Re: [rt-users] no alert for invalid mail addresses
Martin Wheldon writes: > You might want to checkout the perl module Regex::Common::Email::Address I looked at that http://search.cpan.org/~cwest/Regexp-Common-Email-Address-1.01/lib/Regexp/Common/Email/Address.pm Provides a regex to match email addresses as defined by RFC 2822. Under C<{-keep}>, the entire match is kept as C<$1>. If you want to parse that further then pass it to C<< Email::Address->parse() >>. Don't worry, it's fast. This is from 2005, and the that RFC was replaced by 5322, which is what the big regex I gave was from. The Wikipedia has even more relevant info on email addresses: https://en.wikipedia.org/wiki/Email_address It talks about support for foreign character sets, quoted normally invalid characters, allowed comments, and do on. Basically, it is nearly complete chaos. Check out their "valid" and "invalid" examples, as well as the internationalization example. /jeff The information contained in this e-mail is for the exclusive use of the intended recipient(s) and may be confidential, proprietary, and/or legally privileged. Inadvertent disclosure of this message does not constitute a waiver of any privilege. If you receive this message in error, please do not directly or indirectly use, print, copy, forward, or disclose any part of this message. Please also delete this e-mail and all copies and notify the sender. Thank you.
Re: [rt-users] no alert for invalid mail addresses
Hi, You might want to checkout the perl module Regex::Common::Email::Address Best Regards Martin On 2017-01-06 13:16, Petr Hanousek wrote: Hello Jeffrey, thank you, I'll try to implement it here. Wonder if someone has done it before or if there is any plugin for this? Or (the best way) if some developer encodes it to some future release of RT? :) Petr On 5.1.2017 21:51, Jeffrey Pilant wrote: Check out http://www.regular-expressions.info/email.html It indicates the 'most' official regex is: \A(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)* | "(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f] | \\[\x01-\x09\x0b\x0c\x0e-\x7f])*") @ (?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])? | \[(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3} (?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?|[a-z0-9-]*[a-z0-9]: (?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f] | \\[\x01-\x09\x0b\x0c\x0e-\x7f])+) \])\z Yeah. Quite a mouthful. This is because there are quite a few ways to express email addresses. And even this is not foolproof. The same page also has other simpler regex expressions that work a fair amount of the time, but are less complicated, like: \b[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,}\b The page claims it is 99% effective. That, however, does not solve your problem. Just because it is formulated correctly does not mean it is a valid address. The usual solution is to whitelist the addresses and do a lookup. Any address not found gets added tentatively, but flagged for testing. You can also at this time prompt for acceptance vs. going back to an edit screen. This does require you maintain a list of valid email addresses somewhere. The user list is a likely place, but if you are sending emails to people who are not users, then that fails. /jeff The information contained in this e-mail is for the exclusive use of the intended recipient(s) and may be confidential, proprietary, and/or legally privileged. Inadvertent disclosure of this message does not constitute a waiver of any privilege. If you receive this message in error, please do not directly or indirectly use, print, copy, forward, or disclose any part of this message. Please also delete this e-mail and all copies and notify the sender. Thank you.
Re: [rt-users] no alert for invalid mail addresses
Hello Jeffrey, thank you, I'll try to implement it here. Wonder if someone has done it before or if there is any plugin for this? Or (the best way) if some developer encodes it to some future release of RT? :) Petr On 5.1.2017 21:51, Jeffrey Pilant wrote: > Check out > http://www.regular-expressions.info/email.html > It indicates the 'most' official regex is: > \A(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)* > | "(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f] > | \\[\x01-\x09\x0b\x0c\x0e-\x7f])*") > @ (?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])? > | \[(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3} >(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?|[a-z0-9-]*[a-z0-9]: > (?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f] > | \\[\x01-\x09\x0b\x0c\x0e-\x7f])+) > \])\z > > Yeah. Quite a mouthful. This is because there are quite a few ways to > express email addresses. And even this is not foolproof. > > The same page also has other simpler regex expressions that work a fair > amount of the time, but are less complicated, like: > \b[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,}\b > > The page claims it is 99% effective. > > That, however, does not solve your problem. Just because it is formulated > correctly does not mean it is a valid address. > > The usual solution is to whitelist the addresses and do a lookup. Any > address not found gets added tentatively, but flagged for testing. You can > also at this time prompt for acceptance vs. going back to an edit screen. > This does require you maintain a list of valid email addresses somewhere. > The user list is a likely place, but if you are sending emails to people who > are not users, then that fails. > > /jeff > > The information contained in this e-mail is for the exclusive use of the > intended recipient(s) and may be confidential, proprietary, and/or > legally privileged. Inadvertent disclosure of this message does not > constitute a waiver of any privilege. If you receive this message in > error, please do not directly or indirectly use, print, copy, forward, > or disclose any part of this message. Please also delete this e-mail > and all copies and notify the sender. Thank you. > > -- +---+ Petr Hanousek e-mail: petr.hanou...@cesnet.cz MetaCentrum User Supportphone: +420 950 072 112 CESNET z.s.p.o. mobile: +420 606 665 139 location: Zikova 13a, Praha room: 32b Czech Republic +---+
[rt-users] Mail headers, search for missing value and LDAP/AD integration
Hi! Some different questions here: 1) It is possible to add meta information from RT in the outgoing mails from the system? For instance I'm interested in getting the current owner of a ticket as a separate mail header. For instance X-RT-Owner: and then set to the current owner of the ticket. That would make it easier to sort out just the tickets I'm concerned with. 2) I have a search where I want to find all tickets without an AdminCc added. How can I do this? 3) We have LDAP authentication against Active Directory working, but we're not getting the correct values populated from AD. Instead I have to go in an manually fill out this information in RT itself. This is the relevant configuration: Set($ExternalAuthPriority, [ 'My_LDAP' ] ); Set($AutoCreateNonExternalUsers, 1); Set($ExternalSettings, { 'My_LDAP' => { 'type' => 'ldap', 'server'=> 'SERVER', 'user' => 'ADMINUSER', 'pass' => 'PASSWORD', 'base' => 'ou=users,dc=local,dc=local,dc=no', 'filter'=> '(objectclass=user)', 'd_filter' => '(objectcategory=group)', 'group' => '', 'group_attr'=> '', 'tls' => 1, 'ssl_version' => 3, 'net_ldap_args' => [version => 3 ], 'group_scope' => 'base', 'group_attr_value' => '', 'attr_match_list' => [ 'Name', 'EmailAddress', 'RealName', ], 'attr_map' => { 'Name' => 'sAMAccountName', 'EmailAddress' => 'mail', 'Organization' => 'physicalDeliveryOfficeName', 'RealName' => 'cn', 'ExternalAuthId' => 'sAMAccountName', 'Gecos' => 'sAMAccountName', 'WorkPhone' => 'telephoneNumber', 'Address1' => 'streetAddress', 'City' => 'l', 'State' => 'st', 'Zip' => 'postalCode', 'Country' => 'co' }, }, }); Set($LDAPHost, 'SERVER'); Set($LDAPUser, 'ADMINUSER'); Set($LDAPPassword, 'PASSWORD'); Set($LDAPBase, 'ou=users,dc=local,dc=local,dc=no'); Set($LDAPFilter, '(&(cn = users))'); Set($LDAPCreatePrivileged, 1); So I'm wondering which of these options are actually used, as they seem to be a bit redundant and/or conflicting? I'm running RT 4.2.10, btw. -- Marius signature.asc Description: OpenPGP digital signature
Re: [rt-users] ***SPAM*** Re: How unprivileged users could see all tickets in their queue
Apologies, if I remove the owner the CustomRole solution doesn't work. Best Regards Martin On 2017-01-05 16:37, Felix Defrance wrote: Hi, In your example you said : "I've got 2 unprivileged users with a single queue, each being the owner of multiple tickets in that queue." But in my case, the users is a customer, and they never owner of the tickets. So, the users see only the tickets they are requestor. I would like to provide to a set of user, the ablillity to see all ticket requestor in the queue.. Felix. Le 05/01/2017 à 16:00, Martin Wheldon a écrit : Hi, No need to add the custom role to the tickets, just to the queue. Best Regards Martin On 2017-01-05 14:26, Felix Defrance wrote: Le 05/01/2017 à 12:22, Alex Hall a écrit : Martin's suggestion makes sense, but I thought Felix was trying to restrict user search, not ticket search? That is, he doesn't want users to be able to search (and thus view the names of) all users? It's quite early here, so my brain may still be muttled and I could be wrong. Alex, after I see it was possible to display any tickets via the search module, I want to restrict this too. Sent from my iPhone On Jan 5, 2017, at 06:08, Martin Wheldonwrote: Hi Félix, I've just tried to configure this on a RT 4.4.1 install using a custom role and it seems to work fine. Here is the process I carried out. I've got 2 unprivileged users with a single queue, each being the owner of multiple tickets in that queue. I created a new custom role, then assigned it to the queue. Next I added the users to the custom role. (Done on the queue, watchers tab) The I added the SeeQueue and ShowTickets permissions to the custom role on the queue. Now when I login as either of the users I see all the tickets in that queue owner by those users. In this case, unprivileged users via (SelfService of course), just see their own tickets. For me, I have just 2 menus: "Tickets" and "Logged in foobar". In Tickets, I just see "Open tickets" and "Closed Tickets". In both pages, I just see tickets that users declarated as requestor. The custom role not provide an access to see all ticket in the queue (as elacour told to us). Now I understand the goal of the roles, maybe it's possible to automaticaly add custom role as a watcher to the right queue on all existing tickets and the futur new ticket. Do you think it's possible ? Thx Hope that helps Best Regards Martin On 2017-01-04 08:45, Emmanuel Lacour wrote: Le 03/01/2017 à 18:27, Felix Defrance a écrit : Hi all, I don't find how I could add ShowTickets or QueueList in SelfService. I want to allow my unprivileged users, grouped by company name, to see all tickets in their queue. The group rights on the queue is correctly defined and users could access to the tickets by entring the ticket number in the "goto Ticket" field (top right in SelfService). I have tried to play with CustomRole but it's not working for me. So anybody known how I can do it? SelfService filters ticket list to tickets the user is watcher on (requestor or Cc). This is hard coded in share/html/SelfService/Elements/MyRequests: my $id = $session{'CurrentUser'}->id; my $Query = "( Watcher.id = $id )"; if ($status) { $status =~ s/(['\\])/\\$1/g; $Query .= " AND Status = '$status'"; } so if you wan't to relax this to all tickets users have ShowTicket rights, you have to modify this query ;) But I strongly discourage (unless really needed) to setup an RT instance with one queue per customer, best to think queues per internal support team and play with customroles/groups or customfields to set the customer. -- Félix Defrance PGP: 0x0F04DC57