[Rt-commit] rt branch, 4.2/create-ticket-title, created. rt-4.2.3-36-g45a592f

Alex Vandiver alexmv at bestpractical.com
Wed Apr 16 18:04:11 EDT 2014 

The branch, 4.2/create-ticket-title has been created
        at  45a592ffea9bd369859623a8d742a8518baf6e8a (commit)

- Log -----------------------------------------------------------------
commit 45a592ffea9bd369859623a8d742a8518baf6e8a
Author: Alex Vandiver <alexmv at bestpractical.com>
Date:   Wed Apr 16 15:30:57 2014 -0400

    Make queue name more salient by including it in title during ticket create
    
    To prevent warnings if the user does not have rights to see the queue,
    /Ticket/Elements/ShowQueue is used, which falls back to the queue id.
    
    Fixes I#18369.

diff --git a/share/html/SelfService/Create.html b/share/html/SelfService/Create.html
index 49c489c..8a9ec7d 100644
--- a/share/html/SelfService/Create.html
+++ b/share/html/SelfService/Create.html
@@ -45,7 +45,7 @@
 %# those contributions and any derivatives thereof.
 %#
 %# END BPS TAGGED BLOCK }}}
-<& Elements/Header, Title => loc("Create a ticket") &>
+<& Elements/Header, Title => loc("Create a ticket in [_1]", $m->scomp("/Ticket/Elements/ShowQueue", QueueObj => $queue_obj)) &>
 
 <& /Elements/ListActions, actions => \@results &>
 <form action="Create.html" method="post" enctype="multipart/form-data" name="TicketCreate">
diff --git a/share/html/Ticket/Create.html b/share/html/Ticket/Create.html
index 57e66df..f386255 100644
--- a/share/html/Ticket/Create.html
+++ b/share/html/Ticket/Create.html
@@ -368,11 +368,11 @@ if ($CloneTicket) {
 
 my @results;
 
-my $title = loc("Create a new ticket");
-
 my $QueueObj = RT::Queue->new($session{'CurrentUser'});
 $QueueObj->Load($Queue) || Abort(loc("Queue [_1] could not be loaded.", $Queue||''));
 
+my $title = loc("Create a new ticket in [_1]", $m->scomp("/Ticket/Elements/ShowQueue", QueueObj => $QueueObj));
+
 $m->callback( QueueObj => $QueueObj, title => \$title, results => \@results, ARGSRef => \%ARGS );
 
 $m->scomp( '/Articles/Elements/SubjectOverride', ARGSRef => \%ARGS, QueueObj => $QueueObj, results => \@results );
diff --git a/t/web/csrf.t b/t/web/csrf.t
index 9d95d06..124d5eb 100644
--- a/t/web/csrf.t
+++ b/t/web/csrf.t
@@ -20,19 +20,19 @@ ok $m->login, 'logged in';
 $m->add_header(Referer => $baseurl);
 $m->get_ok($test_page);
 $m->content_lacks("Possible cross-site request forgery");
-$m->title_is('Create a new ticket');
+$m->title_is('Create a new ticket in General');
 
 # off-site referer BUT provides auth
 $m->add_header(Referer => 'http://example.net');
 $m->get_ok("$test_page&user=root&pass=password");
 $m->content_lacks("Possible cross-site request forgery");
-$m->title_is('Create a new ticket');
+$m->title_is('Create a new ticket in General');
 
 # explicitly no referer BUT provides auth
 $m->add_header(Referer => undef);
 $m->get_ok("$test_page&user=root&pass=password");
 $m->content_lacks("Possible cross-site request forgery");
-$m->title_is('Create a new ticket');
+$m->title_is('Create a new ticket in General');
 
 # now send a referer from an attacker
 $m->add_header(Referer => 'http://example.net');
@@ -49,7 +49,7 @@ $m->delete_header('Referer');
 $m->follow_link(text_regex => qr{resume your request});
 $m->content_lacks("Possible cross-site request forgery");
 like($m->response->request->uri, qr{^http://[^/]+\Q$test_path\E\?CSRF_Token=\w+$});
-$m->title_is('Create a new ticket');
+$m->title_is('Create a new ticket in General');
 
 # try a whitelisted argument from an attacker
 $m->add_header(Referer => 'http://example.net');
@@ -83,7 +83,7 @@ $m->follow_link(text_regex => qr{resume your request});
 $m->content_lacks("Possible cross-site request forgery");
 is($m->response->redirects, 0, "no redirection");
 like($m->response->request->uri, qr{^http://[^/]+\Q$test_path\E\?CSRF_Token=\w+$});
-$m->title_is('Create a new ticket');
+$m->title_is('Create a new ticket in General');
 
 # try sending the wrong csrf token, then the right one
 $m->add_header(Referer => undef);
@@ -123,14 +123,14 @@ $m->title_is('Configuration for queue test');
 # Try the same page, but different query parameters, which are blatted by the token
 $m->get_ok("/Ticket/Create.html?Queue=$other_queue_id&CSRF_Token=$token");
 $m->content_lacks("Possible cross-site request forgery");
-$m->title_is('Create a new ticket');
+$m->title_is('Create a new ticket in General');
 $m->text_unlike(qr/Queue:\s*Other queue/);
 $m->text_like(qr/Queue:\s*General/);
 
 # Ensure that file uploads work across the interstitial
 $m->delete_header('Referer');
 $m->get_ok($test_page);
-$m->content_contains("Create a new ticket", 'ticket create page');
+$m->content_contains("Create a new ticket in General", 'ticket create page');
 $m->form_name('TicketCreate');
 $m->field('Subject', 'Attachments test');
 
@@ -173,7 +173,7 @@ $m->follow_link(text_regex => qr{resume your request});
 $m->content_lacks("Possible cross-site request forgery");
 is($m->response->redirects, 0, "no redirection");
 like($m->response->request->uri, qr{^http://[^/]+\Q/SelfService/Create.html\E\?CSRF_Token=\w+$});
-$m->title_is('Create a ticket');
+$m->title_is('Create a ticket in #1');
 $m->content_contains('Describe the issue below:');
 
 undef $m;

-----------------------------------------------------------------------

More information about the rt-commit mailing list