Import from rt.cpan.org

html/Callbacks/BugTracker-Public/Elements/Tabs/Privileged

@@ -0,0 +1,110 @@
+<%init>
+# Only show the Public nav to the public user
+return unless RT::BugTracker::Public->IsPublicUser;
+
+# Save the About menu, if any (provided by RT::Extension::rt_cpan_org, for
+# example)
+my $about = Menu->child("about");
+
+# Save the Preferences menu ("Logged in as..") for Bitcard/OpenID users
+my $preferences = Menu->child("preferences");
+
+# Clear the decks
+RT::Interface::Web::InitializeMenu();
+
+PageWidgets()->child( simple_search => raw_html => $m->scomp(
+    '/Elements/SimpleSearch', SendTo => '/Public/Search/Simple.html' ));
+
+PageWidgets()->child( create_ticket => raw_html => $m->scomp(
+    '/Elements/CreateTicket', SendTo => '/Public/Bug/Report.html' ));
+
+Menu()->child(
+    search_dist => title => loc('Search Distributions'),
+    path        => '/Public/',
+);
+
+Menu()->child(
+    browse_dist => title => loc('Browse Distributions'),
+    path        => '/Public/Dist/Browse.html',
+);
+
+Menu->child( "about", menu => $about );
+
+if ($session{CurrentUser}->Name eq RT->Config->Get("WebPublicUser")) {
+    Menu->child(
+        'preferences' => title => loc( 'Welcome [_1]anonymous guest[_2].', '<span class="current-user">', '</span>' ),
+        escape_title  => 0,
+        sort_order    => 1000,
+    );
+
+    # Public user must logout to login
+    Menu->child(
+        "login",
+        title       => loc('Login as another user'),
+        path        => '/NoAuth/Logout.html',
+        sort_order  => 1001,
+    );
+} else {
+    # Preserve core RT generated "Logged in as" menu for other authenticated
+    # users from Bitcard and OpenID which also get the Public view
+    Menu->child("preferences", menu => $preferences);
+}
+
+my ($queue, $ticket);
+my $request_path = $HTML::Mason::Commands::r->path_info;
+   $request_path =~ s!^/{2,}!/!;
+
+if ( $request_path =~ m{^/Public/Bug/(?:Display|Update)\.html}
+     and my $id = $DECODED_ARGS->{id} )
+{
+    $ticket = RT::Ticket->new( $session{CurrentUser} );
+    $ticket->Load($id);
+    $queue = $ticket->QueueObj if $ticket->id;
+}
+elsif ( $request_path =~ m{^/Public/(?:Bug/Report|Dist/Display)\.html}
+        and my $name = ($DECODED_ARGS->{Name} || $DECODED_ARGS->{Queue}) )
+{
+    $queue = RT::Queue->new( $session{CurrentUser} );
+    $queue->Load($name);
+}
+
+if ( $queue and $queue->id ) {
+    my $escaped = $m->interp->apply_escapes($queue->Name, 'u');
+    PageMenu()->child(
+        active_bugs => title => loc("Active bugs"),
+        path => "/Public/Dist/Display.html?Status=Active;Name=" . $escaped,
+    );
+
+    PageMenu()->child( resolved_bugs =>
+            title => loc("Resolved bugs"),
+            path  => "/Public/Dist/Display.html?Status=Resolved;Name=". $escaped,
+    );
+
+    PageMenu()->child( rejected_bugs => 
+            title => loc("Rejected bugs"),
+            path  => "/Public/Dist/Display.html?Status=Rejected;Name=". $escaped,
+    );
+
+    PageMenu()->child( report => 
+            title => loc("Report a new bug"),
+            path  => '/Public/Bug/Report.html?Queue='. $escaped,
+    );
+
+    if ($ticket and $ticket->id
+        and $queue->Lifecycle->IsInactive($ticket->Status)
+        and $ticket->CurrentUserHasRight("OpenTicket")) {
+
+        PageMenu->child(
+            "reopen",
+            title       => loc("Re-open this bug"),
+            path        => "/Public/Bug/Display.html?Status=open;id=".$ticket->id,
+            sort_order  => -2,
+        );
+        PageMenu->child(
+            "ticket-queue-separator",
+            raw_html    => "<span style='display: block; padding: 0.75em 1em'>&mdash;</span>",
+            sort_order  => -1,
+        );
+    }
+}
+</%init>

html/Callbacks/BugTracker-Public/NoAuth/Logout.html/AfterSessionDelete

@@ -0,0 +1,7 @@
+<%init>
+return unless $m->notes->{NextHash} and $m->notes->{NextPage};
+
+# Resurrect the next page data we're about to pass to the login page via the
+# logout's meta-refresh.
+$session{NextPage}->{ $m->notes->{NextHash} } = $m->notes->{NextPage};
+</%init>

html/Callbacks/BugTracker-Public/NoAuth/Logout.html/Default

@@ -0,0 +1,17 @@
+<%args>
+$URL => undef
+</%args>
+<%init>
+return unless $URL and RT::BugTracker::Public->IsPublicUser
+          and $session{"LastPublicPage"};
+
+# Because we don't have a callback that is both after the session delete and
+# can modify the login URL, we need to stash the next page data pre-delete, set
+# the next page hash, and then resurrect it after the session is deleted.
+$m->notes->{NextHash} = RT::Interface::Web::SetNextPage($DECODED_ARGS, $session{"LastPublicPage"});
+$m->notes->{NextPage} = RT::Interface::Web::FetchNextPage($m->notes->{NextHash});
+
+$$URL = RT->Config->Get("WebPath")
+      . "/NoAuth/Login.html?next="
+      . $m->notes->{NextHash};
+</%init>

html/Callbacks/BugTracker-Public/Search/Results.html/Initial

@@ -0,0 +1,9 @@
+<%args>
+$ARGSRef => {}
+</%args>
+<%init>
+return unless RT::BugTracker::Public->IsPublicUser;
+$m->comp("/Public/Search/Results.html", %$ARGSRef);
+$m->comp("/Elements/Footer");
+$m->abort;
+</%init>

html/Callbacks/BugTracker-Public/Ticket/Elements/ShowMessageHeaders/Default

@@ -6,7 +6,11 @@ return unless RT::BugTracker::Public->IsPublicUser;
 
 # Protect email addresses
 for my $h (@$headers) {
-    next unless $h->{'Tag'} =~ /^(?:From|(?:RT-Send-)?(?:To|Cc|Bcc)|Reply-To)$/i;
+    next if $h->{'Tag'} =~ /^(?:Subject)$/i;
     $h->{'Value'} =~ s/@/ [...] /g;
+
+    # Sometimes mbox From_ lines make it into RT headers
+    $h->{'Tag'} =~ s/@/ [...] /g
+        if $h->{'Tag'} =~ /^From\s+/;
 }
 </%init>

html/Callbacks/BugTracker-Public/autohandler/Auth

@@ -49,23 +49,29 @@
 # If there's no user and this is not a login request and we're looking
 # at a public UI request, log in automatically as the public user so the
 # person can get the rights of the system group "Everyone"
-if (    not $session{'CurrentUser'}
+if (    not ($session{'CurrentUser'} and $session{'CurrentUser'}->id)
     and not defined $ARGS{user}
     and not defined $ARGS{pass} )
 {
-    if ( $m->request_comp->path =~ m{ ^/+Public/ }x ) {
+    my $path = $m->request_path;
+    my $has_public_equiv = RT::BugTracker::Public->RedirectToPublic(
+        Path => $path,
+        ARGS => \%ARGS,
+    );
+
+    # We only care if the public equivalent is a page and not the top-level.
+    undef $has_public_equiv
+        if $has_public_equiv and $has_public_equiv eq "/Public/";
+
+    if ( $path =~ m{ ^/+Public/ }x or $has_public_equiv ) {
         my $cu = new RT::CurrentUser;
         $cu->LoadByName( $RT::WebPublicUser );
         unless ( $cu->id ) {
             $RT::Logger->error("Couldn't load public user with name '$RT::WebPublicUser'");
         } else {
+            RT::Interface::Web::InstantiateNewSession();
             $session{'CurrentUser'} = $cu;
         }
     }
-    elsif ( $m->request_comp->path =~ '^(/+)Ticket/Display.html'
-                and $ARGS{'id'} )
-    {
-        $m->redirect( $RT::WebPath .'/Public/Bug/Display.html?id=' . $ARGS{'id'} );
-    }
 }
 </%init>

html/Callbacks/BugTracker-Public/autohandler/Default

@@ -48,31 +48,12 @@
 <%init>
 return unless RT::BugTracker::Public->IsPublicUser;
 
-# This is a public user, we only want them going to /Public/
+# This is a public user, we only want them going to /Public/ or other allowed paths.
 
-# The following logic is very similar to the priv/unpriv logic
-my $path = $m->request_path;
-
-# if the user is trying to access a ticket, redirect them
-if ( $path =~ '^(/+)Ticket/Display.html'
-        and $ARGS{'id'} )
-{
-    $m->redirect($RT::WebPath . "/Public/Bug/Display.html?id="
-                    . $m->interp->apply_escapes($ARGS{'id'}, 'u'));
-    $m->abort();
-}
-
-elsif ( $path =~ '^(/+)Dist/Display.html' and $ARGS{'Queue'} ) {
-    $m->redirect($RT::WebPath . "/Public/Dist/Display.html?Name="
-                    . $m->interp->apply_escapes($ARGS{'Queue'}, 'u'));
-}
-
-# otherwise, drop the user at the Public default page
-# XXX: don't we want to check against 'NoAuthRegexp' instead???
-elsif (    $path !~ '^(/+)Public/'
-       and $path !~ '^(/+)NoAuth/'
-       and $path !~ '^(/+)Ticket/Attachment/') {
-    $m->redirect($RT::WebPath . "/Public/");
-    $m->abort();
-}
+my $destination = RT::BugTracker::Public->RedirectToPublic(
+    Path => $m->request_path,
+    ARGS => \%ARGS,
+);
+$m->redirect( RT->Config->Get("WebPath") . $destination )
+    if $destination;
 </%init>

html/Callbacks/BugTracker-Public/autohandler/Final

@@ -0,0 +1,6 @@
+<%init>
+# Rather than rely on the HTTP referer and then have to sanitize it, just keep
+# track of the referring page ourselves.
+$session{'LastPublicPage'} = RT::Interface::Web::IntuitNextPage()
+    if RT::BugTracker::Public->IsPublicUser;
+</%init>

html/NoAuth/css/bugtracker-public.css

@@ -0,0 +1,32 @@
+/* Similar to core RT's "sidebyside" styles */
+
+#reporting-a-bug {
+    float: right;
+    width: 58%;
+    clear: right;
+}
+
+.reporting-a-bug-instructions {
+    float: left;
+    width: 40%;
+    clear: left;
+}
+
+@media (max-width: 950px) {
+    /* Revert to a single column when we're less than 1000px wide */
+    #reporting-a-bug, .reporting-a-bug-instructions {
+        float: none;
+        width: auto;
+        clear: both;
+    }
+}
+
+#reporting-a-bug .edit-custom-field {
+    /* we're in a thinner column most of the time, make room for the default margin */
+    width: 45%;
+}
+
+#reporting-a-bug .edit-custom-field:first-child {
+    display: block;
+    float: none;
+}

html/NoAuth/js/bugtracker-public.js

@@ -0,0 +1,8 @@
+jQuery(function() {
+    jQuery("a[data-bug-email]").each(function() {
+        var a = jQuery(this);
+        a.attr("href", "mailto:bug-"
+                       + encodeURIComponent(a.attr("data-bug-email"))
+                       + "@rt.cpan.org");
+    });
+});

html/Public/Bug/Display.html

@@ -47,13 +47,13 @@
 %# END BPS TAGGED BLOCK }}}
 <& /Elements/Header, 
     Title => $title &>
-<& /Public/Elements/Tabs, 
-    Title => $title,
-    ticket => $TicketObj,
-&>
+<& /Elements/Tabs &>
 
 <& /Elements/ListActions, actions => \@Actions &>
 
+<& /Dist/Elements/ShowBugtracker, Queue => $TicketObj->QueueObj &>
+<& /Dist/Elements/ShowNotes, Queue => $TicketObj->QueueObj &>
+
 <&| /Widgets/TitleBox, title => loc("Report information") &>
 <& /Public/Bug/Elements/ShowSummary, Ticket => $TicketObj, Attachments => $attachments &>
 </&>
@@ -69,6 +69,7 @@
       ShowHeaders => $ARGS{'ShowHeaders'},
       Attachments => $attachments,
       AttachmentContent => $attachment_content,
+      URIFile     => RT->Config->Get('WebPath') . '/Public/Bug/Display.html',
       DisplayPath => RT->Config->Get('WebPath') . '/Public/Bug/Display.html?id='. $TicketObj->id,
       UpdatePath  => RT->Config->Get('WebPath') . '/Public/Bug/Update.html',
 &> 

html/Public/Bug/Elements/ShowSummary

@@ -49,14 +49,12 @@
 <tr>
   <td valign="top" class="boxcontainer">
     <&| /Widgets/TitleBox, title => loc('The Basics'), 
-        title_href => RT->Config->Get('WebPath')."/Ticket/Modify.html?id=".$Ticket->Id, 
         class => 'ticket-info-basics',
     &>
         <& /Ticket/Elements/ShowBasics, Ticket => $Ticket &>
     </&>
 
     <&| /Widgets/TitleBox, title => loc('People'), 
-        title_href => RT->Config->Get('WebPath')."/Ticket/ModifyPeople.html?id=".$Ticket->Id, 
         class => 'ticket-info-people',
     &>
         <& /Ticket/Elements/ShowPeople, Ticket => $Ticket &>
@@ -69,7 +67,6 @@
 
 % if ($Ticket->CustomFields->First) {
     <&| /Widgets/TitleBox, title => loc('Bug Information'),
-        title_href =>"$RT::WebPath/Ticket/Modify.html?id=".$Ticket->Id, 
         class => 'ticket-info-cfs',
     &> 
         <& /Ticket/Elements/ShowCustomFields, Ticket => $Ticket &>