<title>pre-release change log</title>
<body>
<h1>ACS pre-release change log</h1>
<pre>
July 15, 1999 -- hqm@arsdigita.com
+ Ticket tracker -
+ the ticket tracker was changed to meet HP's requests - there are some improvements
in the UI, and the interface for "public" users is now very similar to that of ticket
admin group members - the only difference at the moment is that public members
cannot create new projects, nor assign users to tickets.
Tracy's flag (LinkTicketToUserGroupP) is being ignored right now, but I will
be adding support back for it soon, so we might as well leave it in the param file
for the moment.
I still need to add a param which controls whether access to modify ticket status
and other fields is read-only or not for public users. Right now, public users *can*
modify ticket status.
+ handling of passwords:
Added a link to the
+ EmailForgottenPassword (default true)
If user enters bad password:
parameter flag, EmailForgottenPasswordP, which controls whether
the "email-password.tcl" link is enabled. It's value defaults to true
if omitted from the .ini file.
If EncryptPasswordsInDBP is true, then we need to generate a new
random password to mail back to the user.
+ EmailChangedPasswordP (default true)
When the admin changes a user's password, this param controls whether
the new password is emailed back to the the user.
+ Added option to encrypt passwords in database. Controlled by setting
.ini param EncryptPasswordsInDBP to 1:
[ns/server/yourservername/acs]
EncryptPasswordsInDBP=1
Note: If you set this flag when upgrading an existing site, you must run
the tcl proc encrypt_db_passwords <b>once and only once</b> to encrypt
all existing user passwords in place in the database.
+ Added option to RestrictToSSL to restrict to SSL with 128 bit keys only
[ns/server/yourservername/acs]
AllowOnly128BitSSL=1
Tracy Adams (teadams@arsdigita.com) - July 17, 1999
+ Took out reference to CNN in /register/awaiting-approval.html
+ registration finite state mached - July 17, 1999
-- Added /register/banned-user.tcl to be the landing page for banned users
-- Modified the logic in /register/user-login.tcl to go the correct page depending on the user's state
-- Added ad_approval_system_inuse_p to ad-admin.tcl. This proc returns 1 if there an approval system in use
-- Modified /register/awaiting-approval.tcl to work for the aprroved_p = "" state (approved_p = "" should be treated as approved_p = "f")
-- Added /register/banned_user.tcl
alter table users add (
approved_date date,
approving_note varchar(4000),
deleted_date date,
deleting_user integer references users(user_id),
deleting_note varchar(4000),
banned_date date,
rejected_date date,
rejecting_user integer references users(user_id),
rejecting_note varchar(4000),
email_verified_date date,
user_state varchar(100) check(user_state in ('need_email_verification_and_admin_approv', 'need_admin_approv', 'need_email_verification', 'rejected', 'authorized', 'banned', 'deleted')));
these columns in the user table are now are obsolete
approved_p
deleted_p
banned_p
--- added ad_generate_random_string to ad-security.tcl
--- added RegistartionProvidesRandomPasswordP to an.ini.
--- If RegistrationProvidesRandomPasswordP = 1, the user is
--- sent a random password
--- added EmailRandomPasswordP to an.ini. If EmailRandomPasswordP is 1,
a random password is generated when the user asks for a new password.
--- changed EVERY file in /register to use a finite state machine for registration state
--- rearranged an.ini to include registration specific things together
--- removed ad_encrypt_passwords_in_db - using a separate tcl proc for acs parames is only used for legacy (made changes throughout the encryption code to call ad_paramete instead)
-- modified ad_verify_and_get_user_id to use the registration finite state machine
-- modified users_active and users_new in /doc/sql/community-core.sql to use the finite state machine. These views now limit to authorized users.
</pre>