[Rt-commit] rt branch 5.0/add-auth-token-expires-field2 updated. rt-5.0.4-222-g12213ed619
BPS Git Server
git at git.bestpractical.com
Fri Sep 15 18:02:28 UTC 2023
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "rt".
The branch, 5.0/add-auth-token-expires-field2 has been updated
via 12213ed619cc0ac1c56a6dc3603f39da88f873b8 (commit)
via 77faa1971c661a8139184330cdd453acc2f82a21 (commit)
via 7f074defb4cb81722f3048d5da601c747830499d (commit)
via eddc5de2f6bdfcc1f8e1bd74efadef6bae10286a (commit)
from 3e89b362828f0c6b3da04ac59c0b63045c817bae (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 12213ed619cc0ac1c56a6dc3603f39da88f873b8
Author: Brad Embree <brad at bestpractical.com>
Date: Fri Sep 15 11:01:52 2023 -0700
Add email-to and user-filter options
diff --git a/sbin/rt-email-expiring-auth-tokens.in b/sbin/rt-email-expiring-auth-tokens.in
index 30ce05fcc1..6223892b81 100644
--- a/sbin/rt-email-expiring-auth-tokens.in
+++ b/sbin/rt-email-expiring-auth-tokens.in
@@ -65,18 +65,17 @@ BEGIN { # BEGIN RT CMD BOILERPLATE
}
-use RT;
use RT::Interface::CLI qw(Init);
-use RT::Interface::Email;
-
-my ( $expires_by, $expires_on, $print, $help, $template );
+my ( $email_to, $expires_by, $expires_on, $print, $help, $template, $user_filter );
my %opt = (
- 'expires-by=s' => \$expires_by,
- 'expires-on=s' => \$expires_on,
- 'template=s' => \$template,
- 'print' => \$print,
- 'help' => \$help,
+ 'email-to=s' => \$email_to,
+ 'expires-by=s' => \$expires_by,
+ 'expires-on=s' => \$expires_on,
+ 'template=s' => \$template,
+ 'user-filter=s' => \$user_filter,
+ 'print' => \$print,
+ 'help' => \$help,
);
Init( %opt );
@@ -155,6 +154,33 @@ elsif ($expires_on) {
);
}
+if ( $user_filter ) {
+ my @user_ids;
+ foreach my $user ( split( ',', $user_filter ) ) {
+ my $user_obj = RT::User->new( RT->SystemUser );
+ my ( $ok, $err ) = $user_obj->Load($user);
+
+ if ( $ok ) {
+ push @user_ids, $user_obj->Id;
+ }
+ else {
+ print "Could not load user $user: '$err'\n";
+ }
+ }
+
+ unless ( @user_ids ) {
+ print "No valid users: $user_filter";
+ exit 1;
+ }
+
+ $auth_tokens->Limit(
+ FIELD => 'Owner',
+ VALUE => \@user_ids,
+ OPERATOR => 'IN',
+ ENTRYAGGREGATOR => 'AND',
+ );
+}
+
$auth_tokens->Limit(
FIELD => 'Expires',
VALUE => 'NULL',
@@ -223,7 +249,7 @@ foreach my $user_id ( keys %expired_tokens_by_user ) {
}
}
if ( !$template_obj->MIMEObj->head->get('To') ) {
- $template_obj->MIMEObj->head->replace( 'To', Encode::encode( "UTF-8", $user_email ) );
+ $template_obj->MIMEObj->head->replace( 'To', Encode::encode( "UTF-8", $email_to ? $email_to : $user_email ) );
}
if ($print) {
@@ -246,12 +272,16 @@ rt-email-expiring-auth-tokens - email users about expiring auth tokens
=head1 SYNOPSIS
- rt-email-expiring-auth-tokens --expires-by '7 days' --template 'Auth tokens expiring in 7 days'
+ rt-email-expiring-auth-tokens --expires-by '7 days' --template 'Auth tokens expiring in 7 days in HTML' [--email-to 'admin at domain.com,other at domain.com'] [--user-filter 'apiuser,otheruser']
=head1 DESCRIPTION
This script is a tool to email users about their expiring auth tokens.
+You may have some users used only for API access that do not have valid
+email addresses. Use the email-to and user-filter options to send emails
+about their expiring tokens to a valid email address.
+
=head1 OPTIONS
=over
@@ -272,6 +302,16 @@ Format is YYYY-MM-DD or any date format supported by Time::ParseDate.
Specify name or id of template you want to use.
+=item email-to
+
+Send the email to these email addresses instead of the user's email
+address. Accepts a comma separated string of email addresses.
+
+=item user-filter
+
+A comma separated string of usernames for filtering the users to check
+for expiring auth tokens.
+
=item print
Print the expiring auth tokens to STDOUT; don't email them.
commit 77faa1971c661a8139184330cdd453acc2f82a21
Author: Brad Embree <brad at bestpractical.com>
Date: Fri Sep 15 11:00:43 2023 -0700
Document Expires date in POD
diff --git a/lib/RT/Authen/Token.pm b/lib/RT/Authen/Token.pm
index 9aaa3358fd..05d439577b 100644
--- a/lib/RT/Authen/Token.pm
+++ b/lib/RT/Authen/Token.pm
@@ -116,6 +116,15 @@ Authentication tokens are stored securely (hashed and salted) in the
database just like passwords, and so cannot be recovered after they are
generated.
+=head2 Expires Date
+
+An optional Expires Date may be entered when creating an authentication
+token. If an authentication token has an Expires Date it will stop
+working after that date.
+
+Run the L<rt-email-expiring-auth-tokens> script to email users that have
+expiring auth tokens.
+
=head2 Update your Apache configuration
If you are running RT under Apache, add the following directive to your RT
commit 7f074defb4cb81722f3048d5da601c747830499d
Author: Brad Embree <brad at bestpractical.com>
Date: Fri Sep 15 11:00:00 2023 -0700
Switch expired span class to text-danger
diff --git a/share/html/Elements/AuthToken/List b/share/html/Elements/AuthToken/List
index 57f4244927..dd5089444c 100644
--- a/share/html/Elements/AuthToken/List
+++ b/share/html/Elements/AuthToken/List
@@ -71,7 +71,7 @@
% my $expires = $token->ExpiresObj;
% if ( $expires->IsSet ) {
% if ( $expires->Unix < $now->Unix ) {
- <span class="expires font-italic ml-2 expired">
+ <span class="expires font-italic ml-2 text-danger">
<% loc("expired") %>
% } else {
<span class="expires font-italic ml-2">
diff --git a/share/static/css/elevator-light/misc.css b/share/static/css/elevator-light/misc.css
index 060633b6bf..6ed4dd5eb1 100644
--- a/share/static/css/elevator-light/misc.css
+++ b/share/static/css/elevator-light/misc.css
@@ -183,7 +183,3 @@ ul.ui-autocomplete {
.modal.search-results-filter .modal-dialog {
margin: 0;
}
-
-.expires.expired {
- color: red;
-}
commit eddc5de2f6bdfcc1f8e1bd74efadef6bae10286a
Author: Brad Embree <brad at bestpractical.com>
Date: Fri Sep 15 10:58:10 2023 -0700
Switch email template to HTML
diff --git a/etc/initialdata b/etc/initialdata
index 185616ad5e..323fd98d72 100644
--- a/etc/initialdata
+++ b/etc/initialdata
@@ -780,29 +780,34 @@ Hour: { $SubscriptionObj->SubValue('Hour') }
},
{
Queue => '0',
- Name => 'Auth tokens expiring in 7 days', # loc
+ Name => 'Auth tokens expiring in 7 days in HTML', # loc
Description => 'Auth tokens expiring in 7 days', # loc
- Content => q[Subject: [{RT->Config->Get('rtname')}] Your have auth tokens that will expire in 7 days
-
-Hello { $UserObj->RealName || $UserObj->Name }:
+ Content => q[Subject: [{RT->Config->Get('rtname')}] You have auth tokens that will expire in 7 days
+Content-Type: text/html
-Your following auth tokens are going to expire in 7 days:
+<p>Hello { $UserObj->RealName || $UserObj->Name }:</p>
+<p>
+The following tokens will expire within the next 7 days:
+<ul>
{
for my $token (@AuthTokens) {
- $OUT .= " * " . $token->Description . " (expires at " . $token->ExpiresObj->AsString . ")\n";
+ $OUT .= '<li>' . $token->Description . ' (expires at ' . $token->ExpiresObj->AsString . ')</li>';
}
+}
+</ul>
+</p>
+{
if ( $UserObj->HasRight( Right => 'ModifySelf', Object => RT->System )
&& $UserObj->HasRight( Right => 'ManageAuthTokens', Object => RT->System ) )
{
- $OUT .= "\nYou can revoke them and generate new ones on " . RT->Config->Get('WebURL') . 'Prefs/AuthTokens.html'
+ $OUT .= '<p>You can revoke them and generate new ones on the <a href="' . RT->Config->Get('WebURL') . 'Prefs/AuthTokens.html' . '">Auth Tokens</a> page in RT.</p>';
}
else {
- $OUT .= "\nIf you are still using them, please contact your RT manager to generate new ones for you.";
+ $OUT .= "<p>If you are still using them, please contact your RT manager to generate new ones for you.</p>";
}
}
-
],
},
);
diff --git a/etc/upgrade/5.0.5/content b/etc/upgrade/5.0.5/content
index 01e2be8b37..f4ce15f1f1 100644
--- a/etc/upgrade/5.0.5/content
+++ b/etc/upgrade/5.0.5/content
@@ -4,29 +4,34 @@ use warnings;
our @Templates = (
{
Queue => '0',
- Name => 'Auth tokens expiring in 7 days', # loc
+ Name => 'Auth tokens expiring in 7 days in HTML', # loc
Description => 'Auth tokens expiring in 7 days', # loc
Content => q[Subject: [{RT->Config->Get('rtname')}] You have auth tokens that will expire in 7 days
+Content-Type: text/html
-Hello { $UserObj->RealName || $UserObj->Name }:
-
-Your following auth tokens are going to expire in 7 days:
+<p>Hello { $UserObj->RealName || $UserObj->Name }:</p>
+<p>
+The following tokens will expire within the next 7 days:
+<ul>
{
for my $token (@AuthTokens) {
- $OUT .= " * " . $token->Description . " (expires at " . $token->ExpiresObj->AsString . ")\n";
+ $OUT .= '<li>' . $token->Description . ' (expires at ' . $token->ExpiresObj->AsString . ')</li>';
}
+}
+</ul>
+</p>
+{
if ( $UserObj->HasRight( Right => 'ModifySelf', Object => RT->System )
&& $UserObj->HasRight( Right => 'ManageAuthTokens', Object => RT->System ) )
{
- $OUT .= "\nYou can revoke them and generate new ones on " . RT->Config->Get('WebURL') . 'Prefs/AuthTokens.html'
+ $OUT .= '<p>You can revoke them and generate new ones on the <a href="' . RT->Config->Get('WebURL') . 'Prefs/AuthTokens.html' . '">Auth Tokens</a> page in RT.</p>';
}
else {
- $OUT .= "\nIf you are still using them, please contact your RT manager to generate new ones for you.";
+ $OUT .= "<p>If you are still using them, please contact your RT manager to generate new ones for you.</p>";
}
}
-
],
},
);
-----------------------------------------------------------------------
Summary of changes:
etc/initialdata | 23 +++++++-----
etc/upgrade/5.0.5/content | 21 ++++++-----
lib/RT/Authen/Token.pm | 9 +++++
sbin/rt-email-expiring-auth-tokens.in | 62 ++++++++++++++++++++++++++------
share/html/Elements/AuthToken/List | 2 +-
share/static/css/elevator-light/misc.css | 4 ---
6 files changed, 88 insertions(+), 33 deletions(-)
hooks/post-receive
--
rt
More information about the rt-commit
mailing list