Flyspray - The bug killer!

I have installed flyspray on an internal server and have problems with the renaming of internal links.

For example:
I want to put this link in the comment section.
\\192.168.200.5\Folder\example.docx

it shows the link correct,
but when you hover over the link it shows:
file://192.168.200.5/Folder/example.docx

And on clicking on it, of course I can´t access the file, because it´s trying to open an external link.
I dont want it to be renamed from ‘\’ to ‘/’.

Can somebody help me please.

I tryed to find it in the sourcecodes, but I have almost no experience in PHP.

Thank you!

I played with adding a dark mode color theme to the default CleanFS theme.

To make the dark theme just simple exchange some colors, the bitmap icons should be replaced with alternatives.

Easiest would be using the fontawesome font icons as Flyspray still uses them and they can simply get a css color assigned.

Examples

Navigation and Forms

Editors

At several places it could be useful to let the user view available tags:

1. When editing a task a toggle popup could show a list of selectable and existing tags.

I found several nice vanilla-js-multiselect-with-autocompletion scripts, but none yet that still works at a basic level when javascript is turned off.

My plan is now:

• Keep the current basic input text field for input tags and show current assigned tags like exampletag1;exampletag2;exampletag3 separated by ‘;’ that is sent to the server when saving the task and server handles evaluation of that string (validation, duplicates, removed, added, creating new tags if allowed for current user)
• A CSS only toggle that shows available tags that can be assigned (works even with js turned off), similiar to other places within Flyspray like advanced search toggle.
• If js turned off, the user must type the tag - not as fancy, but at least works. (I thought also about using a html select with multiple=”multiple” attribute, but was not convinced due styling not possible in modern browsers without js)
• If js is enabled, more fancier stuff is possible:
  • The input text field is hidden by display:none and instead the styled tags are shown.
  • The current added tags also get a little x to remove a tag by clicking it. The content of the hidden input text field is updated to reflect the current editing status. (click eventlistener)
  • A generated text input field for typing with autocompletion list shown of matching availbale tags. An unknown tag is added to the list if user is allowed to create tags. Clicking a item in the autocompletion list adds the tag and resets the autocompletion input text field for the next autocompletion action.
  • The tags within the toggle list with all available tags get also a click event listener, so clicking it adds them to the hidden text input.
  • Not sure yet if an added tag should be removed from the all available tags list or just make an CSS indication that a tag is still added, currently I tend to keep the list untouched, just highlight used tags of the task.

• Optionally make the all available tags sortable by:
  • list_position (default)
  • alphabetic
  • global or project level
  • popularity (count of tasks using a tag (n + unnumbered private)), requires adding a data attribute.
  • group by detected prefix like shape:triangle shape:circle shape:rectangle could show a group of tags as: shape: triangle circle rectangle

1. Make the list of tags searchable for the advanced search. added with FS1.0-rc10 by just using search key words also for searching list_tags table.

Hello together,

it would be nice, if you could mention user in your ticket or comment which are not following the task.
for example when i will type @nickname, the user “nickname” should be get a e-mail that he is mentioned in the ticket.

(if we are “fancy” then we can print a automcomplete after the @-sign ist typed)

When a user is deleted from Flyspray, their opened tasks, closed task and task comments are then shown as Anonymous Submitter, the same way as anonymous reporters (not really anonymous, just that user does not have login account, but usually their email address is stored within that task data).

Currently just the entry from users table are deleted when a user is deleted. Their internal user_id integer is still within tasks and comments fields, and maybe some other tables too. So there is not a ON DELETE SET NULL rule or something like that applied. As it is just an autoincremented number by the system, this is not personal data imho and should be no problem for GDPR, but gives Flyspray the ability to distinguish between anon reporters and deleted users. Well, we could also look if there is an email address within task table entry for notification of anonymous reporter, but there are also tasks possible that have no user_id nor an email address.

It might by useful to present that information differently like deleted user or showing the info differently like icon + title-tooltip with explanation.

Also interesting what happens with mentions of a deleted username in a comment or task description. (see FS#2322)

The user isn’t in database, but deleting that now gone user should not modify tasks or comment where that username was mentioned I think.
But what if another user registers under that now gone username? In that case that new user would inherit that mentions. Probably we can ignore that edge case as there will be not much things will happen with an old mention in old tasks/comments.

When adding peoples with the autocompleter the name itself is not always enough, especially with a growing number of registered users.

We now have the avatar icon as helper, but for quick verification it would be easier to see also the role of the user in the current project to identify the right user account.

( The red rectangle at peterdd autocomplete row is from a broken avatar upload, ignore it for this task, see  FS#1979  instead .. )

Motivation

Proposal

1. Find a good configuration name just reuse relnofollow as used by dokuwiki
2. Find a good translation keyword for that config relnofollow
3. Find a good translation keyword for config description (title attribute)

Goes into prefs table as it is sitewide configuration.

As first implementation a simple checkbox should be ok. Should be on the tab with other spam handling stuff like captcha configuration.

Is enabled by default (1).
Adapt setup xml files, upgrade procedure.

database: mysql - version: 5.5.62-0+deb8u1
php version: 5.6.40
Debian (probably a Buster one)

Steps done to create the problem: I used to run a 0.9.9.7 version, and today, I decided to go for a 1.0-rc9 update.

Expected behavior: all works

Experienced behavior: most works, but not all

Details: after the update, I had weird display behaviour where the task weren’t displaying breaklines:
http://pix.toile-libre.org/upload/original/1567183628.png

while the code was supposed to have breaklines:
http://pix.toile-libre.org/upload/original/1567183667.png

Then, I’ve read: https://bugs.flyspray.org/index.php?do=details&task_id=2318 which leads me to: https://github.com/Flyspray/flyspray/blob/master/setup/templates/administration.tpl#L49

Then, I’ve changed

syntax_plugin="none"

for

syntax_plugin="dokuwiki"

in flyspray.conf.php, and now all is fine:
http://pix.toile-libre.org/upload/original/1567183768.png

I’m already enjoying bold/italic/code/… very nice addition from 0.9.9.7, thank you!

That said, something which looks to be an issue from my (user) perspective is that when upgrading from 0.9.9.7 → 1.0-rc9, I wasn’t asked for a “syntax plugin” thing and it looks that the only way to change it so far is to CLI-edit the flyspray.conf.php file.

I would strongly suggest to make this an option in the admin panel.

Thanks for flyspray that I’m using fo my librazik project.
All the best,
Olivier

no task description

Please support Central Authentication Service, thank you.

It would be helpful to have communication with LDAP via TLS

I have done a very quick bit of work to bring ldap (through active directory) authentication to flyspray for our implementation in the office. I hope it will be of use to others. There is a readme.txt inside talking through the process and the patch to apply. My plan is to expand on this and make it part of the setup process but this will take a bit longer.

Hi

Please advise if there are known issues when integrating Flyspray with Active Directory using LDAP.

In the page http://www.flyspray.org/manual/group_permissions/ , it is written

Shown is an image of the permissions page for the Flyspray project’s Contributors group

but there is no image in there.

I can think of two ways of dealing with that I guess:

1. add an image
2. remove the sentence

What do you think?

I gave a role the following privileges:

• view own tasks

• modify own tasks

• view comments

• add comments

A user with the assigned role can still modify the task descriptions and task details. (I want that user to only be able to add comments.)
I think there is a bug.
Is there a fix or walk around?
Thx

The HTML accesskey attribute feature is differently accessible dependent of operating system, web browser and web browser configuration, and users keyboard layout and user language.

By taking advantage of the User-Agent HTTP header value provided by default by web browsers, Flyspray could better know of what kind of keyboard and browser the user sits in front off and show the key combinations for the accesskey feature that best fits the users environment.

Keyboard navigation is not documented

grep -r 'accesskey' *

Closing a task with selected close reason duplicate should warn when there is no comment or FS # id is given in the close comment text field.

The task is closed as duplicate without any further notice. The information to which task it is duplicate or a description (if the problem is logged/handled outside Flyspray) is lost.

Possible solutions

Frontend hints

Backend deny

So closing a task

FS#1

with

reason: duplicate

and close comment

FS#1

referencing to self should be detected to avoid such user mistakes.

I understand this is likely due to some sort of XSS CSRF protection, but the delay doesn’t appear to be long enough to be useful for a lengthy comment to be posted. I’ve now lost two detailed comments in our tracker because the software threw everything out and generated a meaningless error.

Further, attempting to do the normal thing and making the browser resubmit the page results in Flyspray throwing “Error #3” something something repeated action and causing a redirect to the homepage.

Surely there has to be a better way to handle this that doesn’t incur data loss?

The shortcuts help infobox should adapt to the current page type.

So when in editing a task for instance, the n (next task) and p (previous task) shortcuts are not available for a good reason. Listing them there with same priority as other keys then is not helpful.

The simpliest solution is probably putting some if-statements depending on the $do variable into CleanFS/templates/shortcuts.tpl ..

Official release

Steps done to create the problem:
Insert correct (tested with gmail) data into the notification tab and click on “Test”

SSL and TLS are checked.

Expected behavior:
Send test email and confirm it.

Experienced behavior:
Following error message

Error message:
Warning: stream_socket_enable_crypto(): Peer certificate CN=`*.netcup.net’ did not match expected CN=`mail*.netcup.net’ in /var/www/vhosts/.netcup.net/httpdocs/**/flyspray/vendor/swiftmailer/swiftmailer/lib/classes/Swift/Transport/StreamBuffer.php on line 103 Completely unexpected exception: Unable to connect with TLS encryption
This should never happend, please inform Flyspray Developers

Someone reported this:

Today i tried to report an issue about xxx on the xxx (namely xxx) and the following error message has been displayed:

Completely unexpected exception: Expected response code 250 but got code “451”, with message “451 Error in writing spool file "
This should never happend, please inform Flyspray Developers

The issue itself has been created though.

RC9 running on CentOS LAMP stack

Steps done to create the problem:
Set up google as an oauth provider.
Have a user click “Sign in with Google” in the login box.
User connects their account with Flyspray.
Google redirects the user back to Flyspray
The return screen (on flyspray) asks for a username.

Expected behavior:
No warning about duplicate username should be shown on initial page load since no username was entered yet

Experienced behavior:
A warning about the username being already taken is shown.

It appears there is no logic for showing or hiding that warning in register.oauth.tpl

(It would be great if flyspray was able to just use the email as a username to make the UX even better/simpler.)