X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=rt%2Fetc%2FRT_Config.pm.in;h=fd976de1f30907dff30bbbb9d2cfb3c348a0dcf8;hp=de7660a1949ca24a3bb732a51d5cdf349fa9cf5c;hb=9aee669886202be7035e6c6049fc71bc99dd3013;hpb=c24d6e2242ae0e026684b8f95decf156aba6e75e diff --git a/rt/etc/RT_Config.pm.in b/rt/etc/RT_Config.pm.in index de7660a19..fd976de1f 100644 --- a/rt/etc/RT_Config.pm.in +++ b/rt/etc/RT_Config.pm.in @@ -115,19 +115,40 @@ Set($Timezone, "US/Eastern"); =item C<@Plugins> -Set C<@Plugins> to a list of external RT plugins that should be -enabled (those plugins have to be previously downloaded and -installed). +Once a plugin has been downloaded and installed, use C to add +to the enabled C<@Plugins> list: -Example: + Plugin( "RT::Extension::SLA" ); + Plugin( "RT::Authen::ExternalAuth" ); -C +RT will also accept the distribution name (i.e. C) +instead of the package name (C). =cut Set(@Plugins, (qw(RTx::Calendar RT::Extension::MobileUI))); #RTx::Checklist )); +=item C<@StaticRoots> + +Set C<@StaticRoots> to serve extra paths with a static handler. The +contents of each hashref should be the the same arguments as +L takes. These paths will be checked before +any plugin or core static paths. + +Example: + + Set( @StaticRoots, + { + path => qr{^/static/}, + root => '/local/path/to/static/parent', + }, + ); + +=cut + +Set( @StaticRoots, () ); + =back @@ -140,7 +161,7 @@ Set(@Plugins, (qw(RTx::Calendar =item C<$DatabaseType> Database driver being used; case matters. Valid types are "mysql", -"Oracle" and "Pg". +"Oracle", and "Pg". "SQLite" is also available for non-production use. =cut @@ -194,15 +215,39 @@ SID and database objects are created in C<$DatabaseUser>'s schema. Set($DatabaseName, q{@DB_DATABASE@}); -=item C<$DatabaseRequireSSL> +=item C<%DatabaseExtraDSN> -If you're using PostgreSQL and have compiled in SSL support, set -C<$DatabaseRequireSSL> to 1 to turn on SSL communication with the -database. +Allows additional properties to be passed to the database connection +step. Possible properties are specific to the database-type; see +https://metacpan.org/pod/DBI#connect + +For PostgreSQL, for instance, the following enables SSL (but does no +certificate checking, providing data hiding but no MITM protection): + + # See https://metacpan.org/pod/DBD::Pg#connect + # and http://www.postgresql.org/docs/8.4/static/libpq-ssl.html + Set( %DatabaseExtraDSN, sslmode => 'require' ); + +For MySQL, the following acts similarly if the server has enabled SSL. +Otherwise, it provides no protection; MySQL provides no way to I +SSL connections: + + # See https://metacpan.org/pod/DBD::mysql#connect + # and http://dev.mysql.com/doc/refman/5.1/en/ssl-options.html + Set( %DatabaseExtraDSN, mysql_ssl => 1 ); + +=cut + +Set(%DatabaseExtraDSN, ()); + +=item C<$DatabaseAdmin> + +The name of the database administrator to connect to the database as +during upgrades. =cut -Set($DatabaseRequireSSL, undef); +Set($DatabaseAdmin, "@DB_DBA@"); =back @@ -222,7 +267,7 @@ message. =over 4 -=item C<$LogToSyslog>, C<$LogToScreen> +=item C<$LogToSyslog>, C<$LogToSTDERR> The minimum level error that will be logged to the specific device. From lowest to highest priority, the levels are: @@ -240,7 +285,7 @@ in your web server's error logs). =cut Set($LogToSyslog, "info"); -Set($LogToScreen, "info"); +Set($LogToSTDERR, "info"); =item C<$LogToFile>, C<$LogDir>, C<$LogToFileNamed> @@ -275,11 +320,9 @@ Set($LogStackTraces, ""); =item C<@LogToSyslogConf> -On Solaris or UnixWare, set to ( socket => 'inet' ). Options here -override any other options RT passes to L. -Other interesting flags include facility and logopt. (See the -L documentation for more information.) (Maybe -ident too, if you have multiple RT installations.) +Additional options to pass to L; the most +interesting flags include C, C, and possibly C. +See the L documentation for more information. =cut @@ -296,18 +339,12 @@ Set(@LogToSyslogConf, ()); =item C<$EmailSubjectTagRegex> This regexp controls what subject tags RT recognizes as its own. If -you're not dealing with historical C<$rtname> values, you'll likely -never have to change this configuration. +you're not dealing with historical C<$rtname> values, or historical +queue-specific subject tags, you'll likely never have to change this +configuration. Be B with it. Note that it overrides C<$rtname> for -subject token matching and that you should use only "non-capturing" -parenthesis grouping. For example: - -C - -and NOT - -C +subject token matching. The setting below would make RT behave exactly as it does without the setting enabled. @@ -319,8 +356,10 @@ setting enabled. =item C<$OwnerEmail> C<$OwnerEmail> is the address of a human who manages RT. RT will send -errors generated by the mail gateway to this address. This address -should I be an address that's managed by your RT instance. +errors generated by the mail gateway to this address; it will also be +displayed as the contact person on the RT's login page. Because RT +sends errors to this address, it should I be an address that's +managed by your RT instance, to avoid mail loops. =cut @@ -348,11 +387,15 @@ Set($StoreLoops, undef); =item C<$MaxAttachmentSize> C<$MaxAttachmentSize> sets the maximum size (in bytes) of attachments -stored in the database. +stored in the database. This setting is irrelevant unless one of +$TruncateLongAttachments or $DropLongAttachments (below) are set, B +the database is stored in Oracle. On Oracle, attachments larger than +this can be fully stored, but will be truncated to this length when +read. =cut -Set($MaxAttachmentSize, 10_000_000); +Set($MaxAttachmentSize, 10_000_000); # 10M =item C<$TruncateLongAttachments> @@ -387,9 +430,10 @@ already, you can generate a naive first pass regexp by using: perl etc/upgrade/generate-rtaddressregexp -If left blank, RT will generate a regexp for you, based on your -comment and correspond address settings on your queues; this comes at -a small cost in start-up speed. +If left blank, RT will compare each address to your configured +C<$CorrespondAddress> and C<$CommentAddress> before searching for a +Queue configured with a matching "Reply Address" or "Comment Address" +on the Queue Admin page. =cut @@ -409,38 +453,31 @@ Set($IgnoreCcRegexp, undef); =item C<$CanonicalizeEmailAddressMatch>, C<$CanonicalizeEmailAddressReplace> RT provides functionality which allows the system to rewrite incoming -email addresses. In its simplest form, you can substitute the value -in C for the value in -C (These values are passed to the -C subroutine in F) - -By default, that routine performs a C on any -address passed to it. +email addresses, using L. The +default implementation replaces all occurrences of the regular +expression in C with +C, via C. The +most common use of this is to replace C<@something.example.com> with +C<@example.com>. If more complex noramlization is required, +L can be overridden to provide it. =cut # Set($CanonicalizeEmailAddressMatch, '@subdomain\.example\.com$'); # Set($CanonicalizeEmailAddressReplace, '@example.com'); -=item C<$CanonicalizeOnCreate> - -Set this to 1 and the create new user page will use the values that -you enter in the form but use the function CanonicalizeUserInfo in -F - -=cut - -Set($CanonicalizeOnCreate, 0); - =item C<$ValidateUserEmailAddresses> -If C<$ValidateUserEmailAddresses> is 1, RT will refuse to create +By default C<$ValidateUserEmailAddresses> is 1, and RT will refuse to create users with an invalid email address (as specified in RFC 2822) or with an email address made of multiple email addresses. +Set this to 0 to skip any email address validation. Doing so may open up +vulnerabilities. + =cut -Set($ValidateUserEmailAddresses, undef); +Set($ValidateUserEmailAddresses, 1); =item C<$NonCustomerEmailRegexp> @@ -478,11 +515,28 @@ accordingly. =cut -Set($ExtractSubjectTagMatch, qr/\[.+? #\d+\]/); +Set($ExtractSubjectTagMatch, qr/\[[^\]]+? #\d+\]/); Set($ExtractSubjectTagNoMatch, ( ${RT::EmailSubjectTagRegex} ? qr/\[(?:${RT::EmailSubjectTagRegex}) #\d+\]/ : qr/\[\Q$RT::rtname\E #\d+\]/)); +=item C<$CheckMoreMSMailHeaders> + +Some email clients create a plain text version of HTML-formatted +email to help other clients that read only plain text. +Unfortunately, the plain text parts sometimes end up with +doubled newlines and these can then end up in RT. This +is most often seen in MS Outlook. + +Enable this option to have RT check for additional mail headers +and attempt to identify email from MS Outlook. When detected, +RT will then clean up double newlines. Note that it may +clean up intentional double newlines as well. + +=cut + +Set( $CheckMoreMSMailHeaders, 0); + =back @@ -495,20 +549,20 @@ Set($ExtractSubjectTagNoMatch, ( ${RT::EmailSubjectTagRegex} C<$MailCommand> defines which method RT will use to try to send mail. We know that 'sendmailpipe' works fairly well. If 'sendmailpipe' -doesn't work well for you, try 'sendmail'. Other options are 'smtp' -or 'qmail'. - -Note that you should remove the '-t' from C<$SendmailArguments> if you -use 'sendmail' rather than 'sendmailpipe' +doesn't work well for you, try 'sendmail'. 'qmail' is also a supported +value. For testing purposes, or to simply disable sending mail out into the -world, you can set C<$MailCommand> to 'testfile' which writes all mail -to a temporary file. RT will log the location of the temporary file -so you can extract mail from it afterward. +world, you can set C<$MailCommand> to 'mbox' which logs all mail, in +mbox format, to files in F based in the process start +time. The 'testfile' option is similar, but the files that it creates +(under /tmp) are temporary, and removed upon process completion; the +format is also not mbox-compatable. =cut -Set($MailCommand, "sendmailpipe"); +#Set($MailCommand, "sendmailpipe"); +Set($MailCommand, "sendmail"); =item C<$SetOutgoingMailFrom> @@ -518,6 +572,14 @@ Correspond mail address of the ticket's queue. Warning: If you use this setting, bounced mails will appear to be incoming mail to the system, thus creating new tickets. +If the value contains an C<@>, it is assumed to be an email address and used as +a global envelope sender. Expected usage in this case is to simply set the +same envelope sender on all mail from RT, without defining +C<$OverrideOutgoingMailFrom>. If you do define C<$OverrideOutgoingMailFrom>, +anything specified there overrides the global value (including Default). + +This option only works if C<$MailCommand> is set to 'sendmailpipe'. + =cut Set($SetOutgoingMailFrom, 0); @@ -529,11 +591,12 @@ address of the queue as it is handed to sendmail -f. This helps force the From_ header away from www-data or other email addresses that show up in the "Sent by" line in Outlook. -The option is a hash reference of queue name to email address. If +The option is a hash reference of queue id/name to email address. If there is no ticket involved, then the value of the C key will be used. -This option is irrelevant unless C<$SetOutgoingMailFrom> is set. +This option only works if C<$SetOutgoingMailFrom> is enabled and +C<$MailCommand> is set to 'sendmailpipe'. =cut @@ -639,6 +702,9 @@ Set($NotifyActor, 0); By default, RT records each message it sends out to its own internal database. To change this behavior, set C<$RecordOutgoingEmail> to 0 +If this is disabled, users' digest mail delivery preferences +(i.e. EmailFrequency) will also be ignored. + =cut Set($RecordOutgoingEmail, 1); @@ -673,6 +739,29 @@ will use the address of the current user and remove RT's subject tag. Set($ForwardFromUser, 0); +=item C<$HTMLFormatter> + +RT's default pure-perl formatter may fail to successfully convert even +on some relatively simple HTML; this will result in blank C +parts, which is particuarly unfortunate if HTML templates are not in +use. + +If the optional dependency L is installed, RT will +use external programs to render HTML to plain text. The default is to +try, in order, C, C, C, C, C, and +then fall back to the C pure-perl formatter if none are installed. + +Set C<$HTMLFormatter> to one of the above programs (or the full path to +such) to use a different program than the above would choose by default. +Setting this requires that L be installed. + +If the chosen formatter is not in the webserver's $PATH, you may set +this option the full path to one of the aforementioned executables. + +=cut + +Set($HTMLFormatter, undef); + =back =head2 Email dashboards @@ -720,16 +809,14 @@ These options only take effect if C<$MailCommand> is 'sendmail' or =item C<$SendmailArguments> C<$SendmailArguments> defines what flags to pass to C<$SendmailPath> -If you picked 'sendmailpipe', you MUST add a -t flag to -C<$SendmailArguments> These options are good for most sendmail -wrappers and work-a-likes. +These options are good for most sendmail wrappers and work-a-likes. These arguments are good for sendmail brand sendmail 8 and newer: -C +C =cut -Set($SendmailArguments, "-oi -t"); +Set($SendmailArguments, "-oi"); =item C<$SendmailBounceArguments> @@ -753,39 +840,6 @@ Set($SendmailPath, "/usr/sbin/sendmail"); =back -=head2 SMTP configuration - -These options only take effect if C<$MailCommand> is 'smtp' - -=over 4 - -=item C<$SMTPServer> - -C<$SMTPServer> should be set to the hostname of the SMTP server to use - -=cut - -Set($SMTPServer, undef); - -=item C<$SMTPFrom> - -C<$SMTPFrom> should be set to the 'From' address to use, if not the -email's 'From' - -=cut - -Set($SMTPFrom, undef); - -=item C<$SMTPDebug> - -C<$SMTPDebug> should be set to 1 to debug SMTP mail sending - -=cut - -Set($SMTPDebug, 0); - -=back - =head2 Other mailers =over 4 @@ -793,7 +847,7 @@ Set($SMTPDebug, 0); =item C<@MailParams> C<@MailParams> defines a list of options passed to $MailCommand if it -is not 'sendmailpipe', 'sendmail', or 'smtp' +is not 'sendmailpipe' or 'sendmail'; =cut @@ -811,15 +865,16 @@ Set(@MailParams, ()); This determines the default stylesheet the RT web interface will use. RT ships with several themes by default: - web2 The default layout for RT 3.8 + rudder The default theme for RT 4.2 aileron The default layout for RT 4.0 + web2 The default layout for RT 3.8 ballard Theme which doesn't rely on JavaScript for menuing This bundled distibution of RT also includes: - freeside3 Integration with Freeside (enabled by default) - freeside2.1 Previous Freeside theme + freeside4 Integration with Freeside (enabled by default) + freeside3 Previous Freeside theme -This value actually specifies a directory in F +This value actually specifies a directory in F from which RT will try to load the file main.css (which should @import any other files the stylesheet needs). This allows you to easily and cleanly create your own stylesheets to apply to RT. This option can @@ -827,7 +882,7 @@ be overridden by users in their preferences. =cut -Set($WebDefaultStylesheet, "freeside3"); +Set($WebDefaultStylesheet, "freeside4"); =item C<$DefaultQueue> @@ -866,6 +921,48 @@ custom field values from external sources at runtime. Set(@CustomFieldValuesSources, ('RT::CustomFieldValues::Queues')); +=item C<%CustomFieldGroupings> + +This option affects the display of ticket and user custom fields in the +web interface. It does not address the sorting of custom fields within +the groupings; which is controlled by the Ticket Custom Fields tab in +Queue Configuration in the Admin UI. + +A nested datastructure defines how to group together custom fields +under a mix of built-in and arbitrary headings ("groupings"). + +Set C<%CustomFieldGroupings> to a nested structure similar to the following: + + Set(%CustomFieldGroupings, + 'RT::Ticket' => [ + 'Grouping Name' => ['CF Name', 'Another CF'], + 'Another Grouping' => ['Some CF'], + 'Dates' => ['Shipped date'], + ], + 'RT::User' => [ + 'Phones' => ['Fax number'], + ], + ); + +The first level keys are record types for which CFs may be used, and the +values are either hashrefs or arrayrefs -- if arrayrefs, then the +ordering is preserved during display, otherwise groupings are displayed +alphabetically. The second level keys are the grouping names and the +values are array refs containing a list of CF names. + +There are several special built-in groupings which RT displays in +specific places (usually the collapsible box of the same title). The +ordering of these standard groupings cannot be modified. You may also +only append Custom Fields to the list in these boxes, not reorder or +remove core fields. + +For C, these groupings are: C, C, C, C + +For C: C, C, C, C + +Extensions may also add their own built-in groupings, refer to the individual +extension documentation for those. + =item C<$CanonicalizeRedirectURLs> Set C<$CanonicalizeRedirectURLs> to 1 to use C<$WebURL> when @@ -882,31 +979,25 @@ enable this option. Set($CanonicalizeRedirectURLs, 0); -=item C<@JSFiles> +=item C<$CanonicalizeURLsInFeeds> + +Set C<$CanonicalizeURLsInFeeds> to 1 to use C<$WebURL> in feeds +rather than the one we get from request. + +If you use RT behind a reverse proxy, you almost certainly want to +enable this option. + +=cut -A list of JavaScript files to be included in head. Removing any of -the default entries is not suggested. +Set($CanonicalizeURLsInFeeds, 0); -If you're a plugin author, refer to RT->AddJavaScript. +=item C<@JSFiles> + +A list of additional JavaScript files to be included in head. =cut -Set(@JSFiles, qw/ - jquery-1.4.2.min.js - jquery_noconflict.js - jquery-ui-1.8.4.custom.min.js - jquery-ui-patch-datepicker.js - ui.timepickr.js - titlebox-state.js - util.js - userautocomplete.js - jquery.event.hover-1.0.js - superfish.js - supersubs.js - jquery.supposition.js - history-folding.js - late.js -/); +Set(@JSFiles, qw//); =item C<$JSMinPath> @@ -933,14 +1024,75 @@ Set(@CSSFiles, qw//); =item C<$UsernameFormat> -This determines how user info is displayed. 'concise' will show one of -either NickName, RealName, Name or EmailAddress, depending on what -exists and whether the user is privileged or not. 'verbose' will show -RealName and EmailAddress. +This determines how user info is displayed. 'concise' will show the +first of RealName, Name or EmailAddress that has a value. 'verbose' will +show EmailAddress, and the first of RealName or Name which is defined. +The default, 'role', uses 'verbose' for unprivileged users, and the Name +followed by the RealName for privileged users. + +=cut + +Set($UsernameFormat, "concise"); + +=item C<$UserSearchResultFormat> + +This controls the display of lists of users returned from the User +Summary Search. The display of users in the Admin interface is +controlled by C<%AdminSearchResultFormat>. + +=cut + +Set($UserSearchResultFormat, + q{ '__id__/TITLE:#'} + .q{,'__Name__/TITLE:Name'} + .q{,__RealName__, __EmailAddress__} +); + +=item C<@UserSummaryPortlets> + +A list of portlets to be displayed on the User Summary page. +By default, we show all of the available portlets. +Extensions may provide their own portlets for this page. + +=cut + +Set(@UserSummaryPortlets, (qw/ExtraInfo CreateTicket ActiveTickets InactiveTickets/)); + +=item C<$UserSummaryExtraInfo> + +This controls what information is displayed on the User Summary +portal. By default the user's Real Name, Email Address and Username +are displayed. You can remove these or add more as needed. This +expects a Format string of user attributes. Please note that not all +the attributes are supported in this display because we're not +building a table. + +=cut + +Set($UserSummaryExtraInfo, "RealName, EmailAddress, Name"); + +=item C<$UserSummaryTicketListFormat> + +Control the appearance of the Active and Inactive ticket lists in the +User Summary. =cut -Set($UsernameFormat, "verbose"); +Set($UserSummaryTicketListFormat, q{ + '__id__/TITLE:#', + '__Subject__/TITLE:Subject', + Status, + QueueName, + Owner, + Priority, + '__NEWLINE__', + '', + '__Requestors__', + '__CreatedRelative__', + '__ToldRelative__', + '__LastUpdatedRelative__', + '__TimeLeft__' +}); =item C<$WebBaseURL>, C<$WebURL> @@ -974,7 +1126,7 @@ Define the directory name to be used for images in RT web documents. =cut -Set($WebImagesURL, RT->Config->Get('WebPath') . "/NoAuth/images/"); +Set($WebImagesURL, RT->Config->Get('WebPath') . "/static/images/"); =item C<$LogoURL> @@ -1002,24 +1154,6 @@ will be passed through C for localization. Set($LogoAltText, "Best Practical Solutions, LLC corporate logo"); -=item C<$LogoImageHeight> - -C<$LogoImageHeight> is the value of the C attribute of the logo -C tag. - -=cut - -Set($LogoImageHeight, 38); - -=item C<$LogoImageWidth> - -C<$LogoImageWidth> is the value of the C attribute of the logo -C tag. - -=cut - -Set($LogoImageWidth, 181); - =item C<$WebNoAuthRegex> What portion of RT's URL space should not require authentication. The @@ -1068,10 +1202,10 @@ RT comes with two TrueType fonts covering most available languages. Set( %ChartFont, - 'zh-cn' => "$RT::BasePath/share/fonts/DroidSansFallback.ttf", - 'zh-tw' => "$RT::BasePath/share/fonts/DroidSansFallback.ttf", - 'ja' => "$RT::BasePath/share/fonts/DroidSansFallback.ttf", - 'others' => "$RT::BasePath/share/fonts/DroidSans.ttf", + 'zh-cn' => "$RT::FontPath/DroidSansFallback.ttf", + 'zh-tw' => "$RT::FontPath/DroidSansFallback.ttf", + 'ja' => "$RT::FontPath/DroidSansFallback.ttf", + 'others' => "$RT::FontPath/DroidSans.ttf", ); =item C<$ChartsTimezonesInDB> @@ -1088,6 +1222,19 @@ At this time, this feature only applies to MySQL and PostgreSQL. Set($ChartsTimezonesInDB, 0); +=item C<@ChartColors> + +An array of 6-digit hexadecimal RGB color values used for chart series. By +default there are 12 distinct colors. + +=cut + +Set(@ChartColors, qw( + 66cc66 ff6666 ffcc66 663399 + 3333cc 339933 993333 996633 + 33cc33 cc3333 cc9933 6633cc +)); + =back @@ -1121,7 +1268,12 @@ user's customized homepage ("RT at a glance"). =cut -Set($HomepageComponents, [qw(QuickCreate Quicksearch MyCalendar MyAdminQueues MySupportQueues MyReminders RefreshHomepage Dashboards SavedSearches)]); +Set( + $HomepageComponents, + [ + qw(QuickCreate Quicksearch MyCalendar MyAdminQueues MySupportQueues MyReminders RefreshHomepage Dashboards SavedSearches FindUser ) # loc_qw + ] +); =back @@ -1135,16 +1287,13 @@ Set($HomepageComponents, [qw(QuickCreate Quicksearch MyCalendar MyAdminQueues My =item C<$UseSQLForACLChecks> Historically, ACLs were checked on display, which could lead to empty -search pages and wrong ticket counts. Set C<$UseSQLForACLChecks> to 1 -to limit search results in SQL instead, which eliminates these -problems. - -This option is still relatively new; it may result in performance -problems in some cases, or significant speedups in others. +search pages and wrong ticket counts. Set C<$UseSQLForACLChecks> to 0 +to go back to this method; this will reduce the complexity of the +generated SQL statements, at the cost of the aforementioned bugs. =cut -Set($UseSQLForACLChecks, undef); +Set($UseSQLForACLChecks, 1); =item C<$TicketsItemMapSize> @@ -1185,10 +1334,10 @@ Set ($DefaultSearchResultFormat, qq{ Customer, Status, QueueName, - OwnerName, + Owner, Priority, '__NEWLINE__', - '', + '__NBSP__', '__Requestors__', '__CustomerTags__', '__CreatedRelative__', @@ -1196,6 +1345,23 @@ Set ($DefaultSearchResultFormat, qq{ '__LastUpdatedRelative__', '__TimeLeft__'}); +=item C<$DefaultSearchResultOrderBy> + +What Tickets column should we order by for RT Ticket search results. + +=cut + +Set($DefaultSearchResultOrderBy, 'id'); + +=item C<$DefaultSearchResultOrder> + +When ordering RT Ticket search results by C<$DefaultSearchResultOrderBy>, +should the sort be ascending (ASC) or descending (DESC). + +=cut + +Set($DefaultSearchResultOrder, 'ASC'); + =item C<$DefaultSelfServiceSearchResultFormat> C<$DefaultSelfServiceSearchResultFormat> is the default format of @@ -1208,7 +1374,7 @@ Set($DefaultSelfServiceSearchResultFormat, qq{ '__Subject__/TITLE:Subject', Status, Requestors, - OwnerName}); + Owner}); =item C<%FullTextSearch> @@ -1230,6 +1396,18 @@ Set(%FullTextSearch, Indexed => 0, ); +=item C<$DontSearchFileAttachments> + +If C<$DontSearchFileAttachments> is set to 1, then uploaded files +(attachments with file names) are not searched during content +search. + +Note that if you use indexed FTS then named attachments are still +indexed by default regardless of this option. + +=cut + +Set($DontSearchFileAttachments, undef); =item C<$OnlySearchActiveTicketsInSimpleSearch> @@ -1276,6 +1454,20 @@ Ticket/Display.html. This option can be controlled by users also. Set($MoreAboutRequestorTicketList, "Active"); +=item C<$MoreAboutRequestorTicketListFormat> + +Control the appearance of the ticket lists in the 'More About Requestors' box. + +=cut + +Set($MoreAboutRequestorTicketListFormat, q{ + '__id__', + '__Owner__', + '__Subject__', + '__Status__', +}); + + =item C<$MoreAboutRequestorExtraInfo> By default, the 'More about requestor' box on Ticket/Display.html @@ -1337,6 +1529,12 @@ builder are replaced by text fields that autocomplete. This can alleviate the sometimes huge owner list for installations where many users have the OwnTicket right. +Autocompleter is automatically turned on if list contains more than +50 users, but penalty of executing potentially slow query is still paid. + +Drop down doesn't show unprivileged users. If your setup allows unprivileged +to own ticket then you have to enable autocompleting. + =cut Set($AutocompleteOwners, 0); @@ -1351,15 +1549,19 @@ is ignored. Helpful when owners list is huge in the query builder. Set($AutocompleteOwnersForSearch, 0); -=item C<$UserAutocompleteFields> +=item C<$UserSearchFields> + +Used by the User Autocompleter as well as the User Search. -Specifies which fields of L to match against and how to -match each field when autocompleting users. Valid match methods are -LIKE, STARTSWITH, ENDSWITH, =, and !=. +Specifies which fields of L to match against and how to match +each field when autocompleting users. Valid match methods are LIKE, +STARTSWITH, ENDSWITH, =, and !=. Valid search fields are the core User +fields, as well as custom fields, which are specified as "CF.1234" or +"CF.Name" =cut -Set($UserAutocompleteFields, { +Set($UserSearchFields, { EmailAddress => 'STARTSWITH', Name => 'STARTSWITH', RealName => 'LIKE', @@ -1367,14 +1569,31 @@ Set($UserAutocompleteFields, { =item C<$AllowUserAutocompleteForUnprivileged> -Should unprivileged users be allowed to autocomplete users. Setting -this option to 1 means unprivileged users will be able to search all -your users. +Should unprivileged users (users of SelfService) be allowed to +autocomplete users. Setting this option to 1 means unprivileged users +will be able to search all your users. =cut Set($AllowUserAutocompleteForUnprivileged, 0); +=item C<$TicketAutocompleteFields> + +Specifies which fields of L to match against and how to match each +field when autocompleting users. Valid match methods are LIKE, STARTSWITH, +ENDSWITH, C<=>, and C. + +Not all Ticket fields are publically accessible and hence won't work for +autocomplete unless you override their accessibility using a local overlay or a +plugin. Out of the box the following fields are public: id, Subject. + +=cut + +Set( $TicketAutocompleteFields, { + id => 'STARTSWITH', + Subject => 'LIKE', +}); + =item C<$DisplayTicketAfterQuickCreate> Enable this to redirect to the created ticket display page @@ -1481,15 +1700,6 @@ for Rich Text settings. Set($MessageBoxWidth, undef); Set($MessageBoxHeight, 15); -=item C<$MessageBoxWrap> - -Wrapping is disabled when using MessageBoxRichText because of a bad -interaction between IE and wrapping with the Rich Text Editor. - -=cut - -Set($MessageBoxWrap, "SOFT"); - =item C<$MessageBoxRichText> Should "rich text" editing be enabled? This option lets your users @@ -1519,7 +1729,7 @@ Set($MessageBoxIncludeSignature, 1); =item C<$MessageBoxIncludeSignatureOnComment> Should your users' signatures (from their Preferences page) be -included in Comments. Setting this to false overrides +included in Comments. Setting this to 0 overrides C<$MessageBoxIncludeSignature>. =cut @@ -1543,15 +1753,39 @@ option can be overridden by users in their preferences. Set($OldestTransactionsFirst, 1); -=item C<$DeferTransactionLoading> +=item C<$ShowHistory> -When set, defers loading ticket history until the user clicks a link. -This should end up serving pages to users quicker, since generating -all the HTML for transaction history can be slow for long tickets. +This option controls how history is shown on the ticket display page. It +accepts one of three possible modes and is overrideable on a per-user +preference level. If you regularly deal with long tickets and don't care much +about the history, you may wish to change this option to C. + +=over + +=item C (the default) + +When set to C, history is loaded via javascript after the rest of the +page has been loaded. This speeds up apparent page load times and generally +provides a smoother experience. You may notice slight delays before the ticket +history appears on very long tickets. + +=item C + +When set to C, history is loaded on demand when a placeholder link is +clicked. This speeds up ticket display page loads and history is never loaded +if not requested. + +=item C + +When set to C, history is loaded before showing the page. This ensures +history is always available immediately, but at the expense of longer page load +times. This behaviour was the default in RT 4.0. + +=back =cut -# Set($DeferTransactionLoading, 1); +Set($ShowHistory, 'delay'); =item C<$ShowBccHeader> @@ -1581,28 +1815,24 @@ overrides C. Set($AlwaysDownloadAttachments, undef); -=item C<$AttachmentUnits> - -Controls the units (kilobytes or bytes) that attachment sizes use for -display. The default is to display kilobytes if the attachment is -larger than 1024 bytes, bytes otherwise. If you set -C<$AttachmentUnits> to C<'k'> then attachment sizes will always be -displayed in kilobytes. If set to C<'b'>, then sizes will be bytes. +=item C<$PreferRichText> -=cut +By default, RT shows rich text (HTML) messages if possible. If +C<$PreferRichText> is set to 0, RT will show plain text messages in +preference to any rich text alternatives. -Set($AttachmentUnits, undef); +As a security precaution, RT limits the HTML that is displayed to a +known-good subset -- as allowing arbitrary HTML to be displayed exposes +multiple vectors for XSS and phishing attacks. If +L is enabled, the original HTML is available for +viewing via the "Download" link. -=item C<$PreferRichText> - -If C<$PreferRichText> is set to 1, RT will show HTML/Rich text messages -in preference to their plain-text alternatives. RT "scrubs" the HTML to -show only a minimal subset of HTML to avoid possible contamination by -cross-site-scripting attacks. +If the optional L dependency is installed, RT will leverage +this to allow a broader set of HTML through, including tables. =cut -Set($PreferRichText, undef); +Set($PreferRichText, 1); =item C<$MaxInlineBody> @@ -1625,23 +1855,25 @@ behavior. Set($ShowTransactionImages, 1); -=item C<$PlainTextPre> +=item C<$ShowRemoteImages> -Normally plaintext attachments are displayed as HTML with line breaks -preserved. This causes space- and tab-based formatting not to be -displayed correctly. By setting $PlainTextPre messages will be -displayed using 
.
+By default, RT doesn't show remote images attached to incoming (and outgoing)
+ticket updates inline.  Set this variable to 1 if you'd like to enable remote
+image display.  Showing remote images may allow spammers and other senders to
+track when messages are viewed and see referer information.
 
-=cut
+Note that this setting is independent of L above.
 
-Set($PlainTextPre, 0);
+=cut
 
+Set($ShowRemoteImages, 0);
 
 =item C<$PlainTextMono>
 
-Set C<$PlainTextMono> to 1 to use monospaced font and preserve
-formatting; unlike C<$PlainTextPre>, the text will wrap to fit width
-of the browser window; this option overrides C<$PlainTextPre>.
+Normally plaintext attachments are displayed as HTML with line breaks
+preserved.  This causes space- and tab-based formatting not to be
+displayed correctly.  Set C<$PlainTextMono> to 1 to use a monospaced
+font and preserve formatting.
 
 =cut
 
@@ -1668,17 +1900,35 @@ provides two formats:
   link after the URL.
 
 * 'httpurl_overwrite': also detects URLs as 'httpurl' format, but
-  replaces the URL with a link.
+  replaces the URL with a link.  Enabled by default.
 
 See F for documentation on how to add
 your own styles of link detection.
 
 =cut
 
-Set(@Active_MakeClicky, qw());
+Set(@Active_MakeClicky, qw(httpurl_overwrite));
 
-=back
+=item C<$QuoteFolding>
+
+Quote folding is the hiding of old replies in transaction history.
+It defaults to on.  Set this to 0 to disable it.
+
+=cut
+
+Set($QuoteFolding, 1);
 
+=item C<$AllowLoginPasswordAutoComplete>
+
+Allow browsers to remember the user's password on login (in case the
+browser can do so, and has the appropriate setting enabled). Default
+is 0.
+
+=cut
+
+Set($AllowLoginPasswordAutoComplete, 0);
+
+=back
 
 
 =head1 Application logic
@@ -1689,9 +1939,11 @@ Set(@Active_MakeClicky, qw());
 
 If C<$ParseNewMessageForTicketCcs> is set to 1, RT will attempt to
 divine Ticket 'Cc' watchers from the To and Cc lines of incoming
-messages.  Be forewarned that if you have I addresses which forward
-mail to RT automatically and you enable this option without modifying
-C<$RTAddressRegexp> below, you will get yourself into a heap of trouble.
+messages that create new Tickets. This option does not apply to replies
+or comments on existing Tickets. Be forewarned that if you have I
+addresses which forward mail to RT automatically and you enable this
+option without modifying C<$RTAddressRegexp> below, you will get
+yourself into a heap of trouble.
 
 =cut
 
@@ -1742,8 +1994,9 @@ Set($ApprovalRejectionNotes, 1);
 =item C<$ForceApprovalsView>
 
 Should approval tickets only be viewed and modified through the standard
-approval interface?  Changing this setting to 1 will redirect any attempt to
-use the normal ticket display and modify page for approval tickets.
+approval interface?  With this setting enabled (by default), any attempt to use
+the normal ticket display and modify page for approval tickets will be
+redirected.
 
 For example, with this option set to 1 and an approval ticket #123:
 
@@ -1753,23 +2006,25 @@ is redirected to
 
     /Approval/Display.html?id=123
 
+With this option set to 0, the redirect won't happen.
+
 =back
 
 =cut
 
-Set($ForceApprovalsView, 0);
+Set($ForceApprovalsView, 1);
 
 =head1 Extra security
 
-=over 4
-
 This is a list of extra security measures to enable that help keep your RT
 safe.  If you don't know what these mean, you should almost certainly leave the
 defaults alone.
 
+=over 4
+
 =item C<$DisallowExecuteCode>
 
-If set to a true value, the C right will be removed from
+If set to 1, the C right will be removed from
 all users, B the superuser.  This is intended for when RT is
 installed into a shared environment where even the superuser should not
 be allowed to run arbitrary Perl code on the server via scrips.
@@ -1780,7 +2035,7 @@ Set($DisallowExecuteCode, 0);
 
 =item C<$Framebusting>
 
-If set to a false value, framekiller javascript will be disabled and the
+If set to 0, framekiller javascript will be disabled and the
 X-Frame-Options: DENY header will be suppressed from all responses.
 This disables RT's clickjacking protection.
 
@@ -1790,7 +2045,7 @@ Set($Framebusting, 1);
 
 =item C<$RestrictReferrer>
 
-If set to a false value, the HTTP C (sic) header will not be
+If set to 0, the HTTP C (sic) header will not be
 checked to ensure that requests come from RT's own domain.  As RT allows
 for GET requests to alter state, disabling this opens RT up to
 cross-site request forgery (CSRF) attacks.
@@ -1801,9 +2056,9 @@ Set($RestrictReferrer, 1);
 
 =item C<$RestrictLoginReferrer>
 
-If set to a false value, RT will allow the user to log in from any link
+If set to 0, RT will allow the user to log in from any link
 or request, merely by passing in C and C parameters; setting
-it to a true value forces all logins to come from the login box, so the
+it to 1 forces all logins to come from the login box, so the
 user is aware that they are being logged in.  The default is off, for
 backwards compatability.
 
@@ -1811,7 +2066,7 @@ backwards compatability.
 
 Set($RestrictLoginReferrer, 0);
 
-=item C<$ReferrerWhitelist>
+=item C<@ReferrerWhitelist>
 
 This is a list of hostname:port combinations that RT will treat as being
 part of RT's domain. This is particularly useful if you access RT as
@@ -1824,10 +2079,31 @@ If the "RT has detected a possible cross-site request forgery" error is triggere
 by a host:port sent by your browser that you believe should be valid, you can copy
 the host:port from the error message into this list.
 
+Simple wildcards, similar to SSL certificates, are allowed.  For example:
+
+    *.example.com:80    # matches foo.example.com
+                        # but not example.com
+                        #      or foo.bar.example.com
+
+    www*.example.com:80 # matches www3.example.com
+                        #     and www-test.example.com
+                        #     and www.example.com
+
 =cut
 
 Set(@ReferrerWhitelist, qw());
 
+
+=item C<$BcryptCost>
+
+This sets the default cost parameter used for the C key
+derivation function.  Valid values range from 4 to 31, inclusive, with
+higher numbers denoting greater effort.
+
+=cut
+
+Set($BcryptCost, 10);
+
 =back
 
 
@@ -1836,74 +2112,89 @@ Set(@ReferrerWhitelist, qw());
 
 =over 4
 
-=item C<$WebExternalAuth>
+=item C<$WebRemoteUserAuth>
 
-If C<$WebExternalAuth> is defined, RT will defer to the environment's
-REMOTE_USER variable.
+If C<$WebRemoteUserAuth> is defined, RT will defer to the environment's
+REMOTE_USER variable, which should be set by the webserver's
+authentication layer.
 
 =cut
 
-Set($WebExternalAuth, undef);
+Set($WebRemoteUserAuth, undef);
 
-=item C<$WebExternalAuthContinuous>
+=item C<$WebRemoteUserContinuous>
 
-If C<$WebExternalAuthContinuous> is defined, RT will check for the
+If C<$WebRemoteUserContinuous> is defined, RT will check for the
 REMOTE_USER on each access.  If you would prefer this to only happen
-once (at initial login) set this to a false value.  The default
-setting will help ensure that if your external authentication system
+once (at initial login) set this to 0.  The default
+setting will help ensure that if your webserver's authentication layer
 deauthenticates a user, RT notices as soon as possible.
 
 =cut
 
-Set($WebExternalAuthContinuous, 1);
+Set($WebRemoteUserContinuous, 1);
 
-=item C<$WebFallbackToInternalAuth>
+=item C<$WebFallbackToRTLogin>
 
-If C<$WebFallbackToInternalAuth> is defined, the user is allowed a
+If C<$WebFallbackToRTLogin> is defined, the user is allowed a
 chance of fallback to the login screen, even if REMOTE_USER failed.
 
 =cut
 
-Set($WebFallbackToInternalAuth, undef);
+Set($WebFallbackToRTLogin, undef);
 
-=item C<$WebExternalGecos>
+=item C<$WebRemoteUserGecos>
 
-C<$WebExternalGecos> means to match 'gecos' field as the user
-identity); useful with mod_auth_pwcheck and IIS Integrated Windows
-logon.
+C<$WebRemoteUserGecos> means to match 'gecos' field as the user
+identity; useful with C.
 
 =cut
 
-Set($WebExternalGecos, undef);
+Set($WebRemoteUserGecos, undef);
 
-=item C<$WebExternalAuto>
+=item C<$WebRemoteUserAutocreate>
 
-C<$WebExternalAuto> will create users under the same name as
-REMOTE_USER upon login, if it's missing in the Users table.
+C<$WebRemoteUserAutocreate> will create users under the same name as
+REMOTE_USER upon login, if they are missing from the Users table.
 
 =cut
 
-Set($WebExternalAuto, undef);
+Set($WebRemoteUserAutocreate, undef);
 
-=item C<$AutoCreate>
+=item C<$UserAutocreateDefaultsOnLogin>
 
-If C<$WebExternalAuto> is set to 1, C<$AutoCreate> will be passed to
-User's Create method.  Use it to set defaults, such as creating
-Unprivileged users with C<{ Privileged => 0 }> This must be a hashref.
+If C<$WebRemoteUserAutocreate> is set to 1, C<$UserAutocreateDefaultsOnLogin>
+will be passed to L.  Use it to set defaults, such as
+creating unprivileged users with C<<{ Privileged => 0 }>>.  This must be
+a hashref.
 
 =cut
 
-Set($AutoCreate, undef);
+Set($UserAutocreateDefaultsOnLogin, undef);
 
 =item C<$WebSessionClass>
 
-C<$WebSessionClass> is the class you wish to use for managing sessions.
-It defaults to use your SQL database, except on Oracle, where it
-defaults to files on disk.
+C<$WebSessionClass> is the class you wish to use for storing sessions.  On
+MySQL, Pg, and Oracle it defaults to using your database, in other cases
+sessions are stored in files using L. Other installed
+Apache::Session::* modules can be used to store sessions.
+
+    Set($WebSessionClass, "Apache::Session::File");
 
 =cut
 
-# Set($WebSessionClass, "Apache::Session::File");
+Set($WebSessionClass, undef);
+
+=item C<%WebSessionProperties>
+
+C<%WebSessionProperties> is the hash to configure class L
+in case custom class is used. By default it's empty and values are picked
+depending on the class. Make sure that it's empty if you're using DB as session
+backend.
+
+=cut
+
+Set( %WebSessionProperties );
 
 =item C<$AutoLogoff>
 
@@ -2076,12 +2367,139 @@ them.
 
 Set($SimpleSearchIncludeResolved, 0);
 
+=item C<$TimeInICal>
+
+By default, events in the iCal feed on the ticket search page
+contain only dates, making them all day calendar events. Set
+C<$TimeInICal> if you have start or due dates on tickets that
+have significant time values and you want those times to be
+included in the events in the iCal feed.
+
+This option can also be set as an individual user preference.
+
+=cut
+
+Set($TimeInICal, 0);
+
 =back
 
 
 
+=head1 Cryptography
+
+A complete description of RT's cryptography capabilities can be found in
+L. At this moment, GnuPG (PGP) and SMIME security protocols are
+supported.
+
+=over 4
 
-=head1 GnuPG integration
+=item C<%Crypt>
+
+The following options apply to all cryptography protocols.
+
+By default, all enabled security protocols will analyze each incoming
+email. You may set C to a subset of this list, if some enabled
+protocols do not apply to incoming mail; however, this is usually
+unnecessary. Note that for any verification or decryption to occur for
+incoming mail, the C mail plugin must be added to
+L as specified in L.
+
+For outgoing emails, the first security protocol from the above list is
+used. Use the C option to set a security protocol that should
+be used in outgoing emails.  At this moment, only one protocol can be
+used to protect outgoing emails.
+
+Set C to 1 if all incoming email must be
+properly encrypted.  All unencrypted emails will be rejected by RT.
+
+Set C to 0 if you don't want to reject
+emails encrypted for key RT doesn't have and can not decrypt.
+
+Set C to 0 if you don't want to reject letters
+with incorrect data.
+
+If you want to allow people to encrypt attachments inside the DB then
+set C to 1.
+
+Set C to a hash with Encrypt and Sign keys to control
+whether dashboards should be encrypted and/or signed correspondingly.
+By default they are not encrypted or signed.
+
+=back
+
+=cut
+
+Set( %Crypt,
+    Incoming                  => undef, # ['GnuPG', 'SMIME']
+    Outgoing                  => undef, # 'SMIME'
+
+    RejectOnUnencrypted       => 0,
+    RejectOnMissingPrivateKey => 1,
+    RejectOnBadData           => 1,
+
+    AllowEncryptDataInDB      => 0,
+
+    Dashboards => {
+        Encrypt => 0,
+        Sign    => 0,
+    },
+);
+
+=head2 SMIME configuration
+
+A full description of the SMIME integration can be found in
+L.
+
+=over 4
+
+=item C<%SMIME>
+
+Set C to 0 or 1 to disable or enable SMIME for
+encrypting and signing messages.
+
+Set C to path to F executable.
+
+Set C to directory with key files.  Key and certificates should
+be stored in a PEM file in this directory named named, e.g.,
+F.
+
+Set C to either a PEM-formatted certificate of a single signing
+certificate authority, or a directory of such (including hash symlinks
+as created by the openssl tool C).  Only SMIME certificates
+signed by these certificate authorities will be treated as valid
+signatures.  If left unset (and C is unset, as it is
+by default), no signatures will be marked as valid!
+
+Set C to allow arbitrary SMIME certificates, no
+matter their signing entities.  Such mails will be marked as untrusted,
+but signed; C will be used to mark which mails are signed by
+trusted certificate authorities.  This configuration is generally
+insecure, as it allows the possibility of accepting forged mail signed
+by an untrusted certificate authority.
+
+Setting C also allows encryption to users with
+certificates created by untrusted CAs.
+
+Set C to a scalar (to use for all keys), an anonymous
+function, or a hash (to look up by address).  If the hash is used, the
+'' key is used as a default.
+
+See L for details.
+
+=back
+
+=cut
+
+Set( %SMIME,
+    Enable => @RT_SMIME@,
+    OpenSSL => 'openssl',
+    Keyring => q{@RT_VAR_PATH@/data/smime},
+    CAPath => undef,
+    AcceptUntrustedCAs => undef,
+    Passphrase => undef,
+);
+
+=head2 GnuPG configuration
 
 A full description of the (somewhat extensive) GnuPG integration can
 be found by running the command `perldoc L` (or
@@ -2091,27 +2509,25 @@ be found by running the command `perldoc L` (or
 
 =item C<%GnuPG>
 
-Set C to 'inline' to use inline encryption and
-signatures instead of 'RFC' (GPG/MIME: RFC3156 and RFC1847) format.
+Set C to 0 or 1 to disable or enable GnuPG interfaces
+for encrypting and signing outgoing messages.
 
-If you want to allow people to encrypt attachments inside the DB then
-set C to 1.
+Set C to the name or path of the gpg binary to use.
 
-Set C to false if you don't want to reject
-emails encrypted for key RT doesn't have and can not decrypt.
+Set C to a scalar (to use for all keys), an anonymous
+function, or a hash (to look up by address).  If the hash is used, the
+'' key is used as a default.
 
-Set C to false if you don't want to reject letters
-with incorrect GnuPG data.
+Set C to 'inline' to use inline encryption and
+signatures instead of 'RFC' (GPG/MIME: RFC3156 and RFC1847) format.
 
 =cut
 
 Set(%GnuPG,
-    Enable => @RT_GPG@,
+    Enable                 => @RT_GPG@,
+    GnuPG                  => 'gpg',
+    Passphrase             => undef,
     OutgoingMessagesFormat => "RFC", # Inline
-    AllowEncryptDataInDB   => 0,
-
-    RejectOnMissingPrivateKey => 1,
-    RejectOnBadData           => 1,
 );
 
 =item C<%GnuPGOptions>
@@ -2131,11 +2547,8 @@ Set(%GnuPGOptions,
 # URL of a keyserver
 #    keyserver => 'hkp://subkeys.pgp.net',
 
-# enables the automatic retrieving of keys when encrypting
-#    'auto-key-locate' => 'keyserver',
-
 # enables the automatic retrieving of keys when verifying signatures
-#    'auto-key-retrieve' => undef,
+#    'keyserver-options' => 'auto-key-retrieve',
 );
 
 =back
@@ -2275,12 +2688,21 @@ all possible transitions in each lifecycle using the following format:
         ...
     },
 
+The order of items in the listing for each transition line affects
+the order they appear in the drop-down. If you change the config
+for 'open' state listing to:
+
+    open     => [qw(stalled rejected deleted resolved)],
+
+then the 'resolved' status will appear as the last item in the drop-down.
+
 =head3 Statuses available during ticket creation
 
-By default users can create tickets with any status, except
-deleted. If you want to restrict statuses available during creation
-then describe transition from '' (empty string), like in the example
-above.
+By default users can create tickets with a status of new,
+open, or resolved, but cannot create tickets with a status of
+rejected, stalled, or deleted. If you want to change the statuses
+available during creation, update the transition from '' (empty
+string), like in the example above.
 
 =head3 Protecting status changes with rights
 
@@ -2376,8 +2798,8 @@ For example:
 
 Unless there is an explicit mapping between statuses in two different
 lifecycles, you can not move tickets between queues with these
-lifecycles.  This is true even if the different lifecycles use the exact
-same set of statuses.  Such a mapping is defined as follows:
+lifecycles -- even if both use the exact same set of statuses.
+Such a mapping is defined as follows:
 
     __maps__ => {
         'from lifecycle -> to lifecycle' => {
@@ -2391,9 +2813,9 @@ same set of statuses.  Such a mapping is defined as follows:
 
 Set(%Lifecycles,
     default => {
-        initial         => [ 'new' ],
-        active          => [ 'open', 'stalled' ],
-        inactive        => [ 'resolved', 'rejected', 'deleted' ],
+        initial         => [qw(new)], # loc_qw
+        active          => [qw(open stalled)], # loc_qw
+        inactive        => [qw(resolved rejected deleted)], # loc_qw
 
         defaults => {
             on_create => 'new',
@@ -2405,64 +2827,32 @@ Set(%Lifecycles,
         },
 
         transitions => {
-            ''       => [qw(new open resolved)],
+            ""       => [qw(new open resolved)],
 
             # from   => [ to list ],
-            new      => [qw(open stalled resolved rejected deleted)],
-            open     => [qw(new stalled resolved rejected deleted)],
-            stalled  => [qw(new open rejected resolved deleted)],
-            resolved => [qw(new open stalled rejected deleted)],
-            rejected => [qw(new open stalled resolved deleted)],
-            deleted  => [qw(new open stalled rejected resolved)],
+            new      => [qw(    open stalled resolved rejected deleted)],
+            open     => [qw(new      stalled resolved rejected deleted)],
+            stalled  => [qw(new open         rejected resolved deleted)],
+            resolved => [qw(new open stalled          rejected deleted)],
+            rejected => [qw(new open stalled resolved          deleted)],
+            deleted  => [qw(new open stalled rejected resolved        )],
         },
         rights => {
             '* -> deleted'  => 'DeleteTicket',
             '* -> *'        => 'ModifyTicket',
         },
         actions => [
-            'new -> open'      => {
-                label  => 'Open It', # loc
-                update => 'Respond',
-            },
-            'new -> resolved'  => {
-                label  => 'Resolve', # loc
-                update => 'Comment',
-            },
-            'new -> rejected'  => {
-                label  => 'Reject', # loc
-                update => 'Respond',
-            },
-            'new -> deleted'   => {
-                label  => 'Delete', # loc
-            },
-
-            'open -> stalled'  => {
-                label  => 'Stall', # loc
-                update => 'Comment',
-            },
-            'open -> resolved' => {
-                label  => 'Resolve', # loc
-                update => 'Comment',
-            },
-            'open -> rejected' => {
-                label  => 'Reject', # loc
-                update => 'Respond',
-            },
-
-            'stalled -> open'  => {
-                label  => 'Open It', # loc
-            },
-            'resolved -> open' => {
-                label  => 'Re-open', # loc
-                update => 'Comment',
-            },
-            'rejected -> open' => {
-                label  => 'Re-open', # loc
-                update => 'Comment',
-            },
-            'deleted -> open'  => {
-                label  => 'Undelete', # loc
-            },
+            'new -> open'      => { label  => 'Open It', update => 'Respond' }, # loc{label}
+            'new -> resolved'  => { label  => 'Resolve', update => 'Comment' }, # loc{label}
+            'new -> rejected'  => { label  => 'Reject',  update => 'Respond' }, # loc{label}
+            'new -> deleted'   => { label  => 'Delete',                      }, # loc{label}
+            'open -> stalled'  => { label  => 'Stall',   update => 'Comment' }, # loc{label}
+            'open -> resolved' => { label  => 'Resolve', update => 'Comment' }, # loc{label}
+            'open -> rejected' => { label  => 'Reject',  update => 'Respond' }, # loc{label}
+            'stalled -> open'  => { label  => 'Open It',                     }, # loc{label}
+            'resolved -> open' => { label  => 'Re-open', update => 'Comment' }, # loc{label}
+            'rejected -> open' => { label  => 'Re-open', update => 'Comment' }, # loc{label}
+            'deleted -> open'  => { label  => 'Undelete',                    }, # loc{label}
         ],
     },
 # don't change lifecyle of the approvals, they are not capable to deal with
@@ -2496,49 +2886,17 @@ Set(%Lifecycles,
             '* -> *'        => 'ModifyTicket',
         },
         actions => [
-            'new -> open'      => {
-                label  => 'Open It', # loc
-                update => 'Respond',
-            },
-            'new -> resolved'  => {
-                label  => 'Resolve', # loc
-                update => 'Comment',
-            },
-            'new -> rejected'  => {
-                label  => 'Reject', # loc
-                update => 'Respond',
-            },
-            'new -> deleted'   => {
-                label  => 'Delete', # loc
-            },
-
-            'open -> stalled'  => {
-                label  => 'Stall', # loc
-                update => 'Comment',
-            },
-            'open -> resolved' => {
-                label  => 'Resolve', # loc
-                update => 'Comment',
-            },
-            'open -> rejected' => {
-                label  => 'Reject', # loc
-                update => 'Respond',
-            },
-
-            'stalled -> open'  => {
-                label  => 'Open It', # loc
-            },
-            'resolved -> open' => {
-                label  => 'Re-open', # loc
-                update => 'Comment',
-            },
-            'rejected -> open' => {
-                label  => 'Re-open', # loc
-                update => 'Comment',
-            },
-            'deleted -> open'  => {
-                label  => 'Undelete', # loc
-            },
+            'new -> open'      => { label  => 'Open It', update => 'Respond' }, # loc{label}
+            'new -> resolved'  => { label  => 'Resolve', update => 'Comment' }, # loc{label}
+            'new -> rejected'  => { label  => 'Reject',  update => 'Respond' }, # loc{label}
+            'new -> deleted'   => { label  => 'Delete',                      }, # loc{label}
+            'open -> stalled'  => { label  => 'Stall',   update => 'Comment' }, # loc{label}
+            'open -> resolved' => { label  => 'Resolve', update => 'Comment' }, # loc{label}
+            'open -> rejected' => { label  => 'Reject',  update => 'Respond' }, # loc{label}
+            'stalled -> open'  => { label  => 'Open It',                     }, # loc{label}
+            'resolved -> open' => { label  => 'Re-open', update => 'Comment' }, # loc{label}
+            'rejected -> open' => { label  => 'Re-open', update => 'Comment' }, # loc{label}
+            'deleted -> open'  => { label  => 'Undelete',                    }, # loc{label}
         ],
     },
 );
@@ -2555,7 +2913,7 @@ Set(%Lifecycles,
 
 RT can show administrators a feed of recent RT releases and other
 related announcements and information from Best Practical on the top
-level Configuration page.  This feature helps you stay up to date on
+level Admin page.  This feature helps you stay up to date on
 RT security announcements and version updates.
 
 RT provides this feature using an "iframe" on C
@@ -2563,7 +2921,7 @@ which asks the administrator's browser to show an inline page from
 Best Practical's website.
 
 If you'd rather not make this feature available to your
-administrators, set C<$ShowRTPortal> to a false value.
+administrators, set C<$ShowRTPortal> to 0.
 
 =cut
 
@@ -2581,41 +2939,53 @@ Set(%AdminSearchResultFormat,
     Queues =>
         q{'__id__/TITLE:#'}
         .q{,'__Name__/TITLE:Name'}
-        .q{,__Description__,__Address__,__Priority__,__DefaultDueIn__,'__Disabled__,__Lifecycle__},
+        .q{,__Description__,__Address__,__Priority__,__DefaultDueIn__,__Lifecycle__,__SubjectTag__,__Disabled__},
 
     Groups =>
         q{'__id__/TITLE:#'}
         .q{,'__Name__/TITLE:Name'}
-        .q{,'__Description__'},
+        .q{,'__Description__',__Disabled__},
 
     Users =>
         q{'__id__/TITLE:#'}
         .q{,'__Name__/TITLE:Name'}
-        .q{,__RealName__, __EmailAddress__},
+        .q{,__RealName__, __EmailAddress__,__Disabled__},
 
     CustomFields =>
         q{'__id__/TITLE:#'}
         .q{,'__Name__/TITLE:Name'}
-        .q{,__AppliedTo__, __FriendlyType__, __FriendlyPattern__},
+        .q{,__AddedTo__, __FriendlyType__, __FriendlyPattern__,__Disabled__},
 
     Scrips =>
-        q{'__id__/TITLE:#'}
-        .q{,'__Description__/TITLE:Description'}
-        .q{,__Stage__, __Condition__, __Action__, __Template__},
-
-    GlobalScrips =>
-        q{'__id__/TITLE:#'}
-        .q{,'__Description__/TITLE:Description'}
-        .q{,__Stage__, __Condition__, __Action__, __Template__},
+        q{'__id__/TITLE:#'}
+        .q{,'__Description__/TITLE:Description'}
+        .q{,__Condition__, __Action__, __Template__, __Disabled__},
 
     Templates =>
         q{'__id__/TITLE:#'}
         .q{,'__Name__/TITLE:Name'}
-        .q{,'__Description__'},
+        .q{,'__Description__','__UsedBy__','__IsEmpty__'},
     Classes =>
         q{ '__id__/TITLE:#'}
         .q{,'__Name__/TITLE:Name'}
-        .q{,__Description__},
+        .q{,__Description__,__Disabled__},
+);
+
+=item C<%AdminSearchResultRows>
+
+Use C<%AdminSearchResultRows> to define the search result rows in the admin
+interface on a per-RT-class basis.
+
+=cut
+
+Set(%AdminSearchResultRows,
+    Queues       => 50,
+    Groups       => 50,
+    Users        => 50,
+    CustomFields => 50,
+    Scrips       => 50,
+    Templates    => 50,
+    Classes      => 50,
 );
 
 =back
@@ -2667,7 +3037,7 @@ be added while the server is running.
 
 =cut
 
-Set($DevelMode, "@RT_DEVEL_MODE@");
+Set($DevelMode, 0);
 
 
 =item C<$RecordBaseClass>
@@ -2703,7 +3073,7 @@ C<$StatementLog> to be the level that you wish SQL statements to be
 logged at.
 
 Enabling this option will also expose the SQL Queries page in the
-Configuration -> Tools menu for SuperUsers.
+Admin -> Tools menu for SuperUsers.
 
 =cut
 
@@ -2711,28 +3081,6 @@ Set($StatementLog, undef);
 
 =back
 
-
-
-
-=head1 Deprecated options
-
-=over 4
-
-=item C<$LinkTransactionsRun1Scrip>
-
-RT-3.4 backward compatibility setting. Add/Delete Link used to record
-one transaction and run one scrip. Set this value to 1 if you want
-only one of the link transactions to have scrips run.
-
-=cut
-
-Set($LinkTransactionsRun1Scrip, 0);
-
-=item C<$ResolveDefaultUpdateType>
-
-This option has been deprecated.  You can configure this site-wide
-with L (see L).
-
 =cut
 
 1;