Try the Demo Get GOTRS

GOTRS 0.6.1: Automation Engines and Access Control

7 min read Feature Announcements

Two weeks after 0.5.1, we’re back with a substantial release focused on automation and access control. GOTRS 0.6.1 introduces the GenericAgent execution engine for automated ticket processing, ACL evaluation for dynamic form filtering, the GenericInterface framework for external webservice integration, and—critically—proper group-based queue permission enforcement. Plus, we’ve expanded language support to 15 languages.

Generic Agent Execution Engine

The GenericAgent is here, bringing automated ticket processing to GOTRS. This is the equivalent of OTRS’s GenericAgent module, allowing you to define scheduled jobs that automatically process tickets based on configurable criteria.

Automation and control systems Defining a new Generic Agent Job

Ticket Matching Capabilities:

  • State, Queue, Priority, Type, Lock, Owner, Service, SLA filtering
  • Customer ID with wildcard support
  • Title matching
  • Time-based filters: create/change/pending/escalation older/newer than X minutes

Available Actions:

  • Change state, queue, priority, owner, responsible, lock, type, service, SLA
  • Update customer ID and title
  • Add notes with subject and body
  • Set pending time
  • Delete tickets (use with caution)

Jobs are configured with schedule parameters (days, hours, minutes) and run automatically via the job scheduler. The repository uses OTRS’s key-value storage format for compatibility with existing job configurations.

ACL Execution Engine

Access Control Lists now actually control access. The new ACL evaluation engine filters ticket form options based on configurable rules:

Security and access control Security and access control

  • Property matching: Match against frontend values (Properties) or database values (PropertiesDatabase)
  • Pattern support: Wildcards (*), negation ([Not]), and regex ([RegExp])
  • Change rules: Possible (whitelist), PossibleAdd (add to options), PossibleNot (blacklist)
  • StopAfterMatch: Halt ACL chain processing after a rule matches
  • Filter methods: States, Queues, Priorities, Types, Services, SLAs, and Actions

The API helper makes integration straightforward—pass the ticket context and get back filtered options for your forms.

Group-Based Queue Permission Enforcement

This one’s important. GOTRS now enforces OTRS-compatible group-based queue permissions at the middleware layer—secure by default, no handler-level checks to forget.

Permission Types:

  • ro — read-only access
  • rw — full access (supersedes all other permissions)
  • create — create tickets in queue
  • move_into — move tickets into queue
  • note — add notes to tickets
  • owner — take ownership of tickets
  • priority — change ticket priority

How It Works:

Routes declare required permissions in YAML:

- path: /ticket/:id
  middleware: [ticket_access_ro]
  
- path: /tickets/:id/note
  middleware: [ticket_access_note]
  
- path: /ticket/new
  middleware: [queue_create]

The middleware checks the user’s permissions (combining direct group membership and role-based access) before the request ever reaches the handler. No permission? 403. No exceptions.

The Queue Access Service handles the heavy lifting—combining group_user direct permissions with role_user → group_role role-based permissions. Context is enriched with is_queue_admin and accessible_queue_ids for handlers that need to filter results.

Both ticket IDs and ticket numbers are supported in URL parameters—the middleware resolves them automatically.

GenericInterface Webservice Framework

Connect GOTRS to the outside world with the full GenericInterface implementation:

Core Features:

  • Webservice repository with YAML config serialization and history tracking
  • Transport abstraction supporting REST and SOAP
  • Invoker routing and request/response data mapping

REST Transport:

  • GET/POST/PUT/DELETE methods
  • Path parameter substitution (:id)
  • Query params and JSON body
  • Basic and API key authentication
  • Custom headers

SOAP Transport:

  • SOAP 1.1 envelope construction
  • SOAPAction header handling
  • Namespace prefix support
  • Fault parsing
  • Basic authentication

New Dynamic Field Types:

  • WebserviceDropdown: Single-select autocomplete backed by external webservices
  • WebserviceMultiselect: Multi-select variant for choosing multiple values

Dynamic Fields Types Dynamic Field Types

The admin UI at /admin/webservices provides create/edit/delete operations, connection testing, and configuration history. AJAX endpoints power the autocomplete functionality with result caching.

i18n Expansion: 15 Languages

We’ve expanded from 8 to 15 supported languages:

LanguageCodeNotes
ArabicarRTL support
Chinesezh
EnglishenBase language
Frenchfr
Germande
HebrewheRTL support
JapanesejaNative translations
KlingontlhQapla'!
PersianfaRTL, Persian numerals
Polishpl
Portuguesept
RussianruCyrillic, RUB currency
Spanishes
UkrainianukDistinct vocabulary, UAH currency
UrduurRTL support

Support for 15 languages Support for 15 Languages, including Arabic

All 15 languages cover 2,500+ translation keys, and growing! Language configs include locale-specific date/time/number/currency formatting. GetEnabledLanguages() auto-detects available languages based on JSON file existence.

Admin Module Expansion

System Maintenance

Schedule maintenance windows and keep users informed:

  • Schedule periods with start/stop times
  • Display notifications to logged-in users via banner
  • Login page message when maintenance is active
  • Session management: view and kill sessions during maintenance
  • Configurable notification timing (default: 30 minutes before)

Scheduling a Maintenance Window Scheduling a Maintenance Window

Session Management

Full session oversight at /admin/sessions:

  • View all active sessions with user details, IP, browser, login time, last activity
  • Kill individual sessions or all sessions for a user
  • Emergency “kill all sessions” with confirmation
  • Current session indicator to avoid self-logout
  • Background cleanup task for expired sessions (configurable interval)

Session Management Session Management

Phone/Email Ticket Entry Points

Separate navigation links for phone and email tickets:

  • Direct links in top navigation and agent dashboard
  • URL parameter pre-selects interaction type
  • Form displays colored border based on type (colors from article_color table)

Phone/Email Ticket Entry Points Phone/Email Ticket Entry Points

Article Color Management

Configure sender type colors at /admin/article-colors:

  • Full CRUD for article color configuration
  • Agent, customer, and system sender colors
  • Dashboard link with palette icon

Customer Groups & Customer User Groups

Manage customer access to tickets:

  • Customer Groups: Edit permissions by customer company or by group
  • Customer User Groups: Edit permissions by individual customer user or by group
  • Permission types: ro (read-only) and rw (read-write)
  • Two-way management UI for both modules

Queue Templates & Template Attachments

Complete the template management story:

  • Queue Templates: Two-way management—edit by queue or by template
  • Template Attachments: Two-way management—edit by template or by attachment
  • Two-column overview with assignment counts
  • Smart redirects after saving

Postmaster Filter Admin

Manage email routing filters at /admin/postmaster-filters:

  • Match conditions with regex patterns on headers/body
  • Set actions for X-GOTRS-* headers
  • NOT operator for negative matches
  • Stop flag to halt further processing
  • Type-ahead search for queue, priority, state, type

Auto Response & Queue Auto Response

  • Full CRUD for automatic email response templates
  • Queue-to-auto-response mapping management
  • Template variable support for dynamic content

Dynamic Fields Import/Export & Auto-Configuration

  • Import/Export: Export fields to YAML, import from YAML file or pasted content
  • Auto-Configuration: Checkbox for automatic defaults on supported field types (Text, TextArea, Checkbox, Date, DateTime)

HTML Structure Validation

We added centralized HTML tag balance validation to the template test suite:

  • ValidateTagBalance() using stack-based approach with golang.org/x/net/html tokenizer
  • Integrated into TemplateTestHelper.RenderAndValidate()
  • All 90+ page templates validated on every test run
  • Catches bugs like missing </div> that cause invisible UI elements

Scalable Role Users Management

The role-user assignment UI now handles thousands of users gracefully:

  • Search-based user assignment with debounced typeahead
  • Replaces “load all users” with search-first design (LIMIT 20)
  • Minimum 2 characters required, 300ms debounce
  • Member count display and loading spinner

DBSourceFilter for Email

Email filtering that loads postmaster filters from the database:

  • Runs first in filter chain before token extraction
  • Supports all X-GOTRS-* headers
  • VIP routing, spam filtering, NOT matches, multi-match conditions
  • Stop flag behavior for halting the chain

Bug Fixes

BugFix
Template Selector Editor ModeFixed HTML templates not switching editor to richtext mode—now auto-detects HTML content
Note Submission ValidationFixed “Please enter note content” error when using templates—TipTap’s setContent() now syncs to hidden textarea
HTML-Encoded Template VariablesFixed &lt;GOTRS_*&gt; variables not substituting—handles both raw and encoded formats
Pending Reminder SnoozeFixed “response.json is not a function” error—apiFetch() returns parsed JSON, not a Response object
Escalation History RecordingFixed missing required columns in INSERT, added integration test
Customer Typeahead Race ConditionAdded retry logic for seed data loading timing issues
Dynamic Module Lookup DisplayShows lookup display values instead of raw IDs
Remaining $N PlaceholdersFixed remaining PostgreSQL placeholders across 6 files
Template Type ChipsComma-separated types now display as individual colored chips

By the Numbers

MetricValue
Languages supported15
RTL languages4 (ar, he, fa, ur)
Translation keys1866
Page templates validated90+
Admin modules added12
Integration tests for customer groups11

Upgrade Notes

If you’re coming from 0.5.x:

  1. Pull the new images: docker compose pull
  2. Recreate containers: docker compose up -d --force-recreate
  3. For Kubernetes: helm upgrade gotrs oci://ghcr.io/gotrs-io/charts/gotrs --version 0.6.1

Database migrations may be required for new tables (system_maintenance, session management). Run make migrate after upgrading.

Behavior change: Unmatched template variables (<OTRS_*> and <GOTRS_*>) are now replaced with - instead of being left in the output. This matches OTRS behavior.

What’s Next

With GenericAgent and ACLs in place, GOTRS now has the automation and access control foundations needed for complex ticket workflows. The next phase will focus on process management and workflow automation building on these engines.

Questions? Feedback? Join our Discord and let us know what you think!

Back to Blog