[Rt-announce] RT 3.8.4 Released
Kevin Falcone
falcone at bestpractical.com
Wed Jun 10 18:35:31 EDT 2009
We are happy to announce that RT 3.8.4 is now available. You can
download it from:
http://download.bestpractical.com/pub/rt/release/rt-3.8.4.tar.gz
http://download.bestpractical.com/pub/rt/release/rt-3.8.4.tar.gz.sig
SHA1 sums
c786eb78dd6c8374da3bc0dd10414e040d69864f rt-3.8.4.tar.gz
7af1be26513b2b26390a456a3360e5cda7d63008 rt-3.8.4.tar.gz.sig
This is primarily a bugfix and security release of RT.
The most important fix is that RT now requires the SuperUser
right to edit global RT at a Glance. In all previous 3.8
releases, the "ShowConfigTab" right unintentionally enabled this.
If you have not granted this right to any non-administrative user,
then this issue should not affect you.
A patch that resolves this issue without requiring an upgrade
to 3.8.4 is attached to this announcement.
A more complete list of bugs and features can be found below.
Please note that there is a change to database content in this
release, see UPGRADING for more.
-kevin
FEATURES
========
* Clean up NotifyGroup action
* obsolete old storable format in NotifyGroup action
* add support for group name, user name, user's email address
and just an email address in NotifyGroup action.
This will make easier to use it in crontool
* add upgrade script for RT 3.8.4
* use new format and obsolete old format, we have upgrade script
for conversion
* add support to rt-crontool for --template argument that allows
you to specify the name of a template. Template overridings will
work for names. Hide --template-id from help, but don't disable it.
* use RT::Plugin in RT->PluginDirs, so we can override only one place in our tests
FIXES AND CLEANUPS
==================
* Force some widgets to fit at max parent box.
* Use true arrow (html entities) in button for SelectionBox Widget
(closes: #13481).
* Add ability to change graph groupby and type once the graph is displayed.
(closes: #13479)
* Add a link in search tickets tab to jump easily to Chart when a query exist.
* Be more consistent in Create/Save Changes buttons across objects.
* Be more consistent in Select/New links (most don't list the object name so
do this everywhere).
* Fix overlapping of password file by login button on login page (closes: #13496).
* Show difference in Dashboard queries between saved searches and graphs (like in
RT at a glance pref) (closes: #13497).
* Don't show empty value in ticket edit basics queue dropdown, as a ticket must
be in a queue.
* in RT::Plugin->Path don't add trailing slash when requested
subdir is not defined or empty
* Typo in IsCc|IsAdminCc documentations.
* Don't show "deleted" status in cerate ticket page as it doesn't make sense to
create deleted tickets... (closes: #13500).
* use GET for firefox2 in ahah (fixes Bookmarks on FF2)
* allow the creation of tickets in disabled Queues
This is how Approvals work
* Factor out the quickbar-personal div into its own template
* fix failing tests caused by wording changes
* Avoid undef warning if this is the first time a dashboard has been sent
* Pull out the value of Counter only once
* perl.org is a better canonical URL for Perl than .com (in README)
* pass more context into callbacks when editing custom fields
* localize custom field name on edit
* Don't update watcher in queue watcher edit page when we search for people and
one or more current watchers are selected (closes: #13425).
* Require SuperUser for editing global RT at a Glance
* Add a ReadOnly mode for SelectionBox widgets
* Show the RT at a Glance selection boxes as ReadOnly if there's no
permission to edit them
-------------- next part --------------
--- share/html/Admin/Global/MyRT.html
+++ share/html/Admin/Global/MyRT.html
@@ -91,8 +91,13 @@
current_portlets => $default_portlets->Content,
OnSave => sub {
my ( $conf, $pane ) = @_;
- $default_portlets->SetContent( $conf );
- push @actions, loc( 'Global portlet [_1] saved.', $pane );
+ if (!$session{'CurrentUser'}->HasRight( Object=> $RT::System, Right => 'SuperUser')) {
+ push @actions, loc( 'Permission denied' );
+ }
+ else {
+ $default_portlets->SetContent( $conf );
+ push @actions, loc( 'Global portlet [_1] saved.', $pane );
+ }
}
);
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
Url : http://lists.bestpractical.com/pipermail/rt-announce/attachments/20090610/5dcbd1ef/attachment.pgp
More information about the RT-Announce
mailing list