Merge remote-tracking branch 'origin/release/12.0' into dev

pull/10214/head
Oliver Günther 3 years ago
commit 25986b6aac
No known key found for this signature in database
GPG Key ID: A3A8BDAD7C0C552C
  1. 13
      config/locales/en.yml
  2. 26
      docs/development/contribution-documentation/documentation-style-guide/README.md
  3. 7
      docs/enterprise-guide/enterprise-cloud-guide/enterprise-cloud-faq/README.md
  4. 24
      docs/enterprise-guide/enterprise-on-premises-guide/enterprise-on-premises-faq/README.md
  5. 79
      docs/system-admin-guide/authentication/openid-providers/README.md
  6. BIN
      docs/system-admin-guide/authentication/openid-providers/Sys-admin-authentication-add-openid-provider.png
  7. BIN
      docs/system-admin-guide/authentication/openid-providers/g1-apis-and-services-oauth-consent-screen.png
  8. BIN
      docs/system-admin-guide/authentication/openid-providers/g2-edit-app-registration.png
  9. BIN
      docs/system-admin-guide/authentication/openid-providers/g3-apis-and-services-credentials.png
  10. BIN
      docs/system-admin-guide/authentication/openid-providers/g4-create-credentials-oauth-client-id.png
  11. BIN
      docs/system-admin-guide/authentication/openid-providers/g5-oauth-client-created.png
  12. BIN
      docs/system-admin-guide/authentication/openid-providers/g6-add-new-openid-provider-google.png
  13. BIN
      docs/system-admin-guide/authentication/openid-providers/g7-successful-creation-google.png
  14. 2
      frontend/src/app/features/boards/board/add-list-modal/add-list-modal.component.ts
  15. 2
      frontend/src/app/features/boards/board/board-actions/subtasks/board-subtasks-action.service.ts
  16. 2
      frontend/src/app/features/user-preferences/notifications-settings/inline-create/notification-setting-inline-create.component.ts
  17. 5
      frontend/src/app/shared/components/autocompleter/op-autocompleter/op-autocompleter.component.ts
  18. 5
      lib/api/utilities/page_size_helper.rb
  19. 12
      spec/lib/api/v3/work_packages/work_package_collection_representer_spec.rb

@ -3095,8 +3095,11 @@ en:
errors:
messages:
# Common error messages
invalid_request: 'The request is missing a required parameter, includes an unsupported parameter value, or is otherwise malformed.'
invalid_redirect_uri: "The requested redirect URI is malformed or doesn't match client redirect URI."
invalid_request:
unknown: 'The request is missing a required parameter, includes an unsupported parameter value, or is otherwise malformed.'
missing_param: 'Missing required parameter: %{value}.'
request_not_authorized: 'Request need to be authorized. Required parameter for authorizing request is missing or invalid.'
invalid_redirect_uri: "The requested redirect uri is malformed or doesn't match client redirect URI."
unauthorized_client: 'The client is not authorized to perform this request using this method.'
access_denied: 'The resource owner or authorization server denied the request.'
invalid_scope: 'The requested scope is invalid, unknown, or malformed.'
@ -3111,6 +3114,7 @@ en:
# Access grant errors
unsupported_response_type: 'The authorization server does not support this response type.'
unsupported_response_mode: 'The authorization server does not support this response mode.'
# Access token errors
invalid_client: 'Client authentication failed due to unknown client, no client authentication included, or unsupported authentication method.'
@ -3121,6 +3125,11 @@ en:
revoked: "The access token was revoked"
expired: "The access token expired"
unknown: "The access token is invalid"
revoke:
unauthorized: "You are not authorized to revoke this token."
forbidden_token:
missing_scope: 'Access to this resource requires scope "%{oauth_scopes}".'
unsupported_browser:
title: "Your browser is outdated and unsupported."

@ -59,16 +59,28 @@ Find an overview of content per folder here:
Please respect the following when working with directories and files:
1. When you create a new topic, i.e. a new documentation page, always create a new folder and a new README.md file in that folder.
2. Do not use special characters and spaces, or capital letters in file names, directory names, branch names and anything that generates a path.
1. When you create a new topic, i.e. a new documentation page, always create a new folder with a **lowercase name** and a new **README.md** file in that folder.
3. When creating a file or directory and it has more than one word in its name, use underscores (`_`) instead of spaces or dashes. For example use open_details-view_work_packages.png. This applies to both image files and Markdown files.
Example: `new-feature/README.md`
4. For image files, do not exceed 200KB.
2. Use **lowercase latin characters and numbers**.
Do not use special characters, umlauts and spaces, or capital letters in file names, directory names, branch names and anything that generates a path.
3. Use **no spaces**
When creating a directory and it has more than one word in its name, use dashes (`-`) instead of spaces.
Example: `new-feature`
When creating a file and it has more than one word in its name, use dashes (`-`) or underscores (`_`) instead of spaces.
Example: `open_details-view_work_packages.png`
Only exception is the markdown file which always needs to be named **README.md**
If you are unsure where to place a document or a content addition, this should not stop you from authoring and contributing. Use your best judgment, and then add a comment to your pull request.
## No duplication of information
@ -391,7 +403,7 @@ When you take screenshots:
### Save images
- Save the image with a file name that describes the image. Use lower cases.
- Save the image with a file name that describes the image. Use lower cases and no spaces (see [file names requirements](#directory-and-file-names)).
- Make sure to not exceed the maximum image size of 200KB.
@ -403,7 +415,7 @@ When you take screenshots:
### Add the image link to content
The Markdown code for including an image in a document is: `![Image description which will be the alt tag](img/document_image_title_vX_Y.png)`
The Markdown code for including an image in a document is: `![Image description which will be the alt tag](document_image_title_v_x_y.png)`
The image description is the alt text for the rendered image on the documentation page. For accessibility and SEO, use descriptions that are short and precise.

@ -20,7 +20,7 @@ Please have a look at [this instruction](../manage-cloud-subscription/).
## Does OpenProject comply with GDPR?
The protection of personal data is for OpenProject more than just a legal requirement. We are highly committed to data security and privacy. We are a company based in Berlin, the European Union, and the awareness and importance for data security and privacy actions have always been a major topic for us. OpenProject complies with GDPR and we handle our customer’s data with care. Get more detailed information [here](https://www.openproject.org/security-and-privacy/).
Yes. The protection of personal data is for OpenProject more than just a legal requirement. We are highly committed to data security and privacy. We are a company based in Berlin, the European Union, and the awareness and importance for data security and privacy actions have always been a major topic for us. OpenProject complies with GDPR and we handle our customer’s data with care. Get more detailed information [here](https://www.openproject.org/security-and-privacy/).
## Is the Enterprise cloud certified?
@ -32,6 +32,8 @@ For more information please visit the [information regarding security measures](
The OpenProject Enterprise cloud environment is hosted on a logically isolated virtual cloud at Amazon Web Services with all services being located in Ireland. AWS is a GDPR compliant cloud infrastructure provider with extensive security and compliance programs as well as unparalleled access control mechanisms to ensure data privacy. Employed facilities are compliant with the ISO 27001 and 27018 standards. OpenProject Enterprise cloud environment is continuously backing up user data with data at rest being fully encrypted with AES-256. Each individual's instance is logically separated and data is persisted in a unique database schema, reducing the risk of intersection or data leaks between instances. You can find more information [here](https://www.openproject.org/security-and-privacy/).
We also offer hosting in a German data center on request. Please [contact us](../../../../contact-us/) if you are interested.
## Can I get a custom domain name instead of example.openproject.com?
@ -60,8 +62,7 @@ Access to the database (including the PostgreSQL tables) is restricted for the E
## Can I use LDAP authentican in my Enterprise cloud environment?
You can use [LDAP authentication](../../../system-admin-guide/authentication/ldap-authentication/) in your
cloud environment. **However**, usually LDAP servers will _not_ be exposed to the internet, which they have to be for this to work.
You can use [LDAP authentication](../../../system-admin-guide/authentication/ldap-authentication/) in your cloud environment. **However**, usually LDAP servers will _not_ be exposed to the internet, which they have to be for this to work.
Whitelisting IPs is no option since the OpenProject servers' IPs are not permanent and can change without notice.
Moreover we do not have a mechanism to list all IP addresses currently in use.

@ -11,7 +11,7 @@ keywords: Enterprise on-premises FAQ, enterprise edition, self-hosted
# Frequently asked questions (FAQ) for Enterprise on-premises
## How can I upgrade to the OpenProject Enterprise on-premises edition?
## How can I upgrade from the Community to the Enterprise on-premises edition?
The Enterprise on-premises edition is an upgrade of the self-hosted Community Edition. When you are already using the Community Edition, you can purchase an Enterprise on-premises edition license to upgrade to the Enterprise on-premises edition. To do this, follow these steps:
@ -19,9 +19,7 @@ The Enterprise on-premises edition is an upgrade of the self-hosted Community Ed
2. Click on the "Book now" button.
3. Follow the steps to purchase the Enterprise on-premises edition license. You will then receive an Enterprise on-premises edition license key by email which you can use to upgrade your Community Edition to the Enterprise on-premises edition.
If you prefer to test the Enterprise on-premises edition before purchasing, you can request a 14 day trial license from within your system (*Administration -> Enterprise Edition*). Simply click on the green **Start free trial** button to receive a 14 day trial license. If you like the premium features and want to continue, you can easily book the Enterprise on-premises version via the Enterprise Edition menu in the Administration. Otherwise, you will automatically be downgraded to the Community Edition.
You will keep your data during the whole process.
If you prefer to test the Enterprise on-premises edition before purchasing, you can request a 14 day trial license from within your system (*Administration -> Enterprise Edition*). Simply click on the green **Start free trial** button to receive a 14 day trial license. If you want to continue, you can navigate to our [pricing page](../../../../pricing/) and choose a plan. Otherwise, you will automatically be downgraded to the Community edition. There is no need to cancel the trial.
Find more information [here](https://www.openproject.org/blog/enterprise-edition-upgrade-test-free/).
@ -29,7 +27,7 @@ Find more information [here](https://www.openproject.org/blog/enterprise-edition
Please use the link "Manage subscription" in the email you received confirming your subscription or contact sales@openproject.com.
## Is it possible to only upgrade *some* users to the Enterprise Edition?
## Is it possible to only upgrade *some* users to the Enterprise edition?
This is not possible, as the Premium features affect the whole OpenProject instance and not the individual users.
@ -41,13 +39,25 @@ The Enterprise token is sent to the email address used to create the subscriptio
Yes, for Enterprise on-premises and for Community Edition you will have to choose your own domain name during [initial configuration](../../../installation-and-operations/installation/packaged/#initial-configuration) after installing OpenProject.
## Are also the premium features open source?
Yes, all features, also the premium features, are developed under the GPL v3.
## Why do you not offer all features for free?
The developers of OpenProject love this project. And they love open source development. They work hard to build powerful new features and fix bugs with every release. However, they also need to pay rent, taxes, health insurance and so on. To be able to work on OpenProject and keep the speed, they need funding.
## How can I change my payment details (e.g. new credit card)?
Please use the link "Manage subscription" in the first email you received from our system. Alternatively, please contact support via email.
## How can I downgrade from Enterprise Edition to Community Edition?
## How can I downgrade from Enterprise on-premises to Community edition?
To downgrade to the Community edition you will simply need to cancel the paid Enterprise plan. As soon as the subscription terminates, you will automatically switch back to the Community version. Please note that you will not be able to use the premium features anymore and you will not be eligible for support. As soon as your subscription or your trial ends you will automatically be downgraded to the Community Edition.
## Can I migrate from the hosted Enterprise cloud edition to a self-hosted Community or Enterprise on-premises edition?
You don't have to do anything. Just don't renew your subscription. As soon as your subscription or your trial ends you will automatically be downgraded to the Community Edition. You can keep your data.
Yes. If you want to switch from a hosted version of OpenProject (Enterprise cloud edition) to a self-hosted version (Community edition or Enterprise on-premises) we can provide you a full dump of your data. Since this requires manual effort for us, we may charge for this service . Please [contact us](../../../../contct-us/) to get a quotation.
## I can't login via SSO to update my Enterprise on-premises token. What do I do?

@ -24,7 +24,84 @@ You can configure the following options.
4. Enter the **Secret**.
5. Press the blue **create** button.
![Sys-admin-authentication-add-openid-provider](Sys-admin-authentication-add-openid-provider.png)
## Google Workspace
### Step 1: Create the OAuth consent screen
1. Navigate to your GCP console. (https://console.cloud.google.com/)
2. Go to **APIs & Services** > OAuth consent screen.
![g1-apis-and-services-oauth-consent-screen](g1-apis-and-services-oauth-consent-screen.png)
3. Create a new project and a new app or edit an existing project and an existing app, setting the following fields (shall be Internal):
1. **App name** (e.g. EXAMPLE.COM SSO)
2. **User support email** (e.g. user-support@example.com)
3. **App domains** (at minimum, you must provide the Application home page - e.g. https://example.openproject.com)
4. **Authorized domains** (e.g. openproject.com)
5. **Developer Contact information** (e.g. developer@example.com)
6. Click **SAVE AND CONTINUE** to proceed.
![g2-edit-app-registration](g2-edit-app-registration.png)
4. **Scopes** - Press **SAVE AND CONTINUE**
5. **Summary** - Press **SAVE AND CONTINUE**
### Step 2: Create the OAuth Client
1. Under **APIs & Services**, go to **Credentials**.
![g3-apis-and-services-credentials](g3-apis-and-services-credentials.png)
2. Click **Create Credentials** and select **OAuth Client ID**.
1. When prompted for your **Application type**, choose **Web Application**.
2. Provide a **Name** for your application. (e.g. example-openproject-com)
3. Under Authorized redirect URIs, click **Add URI**, and provide your URI (e.g. [example.openproject.com]/auth/google/callback).
4. Click **CREATE** or **SAVE** .
![g4-create-credentials-oauth-client-id](g4-create-credentials-oauth-client-id.png)
After pressing **CREATE** you will get a pop-up window like the following
- Note **Client ID**
- Note **Client Secret**
![g5-oauth-client-created](g5-oauth-client-created.png)
### Step 3: Add Google as an OpenID Provider to OpenProject
1. Login as Open Project Administrator
2. navigate to -> *Administration* -> *Authentication* and choose -> *OpenID providers*.
1. **Name** Choose Google
2. **Display Name** (e.g. **EXAMPLE.COM SSO**)
3. **Identifier** (**Client ID** from step 2)
4. **Secret** (**Client Secret** from step 2)
3. Press **Create**
![g6-add-new-openid-provider-google](g6-add-new-openid-provider-google.png)
4. The following green notification **Successful creation** should appear
![g7-successful-creation-google](g7-successful-creation-google.png)
## Azure Active Directory

Binary file not shown.

After

Width:  |  Height:  |  Size: 150 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 38 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 122 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 43 KiB

@ -56,7 +56,7 @@ export class AddListModalComponent extends OpModalComponent implements OnInit {
getAutocompleterData = (searchTerm:string):Observable<HalResource[]> => {
// Remove prefix # from search
searchTerm = searchTerm.replace(/^#/, '');
return this.actionService.loadAvailable( this.active, searchTerm)
return this.actionService.loadAvailable(this.active, searchTerm)
.pipe(tap((values) => (this.warnIfNoOptions(values))));
};

@ -59,7 +59,7 @@ export class BoardSubtasksActionService extends BoardActionService {
return this
.apiV3Service
.work_packages
.filtered(filters)
.filtered(filters, { pageSize: '-1' })
.get()
.pipe(
map((collection) => collection.elements),

@ -70,7 +70,7 @@ export class NotificationSettingInlineCreateComponent {
return this
.apiV3Service
.projects
.filtered(filters)
.filtered(filters, { pageSize: '-1' })
.get()
.pipe(
map((collection) => collection.elements.map((project) => ({

@ -302,10 +302,9 @@ export class OpAutocompleterComponent extends UntilDestroyedMixin implements Aft
public opened(_:unknown) { // eslint-disable-line no-unused-vars
if (this.openDirectly) {
this.results$ = this.defaultData
? (this.opAutocompleterService.loadData('', this.resource, this.filters, this.searchKey))
: (this.getOptionsFn(''));
this.typeahead.next('');
}
this.repositionDropdown();
this.open.emit();
}

@ -49,7 +49,10 @@ module API
# * the minimum of the per page options specified in the settings
# * the maximum page size
def resulting_page_size(value, relation = nil)
[value || relation&.base_class&.per_page || Setting.per_page_options_array.min, maximum_page_size]
[
resolve_page_size(value) || relation&.base_class&.per_page || Setting.per_page_options_array.min,
maximum_page_size
]
.map(&:to_i)
.min
end

@ -350,6 +350,18 @@ describe ::API::V3::WorkPackages::WorkPackageCollectionRepresenter do
end
end
context 'with a magic page size' do
let(:page_size_parameter) { -1 }
it_behaves_like 'offset-paginated APIv3 collection' do
let(:page) { 1 }
let(:page_size) { Setting.apiv3_max_page_size }
let(:actual_count) { 5 }
let(:collection_type) { 'WorkPackageCollection' }
end
end
context 'with a limited page size' do
let(:page_size_parameter) { 2 }

Loading…
Cancel
Save