[Rt-devel] Any interest in the ability in RT to enforce CF value uniqueness?

[Philip Kime]

On 18 Oct 2008, at 9:49 PM, Jesse Vincent wrote:

> It seems like it could be interesting and a lot less invasive than  
> some
> of the other very cool CF hacking you've been doing. (As mentioned
> before, I really dig the concept of strengthening mandatory fields,  
> but
> am pretty nervous about the fallout of doing that within a stable
> series.
>
> This seems like it could be slipped in pretty cleanly using the  
> existing
> validation codepath.


Yes, it doesn't really, unlike the mandatory patches, replace anything  
so it can be just ignored by those who don't need it. I might try to  
get the patches together against 3.8 - it's nothing really too  
dangerous.

The mandatory stuff is only a little more trouble in terms of fallout  
because to avoid confusion, it means removing the Validation calls  
currently in RT and removes the regexp-based mandatory approach  
completely which may bother some people but not that many I would  
think. Pretty easy to move to using a real mandatory field for those  
who do. The other thing is that email ticket submission to queues with  
mandatory fields will fail without CommandByMail and the ability to  
specify CFs by email. But that's a feature, not a problem - a  
mandatory field that can be bypassed by email submission isn't really  
mandatory.

The main push for this is auditing - the last time I was involved in  
an audit, the SOX people simply wouldn't pass RT unless it had this  
mandatory code in it because they couldn't be sure that certain audit  
information was guaranteed to be included with tickets in certain  
queues. I think that this is a very important thing indeed for RT  
personally - you have to have something like this in modern, audited  
environments.

PK
--
Dr Philip Kime