Compare commits

...

60 commits

Author SHA1 Message Date
f
ce1527f259 makefile 2021-10-14 19:28:28 -03:00
f
71f35b069e Use gems compiled for Alpine Linux 2021-10-14 19:28:12 -03:00
Rolf Schmidt
3ddb52c9b9 Fixes #3790 - Support workflow mechanism to do pending reminder state hide pending time use case. 2021-10-14 12:01:56 +01:00
Thorsten Eckel
2346eaa005 Follow up - b125b3603e - Maintenance: Docker Chat build image misses yarn installation of dependencies. 2021-10-14 11:00:35 +02:00
Thorsten Eckel
d17e3c5b55 Fixes #3808 - Regression of #3797 causes installation of new instances from package to fail. 2021-10-14 08:33:48 +02:00
Martin Gruner
8762f96810 Fixes #3794 - Example payload in webhook view leads to 500 error 2021-10-13 11:24:04 +00:00
Thorsten Eckel
6281816d4d Maintenance: Bumped Puma to 4.3.10 to resolve CVE-2021-41136. 2021-10-13 08:46:00 +02:00
Dominik Klein
372bbb0751 Maintenance: Try to improve the stabilzation of the maintenance app version selenium test.
(cherry picked from commit 587f36d220)
2021-10-09 13:27:37 +02:00
Dominik Klein
fa8588855c Maintenance: Port maintenance session message test to capybara.
(cherry picked from commit 22cd8f3376)
2021-10-08 14:37:35 +02:00
Martin Edenhofer
905bdd512b Fixes #3797 - OS package upgrade fails (activity_stream_object_id) 2021-10-08 10:59:45 +02:00
Martin Edenhofer
fd99f097d5 Maintenance: Updated to 5.0.1 2021-10-08 09:53:42 +02:00
Martin Gruner
880b2fd131 Follow-up: 276c45b2e9 - Improved ticket policy scope handling. 2021-10-07 15:52:54 +00:00
Romit Choudhary
c4ccbc46ff Fixes #3737 - Bug Report 4.1.x Overview Sort - Grouped by user 2021-10-07 16:05:22 +02:00
Rolf Schmidt
d638f02a12 Fixes #3789 - Article box opening on tickets with no changes. 2021-10-07 08:03:14 +01:00
Dominik Klein
497b6aaeff Maintenance: Port maintenance app version test to capybara.
(cherry picked from commit c1cb4fdd43)
2021-10-06 13:06:55 +02:00
Rolf Schmidt
4e05f0c121 Fixes #3787 - UploadCacheCleanupJob does not execute. 2021-10-05 17:23:14 +02:00
Martin Gruner
f18c0c9571 Fixes: #3788 - lib/fill_db.rb fails to work in production environments. 2021-10-05 14:29:39 +02:00
Martin Edenhofer
d288b48b0a Updated to 5.0.0 2021-10-05 04:02:08 +02:00
Mantas Masalskis
94011846d6 Fixes #3773 - Inconstant alignment in the listing of attachments/submit button in new article area
Fixes #3774 - Broken dialog whiling uploading oversized attachment
2021-10-04 21:06:21 +02:00
Rolf Schmidt
09fc94cf72 Fixes #3779 - Core Workflow: Add organization condition attributes for object User. 2021-10-04 15:47:54 +02:00
Mantas Masalskis
c34452f65e Fixes #3783 - Improve contrasts in answer search for articles 2021-10-04 15:43:18 +02:00
Rolf Schmidt
2b77711150 Maintenance: Add another reload to setup new js for core workflow. 2021-10-04 15:26:07 +02:00
Rolf Schmidt
57945692cc Follow up 5f2181d8a3 - Fixes #3757 - escaped 'Set fixed' workflows don't refresh set values on active ticket sessions. 2021-10-04 15:26:06 +02:00
Martin Gruner
dfb2abe380 Maintenance: Specify a certain PostgreSQL version for the build process that still works with older platforms. 2021-10-04 14:57:48 +02:00
Rolf Schmidt
07c6bdacfb Fixes #3781 - ObjectManager Attribute without screen attribute causes CoreWorkflows migration to fail 2021-10-01 16:54:05 +02:00
benrubson
ff03e664db Fixes #2674, closes #3775 - Zammad preflight check warning output causes Syntax-Error in postinstall.sh and failing installation. 2021-10-01 16:54:05 +02:00
Romit Choudhary
c72006216e Fixes #2780 - Shared Organisation issue create your first ticket 2021-10-01 16:54:04 +02:00
Rolf Schmidt
6efafd37ae Fixes #3776 - Force users to reload after system migration. 2021-10-01 16:54:03 +02:00
Dominik Klein
35f45f690f Maintenance: Port customer ticket create fields test to capybara. 2021-10-01 16:54:03 +02:00
Romit Choudhary
23c8db7e58 Fixes #2351 - Unable to cancel attachment upload 2021-10-01 16:54:02 +02:00
Martin Gruner
8382a71813 Maintenance: Port admin_calendar_sla_test.rb to Capybara. 2021-10-01 16:54:01 +02:00
Thorsten Eckel
9bb1cf6d00 Fixes #3777 - misspelled KnowledgeBase constant breaks update. 2021-10-01 16:54:01 +02:00
Mantas
2bba743dc3 Fixes #2619 - KB header and footer link-color not changeable 2021-10-01 16:54:00 +02:00
Mantas
d7b0c639c4 Fixes #3028 - Syntax errors break scheduler job for good 2021-10-01 16:53:49 +02:00
Martin Edenhofer
13668dfc8b Fixes #3365 - No script content (e. g. JavaScript) in emails 2021-09-29 10:14:34 +02:00
Mantas Masalskis
1e70665d1a Fixes #3772 - Existing tickets: New article modal with padding-left: 0; padding-right: 0; 2021-09-29 10:09:47 +02:00
Rolf Schmidt
4b0d4f798f Fixes #3757 - escaped 'Set fixed' workflows don't refresh set values on active ticket sessions. 2021-09-29 10:03:34 +02:00
Thorsten Eckel
9ad7c43cd5 Maintenance: Pluralize admin navigation entry name for Core Workflows. 2021-09-29 09:59:56 +02:00
Martin Gruner
ab9fa3d23d Maintenance: Bump nokogiri to v1.12.5. 2021-09-28 08:52:18 +02:00
Dominik Klein
5222f4ba6d Maintenance: Port agent ticket update tests to capybara. 2021-09-27 12:50:50 +02:00
Martin Gruner
9689d3d97e Maintenance: Stabilize System > Objects test (another try). 2021-09-27 11:59:17 +02:00
Martin Gruner
6a10308f29 Maintenance: Stabilize System > Objects test. 2021-09-25 06:29:14 +02:00
Martin Gruner
ab3cede8ef Maintenance: Port System > Translations test to capybara. 2021-09-24 16:20:00 +02:00
Martin Gruner
fa3cb1925d Fixes: #3765 - Possible race condition causing OTRS import to fail 2021-09-24 09:28:28 +02:00
Mantas
a7def1d62d Fixes #3746 - Incorrect alignment in the listing of attachments when creating a ticket 2021-09-23 16:35:28 +02:00
Rolf Schmidt
a3df6b8581 Fixes #3758 - Saved conditions break on selections without reloading. 2021-09-23 15:51:18 +02:00
Romit Choudhary
dd201db791 Fixes #3075 - Misleading view of user icons which are on vacation and disabled 2021-09-23 15:48:24 +02:00
Martin Gruner
60c0b08d21 Maintenance: Work around timeouts caused by the sanitizer in slow CI environments. 2021-09-23 15:15:24 +02:00
Martin Gruner
95571b70c9 Maintenance: Improve template rendering. 2021-09-23 12:02:18 +00:00
Dominik Klein
678161be2e Maintenance: Refactoring of Avatar storage logic. 2021-09-23 12:02:18 +00:00
Rolf Schmidt
008053f730 Maintenance: Add assets level to have different data sets based on permissions 2021-09-23 12:02:18 +00:00
Thorsten Eckel
ed1782fafc Maintenance: Enhance attachment preview capabilities 2021-09-23 12:02:18 +00:00
Rolf Schmidt
72f39d0d9d Maintenance: Remove while loop user check login. 2021-09-23 12:02:18 +00:00
Dominik Klein
7a156c5d48 Maintenance: Improve package installation. 2021-09-23 12:02:18 +00:00
Thorsten Eckel
f31aeec8db Maintenance: Improve application boot time by reducing initial asset payload 2021-09-23 12:02:18 +00:00
Dominik Klein
f67cf3ab1e Maintenance: Increase performance of ticket creation via form. 2021-09-23 12:02:18 +00:00
Thorsten Eckel
b125b3603e Maintenance: Improve clipboard handling of website chat 2021-09-23 12:02:18 +00:00
Martin Gruner
b1e8b3afae Maintenance: Improved updating of user records in the front end. 2021-09-23 12:02:18 +00:00
Rolf Schmidt
573c975bad Maintenance: Enhanced GitHub and GitLab GraphQL endpoint check 2021-09-23 12:02:18 +00:00
Martin Gruner
25155eb6a3 Maintenance: Improved updating of user records. 2021-09-23 12:02:18 +00:00
148 changed files with 3925 additions and 2613 deletions

View file

@ -116,6 +116,6 @@ env:
- ZAMMAD_RAILS_PORT=3000 - ZAMMAD_RAILS_PORT=3000
- ZAMMAD_WEBSOCKET_PORT=6042 - ZAMMAD_WEBSOCKET_PORT=6042
services: services:
- postgres - postgres:13
before_install: contrib/packager.io/preinstall.sh before_install: contrib/packager.io/preinstall.sh
after_install: contrib/packager.io/postinstall.sh after_install: contrib/packager.io/postinstall.sh

View file

@ -1,15 +1,196 @@
# Change Log # Change Log
## [5.0.0](https://github.com/zammad/zammad/tree/5.0.0) (2021-xx-xx) ## [5.0.1](https://github.com/zammad/zammad/tree/5.0.1) (2021-10-08)
[Full Changelog](https://github.com/zammad/zammad/compare/5.0.0...5.0.1)
**Fixed bugs:**
- Bug Report 4.1.x Overview Sort - Grouped by user [3737](https://github.com/zammad/zammad/issues/3737) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[overviews](https://github.com/zammad/zammad/labels/overviews)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)] [[regression](https://github.com/zammad/zammad/labels/regression)]
- Article box opening on tickets with no changes [3789](https://github.com/zammad/zammad/issues/3789) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)]
- UploadCacheCleanupJob does not execute [3787](https://github.com/zammad/zammad/issues/3787) [[bug](https://github.com/zammad/zammad/labels/bug)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- lib/fill_db.rb fails to work in production environments [3788](https://github.com/zammad/zammad/issues/3788) [[bug](https://github.com/zammad/zammad/labels/bug)]
## [5.0.0](https://github.com/zammad/zammad/tree/5.0.0) (2021-10-05)
[Full Changelog](https://github.com/zammad/zammad/compare/4.1.0...5.0.0) [Full Changelog](https://github.com/zammad/zammad/compare/4.1.0...5.0.0)
**Implemented enhancements:** **Implemented enhancements:**
- Core Workflow: Add organization condition attributes for object User [3779](https://github.com/zammad/zammad/issues/3779) [[enhancement](https://github.com/zammad/zammad/labels/enhancement)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- No script content (e. g. javascript) in emails [3365](https://github.com/zammad/zammad/issues/3365) [[enhancement](https://github.com/zammad/zammad/labels/enhancement)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)] [[mail processing](https://github.com/zammad/zammad/labels/mail processing)]
- Read-only custom objects [2102](https://github.com/zammad/zammad/issues/2102) [[enhancement](https://github.com/zammad/zammad/labels/enhancement)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)] [[object manager attribute](https://github.com/zammad/zammad/labels/object manager attribute)] [[core workflows](https://github.com/zammad/zammad/labels/core workflows)]
- Granular admin permission for google channel is missing [3194](https://github.com/zammad/zammad/issues/3194) [[enhancement](https://github.com/zammad/zammad/labels/enhancement)]
- Use country codes (e.g. `DE` or `ES`) for knowledgebase answer selection [3574](https://github.com/zammad/zammad/issues/3574) [[enhancement](https://github.com/zammad/zammad/labels/enhancement)] [[knowledge base](https://github.com/zammad/zammad/labels/knowledge base)]
- New email account expert view cannot be opened without filling in all fields [3137](https://github.com/zammad/zammad/issues/3137) [[enhancement](https://github.com/zammad/zammad/labels/enhancement)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)]
- Don't provide option to create API-Token if authentication via API token is disabled [3168](https://github.com/zammad/zammad/issues/3168) [[enhancement](https://github.com/zammad/zammad/labels/enhancement)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)]
- Define default "stay on tab" / "close tab" behavior [257](https://github.com/zammad/zammad/issues/257) [[enhancement](https://github.com/zammad/zammad/labels/enhancement)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- Space after ticket hook in ticket/zoom [3265](https://github.com/zammad/zammad/issues/3265) [[enhancement](https://github.com/zammad/zammad/labels/enhancement)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[ticket](https://github.com/zammad/zammad/labels/ticket)]
- Enhance LDAP login to not affect "failed logins" [2389](https://github.com/zammad/zammad/issues/2389) [[enhancement](https://github.com/zammad/zammad/labels/enhancement)] [[LDAP](https://github.com/zammad/zammad/labels/LDAP)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- Detect Jira follow-ups [3695](https://github.com/zammad/zammad/issues/3695) [[enhancement](https://github.com/zammad/zammad/labels/enhancement)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)] [[mail processing](https://github.com/zammad/zammad/labels/mail processing)]
- csv import example file download (organizations) is empty [3514](https://github.com/zammad/zammad/issues/3514) [[enhancement](https://github.com/zammad/zammad/labels/enhancement)]
- Add bulk option to extended search [445](https://github.com/zammad/zammad/issues/445) [[enhancement](https://github.com/zammad/zammad/labels/enhancement)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- MessageBird integration [3672](https://github.com/zammad/zammad/issues/3672) [[enhancement](https://github.com/zammad/zammad/labels/enhancement)] [[channel](https://github.com/zammad/zammad/labels/channel)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- Add attachment via Trigger and scheduler if wanted by admin [2485](https://github.com/zammad/zammad/issues/2485) [[enhancement](https://github.com/zammad/zammad/labels/enhancement)] [[admin area](https://github.com/zammad/zammad/labels/admin area)] [[trigger](https://github.com/zammad/zammad/labels/trigger)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- Tag KB Answers [2612](https://github.com/zammad/zammad/issues/2612) [[enhancement](https://github.com/zammad/zammad/labels/enhancement)] [[knowledge base](https://github.com/zammad/zammad/labels/knowledge base)]
- Backtrace lines pollute log [3556](https://github.com/zammad/zammad/issues/3556) [[enhancement](https://github.com/zammad/zammad/labels/enhancement)] [[authentication](https://github.com/zammad/zammad/labels/authentication)]
- Visualise locked users in UI and make them unlock-able for admin [2565](https://github.com/zammad/zammad/issues/2565) [[enhancement](https://github.com/zammad/zammad/labels/enhancement)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- Representation of inactive customers and orgnizations [3302](https://github.com/zammad/zammad/issues/3302) [[enhancement](https://github.com/zammad/zammad/labels/enhancement)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- No possibility to enforce auto response if one of the blocking auto response mail header exists [3667](https://github.com/zammad/zammad/issues/3667) [[enhancement](https://github.com/zammad/zammad/labels/enhancement)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)] [[mail processing](https://github.com/zammad/zammad/labels/mail processing)]
- REST doc of Online Notification controler is outdated/wrong and expand param is missing. [3635](https://github.com/zammad/zammad/issues/3635) [[enhancement](https://github.com/zammad/zammad/labels/enhancement)]
- Scroll background instead of foreground [978](https://github.com/zammad/zammad/issues/978) [[enhancement](https://github.com/zammad/zammad/labels/enhancement)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[frontend / JS app](https://github.com/zammad/zammad/labels/frontend / JS app)]
- Log if a active user (in UI) has been logged out due to SessionTimeout [3614](https://github.com/zammad/zammad/issues/3614) [[enhancement](https://github.com/zammad/zammad/labels/enhancement)]
- The rake task `zammad:package:migrate` does not execute migrations for linked packages. [3606](https://github.com/zammad/zammad/issues/3606) [[enhancement](https://github.com/zammad/zammad/labels/enhancement)] [[developer experience](https://github.com/zammad/zammad/labels/developer experience)]
- Accept 2xx as response for requests in UserAgent [3573](https://github.com/zammad/zammad/pull/3573) [[enhancement](https://github.com/zammad/zammad/labels/enhancement)]
- Don't fail job is `deletable_id` is no longer available [3536](https://github.com/zammad/zammad/issues/3536) [[enhancement](https://github.com/zammad/zammad/labels/enhancement)] [[data privacy](https://github.com/zammad/zammad/labels/data privacy)]
- Add console output for searchindex rebuild status [3562](https://github.com/zammad/zammad/issues/3562) [[enhancement](https://github.com/zammad/zammad/labels/enhancement)]
- Display minutes for session timeouts instead of seconds [3575](https://github.com/zammad/zammad/issues/3575) [[enhancement](https://github.com/zammad/zammad/labels/enhancement)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[admin area](https://github.com/zammad/zammad/labels/admin area)]
**Fixed bugs:** **Fixed bugs:**
- Inconstant alignment in the listing of attachments/submit button in new article area [3773](https://github.com/zammad/zammad/issues/3773) [[bug](https://github.com/zammad/zammad/labels/bug)]
- Improve contrasts in answer search for articles [3783](https://github.com/zammad/zammad/issues/3783) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[knowledge base](https://github.com/zammad/zammad/labels/knowledge base)]
- escaped 'Set fixed' workflows don't refresh set values on active ticket sessions [3757](https://github.com/zammad/zammad/issues/3757) [[bug](https://github.com/zammad/zammad/labels/bug)] [[core workflows](https://github.com/zammad/zammad/labels/core workflows)]
- ObjectManager Attribute without screen attribute causes CoreWorkflows migration to fail [3781](https://github.com/zammad/zammad/issues/3781) [[bug](https://github.com/zammad/zammad/labels/bug)] [[migration / update](https://github.com/zammad/zammad/labels/migration / update)]
- Zammad preflight check warning output causes Syntax-Error in postinstall.sh and failing installation [2674](https://github.com/zammad/zammad/issues/2674) [[bug](https://github.com/zammad/zammad/labels/bug)] [[migration / update](https://github.com/zammad/zammad/labels/migration / update)]
- Shared organization issue (Create your first ticket) [2780](https://github.com/zammad/zammad/issues/2780) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[ticket](https://github.com/zammad/zammad/labels/ticket)]
- Force users to reload after system migration [3776](https://github.com/zammad/zammad/issues/3776) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- Unable to cancel attachment upload [2351](https://github.com/zammad/zammad/issues/2351) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)]
- [BUG] miss spell in db/migrate/20210923172256_issue_2619_kb_header_link_color.rb [3777](https://github.com/zammad/zammad/issues/3777) [[bug](https://github.com/zammad/zammad/labels/bug)] [[blocker](https://github.com/zammad/zammad/labels/blocker)] [[migration / update](https://github.com/zammad/zammad/labels/migration / update)]
- KB header and footer link-color not changeable [2619](https://github.com/zammad/zammad/issues/2619) [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)] [[knowledge base](https://github.com/zammad/zammad/labels/knowledge base)] [[specification required](https://github.com/zammad/zammad/labels/specification required)] [[theming / skinning](https://github.com/zammad/zammad/labels/theming / skinning)]
- Syntax errors break scheduler job for good [3028](https://github.com/zammad/zammad/issues/3028) [[bug](https://github.com/zammad/zammad/labels/bug)]
- Existing tickets: New article modal with padding-left: 0; padding-right: 0; [3772](https://github.com/zammad/zammad/issues/3772) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[regression](https://github.com/zammad/zammad/labels/regression)]
- Possible race condition causing OTRS import to fail [3765](https://github.com/zammad/zammad/issues/3765) [[bug](https://github.com/zammad/zammad/labels/bug)] [[import](https://github.com/zammad/zammad/labels/import)]
- Incorrect alignment in the listing of attachments when creating a ticket [3746](https://github.com/zammad/zammad/issues/3746) [[bug](https://github.com/zammad/zammad/labels/bug)]
- Saved conditions break on selections without reloading [3758](https://github.com/zammad/zammad/issues/3758) [[bug](https://github.com/zammad/zammad/labels/bug)] [[core workflows](https://github.com/zammad/zammad/labels/core workflows)]
- Misleading view of user icons which are on vacation and disabled [3075](https://github.com/zammad/zammad/issues/3075) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[ticket](https://github.com/zammad/zammad/labels/ticket)]
- User with user_id 1 is show in admin interface (which should not) [3755](https://github.com/zammad/zammad/issues/3755) [[bug](https://github.com/zammad/zammad/labels/bug)] [[blocker](https://github.com/zammad/zammad/labels/blocker)]
- Unable to close tickets in certran cases if core workflow is used [3710](https://github.com/zammad/zammad/issues/3710) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[core workflows](https://github.com/zammad/zammad/labels/core workflows)]
- Login failed after upgrade to zammad 5.0 [3759](https://github.com/zammad/zammad/issues/3759) [[bug](https://github.com/zammad/zammad/labels/bug)] [[blocker](https://github.com/zammad/zammad/labels/blocker)] [[migration / update](https://github.com/zammad/zammad/labels/migration / update)]
- Unable to create a ticket in web app if default for additional boolean value is FALSE [3762](https://github.com/zammad/zammad/issues/3762) [[bug](https://github.com/zammad/zammad/labels/bug)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- User search / selection does not always work if you want to correct your search [3696](https://github.com/zammad/zammad/issues/3696) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- Unable to create new organization [3751](https://github.com/zammad/zammad/issues/3751) [[bug](https://github.com/zammad/zammad/labels/bug)] [[core workflows](https://github.com/zammad/zammad/labels/core workflows)]
- Core Workflow "is not" operator is working unexpected [3752](https://github.com/zammad/zammad/issues/3752) [[bug](https://github.com/zammad/zammad/labels/bug)] [[core workflows](https://github.com/zammad/zammad/labels/core workflows)]
- scrollPageHeader disappears when answering via email [3736](https://github.com/zammad/zammad/issues/3736) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)]
- Scheduler ignores "disable notifications == no" [3684](https://github.com/zammad/zammad/issues/3684) [[bug](https://github.com/zammad/zammad/labels/bug)] [[notification](https://github.com/zammad/zammad/labels/notification)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- Notes on existing ticks are discarded by editing profile settings [3088](https://github.com/zammad/zammad/issues/3088) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)]
- Owner selection empty or pending reminder data picker not shown if customer field has content but no customer is selected (in ticket create screen) [3743](https://github.com/zammad/zammad/issues/3743) [[bug](https://github.com/zammad/zammad/labels/bug)] [[core workflows](https://github.com/zammad/zammad/labels/core workflows)]
- Removal of Microsoft365-Channel not possible via UI when having no email address relation [3741](https://github.com/zammad/zammad/issues/3741) [[bug](https://github.com/zammad/zammad/labels/bug)] [[channel](https://github.com/zammad/zammad/labels/channel)]
- Removal of Google-Channel not possible via UI when having a normal email channel of same account [3203](https://github.com/zammad/zammad/issues/3203) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[channel](https://github.com/zammad/zammad/labels/channel)]
- Core-Workflow: Option manipulation of boolean attributes not possible [3740](https://github.com/zammad/zammad/issues/3740) [[bug](https://github.com/zammad/zammad/labels/bug)] [[core workflows](https://github.com/zammad/zammad/labels/core workflows)]
- Core Workflow: Show hidden attributes on group selection (ticket edit) [3739](https://github.com/zammad/zammad/issues/3739) [[bug](https://github.com/zammad/zammad/labels/bug)] [[core workflows](https://github.com/zammad/zammad/labels/core workflows)]
- OTRS migration doesn't import article creation time [3235](https://github.com/zammad/zammad/issues/3235) [[bug](https://github.com/zammad/zammad/labels/bug)] [[import](https://github.com/zammad/zammad/labels/import)]
- Spaces stay URL-encoded when going back to search results on KB for agents [3378](https://github.com/zammad/zammad/issues/3378) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[knowledge base](https://github.com/zammad/zammad/labels/knowledge base)]
- Not working unpack of mail body if decrypted body is in signed-data attachment [3705](https://github.com/zammad/zammad/issues/3705) [[bug](https://github.com/zammad/zammad/labels/bug)] [[mail processing](https://github.com/zammad/zammad/labels/mail processing)]
- It should be possible to show attributes which are configured `shown` false [3726](https://github.com/zammad/zammad/issues/3726) [[bug](https://github.com/zammad/zammad/labels/bug)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)] [[core workflows](https://github.com/zammad/zammad/labels/core workflows)]
- admin.core_workflow permission is missing [3732](https://github.com/zammad/zammad/issues/3732) [[bug](https://github.com/zammad/zammad/labels/bug)] [[core workflows](https://github.com/zammad/zammad/labels/core workflows)]
- AttributeManager doesn't display boolean default values within the UI [3271](https://github.com/zammad/zammad/issues/3271) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[object manager attribute](https://github.com/zammad/zammad/labels/object manager attribute)]
- Spaces in front of mentions can cause partly content removal [3717](https://github.com/zammad/zammad/issues/3717) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- Drop files here not disappearing after dropping a file [3725](https://github.com/zammad/zammad/issues/3725) [[bug](https://github.com/zammad/zammad/labels/bug)] [[regression](https://github.com/zammad/zammad/labels/regression)]
- ⚙ -> Manage -> Calendars -> Edit: "Subscribe to public holidays in" sorted wrong [2528](https://github.com/zammad/zammad/issues/2528) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)]
- Pending reminder notifications are not sent if ticket is opened in tab [2931](https://github.com/zammad/zammad/issues/2931) [[bug](https://github.com/zammad/zammad/labels/bug)] [[ticket](https://github.com/zammad/zammad/labels/ticket)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)] [[frontend / JS app](https://github.com/zammad/zammad/labels/frontend / JS app)]
- Fields are falsey displayed as mandatory if they contain historic screen values [3721](https://github.com/zammad/zammad/issues/3721) [[bug](https://github.com/zammad/zammad/labels/bug)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)] [[core workflows](https://github.com/zammad/zammad/labels/core workflows)]
- `ticket.customer_id` is `current_user` breaks email fetching [3503](https://github.com/zammad/zammad/issues/3503) [[bug](https://github.com/zammad/zammad/labels/bug)] [[channel](https://github.com/zammad/zammad/labels/channel)] [[ticket](https://github.com/zammad/zammad/labels/ticket)]
- Scheduler jobs don't ensure current ticket information if they're running a long time [3329](https://github.com/zammad/zammad/issues/3329) [[bug](https://github.com/zammad/zammad/labels/bug)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- groups selection for customer panel is not working anymore (with core workflows) [3713](https://github.com/zammad/zammad/issues/3713) [[bug](https://github.com/zammad/zammad/labels/bug)] [[core workflows](https://github.com/zammad/zammad/labels/core workflows)]
- Scheduler Time offset [457](https://github.com/zammad/zammad/issues/457) [[bug](https://github.com/zammad/zammad/labels/bug)] [[trigger](https://github.com/zammad/zammad/labels/trigger)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- "Warten auf Erinnerung" - Inconsistent timestamps [2366](https://github.com/zammad/zammad/issues/2366) [[bug](https://github.com/zammad/zammad/labels/bug)]
- Ical escaltion update the calendar entry to 2:00 am [2157](https://github.com/zammad/zammad/issues/2157) [[bug](https://github.com/zammad/zammad/labels/bug)] [[notification](https://github.com/zammad/zammad/labels/notification)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- Inheritance of out of office settings [3694](https://github.com/zammad/zammad/issues/3694) [[bug](https://github.com/zammad/zammad/labels/bug)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- Core worflow perform action "select" should not make multiple values selectable [3712](https://github.com/zammad/zammad/issues/3712) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[core workflows](https://github.com/zammad/zammad/labels/core workflows)]
- Setting for CheckMK not saved in zammad [3707](https://github.com/zammad/zammad/issues/3707) [[bug](https://github.com/zammad/zammad/labels/bug)]
- Any user can be set as a replacement for out of office [2293](https://github.com/zammad/zammad/issues/2293) [[bug](https://github.com/zammad/zammad/labels/bug)] [[personal settings/menu](https://github.com/zammad/zammad/labels/personal settings/menu)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- Core Workflow Implementation [3709](https://github.com/zammad/zammad/issues/3709) [[feature backlog](https://github.com/zammad/zammad/labels/feature backlog)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)] [[core](https://github.com/zammad/zammad/labels/core)] [[core workflows](https://github.com/zammad/zammad/labels/core workflows)]
- Can't remove auto assignment timeout [2544](https://github.com/zammad/zammad/issues/2544) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- Assign Follow ups has no affect [2455](https://github.com/zammad/zammad/issues/2455) [[bug](https://github.com/zammad/zammad/labels/bug)] [[ticket](https://github.com/zammad/zammad/labels/ticket)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- The calendar shows Chilean holidays one day in advance [3706](https://github.com/zammad/zammad/issues/3706) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[regression](https://github.com/zammad/zammad/labels/regression)]
- Organization removal does not clear organization_id from Tickets [3703](https://github.com/zammad/zammad/issues/3703) [[bug](https://github.com/zammad/zammad/labels/bug)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)] [[regression](https://github.com/zammad/zammad/labels/regression)]
- Merge not possible with not set, required attributes [2634](https://github.com/zammad/zammad/issues/2634) [[bug](https://github.com/zammad/zammad/labels/bug)] [[ticket](https://github.com/zammad/zammad/labels/ticket)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)] [[object manager attribute](https://github.com/zammad/zammad/labels/object manager attribute)]
- Merging tickets doesnt trigger notification for target ticket [3105](https://github.com/zammad/zammad/issues/3105) [[bug](https://github.com/zammad/zammad/labels/bug)] [[notification](https://github.com/zammad/zammad/labels/notification)] [[ticket](https://github.com/zammad/zammad/labels/ticket)]
- One of DB migrations timestamp breaks migrations queue [3702](https://github.com/zammad/zammad/issues/3702) [[bug](https://github.com/zammad/zammad/labels/bug)]
- Tags in ticket create screen displayed wrong [3701](https://github.com/zammad/zammad/issues/3701) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[regression](https://github.com/zammad/zammad/labels/regression)] [[knowledge base](https://github.com/zammad/zammad/labels/knowledge base)]
- Custom date attributes provide inconsistent sorting within grouping [3663](https://github.com/zammad/zammad/issues/3663) [[bug](https://github.com/zammad/zammad/labels/bug)] [[overviews](https://github.com/zammad/zammad/labels/overviews)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- Mix of binary encoded ISO-8859-1 data in header fields (e.g. to) fails mail processing [3697](https://github.com/zammad/zammad/issues/3697) [[bug](https://github.com/zammad/zammad/labels/bug)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)] [[mail processing](https://github.com/zammad/zammad/labels/mail processing)]
- Zammad sends mails even though there is no email address visible in TO or CC fields (any more) [3554](https://github.com/zammad/zammad/issues/3554) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)]
- Error 500 / zammad {"error":" 123456 is out of range for ActiveModel::Type::Integer with limit 4 bytes"} [3647](https://github.com/zammad/zammad/issues/3647) [[bug](https://github.com/zammad/zammad/labels/bug)]
- Default value not set for attributes of type input, select, tree_select, richtext, textarea, checkbox [1653](https://github.com/zammad/zammad/issues/1653) [[bug](https://github.com/zammad/zammad/labels/bug)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)] [[object manager attribute](https://github.com/zammad/zammad/labels/object manager attribute)]
- When replying, quote article content only [3539](https://github.com/zammad/zammad/issues/3539) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- Trigger ignores changes on some Ticket attributes [3428](https://github.com/zammad/zammad/issues/3428) [[bug](https://github.com/zammad/zammad/labels/bug)] [[trigger](https://github.com/zammad/zammad/labels/trigger)]
- KB search does not allow pagination on endpoint [3068](https://github.com/zammad/zammad/issues/3068) [[bug](https://github.com/zammad/zammad/labels/bug)] [[API](https://github.com/zammad/zammad/labels/API)] [[search](https://github.com/zammad/zammad/labels/search)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)] [[knowledge base](https://github.com/zammad/zammad/labels/knowledge base)]
- “You have not created a ticket yet” shown but I already have closed tickets [3053](https://github.com/zammad/zammad/issues/3053) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[overviews](https://github.com/zammad/zammad/labels/overviews)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)] [[🚧 refactoring 2.0 🚧](https://github.com/zammad/zammad/labels/🚧 refactoring 2.0 🚧)]
- Support HTML5 'required' attribute in forms [1890](https://github.com/zammad/zammad/pull/1890)
- Freshdesk import works not with more then 30_000 tickets [3681](https://github.com/zammad/zammad/issues/3681) [[bug](https://github.com/zammad/zammad/labels/bug)] [[import](https://github.com/zammad/zammad/labels/import)]
- Pagination for knowledge base answer sorting breaks sorting [3660](https://github.com/zammad/zammad/issues/3660) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[admin area](https://github.com/zammad/zammad/labels/admin area)] [[knowledge base](https://github.com/zammad/zammad/labels/knowledge base)]
- Zendesk-Import `Connection reset by peer` cancels import [3583](https://github.com/zammad/zammad/issues/3583) [[bug](https://github.com/zammad/zammad/labels/bug)] [[import](https://github.com/zammad/zammad/labels/import)] [[waiting for feedback](https://github.com/zammad/zammad/labels/waiting for feedback)]
- Prefer HTTP standard header "From" over custom "X-On-Behalf-Of" for impersonation [3113](https://github.com/zammad/zammad/issues/3113) [[API](https://github.com/zammad/zammad/labels/API)] [[help appreciated](https://github.com/zammad/zammad/labels/help appreciated)] [[authentication](https://github.com/zammad/zammad/labels/authentication)] [[hacktoberfest](https://github.com/zammad/zammad/labels/hacktoberfest)] [[:construction: refactoring :construction:](https://github.com/zammad/zammad/labels/:construction: refactoring :construction:)] [[specification required](https://github.com/zammad/zammad/labels/specification required)] [[good first issue](https://github.com/zammad/zammad/labels/good first issue)] [[deprecation](https://github.com/zammad/zammad/labels/deprecation)]
- Do not send `domain` and migrate `domain` out of Google and Microsoft 365 channels [3669](https://github.com/zammad/zammad/issues/3669) [[bug](https://github.com/zammad/zammad/labels/bug)] [[channel](https://github.com/zammad/zammad/labels/channel)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- high organization user count relates to bad performance [3648](https://github.com/zammad/zammad/issues/3648) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)] [[performance](https://github.com/zammad/zammad/labels/performance)]
- Removing organizations removes user and ticket as well [3688](https://github.com/zammad/zammad/issues/3688) [[bug](https://github.com/zammad/zammad/labels/bug)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- Wrong user is used when "X-On-Behalf-Of” header value is an email that starts with digits [2851](https://github.com/zammad/zammad/issues/2851) [[bug](https://github.com/zammad/zammad/labels/bug)] [[API](https://github.com/zammad/zammad/labels/API)]
- Allow out of office for one day without setting two days [3590](https://github.com/zammad/zammad/issues/3590) [[bug](https://github.com/zammad/zammad/labels/bug)] [[personal settings/menu](https://github.com/zammad/zammad/labels/personal settings/menu)]
- FreshDesk Import doesn't pull in auto-assign domain(s) for organizations [3687](https://github.com/zammad/zammad/issues/3687) [[bug](https://github.com/zammad/zammad/labels/bug)] [[import](https://github.com/zammad/zammad/labels/import)]
- FreshDesk Import brings in all users as inactive [3689](https://github.com/zammad/zammad/issues/3689) [[bug](https://github.com/zammad/zammad/labels/bug)] [[import](https://github.com/zammad/zammad/labels/import)]
- KB Public UI icons are misspaced [3680](https://github.com/zammad/zammad/issues/3680) [[bug](https://github.com/zammad/zammad/labels/bug)] [[knowledge base](https://github.com/zammad/zammad/labels/knowledge base)]
- FreshDesk Import Error - undefined method `body' for 10:Integer [3661](https://github.com/zammad/zammad/issues/3661) [[bug](https://github.com/zammad/zammad/labels/bug)] [[import](https://github.com/zammad/zammad/labels/import)]
- Cannot select multiple tickets in ticket overview with shift+click in Firefox [3449](https://github.com/zammad/zammad/issues/3449) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[overviews](https://github.com/zammad/zammad/labels/overviews)]
- "Drop files here" drag area not always hiding [3460](https://github.com/zammad/zammad/issues/3460) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[help appreciated](https://github.com/zammad/zammad/labels/help appreciated)]
- CTI Callerlog signaling hides "+" for new ticket if more than one user is found [2930](https://github.com/zammad/zammad/issues/2930) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)] [[frontend / JS app](https://github.com/zammad/zammad/labels/frontend / JS app)]
- Zendesk URL check fails with Net::HTTPForbidden 403 error [3679](https://github.com/zammad/zammad/issues/3679) [[bug](https://github.com/zammad/zammad/labels/bug)] [[import](https://github.com/zammad/zammad/labels/import)]
- Mac Mail inline PDF destroys E-Mail-Body [2407](https://github.com/zammad/zammad/issues/2407) [[bug](https://github.com/zammad/zammad/labels/bug)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)] [[mail processing](https://github.com/zammad/zammad/labels/mail processing)]
- Outdated urls on security page (third-party logins) [3627](https://github.com/zammad/zammad/issues/3627) [[bug](https://github.com/zammad/zammad/labels/bug)]
- Duplicated article after bulk action was executed for newly created tickets without a browser refresh in between [3568](https://github.com/zammad/zammad/issues/3568) [[bug](https://github.com/zammad/zammad/labels/bug)]
- Text Editor deletes text unrecoverably if quicktext was canceled with Ctrl+Backspace [2886](https://github.com/zammad/zammad/issues/2886) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[ticket](https://github.com/zammad/zammad/labels/ticket)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)] [[frontend / JS app](https://github.com/zammad/zammad/labels/frontend / JS app)]
- The defined ignored attributes in the popover context are not working [3668](https://github.com/zammad/zammad/issues/3668) [[bug](https://github.com/zammad/zammad/labels/bug)] [[frontend / JS app](https://github.com/zammad/zammad/labels/frontend / JS app)]
- Ensure Upload Cache files are removed after grace period [3579](https://github.com/zammad/zammad/issues/3579) [[bug](https://github.com/zammad/zammad/labels/bug)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- Package installation fails because of too long file names [3666](https://github.com/zammad/zammad/issues/3666) [[bug](https://github.com/zammad/zammad/labels/bug)]
- Package migrations fail on package installation or update due to codebase self-modification [3580](https://github.com/zammad/zammad/issues/3580) [[bug](https://github.com/zammad/zammad/labels/bug)] [[core](https://github.com/zammad/zammad/labels/core)]
- saving Boolean field with empty values [2973](https://github.com/zammad/zammad/issues/2973) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)]
- CTI-API should handle doubled requests better [3247](https://github.com/zammad/zammad/issues/3247) [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)] [[CTI](https://github.com/zammad/zammad/labels/CTI)] [[specification required](https://github.com/zammad/zammad/labels/specification required)]
- In some situations the chat button is visible without a active websocket connection [2258](https://github.com/zammad/zammad/issues/2258) [[bug](https://github.com/zammad/zammad/labels/bug)] [[chat](https://github.com/zammad/zammad/labels/chat)]
- Fixes mistypes in article_view.coffee [3658](https://github.com/zammad/zammad/pull/3658)
- Creating and editing users via office 365 failes with Image source is invalid [3617](https://github.com/zammad/zammad/issues/3617) [[bug](https://github.com/zammad/zammad/labels/bug)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- FreshDesk Import fails with timeout error [3653](https://github.com/zammad/zammad/issues/3653) [[bug](https://github.com/zammad/zammad/labels/bug)] [[import](https://github.com/zammad/zammad/labels/import)]
- Chat widget cannot load CSS on (sub)domains that contain "ws" characters [3654](https://github.com/zammad/zammad/issues/3654) [[bug](https://github.com/zammad/zammad/labels/bug)] [[chat](https://github.com/zammad/zammad/labels/chat)]
- timezone issue with elasticsearch [2085](https://github.com/zammad/zammad/issues/2085) [[duplicate](https://github.com/zammad/zammad/labels/duplicate)]
- Invalid html signature detection for exchange warning boxes [3571](https://github.com/zammad/zammad/issues/3571) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- Searching for integer fields does not work as expected [3599](https://github.com/zammad/zammad/issues/3599) [[bug](https://github.com/zammad/zammad/labels/bug)] [[search](https://github.com/zammad/zammad/labels/search)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- FreshDesk import fails on certain custom field types [3628](https://github.com/zammad/zammad/issues/3628) [[bug](https://github.com/zammad/zammad/labels/bug)] [[import](https://github.com/zammad/zammad/labels/import)]
- Freshdesk import subdomain selection fails [3631](https://github.com/zammad/zammad/issues/3631) [[bug](https://github.com/zammad/zammad/labels/bug)] [[import](https://github.com/zammad/zammad/labels/import)]
- Search results missing for users with two names within lastname [3598](https://github.com/zammad/zammad/issues/3598) [[bug](https://github.com/zammad/zammad/labels/bug)] [[search](https://github.com/zammad/zammad/labels/search)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- New location notification with X-On-Behalf [3611](https://github.com/zammad/zammad/issues/3611) [[bug](https://github.com/zammad/zammad/labels/bug)] [[API](https://github.com/zammad/zammad/labels/API)] [[notification](https://github.com/zammad/zammad/labels/notification)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- State list of tickets ignore locale for their sorting [3335](https://github.com/zammad/zammad/issues/3335) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[ticket](https://github.com/zammad/zammad/labels/ticket)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- Newly created users are only shown in the admin interface after reload [3050](https://github.com/zammad/zammad/issues/3050) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)] [[frontend / JS app](https://github.com/zammad/zammad/labels/frontend / JS app)]
- Migration 3.6.1 to 4.1 : No configured business hours found! [3641](https://github.com/zammad/zammad/issues/3641) [[bug](https://github.com/zammad/zammad/labels/bug)]
- Verification tokens questionable behavior in developer mode [3116](https://github.com/zammad/zammad/issues/3116) [[developer experience](https://github.com/zammad/zammad/labels/developer experience)]
- Replacing a mention with a new leads to mentioning both agents [3636](https://github.com/zammad/zammad/issues/3636) [[bug](https://github.com/zammad/zammad/labels/bug)]
- Attachment order is wrong [3584](https://github.com/zammad/zammad/issues/3584) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)]
- When disconnecting a Chat, customer can still continue posting messages [2559](https://github.com/zammad/zammad/issues/2559) [[bug](https://github.com/zammad/zammad/labels/bug)] [[chat](https://github.com/zammad/zammad/labels/chat)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- some macros are hidden in the drag & drop- overview with a small screen size [3359](https://github.com/zammad/zammad/issues/3359) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- Add redis as an (optional) session store backend [3450](https://github.com/zammad/zammad/pull/3450)
- Text Module widget is broken/hidden after pressing backspace (once) [3637](https://github.com/zammad/zammad/issues/3637) [[bug](https://github.com/zammad/zammad/labels/bug)]
- Mention widget show same users several times (if rest requests will return in different order) [3639](https://github.com/zammad/zammad/issues/3639) [[bug](https://github.com/zammad/zammad/labels/bug)]
- The rebuild of the index is failing [3633](https://github.com/zammad/zammad/issues/3633) [[bug](https://github.com/zammad/zammad/labels/bug)] [[chat](https://github.com/zammad/zammad/labels/chat)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- Monitoring endpoint complains about `Failed to run SessionTimeoutJob.perform_now after 10 tries #<NoMethodError: undefined method `id' for nil:NilClass` [3632](https://github.com/zammad/zammad/issues/3632) [[bug](https://github.com/zammad/zammad/labels/bug)]
- Updating package-based installations can break the front end. [3629](https://github.com/zammad/zammad/issues/3629) [[bug](https://github.com/zammad/zammad/labels/bug)]
- backup: stop using su for pg_dump [3352](https://github.com/zammad/zammad/pull/3352) [[waiting for feedback](https://github.com/zammad/zammad/labels/waiting for feedback)]
- Reply-to header ignored if from contains a system address [2551](https://github.com/zammad/zammad/issues/2551) [[bug](https://github.com/zammad/zammad/labels/bug)]
- Maintenance: Fix handling of test that require secrets not to run for GitHub PRs. [3626](https://github.com/zammad/zammad/pull/3626)
- replacing find -mtime with find -mmin [3570](https://github.com/zammad/zammad/pull/3570)
- Ensure to migrate old calendar URLs for google calendar sources [3618](https://github.com/zammad/zammad/issues/3618) [[bug](https://github.com/zammad/zammad/labels/bug)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)] [[regression](https://github.com/zammad/zammad/labels/regression)]
- Mentions/Subscribe with read permissions [3615](https://github.com/zammad/zammad/issues/3615) [[bug](https://github.com/zammad/zammad/labels/bug)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- Chat-Message references not cleared with data privacy task [3610](https://github.com/zammad/zammad/issues/3610) [[bug](https://github.com/zammad/zammad/labels/bug)] [[data privacy](https://github.com/zammad/zammad/labels/data privacy)]
- Overview names are hidden in mobile view for RTL languages [3500](https://github.com/zammad/zammad/issues/3500) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[mobile](https://github.com/zammad/zammad/labels/mobile)]
- SMTP-Attachments missing when using the API under high load [2991](https://github.com/zammad/zammad/issues/2991) [[bug](https://github.com/zammad/zammad/labels/bug)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- Inline image conversion from jpeg to png causes huge overhead [3538](https://github.com/zammad/zammad/issues/3538) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- session timeout does regulary logout active users before timeout because of dead old sessions [3605](https://github.com/zammad/zammad/issues/3605) [[bug](https://github.com/zammad/zammad/labels/bug)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- Zendesk import creates new ticket numbers rather than using the Zendesk ticket IDs also as ticket numbers in Zammad [3593](https://github.com/zammad/zammad/issues/3593) [[bug](https://github.com/zammad/zammad/labels/bug)] [[import](https://github.com/zammad/zammad/labels/import)] [[ticket](https://github.com/zammad/zammad/labels/ticket)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- wrong behaviour for the disabled option in session timeout [3600](https://github.com/zammad/zammad/issues/3600) [[bug](https://github.com/zammad/zammad/labels/bug)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- Header links are not responsive [3133](https://github.com/zammad/zammad/issues/3133) [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[knowledge base](https://github.com/zammad/zammad/labels/knowledge base)]
- Update description of the session timeout setting [3597](https://github.com/zammad/zammad/issues/3597) [[bug](https://github.com/zammad/zammad/labels/bug)] [[admin area](https://github.com/zammad/zammad/labels/admin area)]
- Escalation calculation breaks data privacy ticket deletion [3588](https://github.com/zammad/zammad/issues/3588) [[bug](https://github.com/zammad/zammad/labels/bug)] [[data privacy](https://github.com/zammad/zammad/labels/data privacy)]
- `SessionTimeoutJob.perform_now` fails if user no longer exists [3586](https://github.com/zammad/zammad/issues/3586) [[bug](https://github.com/zammad/zammad/labels/bug)]
- Robots.txt should allow indexing Knowledge Base on custom URLs [3164](https://github.com/zammad/zammad/issues/3164) [[bug](https://github.com/zammad/zammad/labels/bug)] [[knowledge base](https://github.com/zammad/zammad/labels/knowledge base)]
- DataPrivacy may fail to clear user relations [3585](https://github.com/zammad/zammad/issues/3585) [[bug](https://github.com/zammad/zammad/labels/bug)] [[data privacy](https://github.com/zammad/zammad/labels/data privacy)]
- SessionTimeoutJob.perform_now scheduler job fails on update if scheduler process wasn't restarted [3581](https://github.com/zammad/zammad/issues/3581) [[bug](https://github.com/zammad/zammad/labels/bug)]
- Freshdesk import attribute ID mapping lookup constants fail application boot in systems with changed default names [3582](https://github.com/zammad/zammad/issues/3582) [[bug](https://github.com/zammad/zammad/labels/bug)]
- mentioned KB entries with the same title in different categories can not distinguished [3559](https://github.com/zammad/zammad/issues/3559) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)] [[knowledge base](https://github.com/zammad/zammad/labels/knowledge base)]
- Invalid auto assignment conditions may break ticket view for unassigned tickets [3567](https://github.com/zammad/zammad/issues/3567) [[bug](https://github.com/zammad/zammad/labels/bug)] [[UX/UI](https://github.com/zammad/zammad/labels/UX/UI)] [[prioritised by payment](https://github.com/zammad/zammad/labels/prioritised by payment)]
- Add Greek translation for chat [3569](https://github.com/zammad/zammad/pull/3569) [[chat](https://github.com/zammad/zammad/labels/chat)] [[translation](https://github.com/zammad/zammad/labels/translation)]
- Freshdesk [865](https://github.com/zammad/zammad/issues/865) [[feature backlog](https://github.com/zammad/zammad/labels/feature backlog)] [[import](https://github.com/zammad/zammad/labels/import)]
- Old JQuery version delivered [3431](https://github.com/zammad/zammad/issues/3431) [[bug](https://github.com/zammad/zammad/labels/bug)] [[chat](https://github.com/zammad/zammad/labels/chat)]

View file

@ -1,6 +1,6 @@
# Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/ # Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/
source 'https://rubygems.org' source 'https://gems.sutty.nl'
# core - base # core - base
ruby '2.7.4' ruby '2.7.4'
@ -227,10 +227,6 @@ group :development, :test do
# Slack helper for testing # Slack helper for testing
gem 'slack-ruby-client', require: false gem 'slack-ruby-client', require: false
# Can be used to detect for example the current
# operating system in tests, to handle things differently.
gem 'os'
end end
# Want to extend Zammad with additional gems? # Want to extend Zammad with additional gems?

View file

@ -17,7 +17,7 @@ GIT
mini_mime (>= 0.1.1) mini_mime (>= 0.1.1)
GEM GEM
remote: https://rubygems.org/ remote: https://gems.sutty.nl/
specs: specs:
aasm (5.2.0) aasm (5.2.0)
concurrent-ruby (~> 1.0) concurrent-ruby (~> 1.0)
@ -93,6 +93,9 @@ GEM
argon2 (2.0.3) argon2 (2.0.3)
ffi (~> 1.14) ffi (~> 1.14)
ffi-compiler (~> 1.0) ffi-compiler (~> 1.0)
argon2 (2.0.3-x86_64-linux-musl)
ffi (~> 1.14)
ffi-compiler (~> 1.0)
ast (2.4.2) ast (2.4.2)
async (1.29.1) async (1.29.1)
console (~> 1.10) console (~> 1.10)
@ -121,11 +124,14 @@ GEM
tzinfo tzinfo
bootsnap (1.9.1) bootsnap (1.9.1)
msgpack (~> 1.0) msgpack (~> 1.0)
bootsnap (1.9.1-x86_64-linux-musl)
msgpack (~> 1.0)
brakeman (5.1.1) brakeman (5.1.1)
browser (5.3.1) browser (5.3.1)
buftok (0.2.0) buftok (0.2.0)
builder (3.2.4) builder (3.2.4)
byebug (11.1.3) byebug (11.1.3)
byebug (11.1.3-x86_64-linux-musl)
capybara (3.35.3) capybara (3.35.3)
addressable addressable
mini_mime (>= 0.1.3) mini_mime (>= 0.1.3)
@ -169,6 +175,7 @@ GEM
daemons (1.4.1) daemons (1.4.1)
dalli (2.7.11) dalli (2.7.11)
debug_inspector (1.1.0) debug_inspector (1.1.0)
debug_inspector (1.1.0-x86_64-linux-musl)
delayed_job (4.1.9) delayed_job (4.1.9)
activesupport (>= 3.0, < 6.2) activesupport (>= 3.0, < 6.2)
delayed_job_active_record (4.1.6) delayed_job_active_record (4.1.6)
@ -195,6 +202,7 @@ GEM
equalizer (0.0.11) equalizer (0.0.11)
erubi (1.10.0) erubi (1.10.0)
eventmachine (1.2.7) eventmachine (1.2.7)
eventmachine (1.2.7-x86_64-linux-musl)
execjs (2.8.1) execjs (2.8.1)
factory_bot (6.2.0) factory_bot (6.2.0)
activesupport (>= 5.0.0) activesupport (>= 5.0.0)
@ -226,7 +234,7 @@ GEM
faraday-rack (1.0.0) faraday-rack (1.0.0)
faraday_middleware (1.0.0) faraday_middleware (1.0.0)
faraday (~> 1.0) faraday (~> 1.0)
ffi (1.15.3) ffi (1.15.3-x86_64-linux-musl)
ffi-compiler (1.0.1) ffi-compiler (1.0.1)
ffi (>= 1.0.0) ffi (>= 1.0.0)
rake rake
@ -267,6 +275,7 @@ GEM
hashdiff (1.0.1) hashdiff (1.0.1)
hashie (4.1.0) hashie (4.1.0)
hiredis (0.6.3) hiredis (0.6.3)
hiredis (0.6.3-x86_64-linux-musl)
htmlentities (4.3.4) htmlentities (4.3.4)
http (4.4.1) http (4.4.1)
addressable (~> 2.3) addressable (~> 2.3)
@ -277,9 +286,10 @@ GEM
http-cookie (1.0.4) http-cookie (1.0.4)
domain_name (~> 0.5) domain_name (~> 0.5)
http-form_data (2.3.0) http-form_data (2.3.0)
http-parser (1.2.3) http-parser (1.2.3-x86_64-linux-musl)
ffi-compiler (>= 1.0, < 2.0) ffi-compiler (>= 1.0, < 2.0)
http_parser.rb (0.6.0) http_parser.rb (0.6.0)
http_parser.rb (0.6.0-x86_64-linux-musl)
httpclient (2.8.3) httpclient (2.8.3)
i18n (1.8.10) i18n (1.8.10)
concurrent-ruby (~> 1.0) concurrent-ruby (~> 1.0)
@ -293,13 +303,15 @@ GEM
iniparse (1.5.0) iniparse (1.5.0)
interception (0.5) interception (0.5)
json (2.5.1) json (2.5.1)
json (2.5.1-x86_64-linux-musl)
jwt (2.2.3) jwt (2.2.3)
kgio (2.11.4) kgio (2.11.4)
kgio (2.11.4-x86_64-linux-musl)
koala (3.0.0) koala (3.0.0)
addressable addressable
faraday faraday
json (>= 1.8) json (>= 1.8)
libv8 (8.4.255.0) libv8 (8.4.255.0-x86_64-linux)
listen (3.5.1) listen (3.5.1)
rb-fsevent (~> 0.10, >= 0.10.3) rb-fsevent (~> 0.10, >= 0.10.3)
rb-inotify (~> 0.9, >= 0.9.10) rb-inotify (~> 0.9, >= 0.9.10)
@ -325,17 +337,23 @@ GEM
libv8 (>= 6.9.411) libv8 (>= 6.9.411)
minitest (5.14.4) minitest (5.14.4)
msgpack (1.4.2) msgpack (1.4.2)
msgpack (1.4.2-x86_64-linux-musl)
multi_json (1.15.0) multi_json (1.15.0)
multi_xml (0.6.0) multi_xml (0.6.0)
multipart-post (2.1.1) multipart-post (2.1.1)
mysql2 (0.5.3) mysql2 (0.5.3)
mysql2 (0.5.3-x86_64-linux-musl)
naught (1.1.0) naught (1.1.0)
nenv (0.3.0) nenv (0.3.0)
nestful (1.1.4) nestful (1.1.4)
net-ldap (0.17.0) net-ldap (0.17.0)
netrc (0.11.0) netrc (0.11.0)
nio4r (2.5.8) nio4r (2.5.8)
nokogiri (1.12.4) nio4r (2.5.8-x86_64-linux-musl)
nokogiri (1.12.5)
mini_portile2 (~> 2.6.1)
racc (~> 1.4)
nokogiri (1.12.5-x86_64-linux-musl)
mini_portile2 (~> 2.6.1) mini_portile2 (~> 2.6.1)
racc (~> 1.4) racc (~> 1.4)
nori (2.6.0) nori (2.6.0)
@ -392,7 +410,7 @@ GEM
omniauth (~> 1.5) omniauth (~> 1.5)
omniauth-oauth2 (>= 1.4.0) omniauth-oauth2 (>= 1.4.0)
openssl (2.2.0) openssl (2.2.0)
os (1.1.1) openssl (2.2.0-x86_64-linux-musl)
overcommit (0.58.0) overcommit (0.58.0)
childprocess (>= 0.6.3, < 5) childprocess (>= 0.6.3, < 5)
iniparse (~> 1.4) iniparse (~> 1.4)
@ -401,6 +419,7 @@ GEM
parser (3.0.2.0) parser (3.0.2.0)
ast (~> 2.4.1) ast (~> 2.4.1)
pg (0.21.0) pg (0.21.0)
pg (0.21.0-x86_64-linux-musl)
power_assert (2.0.1) power_assert (2.0.1)
protocol-hpack (1.4.2) protocol-hpack (1.4.2)
protocol-http (0.22.4) protocol-http (0.22.4)
@ -424,13 +443,16 @@ GEM
binding_of_caller (~> 1.0) binding_of_caller (~> 1.0)
pry (~> 0.13) pry (~> 0.13)
public_suffix (4.0.6) public_suffix (4.0.6)
puma (4.3.8) puma (4.3.10)
nio4r (~> 2.0)
puma (4.3.8-x86_64-linux-musl)
nio4r (~> 2.0) nio4r (~> 2.0)
pundit (2.1.1) pundit (2.1.1)
activesupport (>= 3.0.0) activesupport (>= 3.0.0)
pundit-matchers (1.7.0) pundit-matchers (1.7.0)
rspec-rails (>= 3.0.0) rspec-rails (>= 3.0.0)
racc (1.5.2) racc (1.5.2)
racc (1.5.2-x86_64-linux-musl)
rack (2.2.3) rack (2.2.3)
rack-livereload (0.3.17) rack-livereload (0.3.17)
rack rack
@ -468,6 +490,7 @@ GEM
thor (>= 0.20.3, < 2.0) thor (>= 0.20.3, < 2.0)
rainbow (3.0.0) rainbow (3.0.0)
raindrops (0.19.2) raindrops (0.19.2)
raindrops (0.19.2-x86_64-linux-musl)
rake (13.0.6) rake (13.0.6)
rb-fsevent (0.11.0) rb-fsevent (0.11.0)
rb-inotify (0.10.1) rb-inotify (0.10.1)
@ -499,6 +522,7 @@ GEM
rspec-support (~> 3.10) rspec-support (~> 3.10)
rspec-support (3.10.2) rspec-support (3.10.2)
rszr (0.5.2) rszr (0.5.2)
rszr (0.5.2-x86_64-linux-musl)
rubocop (1.21.0) rubocop (1.21.0)
parallel (~> 1.10) parallel (~> 1.10)
parser (>= 3.0.0.0) parser (>= 3.0.0.0)
@ -531,6 +555,8 @@ GEM
rubyzip (2.3.0) rubyzip (2.3.0)
sassc (2.4.0) sassc (2.4.0)
ffi (~> 1.9) ffi (~> 1.9)
sassc (2.4.0-x86_64-linux-musl)
ffi (~> 1.9)
sassc-rails (2.1.2) sassc-rails (2.1.2)
railties (>= 4.0.0) railties (>= 4.0.0)
sassc (>= 2.0) sassc (>= 2.0)
@ -611,11 +637,14 @@ GEM
execjs (>= 0.3.0, < 3) execjs (>= 0.3.0, < 3)
unf (0.1.4) unf (0.1.4)
unf_ext unf_ext
unf_ext (0.0.7.7) unf_ext (0.0.7.7-x86_64-linux-musl)
unicode-display_width (2.1.0) unicode-display_width (2.1.0)
unicorn (6.0.0) unicorn (6.0.0)
kgio (~> 2.6) kgio (~> 2.6)
raindrops (~> 0.7) raindrops (~> 0.7)
unicorn (6.0.0-x86_64-linux-musl)
kgio (~> 2.6)
raindrops (~> 0.7)
valid_email2 (4.0.0) valid_email2 (4.0.0)
activemodel (>= 3.2) activemodel (>= 3.2)
mail (~> 2.5) mail (~> 2.5)
@ -631,6 +660,8 @@ GEM
hashdiff (>= 0.4.0, < 2.0.0) hashdiff (>= 0.4.0, < 2.0.0)
websocket-driver (0.7.5) websocket-driver (0.7.5)
websocket-extensions (>= 0.1.0) websocket-extensions (>= 0.1.0)
websocket-driver (0.7.5-x86_64-linux-musl)
websocket-extensions (>= 0.1.0)
websocket-extensions (0.1.5) websocket-extensions (0.1.5)
writeexcel (1.0.5) writeexcel (1.0.5)
xpath (3.2.0) xpath (3.2.0)
@ -645,6 +676,7 @@ GEM
PLATFORMS PLATFORMS
ruby ruby
x86_64-linux-musl
DEPENDENCIES DEPENDENCIES
aasm aasm
@ -711,7 +743,6 @@ DEPENDENCIES
omniauth-twitter omniauth-twitter
omniauth-weibo-oauth2 omniauth-weibo-oauth2
openssl openssl
os
overcommit overcommit
pg (= 0.21.0) pg (= 0.21.0)
pry-rails pry-rails

149
Makefile Normal file
View file

@ -0,0 +1,149 @@
SHELL := /bin/bash
.DEFAULT_GOAL := help
# Copiar el archivo de configuración y avisar cuando hay que
# actualizarlo.
.env: .env.example
@test -f $@ || cp -v $< $@
@test -f $@ && echo "Revisa $@ para actualizarlo con respecto a $<"
@test -f $@ && diff -auN --color $@ $<
include .env
export
# XXX: El espacio antes del comentario cuenta como espacio
args ?=## Argumentos para Hain
commit ?= origin/rails## Commit desde el que actualizar
env ?= staging## Entorno del nodo delegado
sutty ?= $(SUTTY)## Dirección local
delegate ?= $(DELEGATE)## Cambia el nodo delegado
hain ?= $(HAINISH)## Ubicación de Hainish
# El nodo delegado tiene dos entornos, production y staging.
# Dependiendo del entorno que elijamos, se van a generar los assets y el
# contenedor y subirse a un servidor u otro. No utilizamos CI/CD (aún).
#
# Production es el entorno de panel.sutty.nl
ifeq ($(env),production)
container ?= sutty
## TODO: Cambiar a otra cosa
branch ?= rails
public ?= public
endif
# Staging es el entorno de panel.staging.sutty.nl
ifeq ($(env),staging)
container := staging
branch := staging
public := staging
endif
help: always ## Ayuda
@echo -e "Sutty\n" | sed -re "s/^.*/\x1B[38;5;197m&\x1B[0m/"
@echo -e "Servidor: https://panel.$(SUTTY_WITH_PORT)/\n"
@echo -e "Uso: make TAREA args=\"ARGUMENTOS\"\n"
@echo -e "Tareas:\n"
@grep -E "^[a-z\-]+:.*##" Makefile | sed -re "s/(.*):.*##(.*)/\1;\2/" | column -s ";" -t | sed -re "s/^([^ ]+) /\x1B[38;5;197m\1\x1B[0m/"
@echo -e "\nArgumentos:\n"
@grep -E "^[a-z\-]+ \?=.*##" Makefile | sed -re "s/(.*) \?=.*##(.*)/\1;\2/" | column -s ";" -t | sed -re "s/^([^ ]+) /\x1B[38;5;197m\1\x1B[0m/"
assets: node_modules public/packs/manifest.json.br ## Compilar los assets
test: always ## Ejecutar los tests
$(MAKE) rake args="test RAILS_ENV=test $(args)"
postgresql: /etc/hosts ## Iniciar la base de datos
pgrep postgres >/dev/null || $(hain) postgresql
serve-js: /etc/hosts node_modules ## Iniciar el servidor de desarrollo de Javascript
$(hain) 'bundle exec ./bin/webpack-dev-server'
serve: /etc/hosts postgresql Gemfile.lock ## Iniciar el servidor de desarrollo de Rails
$(MAKE) rails args=server
rails: ## Corre rails dentro del entorno de desarrollo (pasar argumentos con args=).
$(MAKE) bundle args="exec rails $(args)"
rake: ## Corre rake dentro del entorno de desarrollo (pasar argumentos con args=).
$(MAKE) bundle args="exec rake $(args)"
bundle: ## Corre bundle dentro del entorno de desarrollo (pasar argumentos con args=).
$(hain) 'bundle $(args)'
rubocop: ## Yutea el código que está por ser commiteado
git status --porcelain \
| grep -E "^(A|M)" \
| sed "s/^...//" \
| grep ".rb$$" \
| ../haini.sh/haini.sh "xargs -r ./bin/rubocop --auto-correct"
audit: ## Encuentra dependencias con vulnerabilidades
$(hain) 'gem install bundler-audit'
$(hain) 'bundle audit --update'
brakeman: ## Busca posibles vulnerabilidades en Sutty
$(MAKE) bundle args='exec brakeman'
yarn: ## Tareas de yarn
$(hain) 'yarn $(args)'
clean: ## Limpieza
rm -rf _sites/test-* _deploy/test-* log/*.log tmp/cache tmp/letter_opener tmp/miniprofiler tmp/storage
build: Gemfile.lock ## Generar la imagen Docker
time docker build --build-arg="BRANCH=$(branch)" --build-arg="RAILS_MASTER_KEY=`cat config/master.key`" -t sutty/$(container) .
docker tag sutty/$(container):latest sutty:keep
@echo -e "\a"
save: ## Subir la imagen Docker al nodo delegado
time docker save sutty/$(container):latest | ssh root@$(delegate) docker load
date +%F | xargs -I {} git tag -f $(container)-{}
@echo -e "\a"
ota-js: assets ## Actualizar Javascript en el nodo delegado
sudo chgrp -R 82 public/
rsync -avi --delete-after public/ root@$(delegate):/srv/sutty/srv/http/data/_$(public)/
ssh root@$(delegate) docker exec $(container) sh -c "cat /srv/http/tmp/puma.pid | xargs -r kill -USR2"
ota: ## Actualizar Rails en el nodo delegado
umask 022; git format-patch $(commit)
scp ./0*.patch $(delegate):/tmp/
ssh $(delegate) mkdir -p /tmp/patches-$(commit)/
scp ./0*.patch $(delegate):/tmp/patches-$(commit)/
scp ./ota.sh $(delegate):/tmp/
ssh $(delegate) docker cp /tmp/patches-$(shell echo $(commit) | cut -d / -f 1) $(container):/tmp/
ssh $(delegate) docker cp /tmp/ota.sh $(container):/usr/local/bin/ota
ssh $(delegate) docker exec $(container) apk add --no-cache patch
ssh $(delegate) docker exec $(container) ota $(commit)
rm ./0*.patch
# Todos los archivos de assets. Si alguno cambia, se van a recompilar
# los assets que luego se suben al nodo delegado.
assets := package.json yarn.lock $(shell find app/assets/ app/javascript/ -type f)
public/packs/manifest.json.br: $(assets)
$(hain) 'PANEL_URL=https://panel.sutty.nl RAILS_ENV=production NODE_ENV=production bundle exec rake assets:precompile assets:clean'
# Correr un test en particular por ejemplo
# `make test/models/usuarie_test.rb`
tests := $(shell find test/ -name "*_test.rb")
$(tests): always
$(MAKE) test args="TEST=$@"
# Agrega las direcciones locales al sistema
/etc/hosts: always
@echo "Chequeando si es necesario agregar el dominio local $(SUTTY)"
@grep -q " $(SUTTY)$$" $@ || echo -e "127.0.0.1 $(SUTTY)\n::1 $(SUTTY)" | sudo tee -a $@
@grep -q " api.$(SUTTY)$$" $@ || echo -e "127.0.0.1 api.$(SUTTY)\n::1 api.$(SUTTY)" | sudo tee -a $@
@grep -q " panel.$(SUTTY)$$" $@ || echo -e "127.0.0.1 panel.$(SUTTY)\n::1 panel.$(SUTTY)" | sudo tee -a $@
@grep -q " postgresql.$(SUTTY)$$" $@ || echo -e "127.0.0.1 postgresql.$(SUTTY)\n::1 postgresql.$(SUTTY)" | sudo tee -a $@
# Instala las dependencias de Javascript
node_modules: package.json
$(MAKE) yarn
# Instala las dependencias de Rails
Gemfile.lock: Gemfile
$(MAKE) bundle args=install
.PHONY: always

View file

@ -493,6 +493,23 @@ class App.ControllerTable extends App.Controller
sortable: @dndCallback sortable: @dndCallback
)) ))
getGroupByKeyName: (object, groupBy) ->
reference_key = groupBy + '_id'
if reference_key of object
return reference_key
groupBy
sortObjectKeys: (objects, direction) ->
sorted = Object.keys(objects).sort()
switch direction
when 'DESC'
sorted.reverse()
else
sorted
renderTableRows: (sort = false) => renderTableRows: (sort = false) =>
if sort is true if sort is true
@sortList() @sortList()
@ -506,11 +523,11 @@ class App.ControllerTable extends App.Controller
objectsToShow = @objectsOfPage(@pagerShownPage) objectsToShow = @objectsOfPage(@pagerShownPage)
if @groupBy if @groupBy
# group by raw (and not printable) value so dates work also # group by raw (and not printable) value so dates work also
objectsGrouped = _.groupBy(objectsToShow, (object) => object[@groupBy]) objectsGrouped = _.groupBy(objectsToShow, (object) => object[@getGroupByKeyName(object, @groupBy)])
else else
objectsGrouped = { '': objectsToShow } objectsGrouped = { '': objectsToShow }
for groupValue in Object.keys(objectsGrouped).sort() for groupValue in @sortObjectKeys(objectsGrouped, @groupDirection)
groupObjects = objectsGrouped[groupValue] groupObjects = objectsGrouped[groupValue]
for object in groupObjects for object in groupObjects

View file

@ -23,7 +23,7 @@ class App.UiElement.core_workflow_condition extends App.UiElement.ApplicationSel
organization: organization:
name: 'Organization' name: 'Organization'
model: 'Organization' model: 'Organization'
model_show: ['Organization'] model_show: ['User', 'Organization']
'customer.organization': 'customer.organization':
name: 'Organization' name: 'Organization'
model: 'Organization' model: 'Organization'

View file

@ -39,6 +39,7 @@ class App.UiElement.core_workflow_perform extends App.UiElement.ApplicationSelec
operatorsType = operatorsType =
'boolean$': ['show', 'hide', 'remove', 'set_mandatory', 'set_optional', 'set_readonly', 'unset_readonly', 'add_option', 'remove_option', 'set_fixed_to'] 'boolean$': ['show', 'hide', 'remove', 'set_mandatory', 'set_optional', 'set_readonly', 'unset_readonly', 'add_option', 'remove_option', 'set_fixed_to']
'integer$': ['show', 'hide', 'remove', 'set_mandatory', 'set_optional', 'set_readonly', 'unset_readonly'] 'integer$': ['show', 'hide', 'remove', 'set_mandatory', 'set_optional', 'set_readonly', 'unset_readonly']
'^date': ['show', 'hide', 'remove', 'set_mandatory', 'set_optional', 'set_readonly', 'unset_readonly']
'^select$': ['show', 'hide', 'remove', 'set_mandatory', 'set_optional', 'set_readonly', 'unset_readonly', 'add_option', 'remove_option', 'set_fixed_to', 'select', 'auto_select'] '^select$': ['show', 'hide', 'remove', 'set_mandatory', 'set_optional', 'set_readonly', 'unset_readonly', 'add_option', 'remove_option', 'set_fixed_to', 'select', 'auto_select']
'^tree_select$': ['show', 'hide', 'remove', 'set_mandatory', 'set_optional', 'set_readonly', 'unset_readonly', 'add_option', 'remove_option', 'set_fixed_to', 'select', 'auto_select'] '^tree_select$': ['show', 'hide', 'remove', 'set_mandatory', 'set_optional', 'set_readonly', 'unset_readonly', 'add_option', 'remove_option', 'set_fixed_to', 'select', 'auto_select']
'^input$': ['show', 'hide', 'remove', 'set_mandatory', 'set_optional', 'set_readonly', 'unset_readonly', 'fill_in', 'fill_in_empty'] '^input$': ['show', 'hide', 'remove', 'set_mandatory', 'set_optional', 'set_readonly', 'unset_readonly', 'fill_in', 'fill_in_empty']
@ -63,8 +64,9 @@ class App.UiElement.core_workflow_perform extends App.UiElement.ApplicationSelec
continue continue
for row in App[groupMeta.model].configure_attributes for row in App[groupMeta.model].configure_attributes
continue if !_.contains(['input', 'select', 'integer', 'boolean', 'tree_select'], row.tag) continue if !_.contains(['input', 'select', 'integer', 'boolean', 'tree_select', 'date', 'datetime'], row.tag)
continue if groupKey is 'ticket' && _.contains(['number', 'organization_id', 'title'], row.name) continue if _.contains(['created_at', 'updated_at'], row.name)
continue if groupKey is 'ticket' && _.contains(['number', 'organization_id', 'title', 'escalation_at', 'first_response_escalation_at', 'update_escalation_at', 'close_escalation_at', 'last_contact_at', 'last_contact_agent_at', 'last_contact_customer_at', 'first_response_at', 'close_at'], row.name)
# ignore passwords and relations # ignore passwords and relations
if row.type isnt 'password' && row.name.substr(row.name.length-4,4) isnt '_ids' && row.searchable isnt false if row.type isnt 'password' && row.name.substr(row.name.length-4,4) isnt '_ids' && row.searchable isnt false
@ -128,9 +130,10 @@ class App.UiElement.core_workflow_perform extends App.UiElement.ApplicationSelec
@buildValueConfigMultiple: (config, meta) -> @buildValueConfigMultiple: (config, meta) ->
if _.contains(['add_option', 'remove_option', 'set_fixed_to'], meta.operator) if _.contains(['add_option', 'remove_option', 'set_fixed_to'], meta.operator)
config.multiple = true config.multiple = true
config.nulloption = true
else else
config.multiple = false config.multiple = false
config.nulloption = false config.nulloption = false
return config return config
@HasPreCondition: -> @HasPreCondition: ->

View file

@ -6,7 +6,7 @@ class App.UiElement.richtext
attribute.value = attribute.value.text attribute.value = attribute.value.text
item = $( App.view('generic/richtext')(attribute: attribute, toolButtons: @toolButtons) ) item = $( App.view('generic/richtext')(attribute: attribute, toolButtons: @toolButtons) )
@contenteditable = item.find('[contenteditable]').ce( item.find('[contenteditable]').ce(
mode: attribute.type mode: attribute.type
maxlength: attribute.maxlength maxlength: attribute.maxlength
buttons: attribute.buttons buttons: attribute.buttons
@ -21,12 +21,12 @@ class App.UiElement.richtext
new App[plugin.controller](params) new App[plugin.controller](params)
if attribute.upload if attribute.upload
@attachments = [] attachments = []
item.append( $( App.view('generic/attachment')(attribute: attribute) ) ) item.append( $( App.view('generic/attachment')(attribute: attribute) ) )
renderFile = (file) => renderFile = (file) ->
item.find('.attachments').append(App.view('generic/attachment_item')(file)) item.find('.attachments').append(App.view('generic/attachment_item')(file))
@attachments.push file attachments.push file
if params && params.attachments if params && params.attachments
for file in params.attachments for file in params.attachments
@ -46,10 +46,10 @@ class App.UiElement.richtext
, form.form_id) , form.form_id)
# remove items # remove items
item.find('.attachments').on('click', '.js-delete', (e) => item.find('.attachments').on('click', '.js-delete', (e) ->
id = $(e.currentTarget).data('id') id = $(e.currentTarget).data('id')
@attachments = _.filter( attachments = _.filter(
@attachments, attachments,
(item) -> (item) ->
return if item.id.toString() is id.toString() return if item.id.toString() is id.toString()
item item
@ -71,67 +71,35 @@ class App.UiElement.richtext
element.empty() element.empty()
) )
@progressBar = item.find('.attachmentUpload-progressBar') App.Delay.set( ->
@progressText = item.find('.js-percentage') uploader = new App.Html5Upload(
@attachmentPlaceholder = item.find('.attachmentPlaceholder') uploadUrl: "#{App.Config.get('api_path')}/attachments"
@attachmentUpload = item.find('.attachmentUpload') dropContainer: item.closest('form')
@attachmentsHolder = item.find('.attachments') cancelContainer: item.find('.js-cancel')
@cancelContainer = item.find('.js-cancel') inputField: item.find('input')
data:
form_id: item.closest('form').find('[name=form_id]').val()
u = => html5Upload.initialize( onFileStartCallback: ->
uploadUrl: "#{App.Config.get('api_path')}/attachments" item.find('[contenteditable]').trigger('fileUploadStart')
dropContainer: item.closest('form').get(0)
cancelContainer: @cancelContainer
inputField: item.find('input').get(0)
maxSimultaneousUploads: 1,
key: 'File'
data:
form_id: item.closest('form').find('[name=form_id]').val()
onFileAdded: (file) =>
file.on( onFileCompletedCallback: (response) ->
onStart: => renderFile(response.data)
@attachmentPlaceholder.addClass('hide') item.find('input').val('')
@attachmentUpload.removeClass('hide') item.find('[contenteditable]').trigger('fileUploadStop', ['completed'])
@cancelContainer.removeClass('hide')
item.find('[contenteditable]').trigger('fileUploadStart')
App.Log.debug 'UiElement.richtext', 'upload start'
onAborted: => onFileAbortedCallback: ->
@attachmentPlaceholder.removeClass('hide') item.find('input').val('')
@attachmentUpload.addClass('hide') item.find('[contenteditable]').trigger('fileUploadStop', ['aborted'])
item.find('input').val('')
item.find('[contenteditable]').trigger('fileUploadStop', ['aborted'])
# Called after received response from the server attachmentPlaceholder: item.find('.attachmentPlaceholder')
onCompleted: (response) => attachmentUpload: item.find('.attachmentUpload')
response = JSON.parse(response) progressBar: item.find('.attachmentUpload-progressBar')
progressText: item.find('.js-percentage')
)
@attachmentPlaceholder.removeClass('hide') uploader.render()
@attachmentUpload.addClass('hide') , 100, undefined, 'form_upload')
# reset progress bar
@progressBar.width(parseInt(0) + '%')
@progressText.text('')
renderFile(response.data)
item.find('input').val('')
item.find('[contenteditable]').trigger('fileUploadStop', ['completed'])
App.Log.debug 'UiElement.richtext', 'upload complete', response.data
# Called during upload progress, first parameter
# is decimal value from 0 to 100.
onProgress: (progress, fileSize, uploadedBytes) =>
@progressBar.width(parseInt(progress) + '%')
@progressText.text(parseInt(progress))
# hide cancel on 90%
if parseInt(progress) >= 90
@cancelContainer.addClass('hide')
App.Log.debug 'UiElement.richtext', 'uploadProgress ', parseInt(progress)
)
)
App.Delay.set(u, 100, undefined, 'form_upload')
item item

View file

@ -8,7 +8,7 @@ class App.TicketCreate extends App.Controller
events: events:
'click .type-tabs .tab': 'changeFormType' 'click .type-tabs .tab': 'changeFormType'
'submit form': 'submit' 'submit form': 'submit'
'click .js-cancel': 'cancel' 'click .form-controls .js-cancel': 'cancel'
'click .js-active-toggle': 'toggleButton' 'click .js-active-toggle': 'toggleButton'
types: { types: {
@ -184,8 +184,11 @@ class App.TicketCreate extends App.Controller
@controllerUnbind('ticket_create_rerender', (template) => @renderQueue(template)) @controllerUnbind('ticket_create_rerender', (template) => @renderQueue(template))
changed: => changed: =>
return true if @hasAttachments()
formCurrent = @formParam( @$('.ticket-create') ) formCurrent = @formParam( @$('.ticket-create') )
diff = difference(@formDefault, formCurrent) diff = difference(@formDefault, formCurrent)
return false if !diff || _.isEmpty(diff) return false if !diff || _.isEmpty(diff)
return true return true
@ -461,6 +464,9 @@ class App.TicketCreate extends App.Controller
params: => params: =>
params = @formParam(@$('.main form')) params = @formParam(@$('.main form'))
hasAttachments: =>
@$('.richtext .attachments .attachment').length > 0
submit: (e) => submit: (e) =>
e.preventDefault() e.preventDefault()
@ -563,7 +569,7 @@ class App.TicketCreate extends App.Controller
# save ticket, create article # save ticket, create article
# check attachment # check attachment
if article['body'] if article['body']
if @$('.richtext .attachments .attachment').length < 1 if !@hasAttachments()
matchingWord = App.Utils.checkAttachmentReference(article['body']) matchingWord = App.Utils.checkAttachmentReference(article['body'])
if matchingWord if matchingWord
if !confirm(App.i18n.translateContent('You use %s in text but no attachment is attached. Do you want to continue?', matchingWord)) if !confirm(App.i18n.translateContent('You use %s in text but no attachment is attached. Do you want to continue?', matchingWord))

View file

@ -1,6 +1,6 @@
class CoreWorkflow extends App.ControllerSubContent class CoreWorkflow extends App.ControllerSubContent
requiredPermission: 'admin.core_workflow' requiredPermission: 'admin.core_workflow'
header: 'Core Workflow' header: 'Core Workflows'
constructor: -> constructor: ->
super super
@ -54,4 +54,4 @@ class CoreWorkflow extends App.ControllerSubContent
} }
return mapping[screen] || screen return mapping[screen] || screen
App.Config.set('CoreWorkflowObject', { prio: 1750, parent: '#system', name: 'Core Workflow', target: '#system/core_workflow', controller: CoreWorkflow, permission: ['admin.core_workflow'] }, 'NavBarAdmin') App.Config.set('CoreWorkflowObject', { prio: 1750, parent: '#system', name: 'Core Workflows', target: '#system/core_workflow', controller: CoreWorkflow, permission: ['admin.core_workflow'] }, 'NavBarAdmin')

View file

@ -27,11 +27,13 @@ class App.KnowledgeBasePublicMenuManager extends App.Controller
{ {
headline: 'Header menu', headline: 'Header menu',
identifier: 'header', identifier: 'header',
color: kb.color_header color: kb.color_header,
color_link: kb.color_header_link
}, },
{ {
headline: 'Footer menu', headline: 'Footer menu',
identifier: 'footer' identifier: 'footer',
color_link: 'hsl(207,12%,50%)'
} }
] ]

View file

@ -1314,7 +1314,7 @@ class Table extends App.Controller
return if ticketListShow[0] || @permissionCheck('ticket.agent') return if ticketListShow[0] || @permissionCheck('ticket.agent')
tickets_count = user.lifetimeCustomerTicketsCount() tickets_count = user.lifetimeCustomerTicketsCount()
@html App.view('customer_not_ticket_exists')(has_any_tickets: tickets_count > 0) @html App.view('customer_not_ticket_exists')(has_any_tickets: tickets_count > 0, is_allowed_to_create_ticket: @Config.get('customer_ticket_create'))
if tickets_count == 0 if tickets_count == 0
@listenTo user, 'refresh', => @listenTo user, 'refresh', =>

View file

@ -200,10 +200,10 @@ class App.TicketZoom extends App.Controller
formMeta = data.form_meta formMeta = data.form_meta
# on the following states we want to rerender the ticket: # on the following states we want to rerender the ticket:
# - if the object attribute configuration has changed (attribute values, restrictions, filters) # - if the object attribute configuration has changed (attribute values, dependecies, filters)
# - if the user view has changed (agent/customer) # - if the user view has changed (agent/customer)
# - if the ticket permission has changed (read/write/full) # - if the ticket permission has changed (read/write/full)
if @view && ( !_.isEqual(@formMeta, formMeta) || @view isnt view || @readable isnt readable || @changeable isnt changeable || @fullable isnt fullable ) if @view && ( !_.isEqual(@formMeta.configure_attributes, formMeta.configure_attributes) || !_.isEqual(@formMeta.dependencies, formMeta.dependencies) || !_.isEqual(@formMeta.filter, formMeta.filter) || @view isnt view || @readable isnt readable || @changeable isnt changeable || @fullable isnt fullable )
@renderDone = false @renderDone = false
@view = view @view = view
@ -214,6 +214,7 @@ class App.TicketZoom extends App.Controller
# render page # render page
@render(local) @render(local)
App.Event.trigger('ui::ticket::load', data)
meta: => meta: =>

View file

@ -98,7 +98,7 @@ class App.TicketZoomArticleNew extends App.Controller
@controllerBind('ui:rerender', => @controllerBind('ui:rerender', =>
@adjustedTextarea = false @adjustedTextarea = false
@defaults = @ui.taskGet('article') @defaults = @ui.taskGet('article')
@attachments = @defaults.attachments @attachments = @defaults.attachments || []
@render() @render()
) )
@ -117,7 +117,7 @@ class App.TicketZoomArticleNew extends App.Controller
@tokanice(@type) @tokanice(@type)
if @defaults.body or @isIE10() if @defaults.body or @attachments.length > 0 or @isIE10()
@openTextarea(null, true) @openTextarea(null, true)
tokanice: (type = 'email') -> tokanice: (type = 'email') ->
@ -191,82 +191,30 @@ class App.TicketZoomArticleNew extends App.Controller
maxlength: 150000 maxlength: 150000
}) })
html5Upload.initialize( new App.Html5Upload(
uploadUrl: "#{App.Config.get('api_path')}/upload_caches/#{@form_id}" uploadUrl: "#{App.Config.get('api_path')}/upload_caches/#{@form_id}"
dropContainer: @$('.article-add').get(0) dropContainer: @$('.article-add')
cancelContainer: @cancelContainer cancelContainer: @cancelContainer
inputField: @$('.article-attachment input').get(0) inputField: @$('.article-attachment input')
key: 'File'
maxSimultaneousUploads: 1
onFileAdded: (file) =>
file.on( onFileStartCallback: =>
@callbackFileUploadStart?()
onStart: => onFileCompletedCallback: (response) =>
@attachmentPlaceholder.addClass('hide') @attachments.push response.data
@attachmentUpload.removeClass('hide') @renderAttachment(response.data)
@cancelContainer.removeClass('hide') @$('.article-attachment input').val('')
if @callbackFileUploadStart @callbackFileUploadStop?()
@callbackFileUploadStart()
onAborted: => onFileAbortedCallback: =>
@attachmentPlaceholder.removeClass('hide') @callbackFileUploadStop?()
@attachmentUpload.addClass('hide')
@$('.article-attachment input').val('')
if @callbackFileUploadStop attachmentPlaceholder: @attachmentPlaceholder
@callbackFileUploadStop() attachmentUpload: @attachmentUpload
progressBar: @progressBar
# Called after received response from the server progressText: @progressText
onCompleted: (response) => ).render()
response = JSON.parse(response)
@attachments.push response.data
@attachmentPlaceholder.removeClass('hide')
@attachmentUpload.addClass('hide')
# reset progress bar
@progressBar.width(parseInt(0) + '%')
@progressText.text('')
@renderAttachment(response.data)
@$('.article-attachment input').val('')
if @callbackFileUploadStop
@callbackFileUploadStop()
# Called during upload progress, first parameter
# is decimal value from 0 to 100.
onProgress: (progress, fileSize, uploadedBytes) =>
@progressBar.width(parseInt(progress) + '%')
@progressText.text(parseInt(progress))
# hide cancel on 90%
if parseInt(progress) >= 90
@cancelContainer.addClass('hide')
# Called when upload failed
onError: (message) =>
@attachmentPlaceholder.removeClass('hide')
@attachmentUpload.addClass('hide')
@$('.article-attachment input').val('')
if @callbackFileUploadStop
@callbackFileUploadStop()
new App.ControllerModal(
head: 'Upload Failed'
buttonCancel: 'Cancel'
buttonCancelClass: 'btn--danger'
buttonSubmit: false
message: message
shown: true
small: true
container: @el.closest('.content')
)
)
)
@bindAttachmentDelete() @bindAttachmentDelete()

View file

@ -119,7 +119,9 @@ class App.FormHandlerCoreWorkflow
valueFound = false valueFound = false
for value in values for value in values
if value && paramValue
# false values are valid values e.g. for boolean fields (be careful)
if value isnt undefined && paramValue isnt undefined
if value.toString() == paramValue.toString() if value.toString() == paramValue.toString()
valueFound = true valueFound = true
break break

View file

@ -1,12 +1,21 @@
class Edit extends App.ControllerObserver # No usage of a ControllerObserver here because we want to use
model: 'Ticket' # the data of the ticket zoom ajax request which is using the all=true parameter
observeNot: # and contain the core workflow information as well. Without observer we also
created_at: true # dont have double rendering because of the zoom (all=true) and observer (full=true) render callback
updated_at: true class Edit extends App.Controller
globalRerender: false constructor: (params) ->
super
@controllerBind('ui::ticket::load', (data) =>
return if data.ticket_id.toString() isnt @ticket.id.toString()
render: (ticket, diff) => @ticket = App.Ticket.find(@ticket.id)
defaults = ticket.attributes() @formMeta = data.form_meta
@render()
)
@render()
render: =>
defaults = @ticket.attributes()
delete defaults.article # ignore article infos delete defaults.article # ignore article infos
followUpPossible = App.Group.find(defaults.group_id).follow_up_possible followUpPossible = App.Group.find(defaults.group_id).follow_up_possible
ticketState = App.TicketState.find(defaults.state_id).name ticketState = App.TicketState.find(defaults.state_id).name
@ -16,10 +25,13 @@ class Edit extends App.ControllerObserver
if !_.isEmpty(taskState) if !_.isEmpty(taskState)
defaults = _.extend(defaults, taskState) defaults = _.extend(defaults, taskState)
# remove core workflow data because it should trigger a request to get data
# for the new ticket + eventually changed task state
@formMeta.core_workflow = undefined
if followUpPossible == 'new_ticket' && ticketState != 'closed' || if followUpPossible == 'new_ticket' && ticketState != 'closed' ||
followUpPossible != 'new_ticket' || followUpPossible != 'new_ticket' ||
@permissionCheck('admin') || ticket.currentView() is 'agent' @permissionCheck('admin') || @ticket.currentView() is 'agent'
@controllerFormSidebarTicket = new App.ControllerForm( @controllerFormSidebarTicket = new App.ControllerForm(
elReplace: @el elReplace: @el
model: { className: 'Ticket', configure_attributes: @formMeta.configure_attributes || App.Ticket.configure_attributes } model: { className: 'Ticket', configure_attributes: @formMeta.configure_attributes || App.Ticket.configure_attributes }
@ -28,7 +40,7 @@ class Edit extends App.ControllerObserver
filter: @formMeta.filter filter: @formMeta.filter
formMeta: @formMeta formMeta: @formMeta
params: defaults params: defaults
isDisabled: !ticket.editable() isDisabled: !@ticket.editable()
taskKey: @taskKey taskKey: @taskKey
core_workflow: { core_workflow: {
callbacks: [@markForm] callbacks: [@markForm]
@ -44,7 +56,7 @@ class Edit extends App.ControllerObserver
filter: @formMeta.filter filter: @formMeta.filter
formMeta: @formMeta formMeta: @formMeta
params: defaults params: defaults
isDisabled: ticket.editable() isDisabled: @ticket.editable()
taskKey: @taskKey taskKey: @taskKey
core_workflow: { core_workflow: {
callbacks: [@markForm] callbacks: [@markForm]
@ -57,8 +69,8 @@ class Edit extends App.ControllerObserver
return if @resetBind return if @resetBind
@resetBind = true @resetBind = true
@controllerBind('ui::ticket::taskReset', (data) => @controllerBind('ui::ticket::taskReset', (data) =>
return if data.ticket_id.toString() isnt ticket.id.toString() return if data.ticket_id.toString() isnt @ticket.id.toString()
@render(ticket) @render()
) )
class SidebarTicket extends App.Controller class SidebarTicket extends App.Controller
@ -128,6 +140,7 @@ class SidebarTicket extends App.Controller
@edit = new Edit( @edit = new Edit(
object_id: @ticket.id object_id: @ticket.id
ticket: @ticket
el: localEl.find('.edit') el: localEl.find('.edit')
taskGet: @taskGet taskGet: @taskGet
formMeta: @formMeta formMeta: @formMeta

View file

@ -0,0 +1,98 @@
class App.Html5Upload extends App.Controller
uploadUrl: null
maxSimultaneousUploads: 1
key: 'File'
data: null
onFileStartCallback: null
onFileCompletedCallback: null
onFileAbortedCallback: null
dropContainer: null
cancelContainer: null
inputField: null
attachmentPlaceholder: null
attachmentUpload: null
progressBar: null
progressText: null
render: =>
html5Upload.initialize(
uploadUrl: @uploadUrl
dropContainer: @dropContainer.get(0)
cancelContainer: @cancelContainer
inputField: @inputField.get(0)
maxSimultaneousUploads: @maxSimultaneousUploads
key: @key
data: @data
onFileAdded: @onFileAdded
)
onFileAdded: (file) =>
file.on(
onStart: @onFileStart
onAborted: @onFileAborted
onCompleted: @onFileCompleted
onProgress: @onFileProgress
onError: @onFileError
)
onFileStart: =>
@attachmentPlaceholder.addClass('hide')
@attachmentUpload.removeClass('hide')
@cancelContainer.removeClass('hide')
App.Log.debug 'Html5Upload', 'upload start'
@onFileStartCallback?()
onFileProgress: (progress, fileSize, uploadedBytes) =>
progress = parseInt(progress)
@progressBar.width(progress + '%')
@progressText.text(progress)
# hide cancel on 90%
if progress >= 90
@cancelContainer.addClass('hide')
App.Log.debug 'Html5Upload', 'uploadProgress ', progress
onFileCompleted: (response) =>
response = JSON.parse(response)
@hideFileUploading()
@onFileCompletedCallback?(response)
App.Log.debug 'Html5Upload', 'upload complete', response.data
onFileAborted: =>
@hideFileUploading()
@onFileAbortedCallback?()
App.Log.debug 'Html5Upload', 'upload aborted'
onFileError: (message) =>
@hideFileUploading()
@inputField.val('')
@callbackFileUploadStop?()
new App.ControllerModal(
head: 'Upload Failed'
buttonCancel: 'Cancel'
buttonCancelClass: 'btn--danger'
buttonSubmit: false
message: message || 'Cannot upload file'
shown: true
small: true
container: @inputField.closest('.content')
)
App.Log.debug 'Html5Upload', 'upload error'
hideFileUploading: =>
@attachmentPlaceholder.removeClass('hide')
@attachmentUpload.addClass('hide')
@progressBar.width('0%')
@progressText.text('0')

View file

@ -255,7 +255,7 @@
manager.ajaxUpload(manager.uploadsQueue.shift()); manager.ajaxUpload(manager.uploadsQueue.shift());
} }
}; };
xhr.abort = function (event) { xhr.onabort = function (event) {
console.log('Upload abort'); console.log('Upload abort');
// Reduce number of active uploads: // Reduce number of active uploads:
@ -269,6 +269,7 @@
// Triggered when upload fails: // Triggered when upload fails:
xhr.onerror = function () { xhr.onerror = function () {
console.log('Upload failed: ', upload.fileName); console.log('Upload failed: ', upload.fileName);
upload.events.onError('Upload failed: ' + upload.fileName);
}; };
// Append additional data if provided: // Append additional data if provided:

View file

@ -1,5 +1,5 @@
class App.KnowledgeBase extends App.Model class App.KnowledgeBase extends App.Model
@configure 'KnowledgeBase', 'iconset', 'color_highlight', 'color_header', 'translation_ids', 'locale_ids', 'homepage_layout', 'category_layout', 'custom_address' @configure 'KnowledgeBase', 'iconset', 'color_highlight', 'color_header', 'color_header_link', 'translation_ids', 'locale_ids', 'homepage_layout', 'category_layout', 'custom_address'
@extend Spine.Model.Ajax @extend Spine.Model.Ajax
@extend App.KnowledgeBaseActions @extend App.KnowledgeBaseActions
@url: @apiPath + '/knowledge_bases' @url: @apiPath + '/knowledge_bases'
@ -148,6 +148,17 @@ class App.KnowledgeBase extends App.Model
display: false display: false
horizontal: true horizontal: true
shown: true shown: true
}, {
name: 'color_header_link'
display: 'Header Link Color'
tag: 'color'
style: 'block'
null: false
screen:
admin_style_color_header_link:
display: false
horizontal: true
shown: true
# Layout picker is disabled in V1 # Layout picker is disabled in V1
#}, { #}, {
# name: 'homepage_layout' # name: 'homepage_layout'

View file

@ -344,9 +344,12 @@ class App.User extends App.Model
@sameOrganization?(requester) @sameOrganization?(requester)
isChangeableBy: (requester) -> isChangeableBy: (requester) ->
# full access for admins
return true if requester.permission('admin.user') return true if requester.permission('admin.user')
# allow agents to change customers # forbid non-agents to change users
return false if !requester.permission('ticket.agent') return false if !requester.permission('ticket.agent')
# allow agents to change customers only
return false if @permission(['admin.user', 'ticket.agent'])
@permission('ticket.customer') @permission('ticket.customer')
isDeleteableBy: (requester) -> isDeleteableBy: (requester) ->

View file

@ -6,11 +6,15 @@
<% if @has_any_tickets: %> <% if @has_any_tickets: %>
<p><%- @T('You have no tickets to display in this overview.') %></p> <p><%- @T('You have no tickets to display in this overview.') %></p>
<% else: %> <% else: %>
<p><%- @T('You have not created a ticket yet.') %></p> <% if @is_allowed_to_create_ticket: %>
<p><%- @T('The way to communicate with us is this thing called "ticket".') %></p> <p><%- @T('You have not created a ticket yet.') %></p>
<p><%- @T('Please click the button below to create your first one.') %></p> <p><%- @T('The way to communicate with us is this thing called "ticket".') %></p>
<p><%- @T('Please click the button below to create your first one.') %></p>
<p><a class="btn btn--primary" href="#customer_ticket_new"><%- @T('Create your first ticket') %></a></p> <p><a class="btn btn--primary" href="#customer_ticket_new"><%- @T('Create your first ticket') %></a></p>
<% else: %>
<p><%- @T('You currently don\'t have any tickets.') %></p>
<% end %>
<% end %> <% end %>
</div> </div>
</div> </div>

View file

@ -17,7 +17,7 @@
<%- @T('Uploading') %> (<span class="js-percentage">0</span>%) ... <%- @T('Uploading') %> (<span class="js-percentage">0</span>%) ...
</div> </div>
<div class="attachmentUpload-cancel js-cancel"> <div class="attachmentUpload-cancel js-cancel">
<%- @Icon('diagonal-cross') %></div><%- @T('Cancel Upload') %> <%- @Icon('diagonal-cross') %><%- @T('Cancel Upload') %>
</div> </div>
</div> </div>
<div class="attachmentUpload-progressBar" style="width: 0%"></div> <div class="attachmentUpload-progressBar" style="width: 0%"></div>

View file

@ -26,11 +26,12 @@ class App.KnowledgeBaseNewModal extends App.ControllerModal
App.UiElement[attribute.tag].prepareParams?(attribute, dom, params) App.UiElement[attribute.tag].prepareParams?(attribute, dom, params)
applyDefaults: (params) -> applyDefaults: (params) ->
params['iconset'] = 'FontAwesome' params['iconset'] = 'FontAwesome'
params['color_highlight'] = '#38ae6a' params['color_highlight'] = '#38ae6a'
params['color_header'] = '#f9fafb' params['color_header'] = '#f9fafb'
params['homepage_layout'] = 'grid' params['color_header_link'] = 'hsl(206,8%,50%)'
params['category_layout'] = 'grid' params['homepage_layout'] = 'grid'
params['category_layout'] = 'grid'
onSubmit: (e) -> onSubmit: (e) ->
params = @formParams(@el) params = @formParams(@el)

View file

@ -14,7 +14,7 @@
<div class="kb-menu-preview"> <div class="kb-menu-preview">
<div class="label"><%= kb_locale.systemLocale().name %></div> <div class="label"><%= kb_locale.systemLocale().name %></div>
<div class="kb-menu-preview-container kb-menu-preview-container--<%= location.identifier %>" style="background-color: <%= location.color %>"> <div class="kb-menu-preview-container kb-menu-preview-container--<%= location.identifier %>" style="background-color: <%= location.color %>; color: <%= location.color_link %>;">
<% menu_items = App.KnowledgeBaseMenuItem.using_kb_locale_location(kb_locale, location.identifier) %> <% menu_items = App.KnowledgeBaseMenuItem.using_kb_locale_location(kb_locale, location.identifier) %>
<% if menu_items.length == 0: %> <% if menu_items.length == 0: %>

View file

@ -3,6 +3,11 @@
</div> </div>
<div class="page-content"> <div class="page-content">
<p>
<%- @T('The installation of packages comes with security implications, because arbitrary code will be executed in the context of the Zammad application.') %>
<br>
<%- @T('Only packages from known, trusted and verfied sources should be installed.') %>
</p>
<p> <p>
<%- @T('After installing, updating or uninstalling packages the following commands need to be executed on the server:') %> <%- @T('After installing, updating or uninstalling packages the following commands need to be executed on the server:') %>
<ul> <ul>
@ -48,4 +53,4 @@
<% end %> <% end %>
</tbody> </tbody>
</table> </table>
</div> </div>

View file

@ -2661,7 +2661,7 @@ input.has-error {
} }
a { a {
color: hsl(206,8%,50%); color: inherit;
} }
.label { .label {
@ -4997,6 +4997,11 @@ footer {
} }
} }
&--vacation {
filter: grayscale(70%);
opacity: 1;
}
&--idle { &--idle {
filter: grayscale(100%); filter: grayscale(100%);
opacity: 0.5; opacity: 0.5;
@ -5007,11 +5012,6 @@ footer {
opacity: 0.2; opacity: 0.2;
} }
&--vacation {
filter: grayscale(70%);
opacity: 1;
}
&--unique { &--unique {
background-image: image_url("/assets/images/avatar-bg.png"); background-image: image_url("/assets/images/avatar-bg.png");
background-size: 300px 226px; background-size: 300px 226px;
@ -7051,7 +7051,7 @@ footer {
padding: 10px 0; padding: 10px 0;
color: #b3b3b3; color: #b3b3b3;
overflow: hidden; overflow: hidden;
@extend .u-unclickable, .u-textTruncate; @extend .u-textTruncate;
} }
.attachments:not(:empty) { .attachments:not(:empty) {
@ -7060,6 +7060,16 @@ footer {
margin: 6px -12px 30px; margin: 6px -12px 30px;
} }
.ticket-create .attachments:not(:empty) {
margin-left: 0;
margin-right: 0;
margin-bottom: 56px;
}
.ticket-create .attachment--row {
line-height: 1.45;
}
.attachment.attachment--row { .attachment.attachment--row {
font-size: 13px; font-size: 13px;
padding: 1px 10px 1px 7px; padding: 1px 10px 1px 7px;
@ -8442,6 +8452,10 @@ footer {
.dropdown li.with-category, .dropdown.dropdown--actions li.with-category { .dropdown li.with-category, .dropdown.dropdown--actions li.with-category {
line-height: 19.5px; line-height: 19.5px;
small {
color: #fff !important;
}
} }
.dropdown.dropdown--actions li.with-category { .dropdown.dropdown--actions li.with-category {

View file

@ -10,8 +10,8 @@ class ApplicationController < ActionController::Base
include ApplicationController::RendersModels include ApplicationController::RendersModels
include ApplicationController::HasUser include ApplicationController::HasUser
include ApplicationController::HasResponseExtentions include ApplicationController::HasResponseExtentions
include ApplicationController::HasDownload
include ApplicationController::PreventsCsrf include ApplicationController::PreventsCsrf
include ApplicationController::HasSecureContentSecurityPolicyForDownloads
include ApplicationController::LogsHttpAccess include ApplicationController::LogsHttpAccess
include ApplicationController::Authorizes include ApplicationController::Authorizes
end end

View file

@ -0,0 +1,44 @@
# Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/
module ApplicationController::HasDownload
extend ActiveSupport::Concern
included do
around_action do |_controller, block|
subscriber = proc do
policy = ActionDispatch::ContentSecurityPolicy.new
policy.default_src :none
# The 'plugin_types' rule is deprecated and should be changed in the future.
policy.plugin_types 'application/pdf'
request.content_security_policy = policy
end
ActiveSupport::Notifications.subscribed(subscriber, 'send_file.action_controller') do
ActiveSupport::Notifications.subscribed(subscriber, 'send_data.action_controller') do
block.call
end
end
end
end
private
def file_id
@file_id ||= params[:id]
end
def download_file
@download_file ||= ::ApplicationController::HasDownload::DownloadFile.new(file_id, disposition: sanitized_disposition)
end
def sanitized_disposition
disposition = params.fetch(:disposition, 'inline')
valid_disposition = %w[inline attachment]
return disposition if valid_disposition.include?(disposition)
raise Exceptions::Forbidden, "Invalid disposition #{disposition} requested. Only #{valid_disposition.join(', ')} are valid."
end
end

View file

@ -0,0 +1,54 @@
# Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/
class ApplicationController::HasDownload::DownloadFile < SimpleDelegator
attr_reader :requested_disposition
def initialize(id, disposition: 'inline')
@requested_disposition = disposition
super(Store.find(id))
end
def disposition
return 'attachment' if forcibly_download_as_binary? || !allowed_inline?
requested_disposition
end
def content_type
return ActiveStorage.binary_content_type if forcibly_download_as_binary?
file_content_type
end
def content(view_type)
return __getobj__.content if view_type.blank? || !preferences[:resizable]
return content_inline if content_inline? && view_type == 'inline'
return content_preview if content_preview? && view_type == 'preview'
__getobj__.content
end
private
def allowed_inline?
ActiveStorage.content_types_allowed_inline.include?(content_type)
end
def forcibly_download_as_binary?
ActiveStorage.content_types_to_serve_as_binary.include?(file_content_type)
end
def file_content_type
@file_content_type ||= preferences['Content-Type'] || preferences['Mime-Type'] || ActiveStorage.binary_content_type
end
def content_inline?
preferences[:content_inline] == true
end
def content_preview?
preferences[:content_preview] == true
end
end

View file

@ -1,25 +0,0 @@
# Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/
module ApplicationController::HasSecureContentSecurityPolicyForDownloads
extend ActiveSupport::Concern
included do
around_action do |_controller, block|
subscriber = proc do
policy = ActionDispatch::ContentSecurityPolicy.new
policy.default_src :none
policy.plugin_types 'application/pdf'
request.content_security_policy = policy
end
ActiveSupport::Notifications.subscribed(subscriber, 'send_file.action_controller') do
ActiveSupport::Notifications.subscribed(subscriber, 'send_data.action_controller') do
block.call
end
end
end
end
end

View file

@ -6,14 +6,13 @@ class AttachmentsController < ApplicationController
prepend_before_action :authentication_check_only, only: %i[show destroy] prepend_before_action :authentication_check_only, only: %i[show destroy]
def show def show
content = @file.content_preview if params[:preview] && @file.preferences[:content_preview] view_type = params[:preview] ? 'preview' : nil
content ||= @file.content
send_data( send_data(
content, download_file.content(view_type),
filename: @file.filename, filename: download_file.filename,
type: @file.preferences['Content-Type'] || @file.preferences['Mime-Type'] || 'application/octet-stream', type: download_file.content_type,
disposition: sanitized_disposition disposition: download_file.disposition
) )
end end
@ -52,7 +51,7 @@ class AttachmentsController < ApplicationController
end end
def destroy def destroy
Store.remove_item(@file.id) Store.remove_item(download_file.id)
render json: { render json: {
success: true, success: true,
@ -72,18 +71,8 @@ class AttachmentsController < ApplicationController
private private
def sanitized_disposition
disposition = params.fetch(:disposition, 'inline')
valid_disposition = %w[inline attachment]
return disposition if valid_disposition.include?(disposition)
raise Exceptions::Forbidden, "Invalid disposition #{disposition} requested. Only #{valid_disposition.join(', ')} are valid."
end
def authorize! def authorize!
@file = Store.find(params[:id]) record = download_file&.store_object&.name&.safe_constantize&.find(download_file.o_id)
record = @file&.store_object&.name&.safe_constantize&.find(@file.o_id)
authorize(record) if record authorize(record) if record
rescue Pundit::NotAuthorizedError rescue Pundit::NotAuthorizedError
raise ActiveRecord::RecordNotFound raise ActiveRecord::RecordNotFound

View file

@ -156,7 +156,7 @@ class FormController < ApplicationController
end end
def token_gen(fingerprint) def token_gen(fingerprint)
crypt = ActiveSupport::MessageEncryptor.new(Setting.get('application_secret')[0, 32]) crypt = ActiveSupport::MessageEncryptor.new(Setting.get('application_secret')[0, 32], serializer: JSON)
fingerprint = "#{Base64.strict_encode64(Setting.get('fqdn'))}:#{Time.zone.now.to_i}:#{Base64.strict_encode64(fingerprint)}" fingerprint = "#{Base64.strict_encode64(Setting.get('fqdn'))}:#{Time.zone.now.to_i}:#{Base64.strict_encode64(fingerprint)}"
Base64.strict_encode64(crypt.encrypt_and_sign(fingerprint)) Base64.strict_encode64(crypt.encrypt_and_sign(fingerprint))
end end
@ -167,7 +167,7 @@ class FormController < ApplicationController
raise Exceptions::Forbidden raise Exceptions::Forbidden
end end
begin begin
crypt = ActiveSupport::MessageEncryptor.new(Setting.get('application_secret')[0, 32]) crypt = ActiveSupport::MessageEncryptor.new(Setting.get('application_secret')[0, 32], serializer: JSON)
result = crypt.decrypt_and_verify(Base64.decode64(token)) result = crypt.decrypt_and_verify(Base64.decode64(token))
rescue rescue
Rails.logger.info 'Invalid token for form!' Rails.logger.info 'Invalid token for form!'

View file

@ -175,29 +175,11 @@ class TicketArticlesController < ApplicationController
end end
raise Exceptions::Forbidden, 'Requested file id is not linked with article_id.' if !access raise Exceptions::Forbidden, 'Requested file id is not linked with article_id.' if !access
# find file
file = Store.find(params[:id])
disposition = sanitized_disposition
content = nil
if params[:view].present? && file.preferences[:resizable] == true
if file.preferences[:content_inline] == true && params[:view] == 'inline'
content = file.content_inline
elsif file.preferences[:content_preview] == true && params[:view] == 'preview'
content = file.content_preview
end
end
if content.blank?
content = file.content
end
send_data( send_data(
content, download_file.content(params[:view]),
filename: file.filename, filename: download_file.filename,
type: file.preferences['Content-Type'] || file.preferences['Mime-Type'] || 'application/octet-stream', type: download_file.content_type,
disposition: disposition disposition: download_file.disposition
) )
end end
@ -278,14 +260,4 @@ class TicketArticlesController < ApplicationController
render json: result render json: result
end end
private
def sanitized_disposition
disposition = params.fetch(:disposition, 'inline')
valid_disposition = %w[inline attachment]
return disposition if valid_disposition.include?(disposition)
raise Exceptions::Forbidden, "Invalid disposition #{disposition} requested. Only #{valid_disposition.join(', ')} are valid."
end
end end

View file

@ -722,31 +722,28 @@ curl http://localhost/api/v1/users/image/8d6cca1c6bdc226cf2ba131e264ca2c7 -v -u
=end =end
def image def image
# cache image # cache image
response.headers['Expires'] = 1.year.from_now.httpdate response.headers['Expires'] = 1.year.from_now.httpdate
response.headers['Cache-Control'] = 'cache, store, max-age=31536000, must-revalidate' response.headers['Cache-Control'] = 'cache, store, max-age=31536000, must-revalidate'
response.headers['Pragma'] = 'cache' response.headers['Pragma'] = 'cache'
file = Avatar.get_by_hash(params[:hash]) file = Avatar.get_by_hash(params[:hash])
if file if file
file_content_type = file.preferences['Content-Type'] || file.preferences['Mime-Type']
return serve_default_image if ActiveStorage.content_types_allowed_inline.exclude?(file_content_type)
send_data( send_data(
file.content, file.content,
filename: file.filename, filename: file.filename,
type: file.preferences['Content-Type'] || file.preferences['Mime-Type'], type: file_content_type,
disposition: 'inline' disposition: 'inline'
) )
return return
end end
# serve default image serve_default_image
image = 'R0lGODdhMAAwAOMAAMzMzJaWlr6+vqqqqqOjo8XFxbe3t7GxsZycnAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAAMAAwAAAEcxDISau9OOvNu/9gKI5kaZ5oqq5s675wLM90bd94ru98TwuAA+KQAQqJK8EAgBAgMEqmkzUgBIeSwWGZtR5XhSqAULACCoGCJGwlm1MGQrq9RqgB8fm4ZTUgDBIEcRR9fz6HiImKi4yNjo+QkZKTlJWWkBEAOw=='
send_data(
Base64.decode64(image),
filename: 'image.gif',
type: 'image/gif',
disposition: 'inline'
)
end end
=begin =begin
@ -778,6 +775,11 @@ curl http://localhost/api/v1/users/avatar -v -u #{login}:#{password} -H "Content
return return
end end
if ActiveStorage::Variant::WEB_IMAGE_CONTENT_TYPES.exclude?(file_full[:mime_type])
render json: { error: 'Mime type is invalid' }, status: :unprocessable_entity
return
end
begin begin
file_resize = StaticAssets.data_url_attributes(params[:avatar_resize]) file_resize = StaticAssets.data_url_attributes(params[:avatar_resize])
rescue rescue
@ -1061,4 +1063,15 @@ curl http://localhost/api/v1/users/avatar -v -u #{login}:#{password} -H "Content
render json: { message: 'ok' }, status: :created render json: { message: 'ok' }, status: :created
end end
def serve_default_image
image = 'R0lGODdhMAAwAOMAAMzMzJaWlr6+vqqqqqOjo8XFxbe3t7GxsZycnAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAAMAAwAAAEcxDISau9OOvNu/9gKI5kaZ5oqq5s675wLM90bd94ru98TwuAA+KQAQqJK8EAgBAgMEqmkzUgBIeSwWGZtR5XhSqAULACCoGCJGwlm1MGQrq9RqgB8fm4ZTUgDBIEcRR9fz6HiImKi4yNjo+QkZKTlJWWkBEAOw=='
send_data(
Base64.decode64(image),
filename: 'image.gif',
type: 'image/gif',
disposition: 'inline'
)
end
end end

View file

@ -4,9 +4,7 @@ class WebhooksController < ApplicationController
prepend_before_action { authentication_check && authorize! } prepend_before_action { authentication_check && authorize! }
def preview def preview
access_condition = Ticket.access_condition(current_user, 'read') ticket = TicketPolicy::ReadScope.new(current_user).resolve.last
ticket = Ticket.where(access_condition).last
render json: JSON.pretty_generate({ render json: JSON.pretty_generate({
ticket: TriggerWebhookJob::RecordPayload.generate(ticket), ticket: TriggerWebhookJob::RecordPayload.generate(ticket),

View file

@ -3,6 +3,7 @@
class UploadCacheCleanupJob < ApplicationJob class UploadCacheCleanupJob < ApplicationJob
def perform def perform
taskbar_form_ids = Taskbar.with_form_id.filter_map(&:persisted_form_id) taskbar_form_ids = Taskbar.with_form_id.filter_map(&:persisted_form_id)
return if store_object_id.blank?
Store.where(store_object_id: store_object_id).where('created_at < ?', 1.month.ago).where.not(o_id: taskbar_form_ids).find_each do |store| Store.where(store_object_id: store_object_id).where('created_at < ?', 1.month.ago).where.not(o_id: taskbar_form_ids).find_each do |store|
Store.remove_item(store.id) Store.remove_item(store.id)
@ -12,6 +13,6 @@ class UploadCacheCleanupJob < ApplicationJob
private private
def store_object_id def store_object_id
Store::Object.lookup(name: 'UploadCache').id Store::Object.lookup(name: 'UploadCache')&.id
end end
end end

View file

@ -121,7 +121,7 @@ returns
key = "#{self.class}::aws::#{id}" key = "#{self.class}::aws::#{id}"
cache = Cache.read(key) cache = Cache.read(key)
return cache if cache return filter_unauthorized_attributes(cache) if cache
attributes = self.attributes attributes = self.attributes
relevant = %i[has_and_belongs_to_many has_many] relevant = %i[has_and_belongs_to_many has_many]
@ -160,7 +160,7 @@ returns
filter_attributes(attributes) filter_attributes(attributes)
Cache.write(key, attributes) Cache.write(key, attributes)
attributes filter_unauthorized_attributes(attributes)
end end
=begin =begin
@ -234,8 +234,7 @@ returns
end end
filter_attributes(attributes) filter_attributes(attributes)
filter_unauthorized_attributes(attributes)
attributes
end end
def filter_attributes(attributes) def filter_attributes(attributes)
@ -243,6 +242,10 @@ returns
attributes.except!('password', 'token', 'tokens', 'token_ids') attributes.except!('password', 'token', 'tokens', 'token_ids')
end end
def filter_unauthorized_attributes(attributes)
attributes
end
=begin =begin
reference if association id check reference if association id check

View file

@ -72,7 +72,6 @@ add avatar by url
=end =end
def self.add(data) def self.add(data)
# lookups # lookups
if data[:object] if data[:object]
object_id = ObjectLookup.by_name(data[:object]) object_id = ObjectLookup.by_name(data[:object])

View file

@ -30,10 +30,26 @@ class CoreWorkflow::Attributes
end end
end end
def selectable_field?(key)
return if key == 'id'
return if !@payload['params'].key?(key)
# some objects have no attributes like "CoreWorkflow"-object as well.
# attributes only exists in the frontend so we skip this check
return true if object_elements.blank?
object_elements_hash.key?(key)
end
def overwrite_selected(result) def overwrite_selected(result)
selected_attributes = selected_only.attributes selected_attributes = selected_only.attributes
selected_attributes.each_key do |key| selected_attributes.each_key do |key|
next if selected_attributes[key].nil? next if !selectable_field?(key)
# special behaviour for owner id
if key == 'owner_id' && selected_attributes[key].nil?
selected_attributes[key] = 1
end
result[key.to_sym] = selected_attributes[key] result[key.to_sym] = selected_attributes[key]
end end
@ -55,6 +71,10 @@ class CoreWorkflow::Attributes
# dont use lookup here because the cache will not # dont use lookup here because the cache will not
# know about new attributes and make crashes # know about new attributes and make crashes
@saved_only ||= payload_class.find_by(id: @payload['params']['id']) @saved_only ||= payload_class.find_by(id: @payload['params']['id'])
# we use marshal here because clone still uses references and dup can't
# detect changes for the rails object
Marshal.load(Marshal.dump(@saved_only))
end end
def saved def saved
@ -67,6 +87,10 @@ class CoreWorkflow::Attributes
end end
end end
def object_elements_hash
@object_elements_hash ||= object_elements.index_by { |x| x[:name] }
end
def screen_value(attribute, type) def screen_value(attribute, type)
attribute[:screens].dig(@payload['screen'], type) attribute[:screens].dig(@payload['screen'], type)
end end

View file

@ -18,4 +18,26 @@ class CoreWorkflow::Result::Backend
def result(backend, field, value = nil) def result(backend, field, value = nil)
@result_object.run_backend_value(backend, field, value) @result_object.run_backend_value(backend, field, value)
end end
def saved_value
# make sure we have a saved object
return if @result_object.attributes.saved_only.blank?
# we only want to have the saved value in the restrictions
# if no changes happend to the form. If the users does changes
# to the form then also the saved value should get removed
return if @result_object.attributes.selected.changed?
# attribute can be blank e.g. in custom development
# or if attribute is only available in the frontend but not
# in the backend
return if attribute.blank?
@result_object.attributes.saved_attribute_value(attribute).to_s
end
def attribute
@attribute ||= @result_object.attributes.object_elements_hash[field]
end
end end

View file

@ -3,8 +3,14 @@
class CoreWorkflow::Result::RemoveOption < CoreWorkflow::Result::BaseOption class CoreWorkflow::Result::RemoveOption < CoreWorkflow::Result::BaseOption
def run def run
@result_object.result[:restrict_values][field] ||= Array(@result_object.payload['params'][field]) @result_object.result[:restrict_values][field] ||= Array(@result_object.payload['params'][field])
@result_object.result[:restrict_values][field] -= Array(@perform_config['remove_option']) @result_object.result[:restrict_values][field] -= Array(config_value)
remove_excluded_param_values remove_excluded_param_values
true true
end end
def config_value
result = Array(@perform_config['remove_option'])
result -= Array(saved_value)
result
end
end end

View file

@ -5,21 +5,23 @@ class CoreWorkflow::Result::SetFixedTo < CoreWorkflow::Result::BaseOption
@result_object.result[:restrict_values][field] = if restriction_set? @result_object.result[:restrict_values][field] = if restriction_set?
restrict_values restrict_values
else else
replace_values config_value
end end
remove_excluded_param_values remove_excluded_param_values
true true
end end
def config_value
result = Array(@perform_config['set_fixed_to'])
result |= Array(saved_value)
result
end
def restriction_set? def restriction_set?
@result_object.result[:restrict_values][field] @result_object.result[:restrict_values][field]
end end
def restrict_values def restrict_values
@result_object.result[:restrict_values][field].reject { |v| Array(@perform_config['set_fixed_to']).exclude?(v) } @result_object.result[:restrict_values][field].reject { |v| config_value.exclude?(v) }
end
def replace_values
Array(@perform_config['set_fixed_to'])
end end
end end

View file

@ -12,6 +12,8 @@ class Group < ApplicationModel
include HasTicketCreateScreenImpact include HasTicketCreateScreenImpact
include HasSearchIndexBackend include HasSearchIndexBackend
include Group::Assets
belongs_to :email_address, optional: true belongs_to :email_address, optional: true
belongs_to :signature, optional: true belongs_to :signature, optional: true

View file

@ -0,0 +1,14 @@
# Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/
class Group
module Assets
extend ActiveSupport::Concern
def filter_unauthorized_attributes(attributes)
return super if UserInfo.assets.blank? || UserInfo.assets.agent?
attributes = super
attributes.slice('id', 'name', 'active')
end
end
end

View file

@ -27,8 +27,9 @@ class KnowledgeBase < ApplicationModel
validates :category_layout, inclusion: { in: KnowledgeBase::LAYOUTS } validates :category_layout, inclusion: { in: KnowledgeBase::LAYOUTS }
validates :homepage_layout, inclusion: { in: KnowledgeBase::LAYOUTS } validates :homepage_layout, inclusion: { in: KnowledgeBase::LAYOUTS }
validates :color_highlight, presence: true, color: true validates :color_highlight, presence: true, color: true
validates :color_header, presence: true, color: true validates :color_header, presence: true, color: true
validates :color_header_link, presence: true, color: true
validates :iconset, inclusion: { in: KnowledgeBase::ICONSETS } validates :iconset, inclusion: { in: KnowledgeBase::ICONSETS }

View file

@ -43,7 +43,7 @@ class ObjectManager::Element::Backend
end end
def screens def screens
attribute.screens.transform_values do |permission_options| @screens ||= attribute.screens.transform_values do |permission_options|
screen_value(permission_options) screen_value(permission_options)
end end
end end

View file

@ -70,5 +70,12 @@ returns
end end
data data
end end
def filter_unauthorized_attributes(attributes)
return super if UserInfo.assets.blank? || UserInfo.assets.agent?
attributes = super
attributes.slice('id', 'name', 'active')
end
end end
end end

View file

@ -263,32 +263,37 @@ subsequently in a separate step.
) )
end end
# store package Transaction.execute do
if !data[:reinstall] # store package
package_db = Package.create(meta) if !data[:reinstall]
Store.add( package_db = Package.create(meta)
object: 'Package', Store.add(
o_id: package_db.id, object: 'Package',
data: package.to_json, o_id: package_db.id,
filename: "#{meta[:name]}-#{meta[:version]}.zpm", data: package.to_json,
preferences: {}, filename: "#{meta[:name]}-#{meta[:version]}.zpm",
created_by_id: UserInfo.current_user_id || 1, preferences: {},
) created_by_id: UserInfo.current_user_id || 1,
end )
end
# write files # write files
package['files'].each do |file| package['files'].each do |file|
permission = file['permission'] || '644' if !allowed_file_path?(file['location'])
content = Base64.decode64(file['content']) raise "Can't create file, because of not allowed file location: #{file['location']}!"
_write_file(file['location'], permission, content) end
end
# update package state permission = file['permission'] || '644'
package_db.state = 'installed' content = Base64.decode64(file['content'])
package_db.save _write_file(file['location'], permission, content)
end
# update package state
package_db.state = 'installed'
package_db.save
end
# prebuild assets # prebuild assets
package_db package_db
end end
@ -483,4 +488,9 @@ execute all pending package migrations at once
true true
end end
def self.allowed_file_path?(file)
file.exclude?('..') && file.exclude?('%2e%2e')
end
private_class_method :allowed_file_path?
end end

View file

@ -60,5 +60,13 @@ returns
end end
data data
end end
def filter_unauthorized_attributes(attributes)
return super if UserInfo.assets.blank? || UserInfo.assets.agent?
attributes = super
attributes['name'] = "Role_#{id}"
attributes.slice('id', 'name', 'group_ids', 'permission_ids', 'active')
end
end end
end end

View file

@ -926,17 +926,16 @@ try to find correct name
end end
# check if login already exists # check if login already exists
self.login = login.downcase.strip base_login = login.downcase.strip
check = true
while check alternatives = [nil] + Array(1..20) + [ SecureRandom.uuid ]
alternatives.each do |suffix|
self.login = "#{base_login}#{suffix}"
exists = User.find_by(login: login) exists = User.find_by(login: login)
if exists && exists.id != id return true if !exists || exists.id == id
self.login = "#{login}#{rand(999)}" # rubocop:disable Zammad/ForbidRand
else
check = false
end
end end
true
raise Exceptions::UnprocessableEntity, "Invalid user login generation for login #{login}!"
end end
def check_mail_delivery_failed def check_mail_delivery_failed

View file

@ -110,5 +110,20 @@ returns
end end
data data
end end
def filter_unauthorized_attributes(attributes)
return super if UserInfo.assets.blank? || UserInfo.assets.agent?
# customer assets for the user session
if UserInfo.current_user_id == id
attributes = super
attributes.except!('web', 'phone', 'mobile', 'fax', 'department', 'street', 'zip', 'city', 'country', 'address', 'note')
return attributes
end
# customer assets for other user
attributes = super
attributes.slice('id', 'firstname', 'lastname', 'image', 'image_source', 'active')
end
end end
end end

View file

@ -13,6 +13,7 @@ class SettingPolicy < ApplicationPolicy
private private
def permitted? def permitted?
return false if record.preferences[:protected]
return true if !record.preferences[:permission] return true if !record.preferences[:permission]
user.permissions?(record.preferences[:permission]) user.permissions?(record.preferences[:permission])

View file

@ -13,7 +13,7 @@ class TicketPolicy < ApplicationPolicy
super super
end end
def resolve # rubocop:disable Metrics/AbcSize def resolve # rubocop:disable Metrics/AbcSize, Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity
raise NoMethodError, <<~ERR.chomp if instance_of?(TicketPolicy::BaseScope) raise NoMethodError, <<~ERR.chomp if instance_of?(TicketPolicy::BaseScope)
specify an access type using a subclass of TicketPolicy::BaseScope specify an access type using a subclass of TicketPolicy::BaseScope
ERR ERR
@ -26,12 +26,19 @@ class TicketPolicy < ApplicationPolicy
bind.push(user.group_ids_access(self.class::ACCESS_TYPE)) bind.push(user.group_ids_access(self.class::ACCESS_TYPE))
end end
if user.organization&.shared if user.permissions?('ticket.customer')
sql.push('(tickets.customer_id = ? OR tickets.organization_id = ?)') if user.organization&.shared
bind.push(user.id, user.organization.id) sql.push('(tickets.customer_id = ? OR tickets.organization_id = ?)')
else bind.push(user.id, user.organization.id)
sql.push('tickets.customer_id = ?') else
bind.push(user.id) sql.push('tickets.customer_id = ?')
bind.push(user.id)
end
end
# The report permission can access all tickets.
if sql.empty? && !user.permissions?('report')
sql.push '0 = 1' # Forbid unlimited access for all other permissions.
end end
scope.where sql.join(' OR '), *bind scope.where sql.join(' OR '), *bind

View file

@ -13,11 +13,14 @@ class UserPolicy < ApplicationPolicy
end end
def update? def update?
# full access for admins
return true if user.permissions?('admin.user') return true if user.permissions?('admin.user')
# forbid non-agents to change users # forbid non-agents to change users
return false if !user.permissions?('ticket.agent') return false if !user.permissions?('ticket.agent')
# allow agents to change customers # allow agents to change customers only
return false if record.permissions?(['admin.user', 'ticket.agent'])
record.permissions?('ticket.customer') record.permissions?('ticket.customer')
end end

View file

@ -28,4 +28,8 @@
.header { .header {
background-color: <%= knowledge_base.color_header %>; background-color: <%= knowledge_base.color_header %>;
} }
.header .menu-item {
color: <%= knowledge_base.color_header_link %>;
}
</style> </style>

View file

@ -5,11 +5,11 @@ Rails.application.config.html_sanitizer_tags_remove_content = %w[
style style
comment comment
meta meta
script
] ]
# content of this tags will will be inserted html quoted # content of this tags will will be inserted html quoted
Rails.application.config.html_sanitizer_tags_quote_content = %w[ Rails.application.config.html_sanitizer_tags_quote_content = %w[
script
] ]
# only this tags are allowed # only this tags are allowed

View file

@ -228,7 +228,7 @@ function create_webserver_config () {
function setup_elasticsearch () { function setup_elasticsearch () {
echo "# Configuring Elasticsearch..." echo "# Configuring Elasticsearch..."
ES_CONNECTION="$(zammad run rails r "puts Setting.get('es_url')"| tail -n 1 2>> /dev/null)" ES_CONNECTION="$(zammad run rails r "puts '',Setting.get('es_url')"| tail -n 1 2>> /dev/null)"
if [ -z "${ES_CONNECTION}" ]; then if [ -z "${ES_CONNECTION}" ]; then
echo "-- Nevermind, no es_url is set, leaving Elasticsearch untouched ...!" echo "-- Nevermind, no es_url is set, leaving Elasticsearch untouched ...!"
@ -274,6 +274,10 @@ function elasticsearch_searchindex_rebuild () {
function update_or_install () { function update_or_install () {
if [ -f ${ZAMMAD_DIR}/config/database.yml ]; then if [ -f ${ZAMMAD_DIR}/config/database.yml ]; then
echo "# Clear cache..."
zammad run rails r Cache.clear
update_database update_database
update_translations update_translations

View file

@ -8,8 +8,9 @@ class InitializeKnowledgeBase < ActiveRecord::Migration[5.0]
create_table :knowledge_bases do |t| create_table :knowledge_bases do |t|
t.string :iconset, limit: 30, null: false t.string :iconset, limit: 30, null: false
t.string :color_highlight, limit: 25, null: false t.string :color_highlight, limit: 25, null: false
t.string :color_header, limit: 25, null: false t.string :color_header, limit: 25, null: false
t.string :color_header_link, limit: 25, null: false
t.string :homepage_layout, null: false t.string :homepage_layout, null: false
t.string :category_layout, null: false t.string :category_layout, null: false

View file

@ -75,6 +75,8 @@ class InitCoreWorkflow < ActiveRecord::Migration[5.2]
def fix_pending_time def fix_pending_time
pending_time = ObjectManager::Attribute.find_by(name: 'pending_time', object_lookup: ObjectLookup.find_by(name: 'Ticket')) pending_time = ObjectManager::Attribute.find_by(name: 'pending_time', object_lookup: ObjectLookup.find_by(name: 'Ticket'))
return if pending_time.blank?
pending_time.data_option.delete('required_if') pending_time.data_option.delete('required_if')
pending_time.data_option.delete('shown_if') pending_time.data_option.delete('shown_if')
pending_time.save pending_time.save
@ -83,6 +85,8 @@ class InitCoreWorkflow < ActiveRecord::Migration[5.2]
def fix_organization_screens def fix_organization_screens
%w[domain note].each do |name| %w[domain note].each do |name|
field = ObjectManager::Attribute.find_by(name: name, object_lookup: ObjectLookup.find_by(name: 'Organization')) field = ObjectManager::Attribute.find_by(name: name, object_lookup: ObjectLookup.find_by(name: 'Organization'))
next if field.blank?
field.screens['create'] ||= {} field.screens['create'] ||= {}
field.screens['create']['-all-'] ||= {} field.screens['create']['-all-'] ||= {}
field.screens['create']['-all-']['null'] = true field.screens['create']['-all-']['null'] = true
@ -93,6 +97,8 @@ class InitCoreWorkflow < ActiveRecord::Migration[5.2]
def fix_user_screens def fix_user_screens
%w[email web phone mobile organization_id fax department street zip city country address password vip note role_ids].each do |name| %w[email web phone mobile organization_id fax department street zip city country address password vip note role_ids].each do |name|
field = ObjectManager::Attribute.find_by(name: name, object_lookup: ObjectLookup.find_by(name: 'User')) field = ObjectManager::Attribute.find_by(name: name, object_lookup: ObjectLookup.find_by(name: 'User'))
next if field.blank?
field.screens['create'] ||= {} field.screens['create'] ||= {}
field.screens['create']['-all-'] ||= {} field.screens['create']['-all-'] ||= {}
field.screens['create']['-all-']['null'] = true field.screens['create']['-all-']['null'] = true

View file

@ -0,0 +1,15 @@
# Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/
class MaintenanceImproveSettingPreferences < ActiveRecord::Migration[6.0]
def change
return if !Setting.exists?(name: 'system_init_done')
protected_settings = %w[application_secret]
protected_settings.each do |name|
setting = Setting.find_by(name: name)
setting.preferences[:protected] = true
setting.save!
end
end
end

View file

@ -11,6 +11,8 @@ class Issue3751MissingWorkflowScreens < ActiveRecord::Migration[6.0]
def fix_organization_screens_create def fix_organization_screens_create
%w[name shared domain_assignment active].each do |name| %w[name shared domain_assignment active].each do |name|
field = ObjectManager::Attribute.find_by(name: name, object_lookup: ObjectLookup.find_by(name: 'Organization')) field = ObjectManager::Attribute.find_by(name: name, object_lookup: ObjectLookup.find_by(name: 'Organization'))
next if field.blank?
field.screens['create'] ||= {} field.screens['create'] ||= {}
field.screens['create']['-all-'] ||= {} field.screens['create']['-all-'] ||= {}
field.screens['create']['-all-']['null'] = false field.screens['create']['-all-']['null'] = false
@ -21,6 +23,8 @@ class Issue3751MissingWorkflowScreens < ActiveRecord::Migration[6.0]
def fix_user_screens_create def fix_user_screens_create
%w[firstname lastname active].each do |name| %w[firstname lastname active].each do |name|
field = ObjectManager::Attribute.find_by(name: name, object_lookup: ObjectLookup.find_by(name: 'User')) field = ObjectManager::Attribute.find_by(name: name, object_lookup: ObjectLookup.find_by(name: 'User'))
next if field.blank?
field.screens['create'] ||= {} field.screens['create'] ||= {}
field.screens['create']['-all-'] ||= {} field.screens['create']['-all-'] ||= {}
field.screens['create']['-all-']['null'] = false field.screens['create']['-all-']['null'] = false

View file

@ -0,0 +1,10 @@
# Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/
class RemoveOtrsDiffWorkerSchedulerEntry < ActiveRecord::Migration[6.0]
def change
# return if it's a new setup
return if !Setting.exists?(name: 'system_init_done')
Scheduler.find_by(method: 'Import::OTRS.diff_worker')&.destroy
end
end

View file

@ -0,0 +1,11 @@
# Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/
class Issue2619KbHeaderLinkColor < ActiveRecord::Migration[6.0]
def up
return if !Setting.exists?(name: 'system_init_done')
add_column :knowledge_bases, :color_header_link, :string, limit: 25, null: false, default: 'hsl(206,8%,50%)' # rubocop:disable Zammad/ExistsResetColumnInformation
change_column_default :knowledge_bases, :color_header_link, nil
KnowledgeBase.reset_column_information
end
end

View file

@ -0,0 +1,11 @@
# Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/
class ReloadAfterCoreWorkflow < ActiveRecord::Migration[4.2]
def up
# return if it's a new setup
return if !Setting.exists?(name: 'system_init_done')
AppVersion.set(true, 'app_version')
end
end

View file

@ -0,0 +1,11 @@
# Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/
class ReloadAfterCoreWorkflowAgain < ActiveRecord::Migration[6.0]
def up
# return if it's a new setup
return if !Setting.exists?(name: 'system_init_done')
AppVersion.set(true, 'app_version')
end
end

View file

@ -0,0 +1,11 @@
# Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/
class Issue3787FixJob < ActiveRecord::Migration[6.0]
def change
# return if it's a new setup
return if !Setting.exists?(name: 'system_init_done')
Scheduler.find_by(name: 'Delete old upload cache entries.').update(error_message: nil, status: nil, active: true)
end
end

View file

@ -21,15 +21,6 @@ Scheduler.create_if_not_exists(
prio: 1, prio: 1,
active: true, active: true,
) )
Scheduler.create_if_not_exists(
name: 'Import OTRS diff load',
method: 'Import::OTRS.diff_worker',
period: 3.minutes,
prio: 1,
active: true,
updated_by_id: 1,
created_by_id: 1,
)
Scheduler.create_if_not_exists( Scheduler.create_if_not_exists(
name: 'Check Channels', name: 'Check Channels',
method: 'Channel.fetch', method: 'Channel.fetch',

View file

@ -9,6 +9,7 @@ Setting.create_if_not_exists(
state: SecureRandom.hex(128), state: SecureRandom.hex(128),
preferences: { preferences: {
permission: ['admin'], permission: ['admin'],
protected: true,
}, },
frontend: false frontend: false
) )

View file

@ -1,7 +1,5 @@
# Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/ # Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/
require 'faker'
# rubocop:disable Rails/Output # rubocop:disable Rails/Output
module FillDb module FillDb
@ -55,7 +53,7 @@ or if you only want to create 100 tickets
else else
(1..organizations).each do (1..organizations).each do
ActiveRecord::Base.transaction do ActiveRecord::Base.transaction do
organization = Organization.create!(name: "FillOrganization::#{Faker::Number.number(digits: 6)}", active: true) organization = Organization.create!(name: "FillOrganization::#{counter}", active: true)
organization_pool.push organization organization_pool.push organization
end end
end end
@ -72,7 +70,7 @@ or if you only want to create 100 tickets
(1..agents).each do (1..agents).each do
ActiveRecord::Base.transaction do ActiveRecord::Base.transaction do
suffix = Faker::Number.number(digits: 5).to_s suffix = counter.to_s
user = User.create_or_update( user = User.create_or_update(
login: "filldb-agent-#{suffix}", login: "filldb-agent-#{suffix}",
firstname: "agent #{suffix}", firstname: "agent #{suffix}",
@ -102,7 +100,7 @@ or if you only want to create 100 tickets
(1..customers).each do (1..customers).each do
ActiveRecord::Base.transaction do ActiveRecord::Base.transaction do
suffix = Faker::Number.number(digits: 5).to_s suffix = counter.to_s
organization = nil organization = nil
if organization_pool.present? && true_or_false.sample if organization_pool.present? && true_or_false.sample
organization = organization_pool.sample organization = organization_pool.sample
@ -132,7 +130,7 @@ or if you only want to create 100 tickets
else else
(1..groups).each do (1..groups).each do
ActiveRecord::Base.transaction do ActiveRecord::Base.transaction do
group = Group.create!(name: "FillGroup::#{Faker::Number.number(digits: 6)}", active: true) group = Group.create!(name: "FillGroup::#{counter}", active: true)
group_pool.push group group_pool.push group
Role.where(name: 'Agent').first.users.where(active: true).each do |user| Role.where(name: 'Agent').first.users.where(active: true).each do |user|
user_groups = user.groups user_groups = user.groups
@ -150,7 +148,7 @@ or if you only want to create 100 tickets
(1..overviews).each do (1..overviews).each do
ActiveRecord::Base.transaction do ActiveRecord::Base.transaction do
Overview.create!( Overview.create!(
name: "Filloverview::#{Faker::Number.number(digits: 6)}", name: "Filloverview::#{counter}",
role_ids: [Role.find_by(name: 'Agent').id], role_ids: [Role.find_by(name: 'Agent').id],
condition: { condition: {
'ticket.state_id' => { 'ticket.state_id' => {
@ -185,7 +183,7 @@ or if you only want to create 100 tickets
customer = customer_pool.sample customer = customer_pool.sample
agent = agent_pool.sample agent = agent_pool.sample
ticket = Ticket.create!( ticket = Ticket.create!(
title: "some title äöüß#{Faker::Number.number(digits: 6)}", title: "some title äöüß#{counter}",
group: group_pool.sample, group: group_pool.sample,
customer: customer, customer: customer,
owner: agent, owner: agent,
@ -200,8 +198,8 @@ or if you only want to create 100 tickets
ticket_id: ticket.id, ticket_id: ticket.id,
from: customer.email, from: customer.email,
to: 'some_recipient@example.com', to: 'some_recipient@example.com',
subject: "some subject#{Faker::Number.number(digits: 6)}", subject: "some subject#{counter}",
message_id: "some@id-#{Faker::Number.number(digits: 6)}", message_id: "some@id-#{counter}",
body: 'some message ...', body: 'some message ...',
internal: false, internal: false,
sender: Ticket::Article::Sender.where(name: 'Customer').first, sender: Ticket::Article::Sender.where(name: 'Customer').first,
@ -214,5 +212,10 @@ or if you only want to create 100 tickets
end end
end end
end end
def self.counter
@counter ||= SecureRandom.random_number(1_000_000)
@counter += 1
end
end end
# rubocop:enable Rails/Output # rubocop:enable Rails/Output

View file

@ -1,12 +1,14 @@
# Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/ # Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/
require 'uri'
class GitHub class GitHub
class HttpClient class HttpClient
attr_reader :api_token, :endpoint attr_reader :api_token, :endpoint
def initialize(endpoint, api_token) def initialize(endpoint, api_token)
raise 'api_token required' if api_token.blank? raise 'api_token required' if api_token.blank?
raise 'endpoint required' if endpoint.blank? raise 'endpoint required' if endpoint.blank? || endpoint.exclude?('/graphql') || endpoint.scan(URI::DEFAULT_PARSER.make_regexp).blank?
@api_token = api_token @api_token = api_token
@endpoint = endpoint @endpoint = endpoint
@ -30,7 +32,7 @@ class GitHub
if !response.success? if !response.success?
Rails.logger.error response.error Rails.logger.error response.error
raise "Error while requesting GitHub GraphQL API: #{response.error}" raise 'GitHub request failed! Please have a look at the log file for details'
end end
response.data response.data

View file

@ -1,12 +1,14 @@
# Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/ # Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/
require 'uri'
class GitLab class GitLab
class HttpClient class HttpClient
attr_reader :api_token, :endpoint attr_reader :api_token, :endpoint
def initialize(endpoint, api_token) def initialize(endpoint, api_token)
raise 'api_token required' if api_token.blank? raise 'api_token required' if api_token.blank?
raise 'endpoint required' if endpoint.blank? raise 'endpoint required' if endpoint.blank? || endpoint.exclude?('/graphql') || endpoint.scan(URI::DEFAULT_PARSER.make_regexp).blank?
@api_token = api_token @api_token = api_token
@endpoint = endpoint @endpoint = endpoint
@ -30,7 +32,7 @@ class GitLab
if !response.success? if !response.success?
Rails.logger.error response.error Rails.logger.error response.error
raise "Error while requesting GitLab GraphQL API: #{response.error}" raise 'GitLab request failed! Please have a look at the log file for details'
end end
response.data response.data

View file

@ -324,7 +324,8 @@ returns
locale: data[:locale], locale: data[:locale],
timezone: data[:timezone], timezone: data[:timezone],
template: template[:subject], template: template[:subject],
escape: false escape: false,
trusted: true,
).render ).render
# strip off the extra newline at the end of the subject to avoid =0A suffixes (see #2726) # strip off the extra newline at the end of the subject to avoid =0A suffixes (see #2726)
@ -334,7 +335,8 @@ returns
objects: data[:objects], objects: data[:objects],
locale: data[:locale], locale: data[:locale],
timezone: data[:timezone], timezone: data[:timezone],
template: template[:body] template: template[:body],
trusted: true,
).render ).render
if !data[:raw] if !data[:raw]
@ -348,7 +350,8 @@ returns
objects: data[:objects], objects: data[:objects],
locale: data[:locale], locale: data[:locale],
timezone: data[:timezone], timezone: data[:timezone],
template: application_template template: application_template,
trusted: true,
).render ).render
end end
{ {

View file

@ -13,7 +13,8 @@ examples how to use
locale: 'de-de', locale: 'de-de',
timezone: 'America/Port-au-Prince', timezone: 'America/Port-au-Prince',
template: 'some template <b>#{ticket.title}</b> {config.fqdn}', template: 'some template <b>#{ticket.title}</b> {config.fqdn}',
escape: false escape: false,
trusted: false, # Allow ERB tags in the template?
).render ).render
message_body = NotificationFactory::Renderer.new( message_body = NotificationFactory::Renderer.new(
@ -27,16 +28,20 @@ examples how to use
=end =end
def initialize(objects:, template:, locale: nil, timezone: nil, escape: true) def initialize(objects:, template:, locale: nil, timezone: nil, escape: true, trusted: false) # rubocop:disable Metrics/ParameterLists
@objects = objects @objects = objects
@locale = locale || Locale.default @locale = locale || Locale.default
@timezone = timezone || Setting.get('timezone_default') @timezone = timezone || Setting.get('timezone_default')
@template = NotificationFactory::Template.new(template, escape) @template = NotificationFactory::Template.new(template, escape, trusted)
@escape = escape @escape = escape
end end
def render def render
ERB.new(@template.to_s).result(binding) ERB.new(@template.to_s).result(binding)
rescue Exception => e # rubocop:disable Lint/RescueException
raise StandardError, e.message if e.is_a? SyntaxError
raise
end end
# d - data of object # d - data of object

View file

@ -46,14 +46,16 @@ returns
locale: data[:locale], locale: data[:locale],
timezone: data[:timezone], timezone: data[:timezone],
template: template[:subject], template: template[:subject],
escape: false escape: false,
trusted: true
).render ).render
message_body = NotificationFactory::Renderer.new( message_body = NotificationFactory::Renderer.new(
objects: data[:objects], objects: data[:objects],
locale: data[:locale], locale: data[:locale],
timezone: data[:timezone], timezone: data[:timezone],
template: template[:body], template: template[:body],
escape: false escape: false,
trusted: true
).render ).render
if !data[:raw] if !data[:raw]
@ -68,7 +70,8 @@ returns
locale: data[:locale], locale: data[:locale],
timezone: data[:timezone], timezone: data[:timezone],
template: application_template, template: application_template,
escape: false escape: false,
trusted: true
).render ).render
end end
{ {

View file

@ -9,17 +9,21 @@ examples how to use
cleaned_template = NotificationFactory::Template.new( cleaned_template = NotificationFactory::Template.new(
'some template <b>#{ticket.title}</b> #{config.fqdn}', 'some template <b>#{ticket.title}</b> #{config.fqdn}',
true, true,
false, # Allow ERB tags in the template?
).to_s ).to_s
=end =end
def initialize(template, escape) def initialize(template, escape, trusted)
@template = template @template = template
@escape = escape @escape = escape
@trusted = trusted
end end
def to_s def to_s
@template.gsub(%r{\#{\s*(.*?)\s*}}m) do result = @template
result.gsub!(%r{<%(?!%)}, '<%%') if !@trusted
result.gsub(%r{\#{\s*(.*?)\s*}}m) do
# some browsers start adding HTML tags # some browsers start adding HTML tags
# fixes https://github.com/zammad/zammad/issues/385 # fixes https://github.com/zammad/zammad/issues/385
input_template = $1.gsub(%r{\A<.+?>\s*|\s*<.+?>\z}, '') input_template = $1.gsub(%r{\A<.+?>\s*|\s*<.+?>\z}, '')

View file

@ -4,7 +4,7 @@ module SessionHelper
def self.json_hash(user) def self.json_hash(user)
collections, assets = default_collections(user) collections, assets = default_collections(user)
{ {
session: user.filter_attributes(user.attributes), session: user.filter_unauthorized_attributes(user.filter_attributes(user.attributes)),
models: models(user), models: models(user),
collections: collections, collections: collections,
assets: assets, assets: assets,

View file

@ -7,6 +7,11 @@ module UserInfo
def self.current_user_id=(user_id) def self.current_user_id=(user_id)
Thread.current[:user_id] = user_id Thread.current[:user_id] = user_id
Thread.current[:assets] = UserInfo::Assets.new(user_id)
end
def self.assets
Thread.current[:assets]
end end
def self.ensure_current_user_id def self.ensure_current_user_id

52
lib/user_info/assets.rb Normal file
View file

@ -0,0 +1,52 @@
# Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/
class UserInfo::Assets
LEVEL_CUSTOMER = 1
LEVEL_AGENT = 2
LEVEL_ADMIN = 3
attr_accessor :current_user_id, :level, :filter_attributes, :user
def initialize(current_user_id)
@current_user_id = current_user_id
@user = User.find_by(id: current_user_id) if current_user_id.present?
set_level
end
def admin?
check_level?(UserInfo::Assets::LEVEL_ADMIN)
end
def agent?
check_level?(UserInfo::Assets::LEVEL_AGENT)
end
def customer?
check_level?(UserInfo::Assets::LEVEL_CUSTOMER)
end
def set_level
if user.blank?
self.level = nil
return
end
self.level = UserInfo::Assets::LEVEL_CUSTOMER
Permission.where(id: user.permissions_with_child_ids).each do |permission|
case permission.name
when %r{^admin\.}
self.level = UserInfo::Assets::LEVEL_ADMIN
break
when 'ticket.agent'
self.level = UserInfo::Assets::LEVEL_AGENT
end
end
end
def check_level?(check)
return true if user.blank?
level >= check
end
end

View file

@ -0,0 +1,16 @@
FROM node:8-alpine
ENV GULP_DIR "/tmp/gulp"
RUN apk update && apk add bash
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
CMD bash # If you want to override CMD
RUN npm install -g gulp
COPY docker-entrypoint.sh /
# enable volume to generate build files into the hosts FS
VOLUME ["$GULP_DIR"]
# start
ENTRYPOINT ["/docker-entrypoint.sh"]

View file

@ -0,0 +1,5 @@
# Zammad Chat build
This folder contains a `docker` image and the required files to build the Zammad Chat from coffeescript and eco files. This workaround is required for now because of the outdated NodeJS 8 dependency.
The build process can easily be started by executing the `build.sh` file. There is nothing more to it except of having `docker` installed and running.

8
public/assets/chat/build.sh Executable file
View file

@ -0,0 +1,8 @@
#!/bin/bash
set -o errexit
set -o pipefail
docker build --no-cache -t zammad/chat-build:latest .
docker run --rm -v "$(pwd)/:/tmp/gulp" zammad/chat-build:latest

View file

@ -762,7 +762,11 @@ do(window) ->
console.log('p', docType, text) console.log('p', docType, text)
if docType is 'html' if docType is 'html'
html = document.createElement('div') html = document.createElement('div')
html.innerHTML = text # can't log because might contain malicious content
# @log.debug 'HTML clipboard', text
sanitized = DOMPurify.sanitize(text)
@log.debug 'sanitized HTML clipboard', sanitized
html.innerHTML = sanitized
match = false match = false
htmlTmp = text htmlTmp = text
regex = new RegExp('<(/w|w)\:[A-Za-z]') regex = new RegExp('<(/w|w)\:[A-Za-z]')

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

View file

@ -718,7 +718,9 @@ do($ = window.jQuery, window) ->
text = text.replace(/<div><\/div>/g, '<div><br></div>') text = text.replace(/<div><\/div>/g, '<div><br></div>')
console.log('p', docType, text) console.log('p', docType, text)
if docType is 'html' if docType is 'html'
html = $("<div>#{text}</div>") sanitized = DOMPurify.sanitize(text)
@log.debug 'sanitized HTML clipboard', sanitized
html = $("<div>#{sanitized}</div>")
match = false match = false
htmlTmp = text htmlTmp = text
regex = new RegExp('<(/w|w)\:[A-Za-z]') regex = new RegExp('<(/w|w)\:[A-Za-z]')

View file

@ -314,6 +314,7 @@
line-height: 1.4em; line-height: 1.4em;
font-size: inherit; font-size: inherit;
-webkit-appearance: none; -webkit-appearance: none;
-moz-appearance: none;
appearance: none; appearance: none;
border: none; border: none;
background: none; background: none;
@ -329,6 +330,7 @@
.zammad-chat-button { .zammad-chat-button {
-webkit-appearance: none; -webkit-appearance: none;
-moz-appearance: none;
appearance: none; appearance: none;
font-family: inherit; font-family: inherit;
font-size: inherit; font-size: inherit;
@ -349,6 +351,7 @@
.zammad-chat-button:disabled, .zammad-chat-button:disabled,
.zammad-chat-input:disabled { .zammad-chat-input:disabled {
cursor: not-allowed;
opacity: 0.3; } opacity: 0.3; }
.zammad-chat-is-hidden { .zammad-chat-is-hidden {

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

View file

@ -0,0 +1,7 @@
#!/bin/bash
cd "${GULP_DIR}" || exit
yarn
gulp js css no-jquery

View file

@ -25,11 +25,14 @@ gulp.task('js', function(){
var templates = gulp.src('views/*.eco') var templates = gulp.src('views/*.eco')
.pipe(eco({namespace: 'zammadChatTemplates'})); .pipe(eco({namespace: 'zammadChatTemplates'}));
var purify = gulp.src('purify.min.js');
var js = gulp.src('chat.coffee') var js = gulp.src('chat.coffee')
.pipe(plumber()) .pipe(plumber())
.pipe(coffee({bare: true}).on('error', gutil.log)); .pipe(coffee({bare: true}).on('error', gutil.log));
return merge(templates, js) return merge(templates, js)
.add(purify)
.pipe(concat('chat.js')) .pipe(concat('chat.js'))
.pipe(gulp.dest('./')) .pipe(gulp.dest('./'))
.pipe(uglify()) .pipe(uglify())
@ -42,11 +45,14 @@ gulp.task('no-jquery', function(){
var templates = gulp.src('views/*.eco') var templates = gulp.src('views/*.eco')
.pipe(eco({namespace: 'zammadChatTemplates'})); .pipe(eco({namespace: 'zammadChatTemplates'}));
var purify = gulp.src('purify.min.js');
var js = gulp.src('chat-no-jquery.coffee') var js = gulp.src('chat-no-jquery.coffee')
.pipe(plumber()) .pipe(plumber())
.pipe(coffee({bare: true}).on('error', gutil.log)); .pipe(coffee({bare: true}).on('error', gutil.log));
return merge(templates, js) return merge(templates, js)
.add(purify)
.pipe(concat('chat-no-jquery.js')) .pipe(concat('chat-no-jquery.js'))
.pipe(gulp.dest('./')) .pipe(gulp.dest('./'))
.pipe(uglify()) .pipe(uglify())

3
public/assets/chat/purify.min.js vendored Normal file

File diff suppressed because one or more lines are too long

View file

@ -370,8 +370,8 @@ test('table test', function() {
groupBy: 'priority', groupBy: 'priority',
groupDirection: 'DESC', groupDirection: 'DESC',
}) })
equal(el.find('tbody > tr:nth-child(1) > td:nth-child(1)').text().trim(), '1 niedrig', 'check row 1') equal(el.find('tbody > tr:nth-child(1) > td:nth-child(1)').text().trim(), '2 normal', 'check row 1')
equal(el.find('tbody > tr:nth-child(4) > td:nth-child(1)').text().trim(), '2 normal', 'check row 3') equal(el.find('tbody > tr:nth-child(3) > td:nth-child(1)').text().trim(), '1 niedrig', 'check row 3')
$('#table').append('<hr><h1>table Group By Direction ASC</h1><div id="table7"></div>') $('#table').append('<hr><h1>table Group By Direction ASC</h1><div id="table7"></div>')
el = $('#table7') el = $('#table7')

View file

@ -12,7 +12,6 @@ if [ "$LEVEL" == '1' ]; then
cp test/integration/aaa_auto_wizard_base_setup_test.rb test/browser/aaa_auto_wizard_base_setup_test.rb cp test/integration/aaa_auto_wizard_base_setup_test.rb test/browser/aaa_auto_wizard_base_setup_test.rb
rm test/browser/abb_one_group_test.rb rm test/browser/abb_one_group_test.rb
rm test/browser/admin_channel_email_test.rb rm test/browser/admin_channel_email_test.rb
rm test/browser/admin_calendar_sla_test.rb
rm test/browser/admin_drag_drop_to_new_group_test.rb rm test/browser/admin_drag_drop_to_new_group_test.rb
rm test/browser/admin_overview_test.rb rm test/browser/admin_overview_test.rb
rm test/browser/admin_permissions_granular_vs_full_test.rb rm test/browser/admin_permissions_granular_vs_full_test.rb
@ -41,24 +40,16 @@ if [ "$LEVEL" == '1' ]; then
rm test/browser/agent_ticket_task_changed_test.rb rm test/browser/agent_ticket_task_changed_test.rb
rm test/browser/agent_ticket_text_module_test.rb rm test/browser/agent_ticket_text_module_test.rb
rm test/browser/agent_ticket_time_accounting_test.rb rm test/browser/agent_ticket_time_accounting_test.rb
rm test/browser/agent_ticket_update1_test.rb
rm test/browser/agent_ticket_update2_test.rb
rm test/browser/agent_ticket_update3_test.rb
rm test/browser/agent_ticket_update4_test.rb
rm test/browser/agent_ticket_update5_test.rb
rm test/browser/agent_ticket_update_with_attachment_refresh_test.rb rm test/browser/agent_ticket_update_with_attachment_refresh_test.rb
rm test/browser/agent_ticket_update_and_reload_test.rb rm test/browser/agent_ticket_update_and_reload_test.rb
rm test/browser/agent_ticket_zoom_hide_test.rb rm test/browser/agent_ticket_zoom_hide_test.rb
rm test/browser/agent_user_manage_test.rb rm test/browser/agent_user_manage_test.rb
rm test/browser/agent_user_profile_test.rb rm test/browser/agent_user_profile_test.rb
# test/browser/auth_test.rb # test/browser/auth_test.rb
rm test/browser/customer_ticket_create_fields_test.rb
rm test/browser/customer_ticket_create_test.rb rm test/browser/customer_ticket_create_test.rb
rm test/browser/first_steps_test.rb rm test/browser/first_steps_test.rb
rm test/browser/integration_test.rb rm test/browser/integration_test.rb
rm test/browser/keyboard_shortcuts_test.rb rm test/browser/keyboard_shortcuts_test.rb
# test/browser/maintenance_app_version_test.rb
# test/browser/maintenance_session_message_test.rb
# test/browser/manage_test.rb # test/browser/manage_test.rb
# test/browser/monitoring_test.rb # test/browser/monitoring_test.rb
rm test/browser/integration_sipgate_test.rb rm test/browser/integration_sipgate_test.rb
@ -67,7 +58,6 @@ if [ "$LEVEL" == '1' ]; then
# test/browser/swich_to_user_test.rb # test/browser/swich_to_user_test.rb
# test/browser/taskbar_session_test.rb # test/browser/taskbar_session_test.rb
# test/browser/taskbar_task_test.rb # test/browser/taskbar_task_test.rb
# test/browser/translation_test.rb
rm test/browser/user_access_permissions_test.rb rm test/browser/user_access_permissions_test.rb
rm test/browser/user_switch_cache_test.rb rm test/browser/user_switch_cache_test.rb
@ -78,7 +68,6 @@ elif [ "$LEVEL" == '2' ]; then
# test/browser/aaa_getting_started_test.rb # test/browser/aaa_getting_started_test.rb
# test/browser/abb_one_group_test.rb # test/browser/abb_one_group_test.rb
rm test/browser/admin_channel_email_test.rb rm test/browser/admin_channel_email_test.rb
rm test/browser/admin_calendar_sla_test.rb
rm test/browser/admin_drag_drop_to_new_group_test.rb rm test/browser/admin_drag_drop_to_new_group_test.rb
rm test/browser/admin_overview_test.rb rm test/browser/admin_overview_test.rb
rm test/browser/admin_permissions_granular_vs_full_test.rb rm test/browser/admin_permissions_granular_vs_full_test.rb
@ -107,24 +96,16 @@ elif [ "$LEVEL" == '2' ]; then
rm test/browser/agent_ticket_task_changed_test.rb rm test/browser/agent_ticket_task_changed_test.rb
# test/browser/agent_ticket_text_module_test.rb # test/browser/agent_ticket_text_module_test.rb
# test/browser/agent_ticket_time_accounting_test.rb # test/browser/agent_ticket_time_accounting_test.rb
# test/browser/agent_ticket_update1_test.rb
# test/browser/agent_ticket_update2_test.rb
# test/browser/agent_ticket_update3_test.rb
# test/browser/agent_ticket_update4_test.rb
# rm test/browser/agent_ticket_update5_test.rb
# rm test/browser/agent_ticket_update_with_attachment_refresh_test.rb # rm test/browser/agent_ticket_update_with_attachment_refresh_test.rb
# test/browser/agent_ticket_update_and_reload_test.rb # test/browser/agent_ticket_update_and_reload_test.rb
# test/browser/agent_ticket_zoom_hide_test.rb # test/browser/agent_ticket_zoom_hide_test.rb
rm test/browser/agent_user_manage_test.rb rm test/browser/agent_user_manage_test.rb
rm test/browser/agent_user_profile_test.rb rm test/browser/agent_user_profile_test.rb
rm test/browser/auth_test.rb rm test/browser/auth_test.rb
rm test/browser/customer_ticket_create_fields_test.rb
rm test/browser/customer_ticket_create_test.rb rm test/browser/customer_ticket_create_test.rb
rm test/browser/first_steps_test.rb rm test/browser/first_steps_test.rb
rm test/browser/integration_test.rb rm test/browser/integration_test.rb
rm test/browser/keyboard_shortcuts_test.rb rm test/browser/keyboard_shortcuts_test.rb
rm test/browser/maintenance_app_version_test.rb
rm test/browser/maintenance_session_message_test.rb
rm test/browser/manage_test.rb rm test/browser/manage_test.rb
rm test/browser/monitoring_test.rb rm test/browser/monitoring_test.rb
rm test/browser/integration_sipgate_test.rb rm test/browser/integration_sipgate_test.rb
@ -133,7 +114,6 @@ elif [ "$LEVEL" == '2' ]; then
rm test/browser/switch_to_user_test.rb rm test/browser/switch_to_user_test.rb
rm test/browser/taskbar_session_test.rb rm test/browser/taskbar_session_test.rb
rm test/browser/taskbar_task_test.rb rm test/browser/taskbar_task_test.rb
rm test/browser/translation_test.rb
# test/browser/user_access_permissions_test.rb # test/browser/user_access_permissions_test.rb
# test/browser/user_switch_cache_test.rb # test/browser/user_switch_cache_test.rb
@ -144,7 +124,6 @@ elif [ "$LEVEL" == '3' ]; then
# test/browser/aaa_getting_started_test.rb # test/browser/aaa_getting_started_test.rb
# test/browser/abb_one_group_test.rb # test/browser/abb_one_group_test.rb
rm test/browser/admin_channel_email_test.rb rm test/browser/admin_channel_email_test.rb
rm test/browser/admin_calendar_sla_test.rb
rm test/browser/admin_drag_drop_to_new_group_test.rb rm test/browser/admin_drag_drop_to_new_group_test.rb
rm test/browser/admin_overview_test.rb rm test/browser/admin_overview_test.rb
rm test/browser/admin_permissions_granular_vs_full_test.rb rm test/browser/admin_permissions_granular_vs_full_test.rb
@ -173,24 +152,16 @@ elif [ "$LEVEL" == '3' ]; then
# test/browser/agent_ticket_task_changed_test.rb # test/browser/agent_ticket_task_changed_test.rb
rm test/browser/agent_ticket_text_module_test.rb rm test/browser/agent_ticket_text_module_test.rb
rm test/browser/agent_ticket_time_accounting_test.rb rm test/browser/agent_ticket_time_accounting_test.rb
rm test/browser/agent_ticket_update1_test.rb
rm test/browser/agent_ticket_update2_test.rb
rm test/browser/agent_ticket_update3_test.rb
rm test/browser/agent_ticket_update4_test.rb
rm test/browser/agent_ticket_update5_test.rb
rm test/browser/agent_ticket_update_with_attachment_refresh_test.rb rm test/browser/agent_ticket_update_with_attachment_refresh_test.rb
rm test/browser/agent_ticket_update_and_reload_test.rb rm test/browser/agent_ticket_update_and_reload_test.rb
rm test/browser/agent_ticket_zoom_hide_test.rb rm test/browser/agent_ticket_zoom_hide_test.rb
rm test/browser/agent_user_manage_test.rb rm test/browser/agent_user_manage_test.rb
rm test/browser/agent_user_profile_test.rb rm test/browser/agent_user_profile_test.rb
rm test/browser/auth_test.rb rm test/browser/auth_test.rb
rm test/browser/customer_ticket_create_fields_test.rb
rm test/browser/customer_ticket_create_test.rb rm test/browser/customer_ticket_create_test.rb
rm test/browser/first_steps_test.rb rm test/browser/first_steps_test.rb
rm test/browser/integration_test.rb rm test/browser/integration_test.rb
rm test/browser/keyboard_shortcuts_test.rb rm test/browser/keyboard_shortcuts_test.rb
rm test/browser/maintenance_app_version_test.rb
rm test/browser/maintenance_session_message_test.rb
rm test/browser/manage_test.rb rm test/browser/manage_test.rb
rm test/browser/monitoring_test.rb rm test/browser/monitoring_test.rb
rm test/browser/integration_sipgate_test.rb rm test/browser/integration_sipgate_test.rb
@ -199,7 +170,6 @@ elif [ "$LEVEL" == '3' ]; then
rm test/browser/switch_to_user_test.rb rm test/browser/switch_to_user_test.rb
rm test/browser/taskbar_session_test.rb rm test/browser/taskbar_session_test.rb
rm test/browser/taskbar_task_test.rb rm test/browser/taskbar_task_test.rb
rm test/browser/translation_test.rb
rm test/browser/user_access_permissions_test.rb rm test/browser/user_access_permissions_test.rb
rm test/browser/user_switch_cache_test.rb rm test/browser/user_switch_cache_test.rb
@ -210,7 +180,6 @@ elif [ "$LEVEL" == '4' ]; then
# test/browser/aaa_getting_started_test.rb # test/browser/aaa_getting_started_test.rb
# test/browser/abb_one_group_test.rb # test/browser/abb_one_group_test.rb
rm test/browser/admin_channel_email_test.rb rm test/browser/admin_channel_email_test.rb
rm test/browser/admin_calendar_sla_test.rb
rm test/browser/admin_drag_drop_to_new_group_test.rb rm test/browser/admin_drag_drop_to_new_group_test.rb
rm test/browser/admin_overview_test.rb rm test/browser/admin_overview_test.rb
rm test/browser/admin_permissions_granular_vs_full_test.rb rm test/browser/admin_permissions_granular_vs_full_test.rb
@ -239,24 +208,16 @@ elif [ "$LEVEL" == '4' ]; then
rm test/browser/agent_ticket_task_changed_test.rb rm test/browser/agent_ticket_task_changed_test.rb
rm test/browser/agent_ticket_text_module_test.rb rm test/browser/agent_ticket_text_module_test.rb
rm test/browser/agent_ticket_time_accounting_test.rb rm test/browser/agent_ticket_time_accounting_test.rb
rm test/browser/agent_ticket_update1_test.rb
rm test/browser/agent_ticket_update2_test.rb
rm test/browser/agent_ticket_update3_test.rb
rm test/browser/agent_ticket_update4_test.rb
rm test/browser/agent_ticket_update5_test.rb
rm test/browser/agent_ticket_update_with_attachment_refresh_test.rb rm test/browser/agent_ticket_update_with_attachment_refresh_test.rb
rm test/browser/agent_ticket_update_and_reload_test.rb rm test/browser/agent_ticket_update_and_reload_test.rb
rm test/browser/agent_ticket_zoom_hide_test.rb rm test/browser/agent_ticket_zoom_hide_test.rb
rm test/browser/agent_user_manage_test.rb rm test/browser/agent_user_manage_test.rb
rm test/browser/agent_user_profile_test.rb rm test/browser/agent_user_profile_test.rb
rm test/browser/auth_test.rb rm test/browser/auth_test.rb
# test/browser/customer_ticket_create_fields_test.rb
# test/browser/customer_ticket_create_test.rb # test/browser/customer_ticket_create_test.rb
rm test/browser/first_steps_test.rb rm test/browser/first_steps_test.rb
rm test/browser/integration_test.rb rm test/browser/integration_test.rb
rm test/browser/keyboard_shortcuts_test.rb rm test/browser/keyboard_shortcuts_test.rb
rm test/browser/maintenance_app_version_test.rb
rm test/browser/maintenance_session_message_test.rb
rm test/browser/manage_test.rb rm test/browser/manage_test.rb
rm test/browser/monitoring_test.rb rm test/browser/monitoring_test.rb
rm test/browser/integration_sipgate_test.rb rm test/browser/integration_sipgate_test.rb
@ -265,7 +226,6 @@ elif [ "$LEVEL" == '4' ]; then
rm test/browser/switch_to_user_test.rb rm test/browser/switch_to_user_test.rb
rm test/browser/taskbar_session_test.rb rm test/browser/taskbar_session_test.rb
rm test/browser/taskbar_task_test.rb rm test/browser/taskbar_task_test.rb
rm test/browser/translation_test.rb
rm test/browser/user_access_permissions_test.rb rm test/browser/user_access_permissions_test.rb
rm test/browser/user_switch_cache_test.rb rm test/browser/user_switch_cache_test.rb
@ -275,7 +235,6 @@ elif [ "$LEVEL" == '5' ]; then
# only profile action & admin # only profile action & admin
# test/browser/abb_one_group_test.rb # test/browser/abb_one_group_test.rb
# test/browser/admin_channel_email_test.rb # test/browser/admin_channel_email_test.rb
# test/browser/admin_calendar_sla_test.rb
# rm test/browser/admin_drag_drop_to_new_group_test.rb # rm test/browser/admin_drag_drop_to_new_group_test.rb
# test/browser/admin_overview_test.rb # test/browser/admin_overview_test.rb
# rm test/browser/admin_permissions_granular_vs_full_test.rb # rm test/browser/admin_permissions_granular_vs_full_test.rb
@ -304,24 +263,16 @@ elif [ "$LEVEL" == '5' ]; then
rm test/browser/agent_ticket_task_changed_test.rb rm test/browser/agent_ticket_task_changed_test.rb
rm test/browser/agent_ticket_text_module_test.rb rm test/browser/agent_ticket_text_module_test.rb
rm test/browser/agent_ticket_time_accounting_test.rb rm test/browser/agent_ticket_time_accounting_test.rb
rm test/browser/agent_ticket_update1_test.rb
rm test/browser/agent_ticket_update2_test.rb
rm test/browser/agent_ticket_update3_test.rb
rm test/browser/agent_ticket_update4_test.rb
rm test/browser/agent_ticket_update5_test.rb
rm test/browser/agent_ticket_update_with_attachment_refresh_test.rb rm test/browser/agent_ticket_update_with_attachment_refresh_test.rb
rm test/browser/agent_ticket_update_and_reload_test.rb rm test/browser/agent_ticket_update_and_reload_test.rb
rm test/browser/agent_ticket_zoom_hide_test.rb rm test/browser/agent_ticket_zoom_hide_test.rb
# test/browser/agent_user_manage_test.rb # test/browser/agent_user_manage_test.rb
# test/browser/agent_user_profile_test.rb # test/browser/agent_user_profile_test.rb
rm test/browser/auth_test.rb rm test/browser/auth_test.rb
rm test/browser/customer_ticket_create_fields_test.rb
rm test/browser/customer_ticket_create_test.rb rm test/browser/customer_ticket_create_test.rb
rm test/browser/first_steps_test.rb rm test/browser/first_steps_test.rb
rm test/browser/integration_test.rb rm test/browser/integration_test.rb
rm test/browser/keyboard_shortcuts_test.rb rm test/browser/keyboard_shortcuts_test.rb
rm test/browser/maintenance_app_version_test.rb
rm test/browser/maintenance_session_message_test.rb
rm test/browser/manage_test.rb rm test/browser/manage_test.rb
rm test/browser/monitoring_test.rb rm test/browser/monitoring_test.rb
rm test/browser/integration_sipgate_test.rb rm test/browser/integration_sipgate_test.rb
@ -330,7 +281,6 @@ elif [ "$LEVEL" == '5' ]; then
rm test/browser/switch_to_user_test.rb rm test/browser/switch_to_user_test.rb
rm test/browser/taskbar_session_test.rb rm test/browser/taskbar_session_test.rb
rm test/browser/taskbar_task_test.rb rm test/browser/taskbar_task_test.rb
rm test/browser/translation_test.rb
rm test/browser/user_access_permissions_test.rb rm test/browser/user_access_permissions_test.rb
rm test/browser/user_switch_cache_test.rb rm test/browser/user_switch_cache_test.rb
@ -343,7 +293,6 @@ elif [ "$LEVEL" == '6' ]; then
cp test/integration/aaa_auto_wizard_base_setup_test.rb test/browser/aaa_auto_wizard_base_setup_test.rb cp test/integration/aaa_auto_wizard_base_setup_test.rb test/browser/aaa_auto_wizard_base_setup_test.rb
rm test/browser/abb_one_group_test.rb rm test/browser/abb_one_group_test.rb
rm test/browser/admin_channel_email_test.rb rm test/browser/admin_channel_email_test.rb
rm test/browser/admin_calendar_sla_test.rb
rm test/browser/admin_drag_drop_to_new_group_test.rb rm test/browser/admin_drag_drop_to_new_group_test.rb
rm test/browser/admin_overview_test.rb rm test/browser/admin_overview_test.rb
rm test/browser/admin_permissions_granular_vs_full_test.rb rm test/browser/admin_permissions_granular_vs_full_test.rb
@ -372,24 +321,16 @@ elif [ "$LEVEL" == '6' ]; then
rm test/browser/agent_ticket_task_changed_test.rb rm test/browser/agent_ticket_task_changed_test.rb
rm test/browser/agent_ticket_text_module_test.rb rm test/browser/agent_ticket_text_module_test.rb
rm test/browser/agent_ticket_time_accounting_test.rb rm test/browser/agent_ticket_time_accounting_test.rb
rm test/browser/agent_ticket_update1_test.rb
rm test/browser/agent_ticket_update2_test.rb
rm test/browser/agent_ticket_update3_test.rb
rm test/browser/agent_ticket_update4_test.rb
rm test/browser/agent_ticket_update5_test.rb
rm test/browser/agent_ticket_update_with_attachment_refresh_test.rb rm test/browser/agent_ticket_update_with_attachment_refresh_test.rb
rm test/browser/agent_ticket_update_and_reload_test.rb rm test/browser/agent_ticket_update_and_reload_test.rb
rm test/browser/agent_ticket_zoom_hide_test.rb rm test/browser/agent_ticket_zoom_hide_test.rb
rm test/browser/agent_user_manage_test.rb rm test/browser/agent_user_manage_test.rb
rm test/browser/agent_user_profile_test.rb rm test/browser/agent_user_profile_test.rb
rm test/browser/auth_test.rb rm test/browser/auth_test.rb
rm test/browser/customer_ticket_create_fields_test.rb
rm test/browser/customer_ticket_create_test.rb rm test/browser/customer_ticket_create_test.rb
# test/browser/first_steps_test.rb # test/browser/first_steps_test.rb
# test/browser/integration_test.rb # test/browser/integration_test.rb
# test/browser/keyboard_shortcuts_test.rb # test/browser/keyboard_shortcuts_test.rb
rm test/browser/maintenance_app_version_test.rb
rm test/browser/maintenance_session_message_test.rb
rm test/browser/manage_test.rb rm test/browser/manage_test.rb
rm test/browser/monitoring_test.rb rm test/browser/monitoring_test.rb
# rm test/browser/integration_sipgate_test.rb # rm test/browser/integration_sipgate_test.rb
@ -398,7 +339,6 @@ elif [ "$LEVEL" == '6' ]; then
rm test/browser/switch_to_user_test.rb rm test/browser/switch_to_user_test.rb
rm test/browser/taskbar_session_test.rb rm test/browser/taskbar_session_test.rb
rm test/browser/taskbar_task_test.rb rm test/browser/taskbar_task_test.rb
rm test/browser/translation_test.rb
rm test/browser/user_access_permissions_test.rb rm test/browser/user_access_permissions_test.rb
rm test/browser/user_switch_cache_test.rb rm test/browser/user_switch_cache_test.rb

View file

@ -0,0 +1,88 @@
# Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/
require 'rails_helper'
RSpec.describe ApplicationController::HasDownload::DownloadFile do
subject(:download_file) { described_class.new(stored_file.id, disposition: 'inline') }
let(:file_content_type) { 'application/pdf' }
let(:file_data) { 'A example file.' }
let(:file_name) { 'example.pdf' }
let(:stored_file) do
Store.add(
object: 'Ticket',
o_id: 1,
data: file_data,
filename: file_name,
preferences: {
'Content-Type' => file_content_type,
},
created_by_id: 1,
)
end
describe '#disposition' do
context "with given object dispostion 'inline'" do
context 'with allowed inline content type (from ActiveStorage.content_types_allowed_inline)' do
it 'disposition is inline' do
expect(download_file.disposition).to eq('inline')
end
end
context 'with binary content type (ActiveStorage.content_types_to_serve_as_binary)' do
let(:file_content_type) { 'image/svg+xml' }
it 'disposition forced to attachment' do
expect(download_file.disposition).to eq('attachment')
end
end
end
context "with given object dispostion 'attachment'" do
subject(:download_file) { described_class.new(stored_file.id, disposition: 'attachment') }
it 'disposition is attachment' do
expect(download_file.disposition).to eq('attachment')
end
end
end
describe '#content_type' do
context 'with none binary content type' do
it 'check content type' do
expect(download_file.content_type).to eq('application/pdf')
end
end
context 'with forced active storage binary content type' do
let(:file_content_type) { 'image/svg+xml' }
it 'check content type' do
expect(download_file.content_type).to eq('application/octet-stream')
end
end
end
describe '#content' do
context 'with not resizable file' do
it 'check that normal content will be returned' do
expect(download_file.content('preview')).to eq('A example file.')
end
end
context 'with image content type' do
let(:file_content_type) { 'image/jpg' }
let(:file_data) { File.binread(Rails.root.join('test/data/upload/upload2.jpg')) }
let(:file_name) { 'image.jpg' }
it 'check that inline content will be returned' do
expect(download_file.content('inline')).to not_eq(file_data)
end
it 'check that preview content will be returned' do
expect(download_file.content('preview')).to not_eq(file_data)
end
end
end
end

View file

@ -0,0 +1,18 @@
# Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/
require 'rails_helper'
RSpec.describe MaintenanceImproveSettingPreferences, type: :db_migration do
context 'when having old setting preferences without protected flag' do
before do
setting.preferences.delete(:protected)
setting.save!
end
let(:setting) { Setting.find_by(name: 'application_secret') }
it 'add protected flag' do
expect { migrate }.to change { setting.reload.preferences[:protected] }.to(true)
end
end
end

View file

@ -2,7 +2,7 @@
FactoryBot.define do FactoryBot.define do
factory :core_workflow do factory :core_workflow do
sequence(:name) { |n| "test - workflow #{n}" } sequence(:name) { |n| "test - workflow #{format '%07d', n}" }
changeable { false } changeable { false }
created_by_id { 1 } created_by_id { 1 }
updated_by_id { 1 } updated_by_id { 1 }

View file

@ -8,6 +8,7 @@ FactoryBot.define do
iconset { 'FontAwesome' } iconset { 'FontAwesome' }
color_highlight { '#AAA' } color_highlight { '#AAA' }
color_header { '#EEE' } color_header { '#EEE' }
color_header_link { '#FFF000' }
homepage_layout { 'grid' } homepage_layout { 'grid' }
category_layout { 'list' } category_layout { 'list' }

View file

@ -2,11 +2,12 @@
FactoryBot.define do FactoryBot.define do
factory :notification_factory_renderer, class: 'NotificationFactory::Renderer' do factory :notification_factory_renderer, class: 'NotificationFactory::Renderer' do
objects { nil } objects { nil }
locale { 'en-en' } locale { 'en-en' }
template { '' } template { '' }
escape { true } escape { true }
trusted { false }
initialize_with { new(objects: objects, locale: locale, template: template, escape: escape) } initialize_with { new(objects: objects, locale: locale, template: template, escape: escape, trusted: trusted) }
end end
end end

View file

@ -3,45 +3,53 @@
require 'rails_helper' require 'rails_helper'
RSpec.describe UploadCacheCleanupJob, type: :job do RSpec.describe UploadCacheCleanupJob, type: :job do
let(:upload_cache) { UploadCache.new(1337) } context 'when upload cache exists' do
let(:upload_cache) { UploadCache.new(1337) }
before do before do
UserInfo.current_user_id = 1 UserInfo.current_user_id = 1
upload_cache.add(
data: 'current example',
filename: 'current.txt',
preferences: {
'Content-Type' => 'text/plain',
},
)
travel_to 1.month.ago
# create one taskbar and related upload cache entry, which should not be deleted
create(:taskbar, state: { form_id: 9999 })
UploadCache.new(9999).add(
data: 'Some Example with related Taskbar',
filename: 'another_example_with_taskbar.txt',
preferences: {
'Content-Type' => 'text/plain',
}
)
3.times do
upload_cache.add( upload_cache.add(
data: 'hello world', data: 'current example',
filename: 'some.txt', filename: 'current.txt',
preferences: { preferences: {
'Content-Type' => 'text/plain', 'Content-Type' => 'text/plain',
}, },
) )
travel_to 1.month.ago
# create one taskbar and related upload cache entry, which should not be deleted
create(:taskbar, state: { form_id: 9999 })
UploadCache.new(9999).add(
data: 'Some Example with related Taskbar',
filename: 'another_example_with_taskbar.txt',
preferences: {
'Content-Type' => 'text/plain',
}
)
3.times do
upload_cache.add(
data: 'hello world',
filename: 'some.txt',
preferences: {
'Content-Type' => 'text/plain',
},
)
end
travel_back
end end
travel_back it 'cleanup the store items which are expired with job' do
expect { described_class.perform_now }.to change(Store, :count).by(-3)
end
end end
it 'cleanup the store items which are expired with job' do context 'when upload cache does not exist' do
expect { described_class.perform_now }.to change(Store, :count).by(-3) it 'does not crash' do
expect { described_class.perform_now }.not_to raise_error
end
end end
end end

Some files were not shown because too many files have changed in this diff Show more