Re: [rt-users] Installing and Configuring Asset Tracker in RT
On Thu, Jul 5, 2012 at 7:42 PM, Kevin Falcone falc...@bestpractical.com wrote: On Thu, Jul 05, 2012 at 12:42:23PM +0200, Carlos Becker wrote: I installed the debian rt4 packages on Debian stable 6.x squeeze. Unfortunately squeeze does not provide rt4 and assettracker packages so I use the packages that are available in debian testing (using apt pinning). After some tweaks (there were issues with the mysql schema about TYPE=InnoDB which now must be ENGINE=InnoDB) If debian is shipping rt4 packages with TYPE=InnoDB that's a bug. RT has shipped ENGINE since 4.0.0 and fixed it in 3.8 with 3.8.11. basically installation went fine, but again I am getting display problems with the rt start page. What I see in the front page is the text: LABEL ACCESSKEY=9 SELECT NAME =Type onchange=document.CreateAssetOfType.submit() class=select-assettype /SELECT /LABEL and Looks like Asset Tracker is pushing HTML into localized strings which is something we've discouraged for a long time and disabled in 4.0.6 because of the massive security holes in the approach. The Asset Tracker authors can convert to using l_unsafe but need to make sure they're not just introducing security holes. Best Practical doesn't work on Asset Tracker, so you probably want to contact the AT team directly. FYI...this has been resolved, but it hasn't been pushed upstream yet. https://github.com/rg1/rt-extension-assettracker/commit/c6f0a440358ab3695f692b4aa0eff540bc4cf156
Re: [rt-users] Installing and Configuring Asset Tracker in RT
Hello, I am currently trying to do the same. It's a complete fresh install. What OS and version are you using ? Are you using the rt4 packages provided by the distribution or are you installing from source ? This is what I tried so far: I installed the debian rt4 packages on Debian stable 6.x squeeze. Unfortunately squeeze does not provide rt4 and assettracker packages so I use the packages that are available in debian testing (using apt pinning). After some tweaks (there were issues with the mysql schema about TYPE=InnoDB which now must be ENGINE=InnoDB) I managed to install asset tracker but I got display errors in the rt start page. Next I tried the same using Debian testing instead of stable. But got the same display issues. Next I tried debian testing and installing from source wget http://download.bestpractical.com/pub//rt/release/rt-4.0.6.tar.gz git clone https://github.com/chakatodd/rt-extension-assettracker basically installation went fine, but again I am getting display problems with the rt start page. What I see in the front page is the text: LABEL ACCESSKEY=9 SELECT NAME =Type onchange=document.CreateAssetOfType.submit() class=select-assettype /SELECT /LABEL and Here is a Screenshot: http://files.muellers.ms/rt4-assettracker.png I guess this is an CSS issue or rt-extension-assettracker is not (yet) compatible to rt4 ? Thanks Carlos
Re: [rt-users] Installing and Configuring Asset Tracker in RT
Carlos Becker wrote: Next I tried debian testing and installing from source wget http://download.bestpractical.com/pub//rt/release/rt-4.0.6.tar.gz git clone https://github.com/chakatodd/rt-extension-assettracker basically installation went fine, but again I am getting display problems with the rt start page. What I see in the front page is the text: LABEL ACCESSKEY=9 SELECT NAME =Type onchange=document.CreateAssetOfType.submit() class=select-assettype /SELECT /LABEL and Here is a Screenshot: http://files.muellers.ms/rt4-assettracker.png I guess this is an CSS issue or rt-extension-assettracker is not (yet) compatible to rt4 ? I had the same problem when by accident the RT machine was upgraded ;-( I thought it had todo with some package being upgraded but it turned out it was RT itself. If you look at the asset component responsible for that text then you'll see the it uses scomp and in combination with a security hole that has been plugged in RT it is causing that problem. The l component in RT exists in a safe and unsafe version and nowadays it tries to escape html entities correctly but causes problems when you use scomp. Haven't figured out how to rewrite the assettracker component if you do please let me (us) know. Greetings, Joop
Re: [rt-users] Installing and Configuring Asset Tracker in RT
On Thu, Jul 05, 2012 at 12:42:23PM +0200, Carlos Becker wrote: I installed the debian rt4 packages on Debian stable 6.x squeeze. Unfortunately squeeze does not provide rt4 and assettracker packages so I use the packages that are available in debian testing (using apt pinning). After some tweaks (there were issues with the mysql schema about TYPE=InnoDB which now must be ENGINE=InnoDB) If debian is shipping rt4 packages with TYPE=InnoDB that's a bug. RT has shipped ENGINE since 4.0.0 and fixed it in 3.8 with 3.8.11. basically installation went fine, but again I am getting display problems with the rt start page. What I see in the front page is the text: LABEL ACCESSKEY=9 SELECT NAME =Type onchange=document.CreateAssetOfType.submit() class=select-assettype /SELECT /LABEL and Looks like Asset Tracker is pushing HTML into localized strings which is something we've discouraged for a long time and disabled in 4.0.6 because of the massive security holes in the approach. The Asset Tracker authors can convert to using l_unsafe but need to make sure they're not just introducing security holes. Best Practical doesn't work on Asset Tracker, so you probably want to contact the AT team directly. -kevin pgptScOsPuMt8.pgp Description: PGP signature
[rt-users] Installing and Configuring Asset Tracker in RT
I have installed and configured RT 4.05 and working perfectly now. I will like to add Asset Tracker to RT to track all asset that we purchase in my organization. How do I go about installing AT onto RT? Thanks, Haji
