Merge branch 'release/12.2' into dev

docs/api/apiv3/example/README.md

@@ -282,7 +282,7 @@ Sending a POST request to that link, as specified via the `method` attribute nex
 ![work package empty update form](./wp-update-form-blank.png)
 
 The body of the request needs to include the current `lockVersion` of the work package. The `lockVersion` property prevents conflicting modifications in scenarios where one user changes a work package and another
-user overwrites that change unknowingly because she/he did not notice the update having been made in the meantime. The `lockVersion` is listed as one of the work package`s properties.
+user overwrites that change unknowingly because she/he did not notice the update having been made in the meantime. The `lockVersion` is listed as one of the work package's properties.
 
 The form itself is the same as the form for creating work packages with `payload`, `schema` and `validationErrors` helping the client to perform the update. Again a couple of changes can be prepared before the
 actual change is performed:
@@ -310,6 +310,3 @@ Deletion of work packages is done be issuing a DELETE request to the work packag
 ![work package delete](./wp-delete.png)
 
 The `Content-Type: application/json` header was set in Postman by hand this time as no body is required.
-
-
-

docs/development/concepts/permissions/README.md

@@ -121,7 +121,7 @@ user = User.find_by(login: 'foobar')
 user.allowed_to?(:view_members, project) # true or false
 ```
 
-The same is true for permissions outside a project using`user.allowed_to_globally?(permission)`. This will either test a global permission such as `:add_project` or return `true` whenever the user has such a permission in any project.
+The same is true for permissions outside a project using `user.allowed_to_globally?(permission)`. This will either test a global permission such as `:add_project` or return `true` whenever the user has such a permission in any project.
 
 
 

docs/development/contribution-documentation/documentation-process-internal-contributor/README.md

@@ -33,19 +33,19 @@ In the modal window select the repository ""*opf/openproject*"". Also select a f
 
 > **Important**: Before you make changes always update your local repository.
 
-1. Select the branch you want to work on, e.g.`release/12.1` in the main toolbar.
+1. Select the branch you want to work on, e.g. `release/12.2` in the main toolbar.
 2. Click on the button **Fetch origin** in the main toolbar.
 
 ![fetch origin in github desktop](fetch-origin-in-github-desktop.png)
 
 ## Step 3: Create a new Git branch for your change
 
-1. Select the latest release branch e.g.`release/12.1` as the current branch. 
+1. Select the latest release branch e.g. `release/12.2` as the current branch. 
     ![create new branch - step 1](create-new-branch-step-1.png)
 
 2. In the same drop down click on **New branch**.
 
-3. In the next modal window insert a branch name that describes your changes. Also select the branch you want to work on, e.g. `release/12.1`. The click the button **Create branch**.
+3. In the next modal window insert a branch name that describes your changes. Also select the branch you want to work on, e.g. `release/12.2`. The click the button **Create branch**.
 
 ![create a new branch step 2](create-new-branch-step-2.png)
 
@@ -73,13 +73,13 @@ At the moment your change is only available in your local repository. To make it
 
 ## Step 8: Create a pull request
 
-A pull request is a workflow to ask for a review from the OpenProject team. With a pull request you basically ask a team member to check your changes and to merge it to the branch you want your change to merged to, e.g. `release/12.1` . After you pushed your local changes to your own repository click the button **Create Pull Request**.
+A pull request is a workflow to ask for a review from the OpenProject team. With a pull request you basically ask a team member to check your changes and to merge it to the branch you want your change to merged to, e.g. `release/12.2` . After you pushed your local changes to your own repository click the button **Create Pull Request**.
 
 ![](create-pull-request-github-desktop.png)
 
 
 
-In the first dropdown select the base branch you want your work to be merged in e.g. `release/12.1`. In the second dropdown select the branch you created in step 3 which contains your changes.
+In the first dropdown select the base branch you want your work to be merged in e.g. `release/12.2`. In the second dropdown select the branch you created in step 3 which contains your changes.
 
 ![comparing-changes.png](comparing-changes.png)
 
@@ -103,4 +103,4 @@ In the field "*Reviewers*" select "*opf/doc-writers".*
 
 * We always deploy the [main branch](https://github.com/opf/legal/tree/main) on our [website](https://www.openproject.org/legal/). This deployment needs to be manually triggered by the marketing team.
 * If you want to make minor changes you don't need a review do this directly in the main branch without creating a new branch and new pull request.
-* If you need a review you need to create a new branch from the main branch. The branch `release/12.1` only exists in the repository opf/openproject (OpenProject software).
+* If you need a review you need to create a new branch from the main branch. The branch `release/12.2` only exists in the repository opf/openproject (OpenProject software).

docs/development/profiling/README.md

@@ -36,7 +36,7 @@ To avoid this, the application can be started in production mode but before this
 * Search for the places where `OPENPROJECT_RACK_PROFILER_ENABLED` is referenced within the code and remove the references to `Rails.env.development?` from the conditions. At the time of writing, this needs to be done at:
   * `config/initializers/rack_profilier.rb`
   * `config/initializers/secure_headers.rb`
-* Readd the profiling gems to your `Gemfile`/`Gemfile.local`/`Gemfile.profiling` since they would otherwise only be available in the development environment:
+* Read the profiling gems to your `Gemfile`/`Gemfile.local`/`Gemfile.profiling` since they would otherwise only be available in the development environment:
 ```
 gem 'flamegraph'
 gem 'rack-mini-profiler'

docs/installation-and-operations/configuration/incoming-emails/README.md

@@ -61,7 +61,7 @@ Available arguments that change how the work packages are handled:
 | `version` | name of the target version |
 | `type` | name of the target type |
 | `priority` | name of the target priority |
-| `unknown_user`| ignore: email is ignored (default), accept: accept as anonymous user, create: create a user account |
+| `unknown_user` | ignore: email is ignored (default), accept: accept as anonymous user, create: create a user account |
 | `allow_override` | specifies which attributes may be overwritten though specified by previous options. Comma separated list |
 
 ## Format of the emails

docs/installation-and-operations/configuration/ssl/README.md

@@ -65,13 +65,13 @@ Please ensure that if you're proxying to the openproject server, you set the HOS
 
 On your outer proxying server, set these commands:
 
-- In Apache2, set the `ProxyPreserveHost On`directive 
+- In Apache2, set the `ProxyPreserveHost On` directive 
 
 - In NginX, use the following value: `proxy_set_header X-Forwarded-Host $host:$server_port;`
 
   
 
-If you're terminating SSL on the outer server, you need to set the `X-Forwarded-Proto https`header to let OpenProject know that the request is HTTPS, even though its been terminated earlier in the request on the outer server.
+If you're terminating SSL on the outer server, you need to set the `X-Forwarded-Proto https` header to let OpenProject know that the request is HTTPS, even though it has been terminated earlier in the request on the outer server.
 
 - In Apache2, use `RequestHeader set "X-Forwarded-Proto" https`
 - In Nginx, use `proxy_set_header X-Forwarded-Proto https;`

docs/installation-and-operations/installation-faq/README.md

@@ -146,7 +146,7 @@ For packaged installations, the openproject package behaves just like every othe
 
 ### After upgrading I receive the error message "Your OpenProject installation has pending database migrations. You have likely missed running the migrations on your last upgrade. Please check the upgrade guide to properly upgrade your installation." What does that mean?
 
-For some updates of OpenProject, the database layout needs to be adapted to support new features and fix bugs. These changes need to be carried out as part of the update process. This is why it is important to always run `sudo openproject configure`as part of the update process. 
+For some updates of OpenProject, the database layout needs to be adapted to support new features and fix bugs. These changes need to be carried out as part of the update process. This is why it is important to always run `sudo openproject configure` as part of the update process. 
 
 Please also have a look at [our upgrade guide](../operation/upgrading).
 

docs/installation-and-operations/installation/packaged/README.md

@@ -52,6 +52,13 @@ x86_64
 
 ### Ubuntu 22.04
 
+Update the `apt` package index and install packages to allow `apt` to use a repository over HTTPS:
+
+```bash
+sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates wget
+```
+
 Import the PGP key used to sign our packages:
 
 ```bash
@@ -80,6 +87,13 @@ Then finish the installation by reading the [*Initial configuration*](#initial-c
 
 ### Ubuntu 20.04
 
+Update the `apt` package index and install packages to allow `apt` to use a repository over HTTPS:
+
+```bash
+sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates wget
+```
+
 Import the PGP key used to sign our packages:
 
 ```bash
@@ -104,6 +118,13 @@ Then finish the installation by reading the [*Initial configuration*](#initial-c
 
 ### Ubuntu 18.04
 
+Update the `apt` package index and install packages to allow `apt` to use a repository over HTTPS:
+
+```bash
+sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates wget
+```
+
 Import the PGP key used to sign our packages:
 
 ```bash
@@ -128,6 +149,13 @@ Then finish the installation by reading the [*Initial configuration*](#initial-c
 
 ### Ubuntu 16.04
 
+Update the `apt` package index and install packages to allow `apt` to use a repository over HTTPS:
+
+```bash
+sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates wget
+```
+
 Import the PGP key used to sign our packages:
 
 ```bash
@@ -154,6 +182,13 @@ Then finish the installation by reading the [*Initial configuration*](#initial-c
 
 ### Debian 11
 
+Update the `apt` package index and install packages to allow `apt` to use a repository over HTTPS:
+
+```bash
+sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates wget
+```
+
 Import the PGP key used to sign our packages:
 
 ```bash
@@ -178,6 +213,13 @@ Then finish the installation by reading the [*Initial configuration*](#initial-c
 
 ### Debian 10
 
+Update the `apt` package index and install packages to allow `apt` to use a repository over HTTPS:
+
+```bash
+sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates wget
+```
+
 Import the PGP key used to sign our packages:
 
 ```bash
@@ -202,6 +244,13 @@ Then finish the installation by reading the [*Initial configuration*](#initial-c
 
 ### Debian 9
 
+Update the `apt` package index and install packages to allow `apt` to use a repository over HTTPS:
+
+```bash
+sudo apt-get update
+sudo apt-get install apt-transport-https ca-certificates wget
+```
+
 Import the PGP key used to sign our packages:
 
 ```bash
@@ -341,18 +390,18 @@ OpenProject comes in two editions:
 You can find more about the BIM edition on [this page](https://www.openproject.org/bim-project-management/).
 
 > This wizard step is only available on the following distributions:
-> 
+>
 > * RHEL/CentOS 8
 > * Ubuntu 20.04
 > * Ubuntu 18.04
 > * Debian 10
 > * Debian 11
-> 
+>
 > On older distributions, this wizard step won't be displayed, and the installation will default to the default edition.
 
 ## Step 2: PostgreSQL database configuration
 
-OpenProject requires a PostgreSQL database to store your data. This wizard step allows you to choose an option for the PostgreSQL database connection: 
+OpenProject requires a PostgreSQL database to store your data. This wizard step allows you to choose an option for the PostgreSQL database connection:
 
 ![01-postgres](01-postgres.png)
 
@@ -427,9 +476,9 @@ In that case, you will be shown three additional dialogs to enter the certificat
 If you have a separate server that is terminating SSL and only forwarding/proxying to the OpenProject server, you must select "No" in this dialog. However, there are some parameters you need to put into your outer configuration.
 
 - If you're proxying to the openproject server, you need to forward the HOST header to the internal server. This ensures that the host name of the outer request gets forwarded to the internal server. Otherwise you might see redirects in your browser to the internal host that OpenProject is running on.
-  - In Apache2, set the `ProxyPreserveHost On`directive 
+  - In Apache2, set the `ProxyPreserveHost On` directive 
   - In NginX, use the following value: `proxy_set_header X-Forwarded-Host $host:$server_port;`
-- If you're terminating SSL on the outer server, you need to set the `X-Forwarded-Proto https`header to let OpenProject know that the request is HTTPS, even though its been terminated earlier in the request on the outer server.
+- If you're terminating SSL on the outer server, you need to set the `X-Forwarded-Proto https` header to let OpenProject know that the request is HTTPS, even though its been terminated earlier in the request on the outer server.
   - In Apache2, use `RequestHeader set "X-Forwarded-Proto" https`
   - In Nginx, use `proxy_set_header X-Forwarded-Proto https;`
 
@@ -441,9 +490,9 @@ If you have a separate server that is terminating SSL and only forwarding/proxyi
 
 The installer will not set up an external web server for accessing. You will need to either install and set up a web server such as Apache2 or Nginx to function as the web server forwarding to our internal server listening at `localhost:6000` by proxying.
 
-Only choose this option if you have a local Apache2 installed that the OpenProject package may not control, or need to use a different web server such as Nginx. Please note that not all functionality (especially regarding Repositories) are supported on Nginx. 
+Only choose this option if you have a local Apache2 installed that the OpenProject package may not control, or need to use a different web server such as Nginx. Please note that not all functionality (especially regarding Repositories) are supported on Nginx.
 
-When installing with an existing Apache2, you can take a look at the source of our [installation  templates](https://github.com/pkgr/addon-apache2/tree/master/conf) for guidance on how to set up the integration. 
+When installing with an existing Apache2, you can take a look at the source of our [installation  templates](https://github.com/pkgr/addon-apache2/tree/master/conf) for guidance on how to set up the integration.
 
 [Here's an exemplary configuration](./openproject-apache-example.conf) that might work for you.
 
@@ -476,7 +525,7 @@ OpenProject heavily relies on caching, which is why the wizard suggests you to i
 
 With this last step confirmed, the OpenProject wizard will complete, and apply all the configuration options that you have just selected. This might take a few minutes depending on your machine and internet connection, as OpenProject might need to install additional packages (such as the web server, database) depending on your selections.
 
-In case this process crashes or exits with an obvious error, please keep the output and send your configuration from`/etc/openproject/installer.dat` (removing any passwords from it) to us at support@openproject.com , or [reach out to the community forums](https://community.openproject.com/projects/openproject/forums). 
+In case this process crashes or exits with an obvious error, please keep the output and send your configuration from `/etc/openproject/installer.dat` (removing any passwords from it) to us at support@openproject.com , or [reach out to the community forums](https://community.openproject.com/projects/openproject/forums). 
 
 When this process completes, it will have started the internal application and web servers, the background jobs to process work-intensive jobs, and set up the connection to the database.
 
@@ -497,4 +546,3 @@ Here are some pointers to related documentation that you will need to get starte
 
 - [Set up outgoing email notifications (SMTP, sendmail)](../../configuration/outbound-emails/)
 - [Integrate an external authentication provider (LDAP/AD, SAML, OpenID)](../../../system-admin-guide/authentication/)
-

docs/installation-and-operations/misc/docker-postgresql-migration/README.md

@@ -104,4 +104,4 @@ docker run -it \
 ```
 
 
-This will perform all necessary steps to perform the migration. Afterwards, simply remove the `MYSQL_DATABASE_URL`environment variable again and start your container as usual.
+This will perform all necessary steps to perform the migration. Afterwards, simply remove the `MYSQL_DATABASE_URL` environment variable again and start your container as usual.

docs/installation-and-operations/misc/upgrading-older-openproject-versions/README.md

@@ -87,9 +87,9 @@ The steps for this option is as follows:
 
 3. From your backup, restore the configuration and attachment files ([See our restoring guide](../../operation/restoring/) for more information):
 
-   	`tar xzf conf-<timestamp>.tar.gz -C /etc/openproject/conf.d/`
+   `tar xzf conf-<timestamp>.tar.gz -C /etc/openproject/conf.d/`
 
-   	`tar xzf attachments-<timestamp>.tar.gz -C /var/db/openproject/files`
+   `tar xzf attachments-<timestamp>.tar.gz -C /var/db/openproject/files`
 
 4. Run `openproject reconfigure` and select to install a PostgreSQL database
 

docs/release-notes/12-2-0/README.md

@@ -0,0 +1,167 @@
+---
+title: OpenProject 12.2.0
+sidebar_navigation:
+title: 12.2.0
+release_version: 12.2.0
+release_date: 2022-08-15
+---
+
+# OpenProject 12.2.0
+
+Release date: 2022-08-15
+
+We have now released [OpenProject 12.2.0](https://community.openproject.com/versions/1494).
+
+This new release brings the long-awaited **Nextcloud integration**. No more spending hours searching for the right version of the right file! With OpenProject 12.2, you can easily find your project-related files (stored in Nextcloud) directly from the relevant work packages and always have the correct version at your fingertips. Data sovereignty remains a strong common ground between Nextcloud and OpenProject and this integration strengthens our collaboration while improving the productivity of our users.
+
+Addtionally, this release introduces **improvements to the date picker**, the possibility to **log time for other users** and mark work packages with notifications as read outside of notification center.
+
+As always, this release also contains many more improvements and bug fixes. We recommend updating to the newest version as soon as possible.
+
+## File management with Nextcloud
+
+With OpenProject 12.2, you can now use Nextcloud, the world’s most-deployed on-premises content collaboration platform, together with OpenProject, the leading free and open source project management software, to combine project management and file management. Data sovereignty and open source are important core values to both OpenProject and Nextcloud and form the foundation for this integration.
+
+We believe the productivity of users of both platforms will increase significantly as a result of this integration.
+
+**In OpenProject:** In addition to listing files attached to a work package, the Files tab now also shows you Nextcloud files that are linked to the current work package, allowing users to ensure they always have the latest version at hand. Secondary actions on each file allow you to directly **open or download the file, show the containing folder in Nextcloud or remove the link**.
+
+![Nextcloud files linked in OpenProject](display-nextcloud-files.png)**In Nextcloud:** You will be able to access the OpenProject tab in Nextcloud by accessing the details split screen of any file. In this tab, you will be able to search for the work package(s) to which you would like to add a link to the current file. Once a work package is linked to a file, you can always unlink it by clicking on the **unlink** icon.
+
+![Link work packages in Nextcloud](link-workpackages-nextcloud.png)
+
+Further integration efforts are under way, notably to make it possible to create links to Nextcloud files from directly from OpenProject (it is currently only possible via Nextcloud) and adding complete project folders.
+
+You can find out more [how to use the Nextcloud integration](../../user-guide/nextcloud-integration/) as well as the [how to setup the Nextcloud integration](../../system-admin-guide/integrations/nextcloud/) in our documentation.
+
+## Contextual information and warnings when scheduling work packages
+
+For OpenProject 12.2, the team has worked on **improving the date picker** to give you more clarity when scheduling work packages. To choose [automatic or manual scheduling mode](../../user-guide/gantt-chart/scheduling/), the selection box moved to the top of the date picker to be more visible. We are also introducing information and warning banners that provide important contextual information before modifying dates of work packages that have relations with other work packages. 
+
+*Blue banners* will indicate information that maybe be helpful (such as if the work package's dates are automatically derived from relations, or if available date ranges are limited by relations) and *orange banners* will warn of possible consequences to other work packages (existing relations being ignored as a result of enabling manual scheduling, or the dates of related work packages changing as a result of changes to the current work package). 
+
+Additionally, a new "**Show relations**" on these banners allows you to quickly generate a Gantt view showing all directly related work packages in hierarchy view, so you can preview which work packages might be affected before making a change.
+
+![warning in date picker](date-picker-warning.png)
+
+Find out more about how to set and change dates with the [improved date picker](../../user-guide/work-packages/set-change-dates/) in our documentation.
+
+## Log time for other users
+
+OpenProject 12.2 gives an administrator the possibility to grant permissions to log time for other users. With the required permissions, you can now select the team member for whom you want to log time from a drop down. 
+
+![log time for other users](image-20220811130616209.png)
+
+Find out more about [logging time for other users](../../user-guide/time-and-costs/time-tracking/#logging-and-editing-time-for-other-users) in our documentation.
+
+## Improved navigation bar
+
+When you open the project drop down from the header menu to view all projects, you are now also able to create new projects, simply by clicking on **+ Project**.
+
+To view all available projects, simply click on the **Projects list** button at the bottom of the modal.
+
+![improved project selection](improved-navigation-bar.png)
+
+## Mark notifications as read outside of Notification Center
+
+In OpenProject 12.2, you are now able to mark work packages with notifications as read also in the work packages details view by clicking on the **Mark as read** button on the top right toolbar.
+
+![mark-notifications-as-read](mark-notifications-as-read.png)
+
+###  List of all bug fixes and changes
+
+- Changed: Log time for other users \[[#21754](https://community.openproject.com/wp/21754)\]
+- Changed: Send out an email reply if an incoming email could not be processed correctly \[[#35823](https://community.openproject.com/wp/35823)\]
+- Changed: Make the empty notification inbox nicer \[[#40148](https://community.openproject.com/wp/40148)\]
+- Changed: Show the project hierarchy in the project selector  \[[#40286](https://community.openproject.com/wp/40286)\]
+- Changed: OAuth settings of Nextcloud in OpenProject \[[#40375](https://community.openproject.com/wp/40375)\]
+- Changed: Unify Enterprise Edition pages \[[#40774](https://community.openproject.com/wp/40774)\]
+- Changed: Keep cached file data up to date \[[#40892](https://community.openproject.com/wp/40892)\]
+- Changed: Apply style changes to new date picker \[[#41814](https://community.openproject.com/wp/41814)\]
+- Changed: List file links in Files tab \[[#41905](https://community.openproject.com/wp/41905)\]
+- Changed: Navigation bar project selection \[[#41948](https://community.openproject.com/wp/41948)\]
+- Changed: Date picker modal (without duration and non-working days) \[[#42047](https://community.openproject.com/wp/42047)\]
+- Changed: Add packaged installation support for Ubuntu 22.04 \[[#42069](https://community.openproject.com/wp/42069)\]
+- Changed: Show banner information in new date picker \[[#42184](https://community.openproject.com/wp/42184)\]
+- Changed: Change date selection logic in new date picker \[[#42185](https://community.openproject.com/wp/42185)\]
+- Changed: Link to digital accessiblity statement from ADDITIONAL RESOURCES \[[#42298](https://community.openproject.com/wp/42298)\]
+- Changed: New attachments style on the work package creation form \[[#42369](https://community.openproject.com/wp/42369)\]
+- Changed: Enable feature flags by default in the development environment \[[#42414](https://community.openproject.com/wp/42414)\]
+- Changed: Enable feature flag for storages module on pull preview \[[#42628](https://community.openproject.com/wp/42628)\]
+- Changed: Map available icons in the files list to relevant file types (in attachments/Nextcloud links) \[[#42884](https://community.openproject.com/wp/42884)\]
+- Changed: Include work package for which relations are shown when following the "show relations" link \[[#42898](https://community.openproject.com/wp/42898)\]
+- Changed: Access project dropdown entries via arrow keys \[[#43118](https://community.openproject.com/wp/43118)\]
+- Changed: Show alert when storage is not added to any project \[[#43185](https://community.openproject.com/wp/43185)\]
+- Changed: Update NEW FEATURES teaser block on application start page \[[#43485](https://community.openproject.com/wp/43485)\]
+- Changed: Persist OpenProject notifications to avoid loss of information \[[#43518](https://community.openproject.com/wp/43518)\]
+- Fixed: Circular dependency can be created \[[#34928](https://community.openproject.com/wp/34928)\]
+- Fixed: Sorting via "projects" doesn't work \[[#37149](https://community.openproject.com/wp/37149)\]
+- Fixed: Quick-add menu not showing on smaller screens \[[#37539](https://community.openproject.com/wp/37539)\]
+- Fixed: Default status is shown multiple times in new board \[[#40858](https://community.openproject.com/wp/40858)\]
+- Fixed: "expected at least one error" - Work package errors in dependent work packages not displayed \[[#40921](https://community.openproject.com/wp/40921)\]
+- Fixed: Openproject docker installation uses port 3000 as the outward-facing port but documentation says 8080 \[[#41287](https://community.openproject.com/wp/41287)\]
+- Fixed: Deleted users are not properly anonymized in tagged messages \[[#41499](https://community.openproject.com/wp/41499)\]
+- Fixed: Cannot inline-create a work package on views that filter by WP ID \[[#41667](https://community.openproject.com/wp/41667)\]
+- Fixed: In team planner and calendar, the sidebar should not use the word "views" \[[#41830](https://community.openproject.com/wp/41830)\]
+- Fixed: Distances in work package details tabs inconsistent \[[#41845](https://community.openproject.com/wp/41845)\]
+- Fixed: Blank Email reminders page when creating account manually \[[#41851](https://community.openproject.com/wp/41851)\]
+- Fixed: Cannot add attachment to existing comment \[[#41940](https://community.openproject.com/wp/41940)\]
+- Fixed: Closed cards in the team planner behave strangely \[[#42413](https://community.openproject.com/wp/42413)\]
+- Fixed: Project appearing twice in Dropdown List if Project Member has two or more roles \[[#42477](https://community.openproject.com/wp/42477)\]
+- Fixed: Date picker gets cut when there is no scroll \[[#42748](https://community.openproject.com/wp/42748)\]
+- Fixed: Packager builds failing since gem bump \[[#42871](https://community.openproject.com/wp/42871)\]
+- Fixed: Custom action button in combination with parallel changes leads to conflicting modification error \[[#42878](https://community.openproject.com/wp/42878)\]
+- Fixed: Attachments are assigned to the wrong Work Package \[[#42933](https://community.openproject.com/wp/42933)\]
+- Fixed: Navigation Link Not Working \[[#42984](https://community.openproject.com/wp/42984)\]
+- Fixed: Unable to create child work package \[[#42988](https://community.openproject.com/wp/42988)\]
+- Fixed: Size of dropdowns in work-package list too small especially for project hierarchy \[[#43083](https://community.openproject.com/wp/43083)\]
+- Fixed: Internal server error when navigating to the work package module (page size) \[[#43120](https://community.openproject.com/wp/43120)\]
+- Fixed: webhook is not working \[[#43129](https://community.openproject.com/wp/43129)\]
+- Fixed: Split screen persistent with empty state switching toggle from All to Unread \[[#43146](https://community.openproject.com/wp/43146)\]
+- Fixed: Missing plural in user settings -> access tokens \[[#43151](https://community.openproject.com/wp/43151)\]
+- Fixed: Fix storage admin breadcrumbs \[[#43153](https://community.openproject.com/wp/43153)\]
+- Fixed: Two English language \[[#43192](https://community.openproject.com/wp/43192)\]
+- Fixed: Remove OAuth cookie after successful authorization against Nextcloud \[[#43193](https://community.openproject.com/wp/43193)\]
+- Fixed: Project export confusingly uses "Work packages export limit" setting \[[#43202](https://community.openproject.com/wp/43202)\]
+- Fixed: Mobile: The right margin for the files list is not correct \[[#43207](https://community.openproject.com/wp/43207)\]
+- Fixed: Double click to open work packages in the Team Planner \[[#43222](https://community.openproject.com/wp/43222)\]
+- Fixed: Able to set a follower starting before its predecessor \[[#43223](https://community.openproject.com/wp/43223)\]
+- Fixed: Migration::MigrationUtils::PermissionAdder.add not idempotent \[[#43231](https://community.openproject.com/wp/43231)\]
+- Fixed: imap ssl settings are evaluated as booleans when they are strings \[[#43237](https://community.openproject.com/wp/43237)\]
+- Fixed: Work Package Releation entry not styling type properly \[[#43239](https://community.openproject.com/wp/43239)\]
+- Fixed: Work packages in Gantt chart in light grey hard to see \[[#43240](https://community.openproject.com/wp/43240)\]
+- Fixed: Work package types with colour white are not visible in emails \[[#43247](https://community.openproject.com/wp/43247)\]
+- Fixed: Can not find users with the user creation/invitation form  \[[#43257](https://community.openproject.com/wp/43257)\]
+- Fixed: The list style in the "Nextcloud" section is not correct \[[#43259](https://community.openproject.com/wp/43259)\]
+- Fixed: Remove hover effect on files list when there is a connection error to Nextcloud \[[#43260](https://community.openproject.com/wp/43260)\]
+- Fixed: The space between the form and the buttons on the 2nd and 3rd step of Nextcloud OAuth settings is not correct \[[#43263](https://community.openproject.com/wp/43263)\]
+- Fixed: Can not access the main actions on work package on mobile from the details view \[[#43296](https://community.openproject.com/wp/43296)\]
+- Fixed: Mobile: The right margin for activity comments is not correct \[[#43304](https://community.openproject.com/wp/43304)\]
+- Fixed: Wrong positioning of workers in notification \[[#43306](https://community.openproject.com/wp/43306)\]
+- Fixed: (Mobile) Clicking on notification row does not scroll to activity \[[#43311](https://community.openproject.com/wp/43311)\]
+- Fixed: Project name overflows header on mobile  \[[#43314](https://community.openproject.com/wp/43314)\]
+- Fixed: Info boxes in the Administration are not shown correctly \[[#43320](https://community.openproject.com/wp/43320)\]
+- Fixed: Nextcloud: Validation error in New storage - Host field \[[#43323](https://community.openproject.com/wp/43323)\]
+- Fixed: Project field limited to 30 items \[[#43386](https://community.openproject.com/wp/43386)\]
+- Fixed: Start date automatically entered by default on new work packages \[[#43429](https://community.openproject.com/wp/43429)\]
+- Fixed: There is no empty status in the Project Select when search criteria is not met \[[#43479](https://community.openproject.com/wp/43479)\]
+- Fixed: Focus status on the Project Selector has no background \[[#43482](https://community.openproject.com/wp/43482)\]
+- Fixed: Invalid link/href returned by API \[[#43486](https://community.openproject.com/wp/43486)\]
+- Fixed: Show better error for dependent result for StoragesController Create action \[[#43487](https://community.openproject.com/wp/43487)\]
+- Fixed: Date picker not working as expected for UTC time hour minus \[[#43504](https://community.openproject.com/wp/43504)\]
+- Fixed: "No SSL" option in packaged installation of 12.2 does not work \[[#43530](https://community.openproject.com/wp/43530)\]
+- Fixed: Focus and selection different for project selection component \[[#43544](https://community.openproject.com/wp/43544)\]
+- Fixed: First greyed out item is selected in project dropdown \[[#43545](https://community.openproject.com/wp/43545)\]
+- Fixed: Time entry widget column translations missing \[[#43558](https://community.openproject.com/wp/43558)\]
+- Fixed: Disable LDAP user status synchronization by default \[[#43561](https://community.openproject.com/wp/43561)\]
+- Fixed: Datepicker jumps with negative time zone \[[#43562](https://community.openproject.com/wp/43562)\]
+- Epic: Files tab that shows linked files in Nextcloud \[[#40203](https://community.openproject.com/wp/40203)\]
+- Epic: Settings connection between Nextcloud and OpenProject (OAuth) \[[#42072](https://community.openproject.com/wp/42072)\]
+
+#### Contributions
+A big thanks to community members for reporting bugs, helping us identify issues and providing fixes.
+
+- Special thanks for City of Cologne and University of Duisburg-Essen for sponsoring the development of the Nextcloud integration.
+- Special thanks for reporting and finding bugs go to kak tux, Karl Sebera, Christina Vechkanova, Ulrich Germann, Kiran Kafle, Alexander Seitz, Max Chen, PD Inc Support, Rince wind, Simon Rohart, Sander Kleijwegt, Sreekanth Gopalakris.
+- A big thank you to every other dedicated user who has [reported bugs](../../development/report-a-bug) and supported the community by asking and answering questions in the [forum](https://community.openproject.org/projects/openproject/boards).
+- A big thank you to all the dedicated users who provided translations on [CrowdIn](https://crowdin.com/projects/opf).

docs/release-notes/3/3-0-4/README.md

@@ -23,11 +23,9 @@ and to behave more like you would expect it to work. From now on it is
 possible to just edit the configuration (see
 [`config/configuration.yml`](https://github.com/opf/openproject/blob/dev/config/configuration.yml.example#L122))
 and set the `rails_relative_url_root` parameter to a proper value and
-the installation should work. There is no need to change the`config.ru`
+the installation should work. There is no need to change the `config.ru`
 file or other configurations anymore. Regardless of whether you are
 using passenger or any other application server.
 
 For a full list of fixes we made please see the 
 [changelog v 3.0.4](https://community.openproject.com/versions/316)
-
-

docs/release-notes/README.md

@@ -14,6 +14,12 @@ Stay up to date and get an overview of the new features included in the releases
 <!--- New release notes are generated below. Do not remove comment. -->
 <!--- RELEASE MARKER -->
 
+## 12.2.0
+
+Release date: 2022-08-15
+
+[Release Notes](12-2-0/)
+
 ## 12.1.6
 
 Release date: 2022-07-12

docs/system-admin-guide/authentication/two-factor-authentication/README.md

@@ -5,14 +5,33 @@ sidebar_navigation:
 description: configure two-factor authentication for OpenProject.
 keywords: two-factor authentication
 ---
-# Two-factor authentication (Premium feature)
+# Two-factor authentication (2FA)
+
+Note: This feature is available for the Enterprise on-premises only. For more information and differences to Community Edition, [see this page](https://www.openproject.org/pricing/).
+
+## Basic 2FA using TOTP
 
 To activate and **configure two-factor authentication** for OpenProject, navigate to -> *Administration* -> *Authentication* and choose -> *two-factor authentication*.
 
-You can configure the following options:
+From the GUI you are able to configure the following options:
 
-1. **Enforce two-factor authentication (2FA) for the whole system**. All users will be forced to [register a 2FA device](../../../getting-started/my-account/#two-factor-authentication-premium-feature) on their next login.
-2. **Remember 2FA login for a given number of days**, e.g. 30 days.
+1. **Enforce 2FA** (two-factor authentication) for every user. All users will be forced to [register a 2FA device](../../../getting-started/my-account/#two-factor-authentication-premium-feature) on their next login.
+2. **Remember 2FA login** for a given number of days, e.g. 30 days.
 3. Press the blue **Apply** button to save your changes.
 
 ![Sys-admin-authentication-two-factor-authentication](Sys-admin-authentication-two-factor-authentication.png)
+
+Usually with another device device like a mobile phone or a tablet, you are able to use a TOTP Application in order to generate the token that is needed as an extra layer of security on top of your password. Here are some applications that work for OpenProject 2FA.
+
+- Open Source andOTP (Android Device) in the [Play Store](https://play.google.com/store/apps/details?id=org.shadowice.flocke.andotp&gl=US)
+
+- Open Source OTP Auth (Apple Devices) in the [Apple Store](https://apps.apple.com/us/app/otp-auth/id659877384)
+
+- Google Authenticator
+- Microsoft Authenticator
+
+## Advanced 2FA using MessageBird, Amazon SNS
+
+At the moment the advanced settings for improved security are only reachable on the by defining [configuration variables](https://www.openproject.org/docs/installation-and-operations/configuration/).
+
+The how to is explained in the  configuration is explained in the [Two-factor authentication](https://www.openproject.org/docs/installation-and-operations/configuration/#two-factor-authentication) paragraph.

frontend/src/app/features/hal/resources/work-package-resource.ts

@@ -188,7 +188,11 @@ export class WorkPackageBaseResource extends HalResource {
   }
 
   public getEditorContext(fieldName:string):ICKEditorContext {
-    return { type: fieldName === 'description' ? 'full' : 'constrained', macros: false };
+    return {
+      type: fieldName === 'description' ? 'full' : 'constrained',
+      macros: false,
+      ...(fieldName.startsWith('customField') && { disabledMentions: ['user'] }),
+    };
   }
 
   public isParentOf(otherWorkPackage:WorkPackageResource) {

frontend/src/app/shared/components/editor/components/ckeditor/ckeditor.types.ts

@@ -66,4 +66,6 @@ export interface ICKEditorContext {
   };
   // context link to append on preview requests
   previewContext?:string;
+  // disabled specific mentions
+  disabledMentions?:['user'|'work_package'];
 }

frontend/src/app/shared/components/fields/edit/field-types/select-edit-field/select-edit-field.component.ts

@@ -192,7 +192,7 @@ export class SelectEditFieldComponent extends EditFieldComponent implements OnIn
     return this.fetchAllowedValueQuery(query);
   }
 
-  protected fetchAllowedValueQuery(query?:string) {
+  protected fetchAllowedValueQuery(query?:string):Promise<CollectionResource> {
     return this.schema.allowedValues.$link.$fetch(this.allowedValuesFilter(query)) as Promise<CollectionResource>;
   }
 

frontend/src/app/shared/components/fields/edit/field-types/work-package-edit-field.component.ts

@@ -35,6 +35,7 @@ import {
 import { take } from 'rxjs/operators';
 import { ApiV3FilterBuilder } from 'core-app/shared/helpers/api-v3/api-v3-filter-builder';
 import { SelectEditFieldComponent } from './select-edit-field/select-edit-field.component';
+import { CollectionResource } from 'core-app/features/hal/resources/collection-resource';
 
 @Component({
   templateUrl: './work-package-edit-field.component.html',
@@ -64,6 +65,15 @@ export class WorkPackageEditFieldComponent extends SelectEditFieldComponent {
     return this.requests.input$;
   }
 
+  protected fetchAllowedValueQuery(query?:string):Promise<CollectionResource> {
+    if (this.name === 'parent') {
+      // eslint-disable-next-line @typescript-eslint/no-unsafe-call,@typescript-eslint/no-unsafe-member-access
+      return this.schema.allowedValues.$link.$fetch({ query }) as Promise<CollectionResource>;
+    }
+
+    return super.fetchAllowedValueQuery(query);
+  }
+
   protected allowedValuesFilter(query?:string):{} {
     let filterParams = super.allowedValuesFilter(query);
 

lib/api/v3/utilities/path_helper.rb

@@ -484,8 +484,9 @@ module API
             "#{work_package_relations(work_package_id)}/#{id}"
           end
 
-          def self.work_package_available_relation_candidates(id)
-            "#{work_package(id)}/available_relation_candidates"
+          def self.work_package_available_relation_candidates(id, type: nil)
+            query = "?type=#{type}" if type
+            "#{work_package(id)}/available_relation_candidates#{query}"
           end
 
           def self.work_package_revisions(id)

lib/api/v3/work_packages/schema/work_package_schema_representer.rb

@@ -211,17 +211,16 @@ module API
                                      end
                                    }
 
-          # TODO:
-          # * create an available_work_package_parent resource
-          #   One can use a relatable filter with the 'parent' operator. Will however need to also
-          #   work without a value which is currently not supported.
-          # * turn :parent into a schema_with_allowed_link
-
-          schema :parent,
-                 type: 'WorkPackage',
-                 location: :link,
-                 required: false,
-                 writable: true
+          schema_with_allowed_link :parent,
+                                   type: 'WorkPackage',
+                                   required: false,
+                                   writable: true,
+                                   href_callback: ->(*) {
+                                     work_package = represented.work_package
+                                     if work_package&.persisted?
+                                       api_v3_paths.work_package_available_relation_candidates(represented.id, type: :parent)
+                                     end
+                                   }
 
           schema_with_allowed_link :assignee,
                                    type: 'User',

spec/features/work_packages/details/custom_fields/custom_field_spec.rb

@@ -59,6 +59,7 @@ describe 'custom field inplace editor', js: true do
     end
 
     it_behaves_like 'a workpackage autocomplete field'
+    it_behaves_like 'not a principal autocomplete field'
   end
 
   describe 'custom field lists' do
@@ -151,7 +152,7 @@ describe 'custom field inplace editor', js: true do
       end
     end
 
-    context 'no restrictions' do
+    context 'with no restrictions' do
       let(:args) { {} }
 
       it 'renders errors for invalid entries' do
@@ -175,7 +176,7 @@ describe 'custom field inplace editor', js: true do
       end
     end
 
-    context 'required' do
+    context 'when required' do
       let(:args) { { is_required: true } }
 
       it 'renders errors for invalid entries' do

spec/features/work_packages/details/inplace_editor/shared_examples.rb

@@ -1,4 +1,4 @@
-shared_examples 'an accessible inplace editor' do
+shared_examples 'as an accessible inplace editor' do
   it 'triggers edit mode on click' do
     scroll_to_element(field.display_element)
     field.activate_edition
@@ -23,9 +23,9 @@ shared_examples 'an accessible inplace editor' do
   end
 end
 
-shared_examples 'an auth aware field' do
+shared_examples 'as an auth aware field' do
   context 'when is editable' do
-    it_behaves_like 'an accessible inplace editor'
+    it_behaves_like 'as an accessible inplace editor'
   end
 
   context 'when user is authorized' do
@@ -52,7 +52,7 @@ shared_examples 'an auth aware field' do
   end
 end
 
-shared_context 'having a single validation point' do
+shared_context 'as a single validation point' do
   let(:other_field) { EditField.new page, :type }
   before do
     other_field.activate_edition
@@ -67,7 +67,7 @@ shared_context 'having a single validation point' do
   end
 end
 
-shared_context 'a required field' do
+shared_context 'as a required field' do
   before do
     field.activate_edition
     field.input_element.set ''
@@ -86,11 +86,11 @@ shared_examples 'a cancellable field' do
       field.expect_state_text(work_package.send(property_name))
 
       active_class_name = page.evaluate_script('document.activeElement.className')
-      expect(active_class_name).to include(field.display_selector[1..-1])
+      expect(active_class_name).to include(field.display_selector[1..])
     end
   end
 
-  context 'by escape' do
+  context 'for escape' do
     before do
       field.activate!
       sleep 1
@@ -163,15 +163,67 @@ shared_examples 'a principal autocomplete field' do
     end
   end
 
-  context 'in project' do
+  context 'with the project page' do
     let(:wp_page) { Pages::SplitWorkPackage.new(work_package, project) }
 
     it_behaves_like 'principal autocomplete on field'
   end
 
-  context 'outside project' do
+  context 'without the project page' do
     let(:wp_page) { Pages::SplitWorkPackage.new(work_package) }
 
     it_behaves_like 'principal autocomplete on field'
   end
 end
+
+shared_examples 'not a principal autocomplete field' do
+  let(:role) { create(:role, permissions: %i[view_work_packages edit_work_packages]) }
+  let!(:user) do
+    create :user,
+           member_in_project: project,
+           member_through_role: role,
+           firstname: 'John'
+  end
+  let!(:mentioned_user) do
+    create :user,
+           member_in_project: project,
+           member_through_role: role,
+           firstname: 'Laura',
+           lastname: 'Foobar'
+  end
+  let!(:mentioned_group) do
+    create(:group, lastname: 'Laudators').tap do |group|
+      create :member,
+             principal: group,
+             project:,
+             roles: [role]
+    end
+  end
+
+  shared_examples 'not principal autocomplete on field' do
+    before do
+      wp_page.visit!
+      wp_page.ensure_page_loaded
+    end
+
+    it 'does not autocompletes links to user profiles' do
+      field.activate!
+      field.clear with_backspace: true
+      field.input_element.send_keys(" @lau")
+      sleep 2
+      expect(page).not_to have_selector('.mention-list-item')
+    end
+  end
+
+  context 'with the project page' do
+    let(:wp_page) { Pages::SplitWorkPackage.new(work_package, project) }
+
+    it_behaves_like 'not principal autocomplete on field'
+  end
+
+  context 'without the project page' do
+    let(:wp_page) { Pages::SplitWorkPackage.new(work_package) }
+
+    it_behaves_like 'not principal autocomplete on field'
+  end
+end

spec/features/work_packages/details/inplace_editor/subject_editor_spec.rb

@@ -22,18 +22,18 @@ describe 'subject inplace editor', js: true, selenium: true do
     work_packages_page.ensure_page_loaded
   end
 
-  context 'in read state' do
+  context 'as a read state' do
     it 'has correct content' do
       field.expect_state_text(work_package.send(property_name))
     end
   end
 
-  it_behaves_like 'an auth aware field'
+  it_behaves_like 'as an auth aware field'
   it_behaves_like 'a cancellable field'
-  it_behaves_like 'having a single validation point'
-  it_behaves_like 'a required field'
+  it_behaves_like 'as a single validation point'
+  it_behaves_like 'as a required field'
 
-  context 'in edit state' do
+  context 'as an edit state' do
     before do
       field.activate_edition
     end
@@ -59,7 +59,7 @@ describe 'subject inplace editor', js: true, selenium: true do
       notification.expect_error('Subject is too long (maximum is 255 characters)')
     end
 
-    context 'on save' do
+    context 'when save' do
       before do
         field.input_element.set 'Aloha'
       end
@@ -76,7 +76,7 @@ describe 'subject inplace editor', js: true, selenium: true do
     end
   end
 
-  context 'conflicting modification' do
+  context 'with conflicting modification' do
     it 'shows a conflict when modified elsewhere' do
       work_package.subject = 'Some other subject!'
       work_package.save!

spec/features/work_packages/table/hierarchy/parent_column_spec.rb

@@ -4,8 +4,9 @@ describe 'Work Package table parent column', js: true do
   let(:user) { create :admin }
   let!(:parent) { create(:work_package, project:) }
   let!(:child) { create(:work_package, project:, parent:) }
+  let!(:other_wp) { create(:work_package, project:) }
   let!(:query) do
-    query              = build(:query, user:, project:)
+    query = build(:query, user:, project:)
     query.column_names = ['subject', 'parent']
     query.filters.clear
     query.show_hierarchies = false
@@ -34,4 +35,17 @@ describe 'Work Package table parent column', js: true do
       expect(page).to have_selector('td.parent', text: "##{parent.id}")
     end
   end
+
+  it 'can edit the parent work package (Regression #43647)' do
+    wp_table.visit_query query
+    wp_table.expect_work_package_listed(parent, child)
+
+    parent_field = wp_table.edit_field(child, :parent)
+    parent_field.update other_wp.subject
+
+    wp_table.expect_and_dismiss_toaster message: 'Successful update.'
+
+    child.reload
+    expect(child.parent).to eq other_wp
+  end
 end

spec/lib/api/v3/work_packages/schema/work_package_schema_representer_spec.rb

@@ -797,6 +797,25 @@ describe ::API::V3::WorkPackages::Schema::WorkPackageSchemaRepresenter do
         let(:writable) { true }
         let(:location) { '_links' }
       end
+
+      it_behaves_like 'links to allowed values via collection link' do
+        let(:path) { 'parent' }
+        let(:href) { api_v3_paths.work_package_available_relation_candidates(work_package.id, type: :parent) }
+      end
+
+      context 'when creating' do
+        let(:work_package) do
+          build(:work_package, project:) do |wp|
+            allow(wp)
+              .to receive(:available_custom_fields)
+                    .and_return(available_custom_fields)
+          end
+        end
+
+        it_behaves_like 'does not link to allowed values' do
+          let(:path) { 'parent' }
+        end
+      end
     end
 
     describe 'type' do

spec/support/edit_fields/edit_field.rb

@@ -248,7 +248,7 @@ class EditField
       'version-autocompleter'
     when :assignee, :responsible, :user
       'op-user-autocompleter'
-    when :priority, :status, :type, :category, :workPackage
+    when :priority, :status, :type, :category, :workPackage, :parent
       'create-autocompleter'
     when :project
       'op-autocompleter'