View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0000957 | Main CAcert Website | organisational section | public | 2011-07-01 14:01 | 2013-01-15 17:33 |
| Reporter | INOPIAE | Assigned To | NEOatNHNG | ||
| Priority | normal | Severity | minor | Reproducibility | have not tried |
| Status | closed | Resolution | fixed | ||
| Fixed in Version | 2011 Q4 | ||||
| Summary | 0000957: Resize the comment field on https://secure.cacert.org/account.php?id=27 so more information is visible | ||||
| Description | see http://wiki.cacert.org/OrganisationAssurance/Team/Meetings/2011-06-30#preview | ||||
| Tags | No tags attached. | ||||
| Reviewed by | Ted, NEOatNHNG | ||||
| Test Instructions | |||||
|
|
COMMENTS TEXT (unlimited length) |
|
|
|
|
|
/pages/account/27.php comments field textedit field adjusted database field COMMENTS does not needs an upgrade as it is of type unlimited length |
|
|
|
|
|
effects NEW org too https://cacert1.of.avintec.de/account.php?id=24 /pages/account/24.php comments field textedit field adjusted in form database field COMMENTS does not needs an upgrade as it is of type unlimited length |
|
|
It also should be done for the comment field in the Organisation Adminitrator section when adding a new Organisation Adminstrator https://secure1.it-sls.de/account.php?id=33 |
|
|
/pages/account/24.php + 27.php effects orginfo.comments that has a complete handling design within the webdb code, starting from add a comment, edit a comment, delete a comment. /pages/account/33.php relates to a short comment for OrgAdmins added to an Organisation and effects the db field org.comments. In difference to the Organisations comment field, that has a complete add/edit/delete design, there exists no design to edit comment fields on OrgAdmin records. You can eiter add or delete a complete OrgAdmin record, but you cannot edit the comment field. In entering a big field (eg textarea) with several rows and columns, this implies, that a historical record to the OrgAdmin can be built up with the comment field. This leads to a false assumption. So therefor the OrgAdmin comment field should be either limited or completely removed. If there are historical remarks to add, add these to the orginfo.comments field instead of add a comment to the OrgAdmin, Organisation Assurers nor OrgAdmins can edit/update. The OrgAdmin comments field is just designed to store a short comment like phone number or a date or a nickname otherwise the webdb design needs an upgrade to also to implement an update page for the OrgAdmin's comment field. /pages/account/33.php has some sanitizeHTML() added SanitizeHTML() also added on the view OrgAdmin page /pages/account/32.php |
|
|
|
|
|
|
|
|
/pages/account/33.php input text field size and maxlength size defines width of the input field, but relates on text font, font size eg size=27 allows "12345678901234567890" all chars visible in text field, but using all "W"'s only 13 "W"'s are visible in the text input field and input field starts scrolling by entering more "W"'s so here form design and field design clashes |
|
|
Also increased the size of the other edit fields, it looks considerably nicer and the fields are tiny! Created git branch bug-957, merged into master branch and installed on the testserver |
|
|
Reviewed commit 94c1897f129f269cde9c8cb3c4a95011f328ead3 versus 1262ff0b1c8cf748c0dc6ed502d80c579ae672ca. Changes are acceptable |
|
|
Did some testing: - Log in with an account that has the Org Assurer Flag set - Org Assurer -> View Organisation -> Edit any org: Fields are bigger ==> OK - Org Assurer -> New Organisation Fields are bigger ==> OK - Org Assurer -> View Organisation -> Show Admins of an org -> Add new admin using html tags in department and/or mail address HTML-tags get stripped ==> OK comment is limited to 20 chars ==> OK (?) - Org Assurer -> View Organisation -> Edit any org -> Enter a big comment (> 20 chars) and save - Org Assurer -> View Organisation -> Show Admins of an org -> Add new admin Big comment from organisation is shown in comment field. If not modified it is saved into the database and shown in the admin list of the org ==> Is this OK??? I'd propose not to give any default comment for a new admin. |
|
|
- Org Assurer -> View Organisation -> Edit any org and - Org Assurer -> New Organisation Edit Org fields, especially comment, seem of proper size for me - Org Assurer -> View Organisation -> Show Admins of an org -> Add new admin using html tags in department and/or mail address After adding admin and saving the comment which is taken from Add organization (why?) in the same browser session and which is longer than 20 chars a red announcement text appears saying: "The comment is limited to 20 chars". But no truncating or the like occurs as tested in a new browser session from the org assuree session. Now seeing a similar comment from Ted above. I agree to https://bugs.cacert.org/view.php?id=957#c2247 not to give default comments which are then also visible by the org assuree. |
|
|
logged in Org Assurer: add new Organisation: Bug 957 Test GmbH Org Contact: bug957.contact@wiamail.de adding long comment with several rows click next - Org added view organisations lists: Bug 957 Test GmbH, Germany, Hessen DE Domains (0) Admins (0) Edit Delete ok, interupt to create an OrgAdmin account created account bug957.orgadmin@ doing assurances with 3 other accounts (3 x 35 AP => 100 AP) add CATS flag re-login to Org Assurer account Org Assurer - View Organisations Select Bug957 Test GmbH -> Admins (0) Administrators Add email: bug957.orgadmin@ department: .. Master Account: No Comments: => short comments field (as expected) phone / mobile / alt... would write "alternate email" but field is limited to 20 chars => ok Admin-comment is displayed under the Admins list => as expected, ok logout login as bug957.orgadmin menu options: + Org Client Certs + Org Server Certs only 2 visible, Org Assurer is hidden ok, interupt to create an OrgAdmin2 account created account bug957.orgadmin2@ doing assurances with 3 other accounts (3 x 35 AP => 100 AP) add CATS flag re-login to Org Assurer account Org Assurer - View Organisations Select Bug957 Test GmbH -> Admins (1) Administrators Add email: bug957.orgadmin2@ department: .. Master Account: Yes <= !!! Comments: some text upto 20 chars => short comments field (as expected) admin list displays Bug957 OrgAdmin 0 IT phone / mobile / alt Delete bug957 OrgAdmin2 1 IT short comment more t Delete => ok from bug notes https://bugs.cacert.org/view.php?id=957#c2247 and https://bugs.cacert.org/view.php?id=957#c2253 "- Org Assurer -> View Organisation -> Show Admins of an org -> Add new admin Big comment from organisation is shown in comment field." This I cannot confirm. The comment field is empty despite the fact there is a big long comment text under the Organisation comment but this may relate to the fact, that I've interupted the sessions to create addtl. user accounts to add as OrgAdmin (?!?) so this problem seems to be a browser cache problem with cached form fields text by default the comments field text under OrgAdmin is empty to outwit the browsers forms caching maybe a name-id for the comment field will prevent the duplication of the text ?!? to add form name="xyz" identifiers doesn't solve the problem. The only workable solution is to name the _config['comments'] memory field and the form fields 'comments' different like a) commentsorg and b) commentsoadm but the problem persists with adding several OrgAdmins. Adding the 2nd OrgAdmin displays the form content from OrgAdmin #1 The only chance here: to reset the form field content for OrgAdmin Adds to zero / empty Ok, the Add OrgAdmin form prefills the form with content from $_SESSION['config']['*'] fields, so also field $_SESSION['config']['comments'] this makes no sense either here. Adding a new admin, cannot be the same email as the admin before, adding the department is the only plausible field to duplicate. to duplicate the comment field doesn't make sense here, especialy it duplicates the Organisation comment ... Proposed solution: to not pre-fill any fields in /pages/account/33.php with values from session config memory. |
|
|
|
|
|
added /pages/account/33.php (update 2011-08-03) with pre-filling of form fields removed. the $_SESSION['config']['comments'] field may clash in a scenario where the Org Assurer adds several Orgs with several OrgAdmins to the database: a) add Org 1 - add OrgAdmin1.1 - add OrgAdmin1.2 b) add Org 2 here the comment from OrgAdmin1.2 may be displayed in the form for Org 2 comment This needs a bigger patch by renaming the form namefields for comments different under Organisation add (like commentsorg) and under OrgAdmin add (like commentsoadm) so first give it the simple try |
|
|
login in as OrgAssurer in all cases Create new Organisation if Organisation name or email address empty => error discription about missing data => ok Should not the town and country fields become mandatory fields? Larger comment field => ok The commit button is labled "Next" should this not better be "Save" Creating a second Organisation All fields are prefilled from the previous organisation. Should be empty. Adding the same organisation there is no cross check if existing and the organisation is duplicated. Logout + login again Create new Organisation all fields are empty View existing Organisation via edit and leave without any action Creating new Organisation empty fields View existing Organisation via edit and update data All fields are prefilled from the previous organisation. Should be empty. Deleting Organisation Question if delete => ok Cancel => Organisation deleted => false Delete => Organisation delete => ok Adding Domain => ok Adding a second domain Field is prefilled from previous domain. Could be usefull if an organisation as a few similar domains e.g. domain.com, domain.net,domain.de Try to add the same domain again => error discription that the domain is already used in an Organisation Account, nothing happens => ok Deleting domain Question if delete => ok Cancel => nothing happens => ok Delete => Organisation delete => ok Adding OrgAdmin If the email field is empty or an email address that is not a primary one => error discription that the address cannot be used => ok There is no cross check if account has assurer status. Account with 0 points, no CATS and no assurer flag is added => should not be allowed. NB. presently an OA must check over support if OrgAdmin has assurer status Comment field is restricted to 20 characters => ok Adding second OrgAdmin All field are prefilled from previous OrgAdmin. If the same data is used => nothing happens => ok Create new organisation Add new OrgAdmin Comment field is prefilled with the text from the Organisation Account. If the is text is longer than 20 characters it is still saved without length restriction => false Deleting OrgAdmin Question if delete => ok Cancel => nothing happens => ok Delete => OrgAdmin delete => ok |
|
|
prefills of forms .. read note https://bugs.cacert.org/view.php?id=957#c2280 below from bug notes https://bugs.cacert.org/view.php?id=957#c2247 and https://bugs.cacert.org/view.php?id=957#c2253 and https://bugs.cacert.org/view.php?id=957#c2281 renaming the form namefields for comments different under Organisation add (like commentsorg) and under OrgAdmin add (like commentsoadm) solves the problem that comments added under Org aren't displayed under OrgAdmin, but this doesn't solve the problem, that the browser cache adds the comment from Org1 to Org2, the comment from OrgAdmin1 to OrgAdmin2 :-P reset memory vars ? before / after each form process ?!? > There is no cross check if account has assurer status. Account with 0 points, > no CATS and no assurer flag is added => should not be allowed. > NB. presently an OA must check over support if OrgAdmin has assurer status there is a seperate bug# added https://bugs.cacert.org/view.php?id=967 |
|
|
|
|
|
|
|
|
updated patch for /pages/account/ 24.php and 33.php to reset session variables for form prefills prefilled forms confuses more then it helps. so in add forms the fields are reset to empty (don't prefill) and also effected session variables reset will be set if form is saved next time |
|
|
Added Ulis changes to branch bug-957, installed changes on testserver. |
|
|
Repeated test from https://bugs.cacert.org/view.php?id=957#c2247, comment in add admin dialog is empty ==> OK |
|
|
First review done, changes acceptable. |
|
|
login in as OrgAssurer in all cases Create new Organisation if Organisation name or email address empty => error discription about missing data => ok Should not the town and country fields become mandatory fields? Larger comment field => ok The commit button is labled "Next" should this not better be "Save" Creating a second Organisation All fields are empty. => ok Logout + login again Create new Organisation all fields are empty View existing Organisation via edit and leave without any action Creating new Organisation empty fields View existing Organisation via edit and update data All fields are empty. => ok Deleting Organisation Question if delete => ok Cancel => Organisation deleted => false Delete => Organisation delete => ok Adding Domain => ok Adding a second domain Field is prefilled from previous domain. Could be usefull if an organisation as a few similar domains e.g. domain.com, domain.net,domain.de Try to add the same domain again => error discription that the domain is already used in an Organisation Account, nothing happens => ok Deleting domain Question if delete => ok Cancel => nothing happens => ok Delete => Organisation delete => ok Adding OrgAdmin If the email field is empty or an email address that is not a primary one => error discription that the address cannot be used => ok There is no cross check if account has assurer status. Account with 0 points, no CATS and no assurer flag is added => should not be allowed. NB. presently an OA must check over support if OrgAdmin has assurer status Comment field is restricted to 20 characters => ok Adding second OrgAdmin All field are empty => ok Create new organisation Add new OrgAdmin Comment field is empty. => ok Deleting OrgAdmin Question if delete => ok Cancel => nothing happens => ok Delete => OrgAdmin delete => ok |
|
|
login as orgassurer (orgadmin flag set) "edit" one existing org editing big comment field, update https://cacert1.it-sls.de/account.php?id=25&viewcomment=1 long comments are saved into the record => ok add new org editing big comment field with html and Ümlauts https://cacert1.it-sls.de/account.php?id=25&viewcomment=1 displays both not handled. < b > < /b > removed, Ü not converted => ok adding 2 admins to prior created new org editing small comment field for new admin "small comment over l" 2 4 6 8 0 2 4 6 8 0 has 20 chars, prevents adding more characters -> ok adding 2nd admin => both ok login with orgadmin #1 (master flag set), of org created before and admin added before Menu section "Org Assurer" lists only "View" (despite the fact user has master flag set) listed organisation(s) with admin(2) link lists admins like orgassurer sees in adding view org except own account cannot be removed (N/A) -> ok delete 2nd admin -> cancel -> returns to overview with 2 admins listed -> ok delete 2nd admin -> delete -> returns to overview with 1 admin listed, 1 removed -> ok adding new admin (master flag not set) -> works -> ok all as expected -> ok |
|
|
tested by 3 needs 2nd and last review + deploy to critical system |
|
|
I have reviewed the changes and they are good to go. I have sent an email to the critical admins. |
|
|
The fix has been installed on the production server on December 27, 2011. See also: https://lists.cacert.org/wws/arc/cacert-systemlog/2011-12/msg00011.html |
|
|
More than 3 month fixed and no complaints |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2011-07-01 14:01 | INOPIAE | New Issue | |
| 2011-07-14 15:14 | Uli60 | Note Added: 0002133 | |
| 2011-07-14 15:25 | Uli60 | Assigned To | => Uli60 |
| 2011-07-14 15:25 | Uli60 | Status | new => needs work |
| 2011-07-14 15:25 | Uli60 | File Added: 27.php | |
| 2011-07-14 15:27 | Uli60 | Note Added: 0002134 | |
| 2011-07-14 15:27 | Uli60 | Status | needs work => fix available |
| 2011-07-14 15:30 | Uli60 | File Added: 24.php | |
| 2011-07-14 15:32 | Uli60 | Note Added: 0002135 | |
| 2011-07-17 07:50 | INOPIAE | Note Added: 0002145 | |
| 2011-07-17 15:27 | Uli60 | File Added: 33.php | |
| 2011-07-17 15:45 | Uli60 | Note Added: 0002146 | |
| 2011-07-17 15:46 | Uli60 | File Added: 32.php | |
| 2011-07-17 15:58 | Uli60 | File Deleted: 33.php | |
| 2011-07-17 15:58 | Uli60 | File Added: 33.php | |
| 2011-07-17 16:03 | Uli60 | Note Added: 0002147 | |
| 2011-08-02 18:37 | Ted | Assigned To | Uli60 => Ted |
| 2011-08-02 19:15 | Ted | Source_changeset_attached | => cacert-devel master c924d8a3 |
| 2011-08-02 19:25 | Ted | Note Added: 0002245 | |
| 2011-08-02 19:25 | Ted | Status | fix available => needs review & testing |
| 2011-08-02 19:25 | Ted | Source_changeset_attached | => cacert-devel master 130e67e0 |
| 2011-08-02 19:44 | Ted | Reviewed by | => Ted |
| 2011-08-02 19:44 | Ted | Note Added: 0002246 | |
| 2011-08-02 20:00 | Ted | Note Added: 0002247 | |
| 2011-08-02 21:28 | alex | Note Added: 0002253 | |
| 2011-08-03 10:57 | Uli60 | Note Added: 0002280 | |
| 2011-08-03 11:17 | Uli60 | Note Edited: 0002280 | |
| 2011-08-03 11:26 | Uli60 | Note Edited: 0002280 | |
| 2011-08-03 11:32 | Uli60 | Note Edited: 0002280 | |
| 2011-08-03 11:38 | Uli60 | Note Edited: 0002280 | |
| 2011-08-03 12:34 | Uli60 | Note Edited: 0002280 | |
| 2011-08-03 12:48 | Uli60 | Note Edited: 0002280 | |
| 2011-08-03 12:55 | Uli60 | File Added: 33-update110803.php | |
| 2011-08-03 13:00 | Uli60 | Note Added: 0002281 | |
| 2011-08-19 05:20 | INOPIAE | Note Added: 0002306 | |
| 2011-08-19 08:32 | Uli60 | Note Added: 0002308 | |
| 2011-08-19 08:33 | Uli60 | Note Edited: 0002308 | |
| 2011-08-19 08:37 | Uli60 | Note Edited: 0002308 | |
| 2011-08-19 08:40 | Uli60 | Note Edited: 0002308 | |
| 2011-08-19 09:48 | Uli60 | File Added: 24-update110819.php | |
| 2011-08-19 09:49 | Uli60 | File Added: 33-update110819.php | |
| 2011-08-19 09:52 | Uli60 | Note Added: 0002309 | |
| 2011-08-19 09:52 | Uli60 | Assigned To | Ted => Uli60 |
| 2011-08-19 09:52 | Uli60 | Status | needs review & testing => fix available |
| 2011-08-19 12:03 | Uli60 | Relationship added | related to 0000967 |
| 2011-08-23 22:06 | Ted | Note Added: 0002336 | |
| 2011-08-23 22:06 | Ted | Status | fix available => needs review & testing |
| 2011-08-23 22:09 | Ted | Note Added: 0002337 | |
| 2011-08-23 22:10 | Ted | Source_changeset_attached | => cacert-devel master ae39a705 |
| 2011-08-23 22:10 | Ted | Note Added: 0002338 | |
| 2011-08-23 22:34 | INOPIAE | Note Added: 0002339 | |
| 2011-09-22 23:18 | Uli60 | Note Added: 0002493 | |
| 2011-09-22 23:28 | Uli60 | Note Edited: 0002493 | |
| 2011-09-22 23:33 | Uli60 | Note Added: 0002494 | |
| 2011-09-22 23:33 | Uli60 | Status | needs review & testing => needs review |
| 2011-09-27 23:12 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver bd3888b5 |
| 2011-10-20 17:32 | NEOatNHNG | Assigned To | Uli60 => NEOatNHNG |
| 2011-11-24 17:20 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver 3adaa440 |
| 2011-11-24 17:20 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver 751dc567 |
| 2011-12-26 19:18 | NEOatNHNG | Note Added: 0002758 | |
| 2011-12-26 19:18 | NEOatNHNG | Status | needs review => ready to deploy |
| 2011-12-27 00:33 | NEOatNHNG | Reviewed by | Ted => Ted, NEOatNHNG |
| 2011-12-27 11:57 | wytze | Note Added: 0002759 | |
| 2011-12-27 11:57 | wytze | Status | ready to deploy => solved? |
| 2011-12-27 11:57 | wytze | Resolution | open => fixed |
| 2011-12-27 12:00 | NEOatNHNG | Source_changeset_attached | => cacert-devel release ab6709e0 |
| 2012-07-11 16:03 | INOPIAE | Relationship added | related to 0001083 |
| 2012-12-21 05:19 | Werner Dworak | Note Added: 0003522 | |
| 2012-12-21 05:19 | Werner Dworak | Status | solved? => closed |
| 2013-01-15 17:33 | Werner Dworak | Fixed in Version | => 2011 Q4 |
