Skip to content

v2.26 "Lauttasaarentie"
Compare
Choose a tag to compare
@Macroz Macroz released this 25 May 09:52
· 1624 commits to master since this release
v2.26
7fc33c5

NB: This release contains migrations!

NB: The login has changed to allow more configurable user identity and other attributes. Consider this a big change worth some manual testing to see that everything works.

NB: New feature, reminder email for application expiration uses new email template. If you enable the feature and you use customized email templates, please check :t.email.application-expiration-notification/subject-to-member and :t.email.application-expiration-notification/message-to-member.

Breaking changes

  • The actor of the command API (for applications) is now always validated. Previously, there was a chance that a non-existent user could be sent (used mostly by our internal tests). (#2771, #2824, #2772, #2821)
  • User attributes are not saved on every request, only when logging in. (#2829)
  • The :oidc-userid-attribute config has been renamed to :oidc-userid-attributes and has new options to allow internally renaming an attribute from IdP to REMS db. (#2771, #2821)
  • Users are required a name, and optionally an email from the IdP to be allowed in. These can be configured, see docs/configuration.md. (#2889, #2929)
  • User attributes have been renamed internally. If you directly accessed the database, please note that eppn -> userid, commonName -> name and mail -> email. (#2377)
  • Application expiration notification can now be configured to send reminder email to applicant and members before expiration. This requires a change to the configuration option :application-expiration. Please read docs/bots.md section on Expirer bot. (#2906)

Additions

  • You can configure the OIDC attributes for name and email (see configuration.md)
  • User in the API can be an internal REMS id or any of the :oidc-userid-attributes (provided that the user has logged in once and we have stored the identity. (#2821 #2772)
  • Fake login page has been improved to include descriptions of the different users. (#2896)
  • Errors are now handled in oidc-callback by redirecting to an error page. (#2856)
  • Mail settings can be configured with the :smtp config including authentication. (#2895)
  • More configurable logout. You can now override the redirect with :oidc-logout-redirect-url, as well as unset :oidc-perform-revoke-on-logout. See configuration.md. (#2916)

Fixes

  • API-key validity is not checked unless it is actually sent. (#2785)
  • API-Keys are cached for a minute for a slight performance improvement. (#2785)
  • Resources can be filtered in the API by resid (#2852)
  • Hide applicant column and reduce font size to avoid previous applications to become too wide (#2855)
  • Duplicated forms have been removed. Previously, if a workflow form was the same as a catalogue item form, that form would be duplicated. (#2853)
  • An owner that is also an organization owner can now properly edit organization ownerships. (#2850)
  • An owner could sometimes see a disabled catalogue item in the catalogue tree. (#2800)
  • The column names in the tables and the field names in create/edit pages of the administration now match.
  • Improve the accessibility of the small navbar. (#2907)
  • Load config overrides from system properties and env (#2917)
  • Application draft can now be saved even if there are validation warnings. (#2766)
  • New application page no longer displays "Application: Success" message. (#2838)
  • Blacklist API now returns HTTP 422 status if user or resource does not exist when adding or removing blacklist entry. (#2835)
  • Add missing migration that slims down organization owners in the DB to just the id. (#2939)
  • Only fetch the catalogue tree (or table) if it is shown (or otherwise needed). (#2930)
  • Fix the catalogue tree nodes sometimes being empty when fetching it from the API (#2931)
Assets 3
Loading