Configuration improvements
The following configuration improvements have been made.
Email address validation improved (#655318, #665025)
The validation and quoting of email addresses in the Web Client has been improved to comply with the latest standards. The library EmailValidator from the apache commons is now used to validate the recipients' addresses of emails which are manually sent from the Web Client. IDN and numeric domains are now allowed, while domains with special characters are disallowed.
In addition, the local part of the email address is not quoted anymore when it contains allowed special characters, such as !, #, $, %, &, ', *, +, -, /, =, ?, ^, _, `, {, |, }, ~, . .
The previous behavior can be restored by adding the system property cmweb-server-adapter.emailAddressValidationFallback with the value true.
Error handling when editing support tickets improved (#664102)
When a user tries to edit another user's support ticket in the Support tickets section of the Troubleshooting page of the Web Admin Suite, a proper error message explaining the lack of permissions is now shown.
Fallback email address for job executor (#664113)
If the system property jobExecutor.mailFrom from the module cmas-workflow-engine is not set, the value of the property mail.from from the module cmweb-server-adapter is now used as a fallback to ensure a more consistent use of email addresses across the system. Previously, the fallback was hardcoded to the address jobexecutor@cm.de.
Fallback email address for two-factor authentication notifications (#664797)
If the templates auth-2fa-mailcode-template and track-auth-2fa-mailcode-template used for sending two-factor authentication codes do not define a From address for the email via a From: indication at the top of the template, the value of the system property mail.from from the module cmweb-server-adapter is now used as a fallback. If this property is not set either, the value of the property admin.email from the module cmas-core-security is used as a last fallback.