MailGatewayAccessControl

From Request Tracker Wiki
Jump to navigation Jump to search

You can limit access to the Mail Gateway REST API via 2 methods. You can use normal allow/deny directives in your Apache conf files, like this:

<Location /REST/1.0/NoAuth>
    Order Allow,Deny
    Allow from 127.0.0.1
</Location>

Or you can use the BeforeProcessing callback

(This callback may not be in your version of RT. Use this patch:

--- html/REST/1.0/NoAuth/mail-gateway   (revision 1365)
+++ html/REST/1.0/NoAuth/mail-gateway   (working copy)
@@ -54,6 +54,9 @@
 </%ARGS>
 <%init>
 use RT::Interface::Email;
+$m->comp( '/Elements/Callback',
+          _CallbackName => 'BeforeProcessing',
+          %ARGS );
 my ( $status, $error, $Ticket ) = RT::Interface::Email::Gateway(\%ARGS);
  if ($status == -75 ) {
 $m->out("temporary failure - ". $error);


)

And then you can use this callback:

[$RT/local/html/Callbacks/something/REST/1.0/NoAuth/mail-gateway]

<%init>
 my $ip = $ENV{'REMOTE_ADDR'};
 unless ($ip =~ /(?:127\.0\.0\.1)/) {
  $r->status(403);
  $m->abort(403);
 }
</%init>