[Rt-commit] r13543 - in rt/3.8/branches/non-ascii-subject: lib/RT share/html/NoAuth/iCal

Mon Jun 23 16:47:49 EDT 2008

Author: ruz
Date: Mon Jun 23 16:47:48 2008
New Revision: 13543

Modified:
   rt/3.8/branches/non-ascii-subject/lib/RT/User_Overlay.pm
   rt/3.8/branches/non-ascii-subject/share/html/NoAuth/iCal/dhandler
   rt/3.8/branches/non-ascii-subject/share/html/Search/Elements/ResultViews

Log:
* add {Generate,Validate}AuthString to RT::User class
* use them for iCal links
* fix issues with non-ascii chars in a query when generating
  iCal URLs
* fix issues with non-ascii chars in user name and iCal URLs

Modified: rt/3.8/branches/non-ascii-subject/lib/RT/User_Overlay.pm
==============================================================================

--- rt/3.8/branches/non-ascii-subject/lib/RT/User_Overlay.pm	(original)
+++ rt/3.8/branches/non-ascii-subject/lib/RT/User_Overlay.pm	Mon Jun 23 16:47:48 2008
@@ -606,7 +606,7 @@
 }
 
 
-=head2 Password related functions
+=head2 Password and authentication related functions
 
 =head3 SetRandomPassword
 
@@ -999,7 +999,10 @@
 
 =head3 AuthToken
 
-Returns an authentication string associated with the user.
+Returns an authentication string associated with the user. This
+string can be used to generate passwordless URLs to integrate
+RT with services and programms like callendar managers, rss
+readers and other.
 
 =cut
 
@@ -1032,6 +1035,41 @@
     return $self->SetAttribute( Name => "AuthToken", Content => $token );
 }
 
+=head3 GenerateAuthString
+
+Takes a string and returns back a hex hash string. Later you can use
+this pair to make sure it's generated by this user using L</ValidateAuthString>
+
+=cut
+
+sub GenerateAuthString {
+    my $self = shift;
+    my $protect = shift;
+
+    my $str = $self->AuthToken . $protect;
+    utf8::encode($str);
+
+    return substr(Digest::MD5::md5_hex($str),0,16);
+}
+
+=head3 ValidateAuthString
+
+Takes auth string and protected string. Returns true is protected string
+has been protected by user's L</AuthToken>. See also L</GenerateAuthString>.
+
+=cut
+
+sub ValidateAuthString {
+    my $self = shift;
+    my $auth_string = shift;
+    my $protected = shift;
+
+    my $str = $self->AuthToken . $protected;
+    utf8::encode( $str );
+
+    return $auth_string eq substr(Digest::MD5::md5_hex($str),0,16);
+}
+
 =head2 SetDisabled
 
 Toggles the user's disabled flag.

Modified: rt/3.8/branches/non-ascii-subject/share/html/NoAuth/iCal/dhandler
==============================================================================
--- rt/3.8/branches/non-ascii-subject/share/html/NoAuth/iCal/dhandler	(original)
+++ rt/3.8/branches/non-ascii-subject/share/html/NoAuth/iCal/dhandler	Mon Jun 23 16:47:48 2008
@@ -60,18 +60,16 @@
 $notfound->() unless $path =~ m!^([^/]+)/([^/]+)/(.*)(\.(ical|ics))?!;
 
 my ($name, $auth, $search) = ($1, $2, $3);
-$name = Encode::decode_utf8( $name );
+# Unescape parts
+$_ =~ s/\%([0-9a-z]{2})/chr(hex($1))/gei for $name, $search;
+# convert to perl strings
+$_ = Encode::decode_utf8( $_ ) for $name, $search;
+
 my $user = RT::User->new( $RT::SystemUser );
 $user->Load( $name );
 $notfound->() unless $user->id;
 
-# Unescape the query
-$search =~ s/\%([0-9a-z]{2})/chr(hex($1))/gei;
-
-my $secret = $user->AuthToken;
-$notfound->() unless $auth eq substr(Digest::MD5::md5_hex($secret.$search),0,16);
-
-$search = Encode::decode_utf8( $search );
+$notfound->() unless $user->ValidateAuthString( $auth, $search );
 
 my $cu = RT::CurrentUser->new;
 $cu->Load($user);

Modified: rt/3.8/branches/non-ascii-subject/share/html/Search/Elements/ResultViews
==============================================================================
--- rt/3.8/branches/non-ascii-subject/share/html/Search/Elements/ResultViews	(original)
+++ rt/3.8/branches/non-ascii-subject/share/html/Search/Elements/ResultViews	Mon Jun 23 16:47:48 2008
@@ -73,6 +73,6 @@
 <%init>
 my $ical_path = join '/', map $m->interp->apply_escapes($_, 'u'),
     $session{'CurrentUser'}->UserObj->Name,
-    substr(Digest::MD5::md5_hex($session{'CurrentUser'}->UserObj->AuthToken . $Query),0,16),
+    $session{'CurrentUser'}->UserObj->GenerateAuthString( $Query ),
     $Query;
 </%init>
