Virtual Box, Linux Mint, Drupal and civiCASE — Part 5

,,

Here we will set up the framework for CiviCase

Setup CiviCRM

SMTP Mail settings

Before continuing with the CiviCRM configuration, let’s install a module that helps setup the SMTP settings to deliver emails.

Download the SMTP Authentication Support module here: https://drupal.org/project/smtp

Unzip it to the desktop then move it to  /var/www/drupal/sites/all/modules/smtp

Now open Drupal/Modules and enable the module

 

Fill in required settings on the Administer -> Configuration -> System -> SMTP Authentication Support page.

When finished filling out the required information you can send a test email from the same page.

CiviCRM Installer

Download the CiviCRM gz file from https://civicrm.org/download

Un pack the file and put the folder civicrm into /var/www/html/sites/all/modules/

Now enable the module. Scroll down quite a way until you get to the civiCRM section.

Once enabled somewhere is a link to install the module.

Configuration Checklist

I had two warnings about folders not being downloadable. I went into /var/www/html/sites/default/files/ then right-clicked on civicrm/ and selected “open as root”. Then for both the /upload/ and /custom/ folders I right-clicked, selected properties/permissions and set “others” to ‘none’

CiviCRM_upload_folder_permissions

http://localhost/drupal/index.php?q=civicrm/admin/configtask&reset=1

As you go through each item it will turn green to indicate you visited that page

Site Configuration

Localization: Nothing much to change here

Organization Address and Contact Info:
Name:
Description:
Mail settings:
Organization address:
Organization contact information: email and phone number

Enable Components: Add CiviCase and disable CiviContribute and CiviPledge

Viewing and Editing Contacts

Display preferences:

Viewing Contacts — adjust as shown

Viewing Smart Groups — accept default

Editing Contacts — adjust as shown

Contact Search — adjust as shown

Contact dashboard — doesn’t matter because contacts don’t have access

All other’s should work as default

Addresses

Adjust as shown, other settings okay at default

 

Maping and Geocoding — not used

Search Settings — accept defaults

Misc (Undelete, PDFs, Limits, Logging, Captcha, etc.) — accept defaults

Contact Types — treat under customization (Part 6)

Outbound Mail — treat under customization (Part 6) some problem here

From Email Address Options — treat under customization (Part 6)

 Online Contributions / Online Membership Signup / Online Event Registration — not used

Organize your contacts — treat under customization (Part 6)

 

Errors

All that done, and now there are three errors being reported

One issue I expected because the Outbound Email settings I knew were weird.

This one was fixed by clickingo n the Go button, then entering information about the email server.

The other two issues had to do with file read permissions.

Here’s how I fixed the upload directory issue:

Open as root: /etc/apache2/ and open for editing: apache2.conf
http://stackoverflow.com/questions/5046100/prevent-access-to-files-in-a-certain-folder

Search for the section <Directory /var/www/> and change AllowOverride  to ‘All’ as shown below.

<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted

Next I opened the folders that I was told were downloadable and edited the .htaccess file.

For example:

I opened as root: /var/www/drupal/sites/default/files/civicrm/upload/
I used the view menu item to select ‘view hidden file’I opened .htaccess to edit and add the following:

<Files “*”>
Order allow,deny
Deny from all
</Files>

When I researched the Security Warnings I found that there is a bug in CiviCRM related to these warnings. I tested and mine were open. Here’s the browser address I used for the test:

http://10.0.0.23/sites/default/files/civicrm/upload/latest-version-cache.txt

Originally it opened the file, after making the above changes it did not download.

Here’s a link to a discussion of the security risks and possible solutions

https://civicrm.org/advisory/civi-sa-2014-001-risk-information-disclosure

Here’s a link to a topic that talks about the issues

http://forum.civicrm.org/index.php?topic=31570.new;topicseen#new

And here’s the topic that is referred to in that previous link

http://wiki.civicrm.org/confluence/display/CRMDOC/checkUploadsAreNotAccessible

Here’s a link to the bug page at CiviCRM

http://issues.civicrm.org/jira/browse/CRM-14210

Now ready for customization

 Click for Part 6