Comment 1 Erik Damrose 2015-12-03 17:46:28 CET

Requested at Ticket#2015112721000424

Comment 2 Daniel Tröder 2015-12-04 11:59:45 CET

A UCRV umc/self-service/passwordreset/email/webserver_address with the FQDN of the backend as default if empty was added. It is used for the string replacement of "link" and "tokenlink" on the mail text:

# ucr set umc/self-service/passwordreset/email/webserver_address=www.front.de

---------------------------------------------------
[..]

To change your password please follow this link:

https://www.front.de/univention-self-service/?token=3Dr7pzQvem8QKNreM59YdVC=
RGxD8k4SESSczDcqDjWcWdTEUnuAocEvXAU6EXrZNKZ&username=3Dtest2#passwordreset

If the link does not work, you can go to

https://www.front.de/univention-self-service/#passwordreset

[..]
---------------------------------------------------

Commit: 66109
Build: 1.0.3-4.51.201512041149

Comment 3 Florian Best 2015-12-07 18:14:30 CET

The UCR-Variable works. But it's not possible to change the scheme to http. The value is also not validated against invalid chars. Would it be better to make the complete URI configurable via UCR? Then it would also be possible to define a jump-back address.

Also: is the template "email_body.txt" thought to be configurable by the cusomers? Then it may be better to change this into a UCR template? Otherwise package updates will overwrite locally modified versions of it.

Comment 4 Daniel Tröder 2015-12-08 06:25:01 CET

(In reply to Florian Best from comment #3)
> The UCR-Variable works. But it's not possible to change the scheme to http.
I don't think that would advisable. IMO we should even deny a request for it, but let's first see if someone does need it.

> The value is also not validated against invalid chars.
It's a UCR set by the Administrator... checked now: 66134, 66135

> Would it be better to
> make the complete URI configurable via UCR? Then it would also be possible
> to define a jump-back address.
jump-back where to?

> Also: is the template "email_body.txt" thought to be configurable by the
> cusomers? Then it may be better to change this into a UCR template?
> Otherwise package updates will overwrite locally modified versions of it.
No. Admins should copy it, and point umc/self-service/passwordreset/email/text_file to their modification.
There is a separate Bug #40047 to make to allow multiple languages.

Comment 5 Florian Best 2015-12-08 10:24:36 CET

(In reply to Daniel Tröder from comment #4)
> (In reply to Florian Best from comment #3)
> > The UCR-Variable works. But it's not possible to change the scheme to http.
> I don't think that would advisable. IMO we should even deny a request for
> it, but let's first see if someone does need it.
OK

> > The value is also not validated against invalid chars.
> It's a UCR set by the Administrator... checked now: 66134, 66135
Well, that wasn't even necessary. But okay.

> > Would it be better to
> > make the complete URI configurable via UCR? Then it would also be possible
> > to define a jump-back address.
> jump-back where to?
There are parameters ?url=&urlLabel=  but they probably doesn't make sense there.

> > Also: is the template "email_body.txt" thought to be configurable by the
> > cusomers? Then it may be better to change this into a UCR template?
> > Otherwise package updates will overwrite locally modified versions of it.
> No. Admins should copy it, and point
> umc/self-service/passwordreset/email/text_file to their modification.
> There is a separate Bug #40047 to make to allow multiple languages.
OK

Comment 6 Daniel Tröder 2015-12-08 11:32:59 CET

(In reply to Florian Best from comment #5)
> > > The value is also not validated against invalid chars.
> > It's a UCR set by the Administrator... checked now: 66134, 66135
> Well, that wasn't even necessary. But okay.
Reverted in 66153 to allow ports and paths.

Comment 7 Janek Walkenhorst 2015-12-09 16:49:02 CET

<http://errata.software-univention.de/ucs/4.1/24.html>