#!/usr/bin/perl
# BEGIN LICENSE BLOCK
# 
# Copyright (c) 1996-2003 Jesse Vincent <jesse@bestpractical.com>
# 
# (Except where explictly superceded by other copyright notices)
# 
# This work is made available to you under the terms of Version 2 of
# the GNU General Public License. A copy of that license should have
# been provided with this software, but in any event can be snarfed
# from www.gnu.org.
# 
# This work is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
# General Public License for more details.
# 
# Unless otherwise specified, all modifications, corrections or
# extensions to this work which alter its source code become the
# property of Best Practical Solutions, LLC when submitted for
# inclusion in the work.
# 
# 
# END LICENSE BLOCK

=head1 NAME

rt-crontool - Command-line interface to Request Tracker

=head1 SYNOPSIS

 rt-crontool [--verbose] --search <module> --search-arg <argument> \
     --condition <module> --condition-arg <argument> \
     --action <module> --action-arg <argument>

=head1 EXAMPLES

 rt-crontool --search RT::Search::ActiveTicketsInQueue \
     --search-arg General \
     --condition RT::Condition::UntouchedInHours \
     --condition-arg 4 \
     --action RT::Action::SetPriority \
     --action-arg \
     --verbose

=head1 SECURITY

This tool allows the user to run arbitrary perl modules from within RT.

If this tool were setgid, a hostile local user could use this tool to
gain administrative access to RT.

It is suggested that you create a non-privileged Unix user with the
correct group membership and RT access to run this tool.

It is incredibly important that non-privileged users not be allowed to
run this tool.

=head1 INTERNALS

=cut

use strict;
use Carp;

use lib ("/usr/share/perl5", "/usr/local/share/request-tracker3/lib");

package RT;

use Getopt::Long;

use RT::Interface::CLI qw(CleanEnv GetCurrentUser GetMessageContent loc);
use RT::Tickets;
use RT::Template;

#Clean out all the nasties from the environment
CleanEnv();

# Load the config file
RT::LoadConfig();

#Connect to the database and get RT::SystemUser and RT::Nobody loaded
RT::Init();

#Drop setgid permissions
RT::DropSetGIDPermissions();

#Get the current user all loaded
my $CurrentUser = GetCurrentUser();

unless ( $CurrentUser->Id ) {
    print loc("No RT user found. Please consult your RT administrator.\n");
    exit(1);
}

my ( $search, $condition, $action, $search_arg, $condition_arg, $action_arg,
     $template_id, $help, $verbose );
GetOptions( "search=s"        => \$search,
            "search-arg=s"    => \$search_arg,
            "condition=s"     => \$condition,
            "condition-arg=s" => \$condition_arg,
            "action-arg=s"    => \$action_arg,
            "action=s"        => \$action,
	    "template-id=s"   => \$template_id,
            "help"            => \$help,
            "verbose|v"       => \$verbose );

help() if $help;

# We _must_ have a search object
load_module($search);
load_module($action)    if ($action);
load_module($condition) if ($condition);

# load template if specified
my $template_obj;
if ($template_id) {
    $template_obj = RT::Template->new($RT::Nobody);
    $template_obj->LoadById($template_id);
}

#At the appointed time:

#find a bunch of tickets
my $tickets = RT::Tickets->new($CurrentUser);
my $search  = $search->new( TicketsObj => $tickets, Argument => $search_arg );

$search->Prepare();

# TicketsFound is an RT::Tickets object
my $tickets = $search->TicketsObj;

#for each ticket we've found
while ( my $ticket = $tickets->Next() ) {
    print "\n" . $ticket->Id() . ": " if ($verbose);

    # perform some more advanced check
    if ($condition) {
        my $condition_obj = $condition->new( TicketObj => $ticket,
                                             Argument  => $condition_arg );

        # if the condition doesn't apply, get out of here

        next unless ( $condition_obj->IsApplicable );
        print loc("Condition matches...") if ($verbose);
    }

    #prepare our action
    my $action_obj = $action->new( TicketObj => $ticket,
				   TemplateObj => $template_obj,
                                   Argument  => $action_arg );

    #if our preparation, move onto the next ticket
    next unless ( $action_obj->Prepare );
    print loc("Action prepared...") if ($verbose);

    #commit our action.
    next unless ( $action_obj->Commit );
    print loc("Action committed.") if ($verbose);
}

# {{{ load_module 

=head2 load_module

Loads a perl module, dying nicely if it can't find it.

=cut

sub load_module {
    my $modname = shift;
    eval "require $modname";
    if ($@) {
        die loc( "Failed to load module [_1]. ([_2])", $modname, $@ );
    }

}

# }}}

# {{{ loc 

=head2 loc LIST

Localize this string, with the current user's currentuser object

=cut

sub loc {
    $CurrentUser->loc(@_);
}

# }}}

sub help {

    print loc( "[_1] is a tool to act on tickets from an external scheduling tool, such as cron.", $0 )
      . "\n";
    print loc("It takes several arguments:") . "\n\n";

    print "	"
      . loc( "[_1] - Specify the search module you want to use", "--search" )
      . "\n";
    print "	"
      . loc( "[_1] - An argument to pass to [_2]", "--search-argument", "--search" )
      . "\n";

    print "	"
      . loc( "[_1] - Specify the condition module you want to use", "--condition" )
      . "\n";
    print "	"
      . loc( "[_1] - An argument to pass to [_2]", "--condition-argument", "--condition" )
      . "\n";
    print "	"
      . loc( "[_1] - Specify the action module you want to use", "--action" )
      . "\n";
    print "	"
      . loc( "[_1] - An argument to pass to [_2]", "--action-argument", "--action" )
      . "\n";
    print "	"
      . loc( "[_1] - Output status updates to STDOUT", "--verbose" ) . "\n";
    print "\n";
    print "\n";
    print loc("Security:")."\n";
    print loc("This tool allows the user to run arbitrary perl modules from within RT.")." ". 
        loc("If this tool were setgid, a hostile local user could use this tool to gain administrative access to RT.")." ".
        loc("It is incredibly important that nonprivileged users not be allowed to run this tool."). " " . 
        loc("It is suggested that you create a non-privileged unix user with the correct group membership and RT access to run this tool.")."\n";
    print "\n";
    print loc("Example:");
    print "\n";
    print " "
      . loc( "The following command will find all active tickets in the queue 'general' and set their priority to 99 if they haven't been touched in 4 hours:"
      )
      . "\n\n";

    print " bin/rt-cron-tool \\\n";
    print
      "  --search RT::Search::ActiveTicketsInQueue  --search-arg general \\\n";
    print
      "  --condition RT::Condition::UntouchedInHours --condition-arg 4 \\\n";
    print "  --action RT::Action::SetPriority --action-arg 99 \\\n";
    print "  --verbose\n";

    print "\n";
    print loc("Escalate tickets");
    print "rt-crontool \\\n";
    print " --search RT::Search::ActiveTicketsInQueue  --search-arg thequeuename \\\n";
    print " --action RT::Action::EscalatePriority \\\n";
 
 
 



    exit(0);
}
