CF validation - move into core RT code

We had a brief discussion about this before Christmas. I just wanted to
clarify what should be done as this is important to us and I suspect
will be for many people when they start using RT in an audited
environment. For example, if your auditors require mandatory fields in
tickets, you need to ensure that mandatory CFs are enforced on ticket

  • In the GUI
  • Via REST
  • Via email

Otherwise there’s no point in having mandatory fields since they could
be bypassed by just submitting a ticket, for example, by email. All a
good reason to have the validation in the core code, as suggested by
Todd and Jesse. We plan to look at this very soon and hope there will be
some support from other quarters!

I would also like to include in this a core code CF check to make sure
that any value for a Select* field is checked against legal values.
There is no core code check for this currently since it’s enforced in
the GUI simply by the semantics of drop-downs - you can’t enter anything
that isn’t an option. But via REST/Email, you can, so this should be a
core check too. I had implemented this in my AT REST code but this is
another candidate for moving to core code. Missed anything? Sound like a
reasonable plan?