhScjmF12QIHcXe6qYrDLOLEK0+bRkRMS+ZXg9+GPwqHlp58GaHn+
6JncesW3q7k88RQsLlj/8PEw0z1wMndgBVWIcCEtLt4UhZtt/BDxmZSukNN0SzoH4e3k
mxOw==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
h=mime-version:user-agent:date:message-id:subject:from:to
:dkim-signature:arc-authentication-results:arc-message-signature
:arc-authentication-results;
bh=cQvDBdivwtDmp1Td9ZWaEf0S4IuZ4hPwaprxSv7XZuE=;
b=p/0Y4PgvEfGWZ8W3eqxzRnSGLbT9gObSU2OI/sLwiN4KFfVmGrBJYkx7DGija0A5eU
DBbETW/16pib+W0IOUtdD7Pt12oWA3Z/uRf7ybXnHIKZ+MObdCXqRJFkga6nY8tWD0H3
maquQR07Q54mYslVMEIKJUKJzVM86npLN2C756ZzZTXiGXf33iowO4/lciGmTAgi+y5p
fEDQCTMoSQ9iGbquFRgNHgMtIM5NWjeMksWKpnfbvZyKs0ZICcPklNxQkDCmDlrOBokT
Zs1RVsWZ7NyPdTomJ0SRyPeysM040aatmnwxFAzwe4GYFNUWZjaep7uPKKlZ4sV/aHBB
iHOQ==
ARC-Authentication-Results: i=2; mx.google.com;
dkim=pass header.i=@gmail.com header.s=20161025 header.b=AArzbi/1;
arc=pass (i=1 spf=pass spfdomain=gmail.com dkim=pass dkdomain=gmail.com dmarc=pass fromdomain=gmail.com);
spf=pass (google.com: domain of bugreporter@example.com designates 209.85.220.41 as permitted sender) smtp.mailfrom=bugreporter@example.com;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=gmail.com
Return-Path: <bugreporter@example.com>
Received: from mail-sor-f41.google.com (mail-sor-f41.google.com. [209.85.220.41])
by mx.google.com with SMTPS id i86sor2420323ioo.204.2017.11.08.13.30.21
for <djangohelpdesk@example.com>
(Google Transport Security);
Wed, 08 Nov 2017 13:30:21 -0800 (PST)
Received-SPF: pass (google.com: domain of bugreporter@example.com designates 209.85.220.41 as permitted sender) client-ip=209.85.220.41;
Authentication-Results: mx.google.com;
dkim=pass header.i=@gmail.com header.s=20161025 header.b=AArzbi/1;
arc=pass (i=1 spf=pass spfdomain=gmail.com dkim=pass dkdomain=gmail.com dmarc=pass fromdomain=gmail.com);
spf=pass (google.com: domain of bugreporter@example.com designates 209.85.220.41 as permitted sender) smtp.mailfrom=bugreporter@example.com;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=gmail.com
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:dkim-signature:to:from:subject:message-id:date
:user-agent:mime-version;
bh=cQvDBdivwtDmp1Td9ZWaEf0S4IuZ4hPwaprxSv7XZuE=;
b=MCiZzHu6ZV3kMTQBRL/b5uBy4jbHFS97+z9apL239dYS+z0LlTiHpKbs3qohFe3As1
gu2l0SAcdGw0qeplgmOlX9HXvKetBRLldfHeX/JJZ2yokpjc6CxVT8gF8YP2UmfAs0cb
JI8TTDqiWmhayf7xfblRIUP7vfwyTH9cLmvKMMAqWvrppyUlqlxWgyO7xtzV9jdThpqP
O0jO9CqsRmbEDc4vZAtOTXm1O69jCz66oll6H4T5Nka9HUpyHFZzv7Z0j0F/5djfzjCQ
HCFZhzobEgZAmBC9o2Y5aDvKCnWJGR5kVTtBQaFCuxr57o4zq0D359V3gMMPRGMdujDP
hXAQ==
X-Google-Smtp-Source: ABhQp+SbAIRuabSw2EkD+7YFXtLiCFINtymAshxVYuNZhApd39ymv2m9UnIM3rZNIHonQBywtZ3VjalQxeN8lVuWD6OquEskEc8=
ARC-Seal: i=1; a=rsa-sha256; t=1510176621; cv=none;
d=google.com; s=arc-20160816;
b=mOqnqVV4oq14hoOdEA+yVvQYQd/sv/Qr//xmW6r94dKaUczdbFG+Uy8x7EbuF/ILJt
ByFmE8+HUH8tosfHn8+zFmsHFr3Wi7il64wdeuVqoOuDQS1HejcH9ln5LVjwsr7EE6Ly
6gCT7QupvSQ+FkhyNH+zNHuGztw5F4Sa2r5UlmR5VAJ4+V1MEfVYwzEr7vgPnmEj8jga
PtmD05EfYWrWt27Cw8oS+CgS0CNcHaaiRr7JX3EQbNRrLp5M9GjKhiq/ckt2a5NKJYMH
zISYQzxk7EgHGFrwn+JZx+oKqG3Zl2pd5oKmzJkFeSaGT+qYp3SES4z3Vi6z4VxGduox
f38g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
h=mime-version:user-agent:date:message-id:subject:from:to
:dkim-signature:arc-authentication-results;
bh=cQvDBdivwtDmp1Td9ZWaEf0S4IuZ4hPwaprxSv7XZuE=;
b=R5FsED2qOoEJshMotswEPOAn8GyvaHHd4zM9wAH+qnzuoV9RFhSChbkAkypi73SPs/
D7K49dYKSfsuWPF1RXoD8qchVfROF5Y7kD0JHy7KJcuHXzwb5gYLNrZpB2R9XbBOGe1j
lgQvnEVwmgeJiLXKQVeQDECxs8DFlkIpPIbmJK02Ry/Q0S8TnBEs0mrWn49l70IsZB6U
0XCpUPAt9NhsIUxoZKZv+zOwpQq6uwJkqRa5ukH0OPRr891MpeZldw7+gINjxxEmPAS9
GYfMeCpX9afFbQMUizbUbKwOZPt7ahn3x1C5x4AwgQmtzXYfA/quyiXAukTzoYk8FUqs
U1QA==
ARC-Authentication-Results: i=1; gmr-mx.google.com;
dkim=pass header.i=@gmail.com header.s=20161025 header.b=AArzbi/1;
spf=pass (google.com: domain of bugreporter@example.com designates 2607:f8b0:400e:c00::233 as permitted sender) smtp.mailfrom=bugreporter@example.com;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=gmail.com
Return-Path: <bugreporter@example.com>
Received: from mail-pf0-x233.google.com (mail-pf0-x233.google.com. [2607:f8b0:400e:c00::233])
by gmr-mx.google.com with ESMTPS id l10si463482ioc.2.2017.11.08.13.30.21
for <djangohelpdesk@example.com>
(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Wed, 08 Nov 2017 13:30:21 -0800 (PST)
Received-SPF: pass (google.com: domain of bugreporter@example.com designates 2607:f8b0:400e:c00::233 as permitted sender) client-ip=2607:f8b0:400e:c00::233;
Received: by mail-pf0-x233.google.com with SMTP id p87so2672006pfj.3
for <djangohelpdesk@example.com>; Wed, 08 Nov 2017 13:30:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20161025;
h=to:from:subject:message-id:date:user-agent:mime-version;
bh=cQvDBdivwtDmp1Td9ZWaEf0S4IuZ4hPwaprxSv7XZuE=;
b=AArzbi/1RXhgTnCQBzU6vCwndc0/vqLV9FCgiOTp3deq8kFYhtdJCaEBX9s7iJduV+
HobvLGsbmWU04Y1O3w8m4jyq5H4HJ1jAr1+i0Tf5jl264kmyu4eowOMkwIFo6UaSVQ/a
zP+EYW09fWSSNhljubLkGf62vZ9gD/RF5Awoady6u5/N1GU4GPVCEgsmiK7DmPB2EtSE
7YPz3o9l+kDy8bRnUFw0744B7VKiXrAcIqpfltJuItM4T7bS/jyjYMQbRn8W2MXpyGlI
LNwt3vUNdKtkcPTK54cs44HMaVA8wGCDaMHFP8JmoTKWSsOgZQja3cdEj/rooM8uz+dq
er5g==
X-Received: by 10.99.191.78 with SMTP id i14mr1746749pgo.220.1510176620834;
Wed, 08 Nov 2017 13:30:20 -0800 (PST)
Return-Path: <bugreporter@example.com>
Received: from [10.1.1.4] (d114-72-199-247.hum1.act.optusnet.com.au. [114.72.199.247])
by smtp.gmail.com with ESMTPSA id u131sm8656745pgc.89.2017.11.08.13.30.18
for <djangohelpdesk@example.com>
(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Wed, 08 Nov 2017 13:30:19 -0800 (PST)
To: djangohelpdesk@example.com
From: Bug Reporter <bugreporter@example.com>
Subject: example email that crashes django-helpdesk get_email
Message-ID: <8eef2077-8aff-9fb4-0e2a-9876ba2530b1@gmail.com>
Date: Thu, 9 Nov 2017 08:30:15 +1100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
Thunderbird/52.4.0
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature";
boundary="vnaePdRl5oElllhQPTiU2WarPFVGINT69"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--vnaePdRl5oElllhQPTiU2WarPFVGINT69
Content-Type: multipart/mixed; boundary="ckOQ1U5bPjO3W1sVnjdBaEigXBiwem2Rn";
protected-headers="v1"
From: Bug Reporter <bugreporter@example.com>
To: djangohelpdesk@example.com
Message-ID: <8eef2077-8aff-9fb4-0e2a-9876ba2530b1@gmail.com>
Subject: example email that crashes django-helpdesk get_email
--ckOQ1U5bPjO3W1sVnjdBaEigXBiwem2Rn
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Content-Language: en-US
hi, thanks for looking into this :)
https://github.com/django-helpdesk/django-helpdesk/issues/567#issuecommen=
t-342954233
--ckOQ1U5bPjO3W1sVnjdBaEigXBiwem2Rn--
--vnaePdRl5oElllhQPTiU2WarPFVGINT69
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCAAGBQJaA3dnAAoJELBLc7QPITnLN54P/3Zsu7+AIQWDFTvziJfCqswG
u99fG+iWa6ER+iuZG0YU1BdIxIjSKt1pvqB0yXITlT9FCdf1zc0pmeJ08I0a5pVa
iaym5prVUro5BNQ6Vqoo0jvOCKNrACtFNv85zDzXbPNP8TrUss41U+ackPHkOHov
cmJ5YZFQebYXXpibFSIDimVGfwI57vyTWvolttZFLSI1mgGX7MvHaKh253QLdXIo
EUih40rOw3f/nYPEKyW8QA72ImBsZdcZI5buiiCC1bgMkKSFSNAFiIanYEpGNMnO
3zYKBpbpBhnWSi5orwx47/v4/Yb/qVr5ppuV23+YoMfEGT8cHPTAdYpnpE27ByAv
jvpxKEwmkUzD1WxOmQdCcPJPyWz1OBUVvjj0nn0Espnz8V8esl9+IFs739lpFBHu
fWWA315LTmIJMGH5Ujf4myiQeXDo6Gsy6WhE13q7MKTq3tnyi5dJG9GJCBf646dL
RwcDf9O7MvKSV2kSPmryLnUF7D+2fva+Cy+CvJDVJCo5zr4ucXPXZ4htpI6Pjpd5
oPHvbqxSCMJrQ7eAFTYmBNGauSyr0XvGM1qmHBZD/laQEJHYgLT2ILrymZhVDHtK
W7tXhGjMoUvqAxiKkmG3UHFqN4k3EYo13PwoOWyJHD1M9ArbX/Sk9l8DDguCh3DW
a9eiiQ+3V1v+7wWHXCzq
=6JeP
-----END PGP SIGNATURE-----
--vnaePdRl5oElllhQPTiU2WarPFVGINT69--

View File

@ -6,17 +6,23 @@ from django.contrib.auth.models import User
from django.contrib.auth.hashers import make_password from django.contrib.auth.hashers import make_password
from helpdesk.models import Queue, Ticket, TicketCC, FollowUp, Attachment from helpdesk.models import Queue, Ticket, TicketCC, FollowUp, Attachment
import helpdesk.email
import itertools import itertools
from shutil import rmtree from shutil import rmtree
import sys import sys
import os
from tempfile import mkdtemp from tempfile import mkdtemp
import logging
from urllib.parse import urlparse from urllib.parse import urlparse
from unittest import mock from unittest import mock
THIS_DIR = os.path.dirname(os.path.abspath(__file__))
# class A addresses can't have first octet of 0 # class A addresses can't have first octet of 0
unrouted_socks_server = "0.0.0.1" unrouted_socks_server = "0.0.0.1"
unrouted_email_server = "0.0.0.1" unrouted_email_server = "0.0.0.1"
@ -26,6 +32,10 @@ unused_port = "49151"
class GetEmailCommonTests(TestCase): class GetEmailCommonTests(TestCase):
def setUp(self):
self.queue_public = Queue.objects.create()
self.logger = logging.getLogger('helpdesk')
# tests correct syntax for command line option # tests correct syntax for command line option
def test_get_email_quiet_option(self): def test_get_email_quiet_option(self):
"""Test quiet option is properly propagated""" """Test quiet option is properly propagated"""
@ -35,6 +45,17 @@ class GetEmailCommonTests(TestCase):
call_command('get_email') call_command('get_email')
mocked_processemail.assert_called_with(quiet=False) mocked_processemail.assert_called_with(quiet=False)
def test_email_with_blank_body_and_attachment(self):
"""
Tests that emails with blank bodies and attachments work.
https://github.com/django-helpdesk/django-helpdesk/issues/700
"""
with open(os.path.join(THIS_DIR, "test_files/blank-body-with-attachment.eml")) as fd:
test_email = fd.read()
ticket = helpdesk.email.object_from_message(test_email, self.queue_public, self.logger)
self.assertEqual(ticket.title, "Attachment without body")
self.assertEqual(ticket.description, "")
class GetEmailParametricTemplate(object): class GetEmailParametricTemplate(object):
"""TestCase that checks basic email functionality across methods and socks configs.""" """TestCase that checks basic email functionality across methods and socks configs."""
@ -353,167 +374,8 @@ class GetEmailParametricTemplate(object):
and PGP signatures appropriately.""" and PGP signatures appropriately."""
# example email text from #567 on GitHub # example email text from #567 on GitHub
test_email = """Delivered-To: djangohelpdesk@example.com with open(os.path.join(THIS_DIR, "test_files/pgp.eml")) as fd:
Received: by 10.25.26.207 with SMTP id a198csp5858981lfa; test_email = fd.read()
Wed, 8 Nov 2017 13:30:22 -0800 (PST)
X-Received: by 10.107.107.3 with SMTP id g3mr2603398ioc.250.1510176622046;
Wed, 08 Nov 2017 13:30:22 -0800 (PST)
ARC-Seal: i=2; a=rsa-sha256; t=1510176621; cv=pass;
d=google.com; s=arc-20160816;
b=qQ8kBj8+yIoWcJwFNHUlJDYz7P2NfILAxFsn9uPYzXNn/aRw695T1aNFgGL75KUhkA
nDw+h49SUGKDh9ehC+DEiPjwJIxAoz+86rqGWV6XPGW4gQ7GUkHs96CxWndTSD0hdcOl
vygeZrsgzpIOvDxJWrujDPZzcEjsPC2qy3KGsTqtbZGEsNhhRUD8rs/hBVVXaGBatLF+
Sz2krwBZz8Lm+mWRhScjmF12QIHcXe6qYrDLOLEK0+bRkRMS+ZXg9+GPwqHlp58GaHn+
6JncesW3q7k88RQsLlj/8PEw0z1wMndgBVWIcCEtLt4UhZtt/BDxmZSukNN0SzoH4e3k
mxOw==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
h=mime-version:user-agent:date:message-id:subject:from:to
:dkim-signature:arc-authentication-results:arc-message-signature
:arc-authentication-results;
bh=cQvDBdivwtDmp1Td9ZWaEf0S4IuZ4hPwaprxSv7XZuE=;
b=p/0Y4PgvEfGWZ8W3eqxzRnSGLbT9gObSU2OI/sLwiN4KFfVmGrBJYkx7DGija0A5eU
DBbETW/16pib+W0IOUtdD7Pt12oWA3Z/uRf7ybXnHIKZ+MObdCXqRJFkga6nY8tWD0H3
maquQR07Q54mYslVMEIKJUKJzVM86npLN2C756ZzZTXiGXf33iowO4/lciGmTAgi+y5p
fEDQCTMoSQ9iGbquFRgNHgMtIM5NWjeMksWKpnfbvZyKs0ZICcPklNxQkDCmDlrOBokT
Zs1RVsWZ7NyPdTomJ0SRyPeysM040aatmnwxFAzwe4GYFNUWZjaep7uPKKlZ4sV/aHBB
iHOQ==
ARC-Authentication-Results: i=2; mx.google.com;
dkim=pass header.i=@gmail.com header.s=20161025 header.b=AArzbi/1;
arc=pass (i=1 spf=pass spfdomain=gmail.com dkim=pass dkdomain=gmail.com dmarc=pass fromdomain=gmail.com);
spf=pass (google.com: domain of bugreporter@example.com designates 209.85.220.41 as permitted sender) smtp.mailfrom=bugreporter@example.com;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=gmail.com
Return-Path: <bugreporter@example.com>
Received: from mail-sor-f41.google.com (mail-sor-f41.google.com. [209.85.220.41])
by mx.google.com with SMTPS id i86sor2420323ioo.204.2017.11.08.13.30.21
for <djangohelpdesk@example.com>
(Google Transport Security);
Wed, 08 Nov 2017 13:30:21 -0800 (PST)
Received-SPF: pass (google.com: domain of bugreporter@example.com designates 209.85.220.41 as permitted sender) client-ip=209.85.220.41;
Authentication-Results: mx.google.com;
dkim=pass header.i=@gmail.com header.s=20161025 header.b=AArzbi/1;
arc=pass (i=1 spf=pass spfdomain=gmail.com dkim=pass dkdomain=gmail.com dmarc=pass fromdomain=gmail.com);
spf=pass (google.com: domain of bugreporter@example.com designates 209.85.220.41 as permitted sender) smtp.mailfrom=bugreporter@example.com;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=gmail.com
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:dkim-signature:to:from:subject:message-id:date
:user-agent:mime-version;
bh=cQvDBdivwtDmp1Td9ZWaEf0S4IuZ4hPwaprxSv7XZuE=;
b=MCiZzHu6ZV3kMTQBRL/b5uBy4jbHFS97+z9apL239dYS+z0LlTiHpKbs3qohFe3As1
gu2l0SAcdGw0qeplgmOlX9HXvKetBRLldfHeX/JJZ2yokpjc6CxVT8gF8YP2UmfAs0cb
JI8TTDqiWmhayf7xfblRIUP7vfwyTH9cLmvKMMAqWvrppyUlqlxWgyO7xtzV9jdThpqP
O0jO9CqsRmbEDc4vZAtOTXm1O69jCz66oll6H4T5Nka9HUpyHFZzv7Z0j0F/5djfzjCQ
HCFZhzobEgZAmBC9o2Y5aDvKCnWJGR5kVTtBQaFCuxr57o4zq0D359V3gMMPRGMdujDP
hXAQ==
X-Google-Smtp-Source: ABhQp+SbAIRuabSw2EkD+7YFXtLiCFINtymAshxVYuNZhApd39ymv2m9UnIM3rZNIHonQBywtZ3VjalQxeN8lVuWD6OquEskEc8=
ARC-Seal: i=1; a=rsa-sha256; t=1510176621; cv=none;
d=google.com; s=arc-20160816;
b=mOqnqVV4oq14hoOdEA+yVvQYQd/sv/Qr//xmW6r94dKaUczdbFG+Uy8x7EbuF/ILJt
ByFmE8+HUH8tosfHn8+zFmsHFr3Wi7il64wdeuVqoOuDQS1HejcH9ln5LVjwsr7EE6Ly
6gCT7QupvSQ+FkhyNH+zNHuGztw5F4Sa2r5UlmR5VAJ4+V1MEfVYwzEr7vgPnmEj8jga
PtmD05EfYWrWt27Cw8oS+CgS0CNcHaaiRr7JX3EQbNRrLp5M9GjKhiq/ckt2a5NKJYMH
zISYQzxk7EgHGFrwn+JZx+oKqG3Zl2pd5oKmzJkFeSaGT+qYp3SES4z3Vi6z4VxGduox
f38g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
h=mime-version:user-agent:date:message-id:subject:from:to
:dkim-signature:arc-authentication-results;
bh=cQvDBdivwtDmp1Td9ZWaEf0S4IuZ4hPwaprxSv7XZuE=;
b=R5FsED2qOoEJshMotswEPOAn8GyvaHHd4zM9wAH+qnzuoV9RFhSChbkAkypi73SPs/
D7K49dYKSfsuWPF1RXoD8qchVfROF5Y7kD0JHy7KJcuHXzwb5gYLNrZpB2R9XbBOGe1j
lgQvnEVwmgeJiLXKQVeQDECxs8DFlkIpPIbmJK02Ry/Q0S8TnBEs0mrWn49l70IsZB6U
0XCpUPAt9NhsIUxoZKZv+zOwpQq6uwJkqRa5ukH0OPRr891MpeZldw7+gINjxxEmPAS9
GYfMeCpX9afFbQMUizbUbKwOZPt7ahn3x1C5x4AwgQmtzXYfA/quyiXAukTzoYk8FUqs
U1QA==
ARC-Authentication-Results: i=1; gmr-mx.google.com;
dkim=pass header.i=@gmail.com header.s=20161025 header.b=AArzbi/1;
spf=pass (google.com: domain of bugreporter@example.com designates 2607:f8b0:400e:c00::233 as permitted sender) smtp.mailfrom=bugreporter@example.com;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=gmail.com
Return-Path: <bugreporter@example.com>
Received: from mail-pf0-x233.google.com (mail-pf0-x233.google.com. [2607:f8b0:400e:c00::233])
by gmr-mx.google.com with ESMTPS id l10si463482ioc.2.2017.11.08.13.30.21
for <djangohelpdesk@example.com>
(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Wed, 08 Nov 2017 13:30:21 -0800 (PST)
Received-SPF: pass (google.com: domain of bugreporter@example.com designates 2607:f8b0:400e:c00::233 as permitted sender) client-ip=2607:f8b0:400e:c00::233;
Received: by mail-pf0-x233.google.com with SMTP id p87so2672006pfj.3
for <djangohelpdesk@example.com>; Wed, 08 Nov 2017 13:30:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20161025;
h=to:from:subject:message-id:date:user-agent:mime-version;
bh=cQvDBdivwtDmp1Td9ZWaEf0S4IuZ4hPwaprxSv7XZuE=;
b=AArzbi/1RXhgTnCQBzU6vCwndc0/vqLV9FCgiOTp3deq8kFYhtdJCaEBX9s7iJduV+
HobvLGsbmWU04Y1O3w8m4jyq5H4HJ1jAr1+i0Tf5jl264kmyu4eowOMkwIFo6UaSVQ/a
zP+EYW09fWSSNhljubLkGf62vZ9gD/RF5Awoady6u5/N1GU4GPVCEgsmiK7DmPB2EtSE
7YPz3o9l+kDy8bRnUFw0744B7VKiXrAcIqpfltJuItM4T7bS/jyjYMQbRn8W2MXpyGlI
LNwt3vUNdKtkcPTK54cs44HMaVA8wGCDaMHFP8JmoTKWSsOgZQja3cdEj/rooM8uz+dq
er5g==
X-Received: by 10.99.191.78 with SMTP id i14mr1746749pgo.220.1510176620834;
Wed, 08 Nov 2017 13:30:20 -0800 (PST)
Return-Path: <bugreporter@example.com>
Received: from [10.1.1.4] (d114-72-199-247.hum1.act.optusnet.com.au. [114.72.199.247])
by smtp.gmail.com with ESMTPSA id u131sm8656745pgc.89.2017.11.08.13.30.18
for <djangohelpdesk@example.com>
(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Wed, 08 Nov 2017 13:30:19 -0800 (PST)
To: djangohelpdesk@example.com
From: Bug Reporter <bugreporter@example.com>
Subject: example email that crashes django-helpdesk get_email
Message-ID: <8eef2077-8aff-9fb4-0e2a-9876ba2530b1@gmail.com>
Date: Thu, 9 Nov 2017 08:30:15 +1100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
Thunderbird/52.4.0
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature";
boundary="vnaePdRl5oElllhQPTiU2WarPFVGINT69"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--vnaePdRl5oElllhQPTiU2WarPFVGINT69
Content-Type: multipart/mixed; boundary="ckOQ1U5bPjO3W1sVnjdBaEigXBiwem2Rn";
protected-headers="v1"
From: Bug Reporter <bugreporter@example.com>
To: djangohelpdesk@example.com
Message-ID: <8eef2077-8aff-9fb4-0e2a-9876ba2530b1@gmail.com>
Subject: example email that crashes django-helpdesk get_email
--ckOQ1U5bPjO3W1sVnjdBaEigXBiwem2Rn
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Content-Language: en-US
hi, thanks for looking into this :)
https://github.com/django-helpdesk/django-helpdesk/issues/567#issuecommen=
t-342954233
--ckOQ1U5bPjO3W1sVnjdBaEigXBiwem2Rn--
--vnaePdRl5oElllhQPTiU2WarPFVGINT69
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCAAGBQJaA3dnAAoJELBLc7QPITnLN54P/3Zsu7+AIQWDFTvziJfCqswG
u99fG+iWa6ER+iuZG0YU1BdIxIjSKt1pvqB0yXITlT9FCdf1zc0pmeJ08I0a5pVa
iaym5prVUro5BNQ6Vqoo0jvOCKNrACtFNv85zDzXbPNP8TrUss41U+ackPHkOHov
cmJ5YZFQebYXXpibFSIDimVGfwI57vyTWvolttZFLSI1mgGX7MvHaKh253QLdXIo
EUih40rOw3f/nYPEKyW8QA72ImBsZdcZI5buiiCC1bgMkKSFSNAFiIanYEpGNMnO
3zYKBpbpBhnWSi5orwx47/v4/Yb/qVr5ppuV23+YoMfEGT8cHPTAdYpnpE27ByAv
jvpxKEwmkUzD1WxOmQdCcPJPyWz1OBUVvjj0nn0Espnz8V8esl9+IFs739lpFBHu
fWWA315LTmIJMGH5Ujf4myiQeXDo6Gsy6WhE13q7MKTq3tnyi5dJG9GJCBf646dL
RwcDf9O7MvKSV2kSPmryLnUF7D+2fva+Cy+CvJDVJCo5zr4ucXPXZ4htpI6Pjpd5
oPHvbqxSCMJrQ7eAFTYmBNGauSyr0XvGM1qmHBZD/laQEJHYgLT2ILrymZhVDHtK
W7tXhGjMoUvqAxiKkmG3UHFqN4k3EYo13PwoOWyJHD1M9ArbX/Sk9l8DDguCh3DW
a9eiiQ+3V1v+7wWHXCzq
=6JeP
-----END PGP SIGNATURE-----
--vnaePdRl5oElllhQPTiU2WarPFVGINT69--
"""
test_mail_len = len(test_email) test_mail_len = len(test_email)
if self.socks: if self.socks:

View File

@ -5,6 +5,7 @@ from django.urls import reverse
from django.test import TestCase from django.test import TestCase
from django.test.client import Client from django.test.client import Client
from helpdesk.models import CustomField, Queue, Ticket from helpdesk.models import CustomField, Queue, Ticket
from helpdesk import settings as helpdesk_settings
try: # python 3 try: # python 3
from urllib.parse import urlparse from urllib.parse import urlparse
@ -27,12 +28,21 @@ class TicketActionsTestCase(TestCase):
updated_ticket_cc='update.public@example.com' updated_ticket_cc='update.public@example.com'
) )
self.queue_private = Queue.objects.create(
title='Queue 2',
slug='q2',
allow_public_submission=False,
new_ticket_cc='new.private@example.com',
updated_ticket_cc='update.private@example.com'
)
self.ticket_data = { self.ticket_data = {
'title': 'Test Ticket', 'title': 'Test Ticket',
'description': 'Some Test Ticket', 'description': 'Some Test Ticket',
} }
self.client = Client() self.client = Client()
helpdesk_settings.HELPDESK_ENABLE_PER_QUEUE_STAFF_PERMISSION = False
def loginUser(self, is_staff=True): def loginUser(self, is_staff=True):
"""Create a staff user and login""" """Create a staff user and login"""
@ -143,14 +153,14 @@ class TicketActionsTestCase(TestCase):
initial_data = { initial_data = {
'title': 'Private ticket test', 'title': 'Private ticket test',
'queue': self.queue_public, 'queue': self.queue_private,
'assigned_to': self.user, 'assigned_to': self.user,
'status': Ticket.OPEN_STATUS, 'status': Ticket.OPEN_STATUS,
} }
# create ticket # create ticket
helpdesk_settings.HELPDESK_ENABLE_PER_QUEUE_STAFF_PERMISSION = True
ticket = Ticket.objects.create(**initial_data) ticket = Ticket.objects.create(**initial_data)
self.assertEqual(_is_my_ticket(self.user, ticket), True) self.assertEqual(_is_my_ticket(self.user, ticket), True)
self.assertEqual(_is_my_ticket(self.user2, ticket), False) self.assertEqual(_is_my_ticket(self.user2, ticket), False)

View File

@ -71,6 +71,20 @@ superuser_required = user_passes_test(
lambda u: u.is_authenticated and u.is_active and u.is_superuser) lambda u: u.is_authenticated and u.is_active and u.is_superuser)
def _get_queue_choices(queues):
"""Return list of `choices` array for html form for given queues
idea is to return only one choice if there is only one queue or add empty
choice at the beginning of the list, if there are more queues
"""
queue_choices = []
if len(queues) > 1:
queue_choices = [('', '--------')]
queue_choices += [(q.id, q.title) for q in queues]
return queue_choices
def _get_user_queues(user): def _get_user_queues(user):
"""Return the list of Queues the user can access. """Return the list of Queues the user can access.
@ -78,11 +92,15 @@ def _get_user_queues(user):
:return: A Python list of Queues :return: A Python list of Queues
""" """
all_queues = Queue.objects.all() all_queues = Queue.objects.all()
public_ids = [q.pk for q in
Queue.objects.filter(allow_public_submission=True)]
limit_queues_by_user = \ limit_queues_by_user = \
helpdesk_settings.HELPDESK_ENABLE_PER_QUEUE_STAFF_PERMISSION \ helpdesk_settings.HELPDESK_ENABLE_PER_QUEUE_STAFF_PERMISSION \
and not user.is_superuser and not user.is_superuser
if limit_queues_by_user: if limit_queues_by_user:
id_list = [q.pk for q in all_queues if user.has_perm(q.permission_name)] id_list = [q.pk for q in all_queues if user.has_perm(q.permission_name)]
id_list += public_ids
return all_queues.filter(pk__in=id_list) return all_queues.filter(pk__in=id_list)
else: else:
return all_queues return all_queues
@ -104,7 +122,10 @@ def _has_access_to_queue(user, queue):
def _is_my_ticket(user, ticket): def _is_my_ticket(user, ticket):
"""Check to see if the user has permission to access """Check to see if the user has permission to access
a ticket. If not then deny access.""" a ticket. If not then deny access."""
if user.is_superuser or user.is_staff or user.id == ticket.assigned_to.id: if _has_access_to_queue(user, ticket.queue):
return True
elif user.is_superuser or user.is_staff or \
(ticket.assigned_to and user.id == ticket.assigned_to.id):
return True return True
else: else:
return False return False
@ -323,8 +344,11 @@ def view_ticket(request, ticket_id):
else: else:
users = User.objects.filter(is_active=True).order_by(User.USERNAME_FIELD) users = User.objects.filter(is_active=True).order_by(User.USERNAME_FIELD)
queues = _get_user_queues(request.user)
queue_choices = _get_queue_choices(queues)
# TODO: shouldn't this template get a form to begin with? # TODO: shouldn't this template get a form to begin with?
form = TicketForm(initial={'due_date': ticket.due_date}) form = TicketForm(initial={'due_date': ticket.due_date},
queue_choices=queue_choices)
ticketcc_string, show_subscribe = \ ticketcc_string, show_subscribe = \
return_ticketccstring_and_show_subscribe(request.user, ticket) return_ticketccstring_and_show_subscribe(request.user, ticket)
@ -1025,6 +1049,12 @@ class CreateTicketView(MustBeStaffMixin, FormView):
initial_data['queue'] = request.GET['queue'] initial_data['queue'] = request.GET['queue']
return initial_data return initial_data
def get_form_kwargs(self):
kwargs = super().get_form_kwargs()
queues = _get_user_queues(self.request.user)
kwargs["queue_choices"] = _get_queue_choices(queues)
return kwargs
def form_valid(self, form): def form_valid(self, form):
self.ticket = form.save() self.ticket = form.save()
return super().form_valid(form) return super().form_valid(form)