iTop - version 2.0.3 - 15-Jul-2014
Readme file
1. ABOUT THIS RELEASE
2. INSTALLATION
2.1. Requirements
2.2. Install procedure
2.3. CRON
2.4. Upgrading from 2.0.x
2.5. Migration from 1.x versions
3. FEATURES
3.1. Changes since 2.0.2
3.2. Known limitations
3.3. Known issues
1. ABOUT THIS RELEASE
==================
Thank you for downloading the 19th packaged release of iTop.
This version is a maintenance release, with quite a few bug fixes and a few enhancements.
The documentation about iTop is available as a Wiki: https://wiki.openitop.org/
iTop is released under the AGPL (v3) license. (Check license.txt in this directory).
The source code of iTop can be found on SourceForge: https://sourceforge.net/p/itop/code/
1.1 What's new?
---------------------------
This version brings a number of bug fixes since 2.0.2 and a few enhancements, namely:
- Scalability: better support of large volumes of objects, with much less memory usage
- Cleanup of the REST/JSON API, a few rough corners have been rounded
- Conditional notifications
- Usability: faster display of an object's details
... and about 60 bug fixes!
1.2 Should I upgrade to 2.0.3?
-------------------------------
Considering that iTop 2.0.3 is fully compatible with iTop 2.0.x and the number of bugs fixed, we recommend you to upgrade.
Anyhow, prior to taking that decision, we encourage you to have a look at the migration notes:
https://wiki.openitop.org/doku.php?id=2_0_3:admin:installing_itop
1.3 Special Thanks To:
-----------------
Bruno Bonfils for his guidance about LDAP and authentication.
Randall Badilla Castro and Miguel Turrubiates for the Spanish translation.
Jonathan Lucas, Stephan Rosenke and David Gümbel from ITOMIG GmbH, for the German translation.
Christian Lempereur and Olivier Fouquet for their feedbacks.
Everaldo Coelho and the Oxygen Team for their wonderful icons.
The JQuery team and all the jQuery plugins authors for developing such a powerful library.
Phil Eddies for the numerous feedbacks provided, and the first implementation of CKEdit
Marco Tulio and Bruno Cassaro for the Portuguese (Brazilian) translation
Vladimir Kunin, Vladimir Shilov and Shamil Khamit for the Russian translation
Izzet Sirin for the Turkish translation
Deng Lixin for the Chinese translation
Marialaura Colantoni for the Italian translation
Schlobinux for the fix of the setup temporary file verification.
Gabor Kiss for the Hungarian translation
Tadashi Kaneda, Shoji Seki and Hirofumi Kosaka for the Japanese translation
Antoine Coetsier for the CAS support and tests
Vincenzo Todisco for his contribution to the enhancement of the webservices
Stephan Rickauer, Tobias Glemser and Sabri Saleh for their consulting about iTop security
Claudio Cesar Sanchez Tejeda for his contribution to bug fixes on the export and data synchronization
Bruno Cornec for his support and contribution to the Linux packaging of iTop
Jean-François Bilger for providing a fix for an unsuspected SQL bug
2. INSTALLATION
============
2.1. Requirements
------------
Server configuration:
iTop is based on the AMP (Apache / MySQL / PHP) platform and requires PHP 5.2 and
MySQL 5. The installation of iTop does not require any command line access to the
server. The only operations required to install iTop are: copying the files to the
server and browsing web pages. iTop can be installed on any web server supporting
PHP 5.2: Apache, IIS, nginx...
End-user configuration:
Although iTop should work with most modern web browsers, the application has been
tested mostly with Firefox 3+, IE8, IE9, Safari 5 and Chrome. iTop was designed for
at least a 1024x768 screen resolution. For the graphical view of the impact analysis,
Flash version 8 or higher is required.
2.2. Install procedure
-----------------
1) Make sure that you have a properly configured instance of Apache/PHP/MySQL running
2) Unpack the files contained in the zipped package, and copy the content of the "web"
directory in a directory served by your web server.
3) Check the access rights on the files/folders: the setup needs to have write access
either to the directory where iTop is installed or to the following subdirectories
(create them if needed)
- conf
- data
- env-production
- log
4) Point your web browser to the URL corresponding to the directory where the files
have been unzipped and follow the indications on the screen.
If you wish to re-launch the installation process (for example in order to install
more modules), just make sure that the configuration file (located at <itop>/conf/production/config-itop.php)
is writable by the web server (on Windows: remove the "read-only" flag, on Linux
adjust the rights of the file) and point your browser to <itop>/setup/.
2.3. cron.php
--------
The following features will require the activation of CRON.PHP:
- asynchronous emails. By default, this option is disabled. To enable it, set 'email_asynchronous' to 1 in the configuration file.
- check ticket SLA. Tickets reaching the limits will be passed into Escalation TTO/TTR states.
More information into the Wiki: https://wiki.openitop.org/doku.php?id=2_0_2:admin:cron
You can get a status of the cron "tasks" with the command:
php cron.php --auth_user=admin_login --auth_pwd=admin_pwd --status_only=1
The output will look as shown below:
+---------------------------+---------+---------------------+---------------------+--------+-----------+
| Task Class | Status | Last Run | Next Run | Nb Run | Avg. Dur. |
+---------------------------+---------+---------------------+---------------------+--------+-----------+
| CheckStopWatchThresholds | active | 2013-03-28 10:32:27 | 2013-03-28 10:32:37 | 51 | 0.317 s |
| EmailBackgroundProcess | active | 2013-03-28 10:32:27 | 2013-03-28 10:32:57 | 12 | 7.089 s |
| ExecAsyncTask | active | 2013-03-28 10:32:27 | 2013-03-28 10:32:29 | 51 | 0.032 s |
+---------------------------+---------+---------------------+---------------------+--------+-----------+
2.4. Upgrading from 2.0.x
--------------------
The version 2.0.3 if fully compatible with 2.0.0, 2.0.1 and 2.0.2. Due to few database changes,
you must run the setup when upgrading (whatever the original version).
If the location of mysql binaries is in the "path", the setup proposes to perform a full backup
of iTop (database + configuration file) using mysqldump.
Here is how to upgrade, step by step, a 2.0.x instance of iTop:
1) Do NOT overwrite the files from the previous version. Expand the content of the "web" directory of
the new package into a new directory on the web server.
2) Check the access rights on the files/folders: the setup needs to have write access either to the
whole directory where iTop is installed or to the following subdirectories (create them if needed)
- conf
- data
- env-production
- log
3) Point your web browser to the URL corresponding to the new location. You should see the setup screen.
4) When prompted (At step 2 of the installation), choose "Upgrade an existing instance"
5) Either enter the path (on the disk) to the previous instance, or supply the needed credentials.
6) Run the setup to completion. Once this is done you can connect to your upgraded iTop.
7) To replace the old instance of iTop with the newly installed one:
Rename the directories to switch the locations
Edit the new configuration file (now located at <itop>/conf/production/config-itop.php) and change the
value of the "application_url" parameter.
2.5. Migrating from 1.x versions
---------------------------
The setup is designed to upgrade existing 1.x instances of iTop automatically. In case the instance was
customized (for example by altering its data model), the installation process will detect the modifications
(by scanning the source files and comparing them with the manifest) and will prompt either to keep the
modifications or to discard them.
If the location of mysql binaries is in the "path", the installation proposes to perform a full backup
of iTop (database + configuration file) using mysqldump.
Here is how to upgrade, step by step, a 1.x instance of iTop.
1) Do NOT overwrite the files from the previous version. Expand the content of the "web" directory of
the new package into a new directory on the web server.
2) Check the access rights on the files/folders: the setup needs to have write access either to the
directory where iTop is installed or to the following subdirectories (create them if needed)
- conf
- data
- env-production
- log
3) Point your web browser to the URL corresponding to the new location. You should see the setup screen.
4) When prompted (At step 2 of the installation), choose "Upgrade an existing instance"
5) Enter the needed credentials. It is not mandatory to supply the location (on the disk of the server)
where the previous instance was installed but, by doing so, you let the installation find the credentials
(by looking at the previous configuration file) and also perform additional checks, for instance, to
detect any customization that you may have made to iTop.
6) Run the setup to completion. Once this is done you can connect to your upgraded iTop.
7) To replace the old instance of iTop with the newly installed one:
Rename the directories to switch the locations
Edit the new configuration file (now located at <itop>/conf/production/config-itop.php) and change the
value of the "application_url" parameter.
That's it.
3. FEATURES
========
3.1. Changes since 2.0.2
-------------------
This maintenance version consists in a mix of bug fixes and enhancements.
Enhancements
--------------------
Memory consumption by the application has been drastically reduced.
Usability
--------------------
#934 Support the <display_style> option for ExternalKeys: horizontal and vertical radio buttons groups are now supported
#933 Search form for Query Phrasebook items. If you implement your own menus (equivalent to itop-welcome-itil module), make sure that you update the menu definition to show the search form at the top.
#929 Speed up the full text search (mostly from the end user perspective, requires a custom configuration)
#930 AttributeExternalFields displayed in a form are automatically refreshed when their "parent" field is modified...
#909 Faster display for the "details" of an object:
- object's history is only loaded when the "History" tab is clicked
- by default the history display is truncated to the 'max_history_length' (= 50) latest modifications
#878 Missing scrollbar in "linkset-direct" edition popup dialog
#862 Popup menu misplaced when the window scrolls (e.g. when displaying large lists of results)
#861 and #636 Set the focus on User Name in iTop Login Form
#940 "Close" and "Reopen" buttons were not working on IE (due to extra commas at the end of JS lists)
#892 Confusion when using a hierarchical list in a search form
#916 Hierarchical selector: clicking on the label now has the same effect as clicking on the radio button itself. (The label is no longer an hyperlink)
Ticket's attachments can now be added by drag and drop (on browsers supporting HTML5 drag and drop).
Scalability / Performance
-------------------------
#867 (and #907 as a dup') De-harcode set_time_limit (per loop) in lengthy operations. Default value is 30 seconds (per loop), configurable via the new parameter "max_execution_time_per_loop", instead of 5 seconds previously.
Compatibility with APCu (For PHP 5.5+), since it is slightly different from APC.
Two experimental perf. enhancements:
- maintain list the attributes (potentially) modified to speed-up ListChanges() by avoiding a systematic comparison between the content of linkedsets.
- cache the list of SynchroDataSources and use this in InSyncScope() to avoid searching in the SynchroReplicas when it's not needed...
Depending on the configuration, these optimizations may speed-up the CSV import by up to 40% !!
Experimental perf. enhancement: cache the foreign keys to use when importing object to avoid searching for the same object several times during a given import. Seem to speed up the imports by 7 to 10%.
CSV export (from the toolkit menu) now displays an asynchronous page, to better cope with a huge number of objects (> 10000)
- Memory optimization: no longer store all DBObjects in memory while browsng through a Set, but pull them one by one from the MySQL client buffer as needed.
- Also renamed Merge to Append since it's really what it does (seems to be used only in the tests)
Code cleanup to implement the tabs handling (inside web pages) in one place. Added the ability to provide asynchronously loaded tabs (content must come from the same server).
Use the object oriented verison of the MySQLi API which seems free of memory leaks (compared to the procedural version of the same API).
#944 Speed-up the display of CSV import history. IF the feature is enabled, the CSV import history is:
1) Displayed asynchronously
2) Based on a specific 'origin' enum fields instead of parsing the userinfo comment
Cleanup of unused records in the change tracking table 'priv_change'. Depending on the installed modules and the usage you have made of iTop, this cleanup can drastically reduce the size of you backups.
JSON/REST API (new version: 1.2)
--------------------------------
#926 Proper "report" data when performing a Delete operation
#925 Added an option to output all the fields of the object found (not only the fields of the queried class), using "*+" for the list of queried fields
#897 Improved the error reporting when an external key is specified with a final class that is not a subclass of the class of the external key
#891 Better error reporting when either the parameter auth_user or auth_pwd are missing.
#877 More flexibility on case log updates (in particular, it is now possible to write the entire case log), remains compatible with the previous API
#869 API was not outputing case log attributes (not in a structured way)
New verb: core/check_credentials to implement single sign-on solutions
Properly handle external and basic authentication methods for REST web services.
Proper output of boolean values in JSON.
Bug fix: the JSON value for an enum should be the raw value, not its translated label.
Data model fixes/changes
------------------------
Fixed issue with 1.x datamodels: dashlets of type "badge" not working (preventing from editing an existing dashboard), since 2.0.2
Aligned the authentication module with the one of 2.x, to enable the feature "Forgot password" for legacy data models
Added the "outage" field to simple Change tickets, since it's already present in ITIL Changes.
Added the (missing) field status to the details of VirtualDevice, Hypervisor and Farm.
Notifications
-------------
#901 Added the attribute "filter" to the triggers, to define conditional notifications
#872 Support notifications for the creation of a new user. Also fix the translation of the "Additional values" in ValueSetEnumClasses.
#856 allow asynchronous emails to have an empty 'to' recipient... (not used anyway)
#483 Added placeholders for the notifications: html(caselog), head_html(caselog), html(linkset). The HTML can be customized. Fixes the issue about lines being wrapped in a curious way (root cause: swift mailer).
Miscellaneous fixes
-------------------
#943 Fix for supporting drop-down lists/auto-completes based on a parametrized query in the portal.
#936 Tune the default (i.e. implicit) tracking level on link sets (and disable tracking on 1-N links, for fresh installations)
#935 Better support of CheckToWrite() in object's transitions, improved by checking the data sooner for a consistent workflow.
#931 Management of n:n links can be broken in case of insufficient user rights. Side effect: attribute_linkedset with the flag OPT_ATT_HIDDEN are now completely hidden (the tab is not displayed at all).
#928 Setup crashing if async_retries is configured
#923 prevent XSS injection in forgot password page.
#919 Circular references between tickets (parent/child). Protect the framework against infinite recursions on cascaded updates (done at the DBUpdate level).
#918 TTO/TTR status "passed" gets reset when the stop watch is stopped (using the status "triggered" instead)
#913 Error when searching for child requests and no organization is specified. Still, I could not figure out WHY IT WAS WORKING WHEN AN ORG IS SELECTED as a search filter!
#905 The toolkit menu was visible in the portal for Administrators (but it was not usable). It is now hidden in any case.
#896 XSS injection on the portal (any search form)
#890 Dispatch the defines in the proper modules to make sure that the portal works with all possible combinations of tickets.
#888 Security on the portal incompatible with customizations (regression introduced in 2.0.2), now requires to define PORTAL_USERREQUEST_DISPLAY_QUERY and PORTAL_USERREQUEST_DISPLAY_POWERUSER_QUERY
#887 Short term fix for preventing ToArgs to alter the content of an object...
#886 Delete change history so that if an ID is reused the history starts from scratch (and cleanup most of the data as soon as the object is deleted)
#881 Paginated list in popup dialog is broken
- Missing scrollbar in the popup when using the [+] button
#876 Upgrade finishes with error "Cannot reload object id = -1" (root cause: DB in read-only mode, see config/access_mode)
#875 Could not use OQL queries with a double quote in the condition
#873 Allow the character % in the path of an URL (requires the edition of the config file when upgrading)
#871 eMail validation pattern was too strict: now fully configurable (globally and per attribute).
#870 When a user deletes all her/his shortcuts at once, this was deleting all the shortcuts for all users.
#859 About box: also list the modules installed from the extensions folder
#731 Full text search requires a string of at least three characters (configurable: full_text_needle_min)
#954 Stricter validation of mandatory tags/values during compilation.
#953 Protect the background processing against corrupted (incomplete) objects.
#906 iTop gets locked with OnInsert plugin. Better way to handle the lock in order to prevent duplicates in the numbering of Tickets. Note that the iTopMutex now supports re-entrance inside the same PHP page.
#927 Detect IE7 (or compatibility mode) and warn the user that the application cannot be used with such browsers.
#951 Properly display localized values for ENUMs in the data model view.
#955 Translated the label "Open Requests" in the welcome menu
Completed the Portuguese translation (Brazil), provided in december... (by Marco Tulio?) - modules updated: attachments, change, incident, request and request/ITIL, service for providers
Portal + templates: Bug fix = when the user selects a template, then go back to select a service for which no template applies, he still gets the tempate fields in the final form.
Added a helper function to get an icon stored as an ormDocument: ormDocument::GetDownloadURL
Full text search shortcuts: allow the use of class names containing underscores and numbers (e.g. Processus métier: écarissage)
Properly optimize the columns to load, when subitems are requested.
Allow the use of any character into the help text on an attribute (usefull to explain a constraint implemented as a regular expression for instance.) Reminder: the text is given as a dictionary entry named like "Class:<class>/Attribute:<attcode>?"
Fixed a compiler error message (wrong syntax when using a PHP class to implement the class methods)
Limit the display of the status to the latest 100 runs of the synchro data source.
Implement the iDisplay interface on any class derived from DBObject, but also limit the possible actions on such objects (disable edition)
Code cleanup to implement the tabs handling (inside web pages) in one place. Added the ability to provide asynchronously loaded tabs (content must come from the same server).
Run Query enhancements
- Properly catch *all* exceptions and redisplay the entered OQL statement every time
- Post the form to force its refresh (i.e. running the query again) even if the query did not change
Better handling of the default choices in the setup, in case of upgrade (for some specific configurations of the installation wizard).
Object's edition: keep track of what was typed in the case log fields when reloading the form (for example with a different "initial state")
Protect Bulk Modify against XSS injection!
Bug fix : missing semicolons were causing an error with IE9.
Finalized the French translation for some types of "Triggers"
Templates processing aligned with "templates-base" 2.1.1: allow template fields with the same name the attribute code of the curent object.
Make the Basic Authentication (login_mode=basic) work with non-ASCII characters (in the username as well as in the password), though this may depend on the browser...
Add a new flag "debug" (false by default) to turn off the debug traces of the 'authent-ldap' module since the traces contain potentially sensitive information in clear text.
Demo mode: disable the pin button on the left pane (and keeps it open and resizable)
Fix for Plugins: if a page uses set_base then JS popup menu items were reloading the page. Still, set_base should not be used!
Enabled KPI tracing for the export page
Optimization: map the extended attribute code to the corresponding external field when this if possible (ex: org_id->name to org_name); this reduces the number of queries, in particular when using the "export CSV" menu on a list.
Optimize the queries for the export page
Resetting the stop watch...do clean the first start date when it is not running!
Allow to reset a running stop watch (without stopping it!)
Preserve "hidden" template fields.
Dictionary string for the portal should not depend on a module
- Put back support of templates
- Make sure that unwanted parameters cannot be set when creating the ticket
Record the very same installation time for all modules.
Asynchronous emails: added a retry mechanism useful in case your SMTP server restricts the number of emails that can be sent over a period of time (usage: broadcasting a newsletter). The mechanism is not specific to sending email as it is implemented at the AsyncTask level.
Better handling of the user's configured display limit for displaying the CSV import history.
Reworked the asynchronous mechanism to ease its extension (added a "status", preset by the setup)
Protect attachments against concurrent edition of a ticket.
Removed warnings occuring when configuring a list
Added a warning when upgrading the application while a CRON is being executed on the same DB
Added an index on "item_org_id" to speed-up the setup and the silo on organizations.
Add the ability to supply a default "from" email address for the "forgot password" feature, instead of using the same address as for the "to".
"Portal Users" are not allowed to use the REST/JSON webservices. This case is now properly handled with a specific message.
Full text search returning irrelevant results (e.g: search on "Location:Bordeauxactive")
3.2. Known limitations (https://sourceforge.net/apps/trac/itop/report/3)
-----------------
#71 The same MySQL credentials are used during the setup and for running the application.
Suhosin can interfere with iTop. More information can be found here: http://www.combodo.com/wiki/doku.php?id=admin:suhosin
Internet Explorer 6 is not supported (neither IE7 nor IE8 in compatibility mode)
Tested with IE8 and IE9, Firefox 3.6 up to Firefox 24 and Chrome. Be aware that there are certain limitations when using IE8 in "security mode" (when running IE on a Windows 2008 Server for example)
3.3. Known issues (https://sourceforge.net/apps/trac/itop/report/3)
------------
#259 Not instantaneously logged off when the administrator deletes a user account
#273 The administrator can delete his/her own user account
#372 APC Cache not efficient (multi org usage, global search)
#382 Search form / base class lost after a search
#377 Case log: exclude the index from the views
#388 IE9: edition fields not resizable
#443 Objects remain in the database after de-installing some modules
#442 Useless profiles installed (1.x legacy data model only)
#438 The selection of Organizations using the hierarchy does not work on IE8 in security mode
#436 Cannot type "All Organizations"
#381 Deletion of dependencies could fail in a multi-org environment
#241 "status" is a free-text field when configuring a Trigger
#358 Multi-column queries sometimes returning an empty set
#399 Copy/paste from iTop's CaseLog looses tabs
#343 CKEditor (HTML Editor) not compatible with direct object creation on ExtKeys
#350 Object edition form: validation does not tell which field has a problem
#730 Leaving temporary files when performing a backup of the data during installation
