[rt-users] Allowing SelfService users to set own language and timezone prefs

[Craig Ringer]

Hi all

I was just surprised to find that SelfService (Unprivileged) users don't
seem to be able to set their own time zone or language in
SelfService/Prefs.html . It only shows a password change UI.

I've had a look at html/SelfService/Prefs.html and see no code for other
fields.

Is there a security or other reason not to show things like timezone and
language to unprivileged users? I can add an overlay, I just want to
avoid breaking anything important.

-- 
 Craig Ringer   http://www.2ndQuadrant.com/
 PostgreSQL Development, 24x7 Support, Training & Services



-- 
RT training in Amsterdam, March 20-21: 
http://bestpractical.com/services/training.html

Help improve RT by taking our user survey: 
https://www.surveymonkey.com/s/N23JW9T

[rt-users] Email to watchers has lost its "From"

[Beachey, Kendric]

Hi all,

This is kind of a weird one.  We've had RT 3.6.5 up and running great for over 
three years (and version 2.something for probably 8 years before that) and just 
today we've seen a change in how emails to queue watchers come across.

Previously, any email RT sent out when a ticket was created, corresponded, 
etc., would appear to come from the person who initiated the action (the 
requester or commenter, etc.).

But starting today (apparently), the email just appears to come from the queue 
address inside RT instead.  
(queuen...@rt.ourcompany.com)

I haven't changed any options through the web interface in quite a while, and 
the config files on the filesystem haven't changed in about a year.  I'm 
leaning toward something changing in our corporate mail servers that has made 
it start dropping the header that RT is using to say who the email is from.

Has this sort of thing happened to anyone else?
--
Kendric Beachey




This e-mail and any attachments may contain confidential material for the sole 
use of the intended recipient. If you are not the intended recipient, please be 
aware that any disclosure, copying, distribution or use of this e-mail or any 
attachment is prohibited. If you have received this e-mail in error, please 
contact the sender and delete all copies.

Thank you for your cooperation.


-- 
RT training in Amsterdam, March 20-21: 
http://bestpractical.com/services/training.html

Help improve RT by taking our user survey: 
https://www.surveymonkey.com/s/N23JW9T

Re: [rt-users] Dashboards for unprivileged users

[Joop]

Edsall, William (WJ)"  wrote:

>The dashboards show a summary of unresolved and resolved tickets for a
>particular queue. We have separate dashboards for separate queues. 
>
>There is nothing in particular that we wish to hide - I think allowing
>everyone to be privileged by default would be OK for us unless someone
>convinces me otherwise.
Privileged only means another interface. With groups you can restrict them so 
that they can only do and see what you want.

Joop

-- 
Sent from my Android phone with K-9 Mail. Please excuse my brevity.


-- 
RT training in Amsterdam, March 20-21: 
http://bestpractical.com/services/training.html

Help improve RT by taking our user survey: 
https://www.surveymonkey.com/s/N23JW9T

Re: [rt-users] Ready to roll?

[Jay Ashworth]

- Original Message -
> From: "Kevin Falcone" 

> I filed http://issues.bestpractical.com/Ticket/Display.html?id=22893
> so someone will look at that doc and update.

Am I really the first person to notice that Basics does not include the
full Ticket title, so that when the large label version of it in 
the top ticket frame is too long to fit at whatever text size it is,
you have to burrow all the way to the bottom of the comments to see it?

This is a tiny bit worse for me, because (being almost 50 and having a 12"
laptop :-) I tend to run sites in Firefox Zoom Text Only mode, but on this
particular example, it overflows even at standard text size.

Should I RFE this?

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII
St Petersburg FL USA   #natog  +1 727 647 1274


-- 
RT training in Amsterdam, March 20-21: 
http://bestpractical.com/services/training.html

Help improve RT by taking our user survey: 
https://www.surveymonkey.com/s/N23JW9T

Re: [rt-users] Tickets links are lost after upgrade to 4.0.9

[Kevin Falcone]

On Wed, Feb 27, 2013 at 09:11:51PM +, olavo wrote:
> We recently upgraded from ver 3.6 to ver. 4.0.9,and one of the things a we
> noticed was that old ticket links are lost and we can no longer see the
> references in history of each ticket.
> 
> The links are probably lost due to change in Organisation name change. Is 
> there
> a easier way to fix this? Links created subsequently work just fine.

We added a --fix-links option to the 4.2 version of rt-validator,
however we've run it on 4.0 installs without trouble.

You can grab
https://github.com/bestpractical/rt/blob/master/sbin/rt-validator.in
using the raw link and copy it into your unpacked 4.0.9 tarball
over the top of the existing sbin/rt-validator.in
Rerun configure (the incant is saved in /opt/rt4/etc/RT_Config.pm if
you've forgotten it) and then read ./sbin/rt-validator --help for the
links only code.

As always, make sure you have a current working backup before running
the validator.

-kevin


pgp3JAruQuEVo.pgp
Description: PGP signature


-- 
RT training in Amsterdam, March 20-21: 
http://bestpractical.com/services/training.html

Help improve RT by taking our user survey: 
https://www.surveymonkey.com/s/N23JW9T

Re: [rt-users] Ready to roll?

[Kevin Falcone]

On Wed, Feb 27, 2013 at 12:41:13PM -0800, Thomas Sibley wrote:
> On 02/27/2013 09:14 AM, John Buell wrote:
> > Hm, thanks for pointing that out Kevin. I had been using: Mysqldump
> > --opt --add-drop-table --single-transaction -u rt_user -pPassword -h
> > localhost rt4 > rt4-mysql-backup-`date %Y%m%d`
> > 
> > I see the sense in doing the backup on the page that you linked to,
> > but when I do it that way, I'm getting 'error 1044: Access denied for
> > user 'rt_user'@'localhost' to database 'rt4' when doing LOCK TABLES.
> > 
> > So is there something else I'm missing, or might someone have just
> > been active in a session?
> 
> The database user RT creates (rt_user by default) isn't granted the
> ability to issue LOCK TABLE commands.  Backups should be made by a full
> privileged database user, such as "root" by default on MySQL.  If you
> must use the database user which RT uses, you will need to grant it more
> rights.

As Tom notes, we usually run backups as a more privileged user, but if
you want to run as the rt_user because that password is already store
on disk somewhere, you can insert --single-transaction or
--skip-lock-tables in the first part of that command - the 
mysqldump rt4 --tables sessions --no-data;
because even though you're only asking for a schema, MySQL locks.

I filed http://issues.bestpractical.com/Ticket/Display.html?id=22893
so someone will look at that doc and update.

-kevin


pgpGF6Mo6Iet1.pgp
Description: PGP signature


-- 
RT training in Amsterdam, March 20-21: 
http://bestpractical.com/services/training.html

Help improve RT by taking our user survey: 
https://www.surveymonkey.com/s/N23JW9T

Re: [rt-users] Dashboards for unprivileged users

[Edsall, William (WJ)]

The dashboards show a summary of unresolved and resolved tickets for a 
particular queue. We have separate dashboards for separate queues. 

There is nothing in particular that we wish to hide - I think allowing everyone 
to be privileged by default would be OK for us unless someone convinces me 
otherwise.

-Original Message-
From: rt-users-boun...@lists.bestpractical.com 
[mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of Kevin Falcone
Sent: Thursday, February 28, 2013 11:04 AM
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] Dashboards for unprivileged users

On Wed, Feb 27, 2013 at 06:13:49PM +, Edsall, William (WJ) wrote:
>I've created a project dashboard which we would like the general community 
> to access without
>any special privileges. By default, the user is unprivileged and can only 
> see SelfService. We
>do not want to mark users are privileged by hand to achieve this.
> 
>I was thinking of making all users Privileged by default but maybe this 
> isn't the right way to
>solve this?
> 
>By the way our installation is auto-creating accounts via Kerberos 
> authentication.

Dashboards are not available in the SelfService UI.
It's definitely possible to extend RT to show them, but there are a
lot of corner cases.

If you tell the list what you were hoping to show your unprivileged
users with the dashboards you might get simpler suggestions.

-kevin



-- 
RT training in Amsterdam, March 20-21: 
http://bestpractical.com/services/training.html

Help improve RT by taking our user survey: 
https://www.surveymonkey.com/s/N23JW9T

Re: [rt-users] self service - join a group?

[Kevin Falcone]

On Wed, Feb 27, 2013 at 06:19:21PM +, Edsall, William (WJ) wrote:
>In group rights - the option to `Join or leave group` under Staff rights 
> is checked.
> 
>Where does a user with these privileges access the join or leave group 
> functions?

In the Group Admin Page, they're going to need at least ShowConfigTab
and SeeGroup to find the group and modify their membership.

BTW - by giving that right globally, you have allowed users to put
themselves into any group they can See.  This means if you have a
Super Users group and they can see it, they can put themselves in it.

-kevin


pgpKS1wpGzGjh.pgp
Description: PGP signature


-- 
RT training in Amsterdam, March 20-21: 
http://bestpractical.com/services/training.html

Help improve RT by taking our user survey: 
https://www.surveymonkey.com/s/N23JW9T

Re: [rt-users] Dashboards for unprivileged users

[Kevin Falcone]

On Wed, Feb 27, 2013 at 06:13:49PM +, Edsall, William (WJ) wrote:
>I've created a project dashboard which we would like the general community 
> to access without
>any special privileges. By default, the user is unprivileged and can only 
> see SelfService. We
>do not want to mark users are privileged by hand to achieve this.
> 
>I was thinking of making all users Privileged by default but maybe this 
> isn't the right way to
>solve this?
> 
>By the way our installation is auto-creating accounts via Kerberos 
> authentication.

Dashboards are not available in the SelfService UI.
It's definitely possible to extend RT to show them, but there are a
lot of corner cases.

If you tell the list what you were hoping to show your unprivileged
users with the dashboards you might get simpler suggestions.

-kevin


pgp9Ms_k7t4PY.pgp
Description: PGP signature


-- 
RT training in Amsterdam, March 20-21: 
http://bestpractical.com/services/training.html

Help improve RT by taking our user survey: 
https://www.surveymonkey.com/s/N23JW9T

Re: [rt-users] Redacting details from ticket emails?

[Robert Wysocki]

Dnia 2013-02-28, czw o godzinie 18:47 +0800, Craig Ringer pisze:
> On 02/28/2013 06:20 PM, Dominic Hargreaves wrote:
> > And the shredder will need superuser access too. I guess you'd want to
> > be pretty careful about who you let erase data from the database in this
> > way, so depending on your organisation this may or may not be an issue.
> 
> Using the shredder makes sense, at least when total removal rather than
> redaction is required. It'll do until I find time to write an extension
> that replaces the email content with [message ID [x] redacted for client
> security] and possibly record a PGP-encrypted version.
> 
> Thanks for the tip. I hadn't realised the shredder could operate on
> individual transactions not just whole tickets.

We're using a simple (postgresql) query like this:

[SQL]  update attachments set content=(select regexp_replace((select
content from attachments where transactionid=TRANSACTIONID and
contenttype='text/plain'),'PASSWORD','REDACTED','g')) where
transactionid=TRANSACTIONID and contenttype='text/plain';

Also you should check, if there isn't a 'text/html' attachment alongside
'text/plain' in the same transaction and redact it as well if it exists.

Regards,
-- 
Robert Wysocki
administrator systemów linuksowych, dba
Grupa Unity | ul. Przedmiejska 6-10, 54-201 Wrocław
ul. Conrada 55B, 31-357 Kraków | ul. Złota 59, 00-120 Warszawa




-- 
RT training in Amsterdam, March 20-21: 
http://bestpractical.com/services/training.html

Help improve RT by taking our user survey: 
https://www.surveymonkey.com/s/N23JW9T

[rt-users] SLA: How to tell what response is required?

[Craig Ringer]

Hi all

If using the RT::Extension::SLA module with  Response, KeepInLoop and
Resolve in a single SLA definition, is there any way for privileged
users to see what action is required to satisfy the SLA?

In particular, can they tell if they just need to reply to a ticket, or
if the ticket must be resolved/stalled (or the SLA changed)? For
usability reasons I'm looking for a non-intrusive way to show staff what
the Due deadline means, whether it's "Must resolve/escalate/de
prioritise by this time" or "Must reply to customer by this time".

Currently I don't see any way to do it without patching the SLA module
to add private explanatory comments when it changes the due date, which
would be a very spammy solution.

-- 
 Craig Ringer   http://www.2ndQuadrant.com/
 PostgreSQL Development, 24x7 Support, Training & Services



-- 
RT training in Amsterdam, March 20-21: 
http://bestpractical.com/services/training.html

Help improve RT by taking our user survey: 
https://www.surveymonkey.com/s/N23JW9T

[rt-users] Problems with approvals

[Joerg . Dorchain]

Hello,we're running request tracker 4.0.7-4~bpo60 on debian stable. I have setup approvals for one queue, which works fine, except the the most recently added user.For this user, no approval notification mails are sent, and the approval ticket stays in state new. For the other, they are notified, and the approval ticket changes to open automatically.The only difference I see is that the special user is not in any groups, in contrast to those were it works.I would appreciate any hints, especially were to start debugging.TIA,JoergThe information in this e-mail is confidential and may be legally privileged. If you have received this e-mail in error, please reply to its sender indicating "received in error" in the subject line, then delete the e-mail and destroy any copies of it. If you are not its intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on this e-mail, is prohibited and may be unlawful. Internet communications are not considered secure. Information might be intercepted, amended, lost, destroyed, arrive late or incomplete, or might contain viruses. Catella will not accept any liability with respect to the contents of this email and its attachments.http://www.catella.lu/

-- 
RT training in Amsterdam, March 20-21: 
http://bestpractical.com/services/training.html

Help improve RT by taking our user survey: 
https://www.surveymonkey.com/s/N23JW9T

Re: [rt-users] Redacting details from ticket emails?

[Tim Cutts]

On 28 Feb 2013, at 01:15, Craig Ringer  wrote:

> Hi all
> 
> I've noticed a feature we've come to rely on in Eventum, our old support 
> system, that I can't seem to find in RT. It must've come up for people 
> here so I'm wondering how you handle it.
> 
> Sometimes customers send passwords and other details in by email. We don't 
> want those floating around unencrypted in our database history, so we usually 
> redact them from the email or delete the whole email from the ticket history 
> via the web UI.

Admins can use the Shredder functionality to remove transactions which contain 
the offending password.  There's not facility to redact the message itself, as 
far as I know, but you can remove the message.

> There doesn't appear to be a facility for doing this in RT's UI.

There is, but it's only accessible to those with the RT SuperUser right; for 
fairly obvious reasons it's not exposed to ordinary users (or even privileged 
users).

Shredder also has a command line interface.

Regards,

Tim

-- 
 The Wellcome Trust Sanger Institute is operated by Genome Research 
 Limited, a charity registered in England with number 1021457 and a 
 company registered in England with number 2742969, whose registered 
 office is 215 Euston Road, London, NW1 2BE. 


-- 
RT training in Amsterdam, March 20-21: 
http://bestpractical.com/services/training.html

Help improve RT by taking our user survey: 
https://www.surveymonkey.com/s/N23JW9T

Re: [rt-users] Redacting details from ticket emails?

[Craig Ringer]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 02/28/2013 06:20 PM, Dominic Hargreaves wrote:
> And the shredder will need superuser access too. I guess you'd want to
> be pretty careful about who you let erase data from the database in this
> way, so depending on your organisation this may or may not be an issue.

Using the shredder makes sense, at least when total removal rather than
redaction is required. It'll do until I find time to write an extension
that replaces the email content with [message ID [x] redacted for client
security] and possibly record a PGP-encrypted version.

Thanks for the tip. I hadn't realised the shredder could operate on
individual transactions not just whole tickets.

- -- 
 Craig Ringer   http://www.2ndQuadrant.com/
 PostgreSQL Development, 24x7 Support, Training & Services
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJRLzWqAAoJELBXNkqjr+S2QuUH+wQWY3XrCKHJJMUoGbiXCAP9
Nb4szaEYMgJnJvVdFZIEP/UdtaKx9nprY7UzLlXeVveOm7mYCqQiusqrxXOLfS2Q
Gm1ErpNC86f6deQRjMCQgq4xblm21WhIMxOjGwvCHfbWtGc+44X3GhAQMQ8tqvL1
XUWqWWgUlqPVjbWRHhUwprkv1Hz9lZqDNyOG+lKyG6FlTgjbDJ5TCqDmCjKIhxIm
2+XGazSOdVmLAYJurOGkGGZ2XL3ZaQEWtFeqh5+Jlk4cbzN/fKzyWp9j/g22tCy0
mfsN0RONEwG4jWRqAFSl1/WZwqAqJ3UYE2FlSEqNm8Cv9NsyXXpQVDndZgdG0wg=
=X1ry
-END PGP SIGNATURE-



-- 
RT training in Amsterdam, March 20-21: 
http://bestpractical.com/services/training.html

Help improve RT by taking our user survey: 
https://www.surveymonkey.com/s/N23JW9T

Re: [rt-users] Redacting details from ticket emails?

[Dominic Hargreaves]

On Thu, Feb 28, 2013 at 09:15:38AM +0800, Craig Ringer wrote:
> I've noticed a feature we've come to rely on in Eventum, our old support
> system, that I can't seem to find in RT. It must've come up for people
> here so I'm wondering how you handle it.
> 
> Sometimes customers send passwords and other details in by email. We
> don't want those floating around unencrypted in our database history, so
> we usually redact them from the email or delete the whole email from the
> ticket history via the web UI.
> 
> There doesn't appear to be a facility for doing this in RT's UI. Will I
> need to write an extension for this? Seems like it going by:
> 
> http://www.gossamer-threads.com/lists/rt/users/99401
> http://www.gossamer-threads.com/lists/rt/devel/79279
> 
> but the latter includes a hint on how to go about it. If I get the
> chance to turn this into a nice extension with overlay I'll publish it
> and reply here.

The shredder doesn't quite fit your use case, but it's a starting point;
in RT 4 there is a basic Web UI for it (it's not integrated with the
normal part of the user interface, so there's probably room for an
extension which doesn't need you to manually type in the relevant transaction
IDs.

And the shredder will need superuser access too. I guess you'd want to
be pretty careful about who you let erase data from the database in this
way, so depending on your organisation this may or may not be an issue.

http://bestpractical.com/rt/docs/4.0/RT/Shredder.html
http://bestpractical.com/rt/docs/4.0/rt-shredder.html

-- 
Dominic Hargreaves, Systems Development and Support Section
IT Services, University of Oxford


signature.asc
Description: Digital signature


-- 
RT training in Amsterdam, March 20-21: 
http://bestpractical.com/services/training.html

Help improve RT by taking our user survey: 
https://www.surveymonkey.com/s/N23JW9T

Re: [rt-users] Custom Helpdesk dashboard - Custom search

[Emmanuel Lacour]

On Wed, Feb 27, 2013 at 10:28:35PM +0100, Diego Roccia wrote:
> With the second box I'm experiencing some problem in configuring it exactly 
> as they asked me.
> The problem is the "Take" link. I want it not to take the browser on the 
> ticket page, but to stay on dashboard page (reloading it)
> 
> Is it possible?
> 

that's not possible out of the box, and that's very not easy to do.

You may have to create an ajax component to do the "take" action, modify
the ColumnMap to add the method to call your component, and find the way
to force a reload of the page to move the ticket to the other box.


you can do everything with RT, because RT can be modified, but what you
need is not easy to do ;)


-- 
Easter-eggs  Spécialiste GNU/Linux
44-46 rue de l'Ouest  -  75014 Paris  -  France -  Métro Gaité
Phone: +33 (0) 1 43 35 00 37-   Fax: +33 (0) 1 43 35 00 76
mailto:elac...@easter-eggs.com  -   http://www.easter-eggs.com


-- 
RT training in Amsterdam, March 20-21: 
http://bestpractical.com/services/training.html

Help improve RT by taking our user survey: 
https://www.surveymonkey.com/s/N23JW9T