-
Jonathan Weth authoredResolve "Collapse icon on progress drawer is inverted" Closes #863 See merge request !1343
Jonathan Weth authoredResolve "Collapse icon on progress drawer is inverted" Closes #863 See merge request !1343
Changelog
=========
All notable changes to this project will be documented in this file.
The format is based on `Keep a Changelog`_,
and this project adheres to `Semantic Versioning`_.
Unreleased
----------
Changes
=======
The "managed models" feature is mandatory for all models derived from `ExtensibleModel`
and requires creating a migration for all downstream models to add the respective
field.
Added
~~~~~
* Frontend for managing rooms.
* Global calendar system
* Calendar for birthdays of persons
* Holiday model to track information about holidays.
* Frontend for managing holidays.
* [Dev] Components for implementing standard CRUD operations in new frontend.
* [Dev] Options for filtering and sorting of GraphQL queries at the server.
* [Dev] Managed models for instances handled by other apps.
* [Dev] Upload slot sytem for out-of-band uploads in GraphQL clients
* Generic endpoint for retrieving objects as JSON
* [Dev] Base model for organisational entities (external companies, associations,…)
* Management of personal calendar events.
Changed
~~~~~~~
* Management of school terms was migrated to new frontend.
* [Dev] Child groups are exposed in the GraphQL type for groups.
* Icons of active menu entries are filled if possible.
Fixed
~~~~~
* Description field of Person was not editable.
* [Docs] Certain parts of installation docs not visible
* GraphQL mutations did not return errors in case of exceptions.
* Group GraphQL queries failed when queried by owner or member.
* Nav submenu items could not be distinguished from regular ones.
* Special printouts included a blank white page at the end.
* Collapse icon on the progress drawer was the wrong way around.
`3.1.5`_ - 2023-09-02
---------------------
Fixed
~~~~~
* [Docs] A required package was not listed
* Migrations failed in some cases
`3.1.4`_ - 2023-07-20
---------------------
Fixed
~~~~~
* Extensible form was broken due to a missing import.
`3.1.3`_ – 2023-07-18
---------------------
Fixed
~~~~~
* [Docker] The build could silently continue even if frontend bundling failed, resulting
in an incomplete AlekSIS frontend app.
* Rendering of "simple" PDF templates failed when used with S3 storage.
* Log messages on some loggers did not contain log message
`3.1.2`_ - 2023-07-05
---------------------
Changed
~~~~~~~
* uWSGI is now installed together with AlekSIS-Core per default.
Fixed
~~~~~
* Notifications were not properly shown in the frontend.
* [Dev] Log levels were not correctly propagated to all loggers
* [Dev] Log format did not contain all essential information
* When navigating from legacy to legacy page, the latter would reload once for no reason.
* The oauth authorization page was not accessible when the service worker was active.
* [Docker] Clear obsolete bundle parts when adding apps using ONBUILD
* Extensible forms that used a subset of fields did not render properly
`3.1.1`_ - 2023-07-01
---------------------
Fixed
~~~~~
* Progress page didn't work properly.
* About page failed to load for apps with an unknown licence.
* QUeries for persons with partial permissions failed.
* Some pages couldn't be scrolled when a task progress popup was open.
* Notification query failed on admin users without persons.
* Querying for notification caused unnecessary database requests.
* Loading bar didn't disappear on some pages after loading was finished.
* Support newer versions of django-oauth-toolkit.
`3.1`_ - 2023-05-30
-------------------
Changed
~~~~~~~
* The frontend is now able to display headings in the main toolbar.
Fixed
~~~~~
* Default translations from Vuetify were not loaded.
* Browser locale was not the default locale in the entire frontend.
* In some cases, items in the sidenav menu were not shown.
* The search bar in the sidenav menu was shown even though the user had no permission to see it.
* Accept invitation menu item was shown when the invitation feature was disabled.
* Metrics endpoint for Prometheus was at the wrong URL.
* Polling behavior of the whoAmI and permission queries was improved.
* Confirmation e-mail contained a wrong link.
`3.0`_ - 2023-05-11
-------------------
Added
~~~~~
* GraphQL schema for Rooms
* Provide API endpoint for system status.
* [Dev] UpdateIndicator Vue Component to display the status of interactive pages
* [Dev] DeleteDialog Vue Component to unify item deletion in the new frontend
* Use build-in mechanism in Apollo for GraphQL batch querying.
Changed
~~~~~~~
* Show message on successful logout to inform users properly.
* Phone number country now has to be configured in config file insted of frontend.
Fixed
~~~~~
* GraphQL endpoints for groups, persons, and notifications didn't expose all necessary fields.
* Loading indicator in toolbar was not shown at the complete loading progress.
* 404 page was sometimes shown while the page was still loading.
* Setting of page height in the iframe was not working correctly.
* App switched to offline state when the user was logged out/in.
* The `Stop Impersonation` button is not shown due to an oversee when changing the type of the whoAmI query to an object of UserType
* Offline fallback page for legacy pages was misleading sometimes.
* Route changes in the Legacy-Component iframe didn't trigger a scroll to the top
* Query strings did not get passed when navigating legacy pages inside of the SPA.
* Retry button on error 500 page did not trigger a reload of the page.
* When the Celery worker wasn't able to execute all tasks in time, notifications were sent multiple times.
* Changing the maintenance mode state spawned another SPA instance in the iframe
* Phone numbers couldn't be in regional format.
* System status view wasn't accessible through new frontend if a check failed.
* Progress page didn't show error message on failure.
* Dynamic routes were not removed/hidden when the respective object registering it was deleted.
* Django messages were not displayed in Vue frontend.
* Links to data check objects did not work properly.
* Backend cleanup task for Celery wasn't working.
* URLs in invitation email were broken.
* Invitation view didn't work.
* Invitation emails were using wrong styling.
* GraphQL queries and mutations did not log exceptions.
`3.0b3`_ - 2023-03-19
---------------------
Fixed
~~~~~
* Some GraphQL queries could return more data than permitted in related fields.
`3.0b2`_ - 2023-03-09
---------------------
Changed
~~~~~~~
* Change default network policy of the Apollo client to `cache-and-network`.
Fixed
~~~~~
* In case the status code of a response was not in the range between 200 and 299
but still indicates that the response should be delivered, e. g. in the case
of a redirected request, the service worker served the offline fallback page.
* In some cases, the resize listener for the IFrame in the `LegacyBaseTemplate`
did not trigger.
* [Dev] Allow apps to declare URLs in the non-legacy namespace again
`3.0b1`_ - 2023-02-27
---------------------
Added
~~~~~
* Support for two factor authentication via email codes and Webauthn.
`3.0b0`_ - 2023-02-15
---------------------
This release starts a new era of the AlekSIS® framework, by introducing a
dynamic frontend app written in Vue.js which communicates with the backend
through GraphQL. Support for legacy views (Django templates and
Materialize) was removed; while there is backwards compatibility for now,
this is only used by official apps until their views are fully migrated.
AlekSIS and its new frontend require Node.js version 18 or higher to run the
Vite bundler. On Debian, this means that Debian 12 (bookworm) is needed, or
Node.js must be installed from a third-party repository.
Removed
~~~~~~~
* Official support for views rendered server-side in Django is removed. The
`LegacyBaseTemplate` provided for backwards compatibility must not be used
by apps declaring a dependency on AlekSIS >= 3.0.
* Support for deploying AlekSIS in sub-URLs
* Support for production deployments without HTTPS
Deprecated
~~~~~~~~~~
* The `webpack_bundle` management command is replaced by the new `vite`
command. The `webpack_bundle` command will be removed in AlekSIS-Core 4.0.
Added
~~~~~
* Notification drawer in top nav bar
* GraphQL queries for base system and some core data management
* [Dev] New mechanism to register classes over all apps (RegistryObject)
* Model for rooms
Changed
~~~~~~~
* Show languages in local language
* Rewrite of frontend (base template) using Vuetify
* Frontend bundling migrated from Webpack to Vite (cf. installation docs)
* [Dev] The runuwsgi dev server now starts a Vite dev server with HMR in the
background
* OIDC scope "profile" now exposes the avatar instead of the official photo
* Based on Django 4.0
* Use built-in Redis cache backend
* Introduce PBKDF2-SHA1 password hashing
* Persistent database connections are now health-checked as to not fail
requests
* [Dev] The undocumented field `check` on `DataCheckResult` was renamed to `data_check`
* Frontend bundling migrated from Webpack to Vite
* Get dashboard widgets and data checks from apps with new registration mechanism.
* Use write-through cache for sessions to retain on clear_cache
* Better error page with redirect option to login page when user has no permission to access a route.
* Users now can setup as many 2FA devices as they want.
* The 2FA profile overview was completely redesigned.
Fixed
~~~~~
* The system tried to send notifications for done background tasks
in addition to tasks started in the foreground
* 2FA via messages or phone calls didn't work after a faulty dependency
update
* [Dev] Site reference on extensible models can no longer cause name clashes
because of its related name
Removed
~~~~~~~
* iCal feed URLs for birthdays (will be reintroduced later)
* [Dev] Django debug toolbar
* It caused major performance issues and is not useful with the new
frontend anymore
`2.12.3`_ - 2023-03-07
----------------------
Fixed
~~~~~
* The permission check for the dashboard edit page failed when the user had no person assigned.
* OIDC scope "phone" had no claims.
* AlekSIS groups were not synced to Django groups on registration of existing persons
* Invitations for existing short name did not work.
* Invitations for persons without pre-defined e-mail address did not behave correctly
`2.12.2`_ - 2022-12-18
----------------------
Fixed
~~~~~
* Incorporate SPDX license list for app licenses on About page because
spdx-license-list dependency vanished.
`2.12.1`_ - 2022-11-06
----------------------
Fixed
~~~~~
* An invalid backport caused OIDC clients without PKCD to fail.
`2.12`_ - 2022-11-04
--------------------
Added
~~~~~
* Show also group ownerships on person detail page
* [Dev] Provide plain PDF template without header/footer for special layouts.
* [Dev] Introduce support for reformattinga and linting JS, Vue, and CSS files.
Changed
~~~~~~~
* OIDC scope "profile" now exposes the avatar instead of the official photo
* Language selection on Vue pages now runs via GraphQL queries.
* [Dev] Provide function to generate PDF files from fully-rendered templates.
* [Dev] Accept pre-created file object for PDF generation to define
the redirect URL in advance.
Fixed
~~~~~
* The logo in the PDF files was displayed at the wrong position.
* Sometimes the PDF files were not generated correctly
and images were displayed only partially.
* Error message in permission form was misleading.
* Personal invites did not work
* Invite Person view threw an error when personal invites existed
* Detailed information for done Celery tasks weren't saved.
`2.11`_ - 2022-08-27
--------------------
This release sunsets the 2.x series of the AleKSIS core.
Deprecated
~~~~~~~~~~
* All frontends using Django views and Django templates are deprecated and support
for them will be removed in AlekSIS-Core 3.0. All frontend code must be written in
Vue.js and be properly separated from the backend. In the same spirit, all backend
features must expose GraphQL APIs for the frontend to use.
Added
~~~~~
The following features are introduced here mainly to simplify gradual
updates. GraphQL and the Vuetify/Vue.js frontend mechanisms are preview
functionality and app developers should not rely on them before AlekSIS-Core
3.0.
* Introduce GraphQL API and Vue.js frontend implementation
* Introduce webpack bundling for frontend code
`2.10.2`_ - 2022-08-25
----------------------
Fixed
~~~~~
* Celery's logging did not honour Django's logging level
* Automatically clean up expired OAuth tokens after 24 hourse
`2.10.1`_ - 2022-07-24
----------------------
Changed
~~~~~~~
* Make External Link Widget icons clickable
Fixed
~~~~~
* The progress page for background tasks didn't show all status messages.
`2.10`_ - 2022-06-25
--------------------
Added
~~~~~
* Add Ukrainian locale (contributed by Sergiy Gorichenko from Fre(i)e Software GmbH).
* Add third gender to gender choices
* Add DataCheck to validate specific fields of specific models
Changed
~~~~~~~
* Restructure group page and show more information about members.
* django-two-factor-auth >= 1.14.0 is now required due to a
backwards-incompatible breakage in that library
Fixed
~~~~~~~
* Password change view did not redirect to login when accessed unauthenticated.
* Sorting icons were inlined into stylesheet
* iOS devices used the favicon instead of the PWA icon when the PWA was added to the home screen.
Changed
~~~~~~~
* Update icon choices for models to new icon set
`2.9`_ - 2022-05-25
-------------------
Added
~~~~~
* Allow to disable exception mails to admins
* Add possibility to create iCal feeds in all apps and dynamically create user-specific urls.
Fixed
~~~~~
* The menu button used to be displayed twice on smaller screens.
* The icons were loaded from external servers instead from local server.
* Weekdays were not translated if system locales were missing
* Added locales-all to base image and note to docs
* The icons in the account menu were still the old ones.
* Due to a merge error, the once removed account menu in the sidenav appeared again.
* Scheduled notifications were shown on dashboard before time.
* Remove broken notifications menu item in favor of item next to account menu.
* Serve OAuth discovery information under root of domain
* [OAuth2] Resources which are protected with client credentials
allowed access if no scopes were allowed (CVE-2022-29773).
* The site logo could overlap with the menu for logos with an unexpected aspect ratio.
* Some OAuth2 views stopped working with long scope names.
* Resetting password was impossible due to a missing rule
* Language selection was broken when only one language was enabled in
preferences.
Removed
~~~~~~~
* Remove option to limit available languages in preferences.
Changed
~~~~~~~
* [Dev] ActionForm now checks permissions on objects before executing
* [Dev] ActionForm now returns a proper return value from the executed action
* Pin version of javascript dependencies
`2.8.1`_ - 2022-03-13
--------------------
Changed
~~~~~~~
* Official apps can now override any setting
`2.8`_ - 2022-03-11
-------------------
Added
~~~~~