Merge remote-tracking branch 'origin/release/12.0' into dev

pull/9928/head
Oliver Günther 3 years ago
commit 0b4af89a81
No known key found for this signature in database
GPG Key ID: A3A8BDAD7C0C552C
  1. 4
      config/locales/crowdin/js-ro.yml
  2. 51
      docs/enterprise-guide/enterprise-cloud-guide/GDPR/README.md
  3. 60
      docs/system-admin-guide/incoming-&-outgoing/README.md
  4. BIN
      docs/system-admin-guide/incoming-&-outgoing/image-20211129132820632.png
  5. BIN
      docs/system-admin-guide/incoming-&-outgoing/image-20211129133408193.png
  6. BIN
      docs/system-admin-guide/incoming-&-outgoing/image-20211129135301400.png
  7. BIN
      docs/system-admin-guide/incoming-&-outgoing/image-20211129135851860.png
  8. BIN
      docs/system-admin-guide/incoming-&-outgoing/image-20211129140341687.png
  9. 6
      frontend/src/app/shared/components/modal/modal-overlay.sass

@ -522,9 +522,9 @@ ro:
all: 'Toate'
center:
and_more_users:
one: 'and 1 other'
one: 'și încă unul'
few: 'and %{count} others'
other: 'and %{count} others'
other: 'și %{count} alții'
no_results:
at_all: 'Noi notificări vor apărea aici atunci când există o activitate care vă privește'
with_current_filter: 'Nu există notificări în această vizualizare în acest moment'

@ -13,6 +13,55 @@ The General Data Protection Regulation (GDPR) is a European regulation to harmon
As a firm believer in open-source, OpenProject is invested heavily in the freedom of users. This encompasses the software freedoms granted by the [GPLv3](https://www.gnu.org/licenses/quick-guide-gplv3.en.html) and employed by OpenProject and naturally extends to the rights and freedoms granted by the General Data Protection Regulation (GDPR). In the same transparent fashion that we develop our software, we are committed to transparency regarding data privacy protection of our users.
## Information Security and Compliance
### Hosting infrastructure
OpenProject cloud environment is hosted on a logically isolated virtual cloud at Amazon Web Services with all services being located in Europe. AWS is a [GDPR compliant](https://aws.amazon.com/compliance/gdpr-center/) cloud infrastructure provider [with extensive security and compliance programs](https://aws.amazon.com/security/) as well as unparalleled access control mechanisms to ensure data privacy. Employed facilities are compliant with the ISO 27001 and 27018 standards.
**Hosting in Germany (on request)**
We offer secure hosting of your OpenProject cloud also in a German data center on request. Please [contact us](https://www.openproject.org/contact-us/).
### Data backups
OpenProject cloud environment is continuously backing up user data with data at rest being fully encrypted with AES-256. Each individual instance is logically separated and data is persisted in a unique database schema, reducing the risk of intersection or data leaks between instances.
### Access to data and infrastructure
Production infrastructure is accessible only for a strict set of authorized system operations personnel from a secure internal maintenance VPN. Services employed by employees are secured by Two-factor-authentication where available. Access to customer data is performed only when requested by the customer (i.e., as part of a support or data import/export request).
All OpenProject GmbH employees employ industry standard data security measurements to secure their devices and access to cloud and on-premises infrastructure. All sensitive user data on laptops and workstations are encrypted and machines are maintained to receive system updates.
## Data Management and Portability
The GDPR includes grants to every data subject the right to access, modify, receive, and delete their own data.
OpenProject customers with admin accounts on their instance act as data controllers for their team members and have elaborate means to perform these request on behalf of the data subjects they are responsible for.
We detail some of these rights of the data subject in the following segments.
### Right to Access and Rectification
With OpenProject, data controllers have fine-grained user and rights management to perform these requests. Individual data subjects can forward any request to their responsible data controller of their information.
The following resources provide additional information:
- [Managing accounts and users in your instance](../../../system-admin-guide/users-permissions/) (for data controllers).
### Right to Erasure (“Right to be forgotten”)
OpenProject provides means to fully erase both all identifiable information of a user from the application. If the user is still referenced from data within the instance, these references are replaced with an anonymous user to ensure the data integrity of the application.
- Data controllers can perform the deletion [through the administration](../../../system-admin-guide/users-permissions/users/).
- Depending on the configuration of your OpenProject instance, individual data subjects may perform the deletion of their own account through the [Delete Account](../../../getting-started/my-account/) page. If this is disabled, the request may be stated to the data controller.
### Data Portability
OpenProject provides means to data controllers in order to receive *all* personal data connected to the OpenProject instance. This encompasses all user and system data (in the form of an SQL dump) as well as a collection of all uploaded files.
This is now possible by controllers on their own using the backup feature of OpenProject: https://www.openproject.org/docs/enterprise-guide/enterprise-cloud-guide/backups/.
## Signing a Data Processing Agreement (DPA) for the Enterprise cloud
For EU customers it is required by the GDPR to sign a data processing agreement (sometimes called data processing addendum) before using our Cloud edition.
@ -21,4 +70,4 @@ With OpenProject 11.1, we have automated this process in order to reduce manual
Please navigate to -> Administration -> GDPR and you can now online review and sign your DPA document directly within the application.
![OpenProject DPA](DPA.png)
![OpenProject DPA](DPA.png)

@ -0,0 +1,60 @@
---
sidebar_navigation:
title: Incoming & Outgoing
priority: 760
description: incoming and outgoing notification settings in OpenProject.
robots: index, follow
keywords: incoming and outgoing notifications
---
# Incoming & outgoing settings
Configure **incoming & outgoing settings** in OpenProject, i.e. email notifications and incoming email configuration.
Navigate to *Administration* -> *Incoming & Outgoing*.
| Topic | Content |
| ------------------------------------------------------------ | ---------------------------------------------------------- |
| [Incoming & outgoing settings](https://github.com/opf/openproject/blob/release/12.0/docs/system-admin-guide/incoming-&-outgoing/README.md) | How to configure the global incoming and outgoing settings |
| [Email notifications](https://github.com/opf/openproject/blob/release/12.0/docs/system-admin-guide/incoming-&-outgoing/README.md#email-notifications-settings) | How to configure outgoing email notifications? |
| [Incoming emails](https://github.com/opf/openproject/blob/release/12.0/docs/system-admin-guide/incoming-&-outgoing/README.md#incoming-emails-settings) | How to configure settings for inbound emails? |
## Incoming & outgoing settings
To change the global settings for incoming and outgoing messages, navigate to *Administration* -> *Incoming & Outgoing*.
![image-20211129133408193](image-20211129133408193.png)
1. **User actions aggregated within xx minutes**. This specifies a time interval in which all notifications regarding a specific user's actions are bundled into one single notification. Individual actions of a user (e.g. updating a work package twice) are aggregated into a single action if their age difference is less than the specified timespan. They will be displayed as a single action within the application. This will also delay notifications by the same amount of time reducing the number of emails being sent.
2. **Notification retention period xx days.** This specifies a time interval for which notifications are retained in OpenProject system. Here you can set the number of days notification events for users (the source for in-app notifications) will be kept in the system. Any events older than this time will be deleted.
## Email notifications settings
To adapt email notification settings, go to *Administration* -> *Incoming & Outgoing* -> *Email notifications*.
1. **Emission email address**. This email address will be shown as the sender for the email notifications sent by OpenProject (for example, when a work package is changed).
2. Activate **blind carbon copy recipients** (bcc).
3. Define if the email should be formatted in **plain text** (no HTML).![image-20211129135301400](image-20211129135301400.png)
The frequency of sending e-mails per work package can be set in [this way](https://github.com/opf/openproject/blob/release/12.0/docs/system-admin-guide/system-settings/display-settings/#time-and-date-formatting,-aggregation-of-changes-in-activity).
### Configure email header and email footer
Configure your notification email header and footer which will be sent out for email notifications from the system.
1. **Formulate header and/or footer** for the email notifications. These are used for all the email notifications from OpenProject (e.g. when creating a work package).
2. **Choose a language** for which the email header and footer will apply.
3. **Send a test email**. Please note: This test email does *not* test the notifications for work package changes etc. Find out more in [this FAQ](https://github.com/opf/openproject/blob/release/12.0/installation-and-operations/installation-faq#i-dont-receive-emails-test-email-works-fine-but-not-the-one-for-work-package-updates).
4. Do not forget to **save** your changes.![image-20211129135851860](image-20211129135851860.png)
## Incoming emails settings
To adapt incoming email settings, go to *Administration* -> *Incoming & Outgoing* -> *Incoming Email*. Here you can configure the following options.
1. **Define after which lines an email should be truncated**. This setting allows shortening email after the entered lines.
2. Specify a **regular expression** to truncate emails.
3. **Ignore mail attachment** of the specified names in this list.
4. Do not forget to **save** the changes.
![image-20211129140341687](image-20211129140341687.png)
**To set up incoming email**, please visit our [Operations guide](https://github.com/opf/openproject/blob/release/12.0/docs/installation-and-operations/configuration/incoming-emails).

Binary file not shown.

After

Width:  |  Height:  |  Size: 115 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 102 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 37 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 33 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 56 KiB

@ -9,13 +9,11 @@
justify-content: center
align-items: center
display: none
pointer-events: none
> *
pointer-events: all
&_active
display: flex
&_not-full-screen
background: transparent
right: unset
bottom: unset
Loading…
Cancel
Save