| *** Joins: soustruh (~Miranda@ip-86-49-121-75.net.upcbroadband.cz) | 00:03 | |
| *** Quits: Cesare (~Adium@creati59.lnk.telstra.net) (Remote host closed the connection) | 00:56 | |
| *** Joins: Cesare (~Adium@creati59.lnk.telstra.net) | 00:56 | |
| *** Joins: brucelee (~adsfasdf@c-67-160-201-8.hsd1.ca.comcast.net) | 01:03 | |
| brucelee | hey guys, does mantis has the capability to generate tickets through email? | 01:04 |
|---|---|---|
| *** Joins: kirillka (~Miranda@195.242.142.17) | 03:00 | |
| *** Joins: Rixie (~Rixie@188.177.20.182) | 03:01 | |
| *** Joins: dhx1 (~anonymous@60-242-108-164.static.tpgi.com.au) | 03:11 | |
| dregad | brucelee: there is a plugin for e-mail reporting which might do what you need, check http://github.com/mantisbt-plugins/ | 03:15 |
| dhx1 | hey all | 03:16 |
| brucelee | dregad, yeah i read about that one, but im not sure if you need to have an account on mantis before you can do that by email | 03:24 |
| brucelee | i want to set up an email so clients can report tickets by emailing | 03:24 |
| * dregad waves at dhx1 | 03:24 | |
| brucelee | or i want to set up an email so ANYBODY can report tickets by emailng | 03:25 |
| dregad | brucelee: I do not support or even use the plugin, I just know it exists | 03:25 |
| brucelee | thanks :p | 03:25 |
| * dhx1 waves back | 03:26 | |
| *** Quits: dhx1 (~anonymous@60-242-108-164.static.tpgi.com.au) (Read error: Connection reset by peer) | 03:31 | |
| *** Joins: dhx1 (~anonymous@60-242-108-164.static.tpgi.com.au) | 03:33 | |
| *** Quits: Cesare (~Adium@creati59.lnk.telstra.net) (Quit: Leaving.) | 03:56 | |
| *** Joins: asm89 (~asm89@unaffiliated/asm89) | 03:58 | |
| *** Joins: soc42 (~soc42@f052058179.adsl.alicedsl.de) | 04:02 | |
| asm89 | how's my favorite bug tracker doing? | 04:22 |
| dhx1 | asm89: the best! :) | 04:24 |
| asm89 | decided on the database thing yet? :P | 04:26 |
| dhx1 | asm89: the 'next' branch has some initial work | 04:30 |
| dhx1 | it still needs a lot more work though | 04:30 |
| *** Joins: paul___ (52c6fa45@gateway/web/freenode/ip.82.198.250.69) | 04:30 | |
| dhx1 | paul___: speaking of whom... :) | 04:30 |
| *** Quits: micahg (~micahg@ubuntu/member/micahg) (Ping timeout: 264 seconds) | 04:31 | |
| *** Joins: cerf (~quassel@mcl71-3-78-241-52-239.fbx.proxad.net) | 04:31 | |
| dhx1 | asm89: I actually don't mind the Doctrine approach (query rewriter only... not the object-relational stuff) | 04:31 |
| asm89 | so dbal, not orm | 04:32 |
| dhx1 | yeah | 04:33 |
| dhx1 | although I have doubts about using it for complex schema designs | 04:33 |
| dhx1 | but those problems affect any implementation we choose... | 04:33 |
| asm89 | i get that | 04:33 |
| asm89 | but what is complex huh? :) | 04:33 |
| dhx1 | something like full text search in postgresql: http://www.postgresql.org/docs/9.0/interactive/textsearch.html | 04:35 |
| asm89 | (and mysql) | 04:35 |
| dhx1 | yep | 04:35 |
| asm89 | so vendor specific things | 04:35 |
| dhx1 | MS SQL 2008 too | 04:36 |
| dhx1 | probably most of them... but yeah, they're mostly vendor specific | 04:36 |
| asm89 | i know that you can add 'custom' query functions | 04:36 |
| dhx1 | generally it's not too hard for the runtime code that is querying the database | 04:36 |
| asm89 | if you define an api for those (like a SEARCH() function), then you can add vendor specific code over there | 04:37 |
| dhx1 | it seems like more of an issue with creating the database schema, modifying it, etc during installations and upgrades | 04:37 |
| asm89 | yes, schema management is hard for multiple platforms | 04:37 |
| asm89 | when trying to benefit from things as fulltext search that is | 04:38 |
| *** Joins: micahg (~micahg@ubuntu/member/micahg) | 04:47 | |
| dhx1 | yep | 05:38 |
| paul___ | dhx1: whts up? | 06:07 |
| dhx1 | paul___: not much... got IPv6 up and running at last, so I guess I should try MantisBT over IPv6 at some point | 06:07 |
| paul___ | heh | 06:08 |
| paul___ | i've been coding mantis recently | 06:08 |
| dhx1 | what? where? :) | 06:09 |
| dhx1 | database work? | 06:09 |
| paul___ | trying to generally carry on with branch | 06:14 |
| paul___ | I may have forgotton to push | 06:14 |
| paul___ | as I keep forgetting tyhe remote stuff | 06:14 |
| dregad | paul__: I am looking at bug #13276 where user mentions inconsistent behavior of g_show_attachment_indicator | 06:31 |
| dregad | it looks like this is not hiding the attachment column in the bug view page | 06:32 |
| dregad | looking at history, back in 2009 you changed the BugData class (commit 97b67e4bb) | 06:33 |
| dregad | and in that, you changed the column name from attachment to attachment_count | 06:34 |
| dregad | old column_api.php deleted line 31, new bug_api.php line 114 | 06:35 |
| dregad | but helper_api.php still references old name attachment when removing the column | 06:35 |
| dregad | so it does not get removed, and if g_show_attachment_indicator = ON then the bitmap is shown, and when OFF then it's the number of attachments | 06:39 |
| dhx1 | I think I may have helped rename the column? | 06:52 |
| dhx1 | or at least... I recall doing a fair number of changes to attachment icons | 06:53 |
| *** Quits: soc42 (~soc42@f052058179.adsl.alicedsl.de) (Remote host closed the connection) | 07:04 | |
| dregad | dhx1: I was doing further check in the code | 07:05 |
| dregad | I think the problem is not renaming itself, but the fact that the change was not cascaded | 07:05 |
| dhx1 | grepping for 'attachment' should find any misnamed columns... although I imagine it's not quite that easy | 07:05 |
| dhx1 | we should have received an error in that case | 07:06 |
| dregad | eg. the list of columns in config_defaults $g_view_issues_page_columns stil references attachment, but effectively that field is not valid and therefore gets removed by call to columns_remove_invalid | 07:06 |
| dregad | so no errors are generated because the system is smart enough to weed out wrong columns | 07:07 |
| dhx1 | aha | 07:07 |
| dhx1 | so existing installations (and new ones as a result of the defaults) are probably still using "attachment" | 07:08 |
| dregad | exactly | 07:08 |
| dhx1 | so if a user updates their preferences, is everything ok? | 07:08 |
| dregad | actually it's a bit more complex than that | 07:08 |
| dhx1 | obviously we need to fix the defaults too though :) | 07:08 |
| dregad | yes | 07:10 |
| dregad | the problem is that this will impact the columns displayed in existing installations | 07:10 |
| dregad | currently if g_show_attachment_indicator = OFF then the column is displayed anyway (but shows # attach instead of bitmap) | 07:11 |
| dregad | if I fix the code in helper_api (replacing attachment by attachment_count) then the column will no longer be displayed | 07:11 |
| dregad | which could be confusing to users | 07:12 |
| dhx1 | oh.. there are meant to be two separate columns | 07:12 |
| dregad | To fix without regression would probably require to have 2 global settings | 07:12 |
| dhx1 | attachment_count = number of attachments, attachment = icon indicating if there is one or more attachment | 07:12 |
| dregad | one for attachment on/off and one for attachment count on/off | 07:13 |
| dregad | in BugData class there is only attachment_count | 07:13 |
| dregad | and in the bug view page, only one column is displayed, with its contents depending on valude of g_show_attachment_indicator | 07:14 |
| dhx1 | what is the point of the configuration option? | 07:14 |
| dhx1 | it sounds stupid to me | 07:14 |
| dregad | the point is (or was) to hide the attachment column entirely, thereby reduncing the number of sql queries against DB for perfomrance reason | 07:15 |
| dregad | at least that's what the comment in config_default says | 07:15 |
| dhx1 | it's not an access control and is deprecated by user preferences (and global defaults) for which columns to display | 07:15 |
| *** Quits: kirillka (~Miranda@195.242.142.17) (Ping timeout: 240 seconds) | 07:15 | |
| dhx1 | hmm so a waste of space that could be improved by checking which columns to retrieve from the database? | 07:15 |
| dhx1 | (which we probably already do)? | 07:15 |
| dregad | what do you mean by waste of space? | 07:16 |
| dhx1 | not required | 07:16 |
| dhx1 | useless configuration option... it seems | 07:16 |
| dregad | Possibly yes | 07:16 |
| dregad | unless it's a way for admin to prevent users from adding the attachment field in their personal preferences | 07:17 |
| dregad | which I think it's a bit useless | 07:17 |
| dregad | I would think that to fix this properly, we should | 07:17 |
| dregad | 1. fix the helper_api to reference correct column | 07:17 |
| dregad | 2. fix default for field list to refer correct column | 07:18 |
| dregad | 3. change default of g_show_attachment_indicator from OFF to ON to prevent regression to existing users | 07:18 |
| dregad | what do you think ? | 07:18 |
| dhx1 | yeah very useless :) | 07:18 |
| dhx1 | I'd actually prefer to see whether the option can be removed | 07:19 |
| dhx1 | I don't see how it can be missed | 07:19 |
| dregad | can probably be done as well | 07:19 |
| dregad | btw this code is in sice 1.2.0rc1 | 07:19 |
| dhx1 | let me see if I can put together a patch | 07:20 |
| dregad | I already have most of it (except for removing g_show_attachment_indicator) | 07:20 |
| dhx1 | are you able to create a patch/push to a branch at github? | 07:22 |
| dregad | sure | 07:22 |
| dhx1 | we should place an access check against view_attachments_threshold instead | 07:23 |
| dhx1 | also... allow_view_own_attachments | 07:24 |
| dregad | right | 07:24 |
| dregad | hiding the column if user not allowed to view attachments | 07:25 |
| dhx1 | yeah | 07:25 |
| dhx1 | which I think we already do | 07:25 |
| dhx1 | file_can_view_bug_attachments(...) | 07:25 |
| dregad | didn't check but likely yes | 07:26 |
| dhx1 | already factors in allow_view_own_attachments | 07:26 |
| *** Joins: kirillka (~Miranda@195.242.142.17) | 07:26 | |
| dregad | funny | 07:27 |
| dregad | there is a function print_column_attachment_count in columns_api | 07:27 |
| dregad | but it's not used anywhere :-) | 07:28 |
| dregad | it does have the code for file_can_view_bug_attachments though ;-) | 07:28 |
| dhx1 | that's what I was looking at | 07:28 |
| dhx1 | and AFAIK it does get called... dynamically | 07:29 |
| dhx1 | in other words, we call a function named 'print_column_' . $t_column_name | 07:29 |
| dregad | ah yes you're right | 07:30 |
| dregad | custom_function_api.php line 326 | 07:33 |
| dregad | that actually explains the behavior described by the user in #13276 | 07:36 |
| dregad | because the access check is there in print_column_attachment_count, but not in print_column_title_attachment_count | 07:37 |
| dhx1 | aha | 07:38 |
| dhx1 | that may solve the problem then | 07:38 |
| dhx1 | if we're printing an extra title, that'll screw things up | 07:38 |
| dregad | nevermind what I just said - it prints an empty column (nbsp) if attachment count = 0 | 07:40 |
| dhx1 | oh | 07:42 |
| dhx1 | the access checks are actually performed when building the list of columns to display | 07:42 |
| dhx1 | but we also perform checks on a per-bug basis | 07:42 |
| dhx1 | this is actually quite a complicated matter when you factor in sub-projects where permissions may be different to parent projects | 07:43 |
| dhx1 | yet issues from both can be returned on the view issues page at the same time | 07:43 |
| dregad | right | 07:52 |
| *** Quits: soustruh (~Miranda@ip-86-49-121-75.net.upcbroadband.cz) (Quit: visit http://wormscesky.cz) | 07:55 | |
| dregad | dhx1: target 12x ? | 08:02 |
| dhx1 | dregad: ? | 08:03 |
| dregad | the change we discussed - target to 1.2.x or master ? | 08:03 |
| dhx1 | ah, I thought you were referring to the accidental '12x' file of recent times | 08:03 |
| dhx1 | target 1.2.x | 08:03 |
| dregad | :-O | 08:03 |
| dhx1 | and we'll forward port to master | 08:03 |
| dregad | ok | 08:04 |
| dhx1 | do you think you have this issue solved? | 08:04 |
| dhx1 | (need a hand?) | 08:04 |
| dregad | probably yes | 08:04 |
| dregad | if not I'll let you know | 08:04 |
| dregad | I'll put a github branch for your review | 08:05 |
| dhx1 | ok :) | 08:05 |
| dregad | dhx1: a thought, while testing the branch removing g_show_attachment_indicator - shouldn't we systematically call check.php after an upgrade ? | 09:47 |
| dregad | this would e.g. draw admin's attention to the fact that they are using obsolete params, which they might not realize | 09:48 |
| *** Joins: daryn (~daryn@h158.249.190.173.static.ip.windstream.net) | 09:51 | |
| *** Quits: kirillka (~Miranda@195.242.142.17) (Quit: kirillka) | 09:58 | |
| *** Quits: dregad (~dregad@wwwgate1.merck.de) (Quit: Ex-Chat) | 10:08 | |
| *** Quits: cerf (~quassel@mcl71-3-78-241-52-239.fbx.proxad.net) (Remote host closed the connection) | 11:17 | |
| *** Quits: asm89 (~asm89@unaffiliated/asm89) (Quit: bye!) | 11:20 | |
| *** Quits: paul___ (52c6fa45@gateway/web/freenode/ip.82.198.250.69) (Quit: Page closed) | 11:39 | |
| *** Joins: kirillka (~Miranda@75-193-55-95.baltnet.ru) | 12:10 | |
| *** Joins: Paul24 (~IceChat09@2001:470:9310:aaaa:25e1:d126:aab0:bed5) | 12:41 | |
| *** Parts: Rixie (~Rixie@188.177.20.182) () | 12:56 | |
| *** Joins: fredcooke (~fred@131.2.221.87.dynamic.jazztel.es) | 12:57 | |
| fredcooke | Hello! I searched for this, but had no luck, all I could find was instructions on entering this channel, so I decided to take the advice ;-) | 12:57 |
| fredcooke | Can Mantis announce new bugs and various or all changes to bugs in an IRC channel? | 12:57 |
| fredcooke | much as github can announce commits and pushes | 12:58 |
| jreese | fredcooke: https://github.com/jreese/supybot-mantis | 12:59 |
| fredcooke | jreese: i just found your repo | 12:59 |
| jreese | :P | 12:59 |
| fredcooke | ok, thats not what i found | 13:00 |
| jreese | the supybot plugin won't announce every single change, just new issues and newly-resolved issues, and then posts details whenevr someone mentions an issue # in channel | 13:01 |
| fredcooke | ok | 13:01 |
| fredcooke | what about IRCPlugin, what can that do/not do? | 13:02 |
| fredcooke | thanks for you help, btw :-) | 13:02 |
| jreese | that just allows users to join an IRC channel using a web client through your mantisbt install | 13:02 |
| Paul24 | moo | 13:02 |
| fredcooke | ok | 13:02 |
| jreese | see www.mantisbt.org/bugs and the IRC Chat link in the menu | 13:02 |
| fredcooke | need to be signed in to see it? | 13:04 |
| jreese | ah, apparently so | 13:04 |
| fredcooke | no problems | 13:04 |
| fredcooke | while i'm here... | 13:04 |
| jreese | it's basically just a wrapper around mibbit and freenode's webchat clients | 13:04 |
| fredcooke | i want the "assign back to reporter and let them test and close" workflow, but so far, from the UI, i've been unable to achieve that using advice from the mantis forums. i suspect i need to change config on the server to allow assigning to reporters, is that really true? | 13:05 |
| jreese | basically, yes | 13:06 |
| fredcooke | ok, i think i know what i need to change, in that case | 13:06 |
| fredcooke | if i have further trouble i'll come back and cry :-) | 13:06 |
| jreese | although the default workflow encourages: | 13:06 |
| jreese | put the issue into feedback, wait for the reporter to reply to the issue, and then the handler marks the issue as resolved | 13:07 |
| fredcooke | i read the main mans description of how he thinks it should work, still, a LOT of people disagree :-) | 13:07 |
| fredcooke | its pretty normal for a key group of testers to be reporting most bugs | 13:07 |
| jreese | eg, if an issue is marked in feedback, and the reporter replies to the issue, it will automatically change to assigned status | 13:07 |
| jreese | but, if you still want to be able to assign to reporters, there's a configuration value that specifies the threshold for that | 13:08 |
| fredcooke | yep | 13:08 |
| fredcooke | will fiddle and change it | 13:08 |
| fredcooke | thanks for confirming | 13:08 |
| jreese | $g_handle_bug_threshold | 13:08 |
| Paul24 | jreese: dhx will have gone by now right? | 13:09 |
| jreese | and $g_update_bug_assign_threshold to determine who can actually change the assigned person for an issue | 13:09 |
| jreese | Paul24: basically, yes | 13:09 |
| jreese | it's well past midnight there | 13:09 |
| Paul24 | jreese: any idea what that ocmpany reckon they have found? | 13:21 |
| Paul24 | jreese: aka https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_mantisbt.html | 13:21 |
| jreese | saw that, and have no clue | 13:22 |
| jreese | I'm hoping they're sending an email to Victor or our list so we can see what they think they've found | 13:23 |
| Paul24 | tbh, it's probably waht we already know about ;p | 13:23 |
| jreese | wouldn't be surprised | 13:24 |
| Paul24 | there's a couple of xss issues in 1.2.x | 13:25 |
| Paul24 | i.e. $path is vulnerable atm | 13:28 |
| Paul24 | erm | 13:28 |
| Paul24 | $g_path | 13:28 |
| fredcooke | :-( | 13:29 |
| Paul24 | we should fix that this w/e | 13:29 |
| Paul24 | then I can post a security advisory! | 13:29 |
| Paul24 | as that seems to be the done thing these days :) | 13:30 |
| jreese | I've just been waiting for someone to post a fix that doesn't actually break any of it's existing functionality... | 13:30 |
| Paul24 | yea, i've kinda decide in '2.0' we should just do what other sites do and ask users to enter a url | 13:30 |
| Paul24 | and not try to guess it | 13:30 |
| Paul24 | as the guessing stuff is more effort then it's worth :) | 13:31 |
| jreese | Paul24: my biggest issue with that is it breaks teh ability to use mantis from multiple domains | 13:31 |
| Paul24 | *not really* | 13:31 |
| Paul24 | at least, would just need to be careful | 13:31 |
| Paul24 | with how/what we do | 13:32 |
| *** Joins: soustruh (~Miranda@ip-86-49-121-75.net.upcbroadband.cz) | 13:39 | |
| *** Joins: chris38`` (~chris38@AGrenoble-751-1-23-176.w86-206.abo.wanadoo.fr) | 14:55 | |
| *** Quits: chris38` (~chris38@AGrenoble-751-1-14-182.w90-9.abo.wanadoo.fr) (Ping timeout: 246 seconds) | 14:57 | |
| *** Quits: chris38`` (~chris38@AGrenoble-751-1-23-176.w86-206.abo.wanadoo.fr) (Ping timeout: 252 seconds) | 15:03 | |
| *** Joins: chris38` (~chris38@AGrenoble-751-1-7-18.w90-9.abo.wanadoo.fr) | 15:08 | |
| *** Quits: daryn (~daryn@h158.249.190.173.static.ip.windstream.net) (Quit: Ex-Chat) | 15:10 | |
| *** Joins: soc42 (~soc42@f051080042.adsl.alicedsl.de) | 15:15 | |
| *** Joins: daryn (~daryn@h158.249.190.173.static.ip.windstream.net) | 15:16 | |
| *** Joins: Lukosanthropos (~Lukosanth@cpc23-seac20-2-0-cust78.7-2.cable.virginmedia.com) | 16:02 | |
| *** Quits: soc42 (~soc42@f051080042.adsl.alicedsl.de) (Remote host closed the connection) | 17:28 | |
| *** Quits: daryn (~daryn@h158.249.190.173.static.ip.windstream.net) (Quit: Ex-Chat) | 18:01 | |
| *** Quits: micahg (~micahg@ubuntu/member/micahg) (Read error: Operation timed out) | 18:22 | |
| *** Joins: micahg (~micahg@ubuntu/member/micahg) | 18:36 | |
| *** Quits: micahg (~micahg@ubuntu/member/micahg) (Remote host closed the connection) | 18:39 | |
| *** Joins: micahg_ (~micahg@ubuntu/member/micahg) | 18:40 | |
| *** Quits: Paul24 (~IceChat09@2001:470:9310:aaaa:25e1:d126:aab0:bed5) (Quit: Beware of programmers who carry screwdrivers.) | 18:50 | |
| *** Joins: Paul24 (~IceChat09@2001:470:9310:aaaa:25e1:d126:aab0:bed5) | 19:02 | |
| *** Joins: Cesare (~Adium@creati59.lnk.telstra.net) | 19:12 | |
| *** micahg_ is now known as micahg | 19:32 | |
| *** Quits: soustruh (~Miranda@ip-86-49-121-75.net.upcbroadband.cz) (Quit: visit http://wormscesky.cz) | 19:34 | |
| *** Quits: fredcooke (~fred@131.2.221.87.dynamic.jazztel.es) (Ping timeout: 250 seconds) | 19:36 | |
| *** Quits: scribe9343423 (~scribe934@static.96.23.63.178.clients.your-server.de) (Remote host closed the connection) | 20:00 | |
| *** Joins: scribe9343423 (~scribe934@static.96.23.63.178.clients.your-server.de) | 20:00 | |
| Paul24 | yay | 20:21 |
| Paul24 | i've found and fixed a bunch of possible security issues / bugs tonight i think | 20:21 |
| Paul24 | :) | 20:21 |
| Paul24 | now it's bedtime | 20:22 |
| Paul24 | :) | 20:22 |
| *** Quits: Paul24 (~IceChat09@2001:470:9310:aaaa:25e1:d126:aab0:bed5) (Quit: There's nothing dirtier then a giant ball of oil) | 20:38 | |
| *** Quits: tsnfoo (~fulekia@ws-imac27.test.denison.edu) (Quit: tsnfoo) | 22:09 | |
Generated by irclog2html.py 2.9.2 by Marius Gedminas - find it at mg.pov.lt!