kolaente
79dbb40985
fix(db): prevent SQLite "database is locked" errors under concurrent writes
...
Configure SQLite connections with WAL journal mode, a 5-second busy
timeout, shared cache, and a max of 1 open connection. SQLite only
supports a single writer at a time, so without these settings concurrent
API requests (e.g. bulk task creation) would immediately fail with
"database is locked" instead of waiting and retrying.
2026-03-02 12:37:55 +01:00
kolaente
7e7e778d49
fix(db): validate table names and quote identifiers in raw SQL
2026-02-25 13:01:00 +01:00
kolaente
9e050fe40e
test: add orphaned project fixture for repair-projects command
2026-02-25 11:56:25 +01:00
kolaente
1167b08e70
fix: handle Begin() error in db.NewSession() instead of ignoring it
2026-02-25 11:03:02 +01:00
kolaente
fd77e041a1
fix: add transaction begin to db.NewSession()
...
All sessions now start with an active transaction. This makes
multi-statement write operations atomic — if any step fails, all
changes are rolled back instead of leaving the database in an
inconsistent state.
Callers must call s.Commit() for writes to persist. s.Close()
auto-rollbacks uncommitted transactions.
2026-02-25 11:03:02 +01:00
kolaente
b3d0b2f697
feat: add Session model with CRUD, permissions, and cleanup cron
...
- Session struct with UUID primary key, hashed refresh token, device
info, IP address, and last-active tracking
- Token generation via generateHashedToken (SHA-256, 128 random bytes)
- CreateSession, GetSessionByRefreshToken, GetSessionByID
- Atomic RotateRefreshToken with WHERE on old hash to prevent replays
- ReadAll scoped to authenticated user (link shares rejected)
- Delete scoped to owning user (link shares rejected)
- Hourly cleanup cron for expired sessions based on is_long_session
- ErrSessionNotFound error type with HTTP 404 mapping
2026-02-25 10:30:25 +01:00
kolaente
6733ac4e22
test: add task #47 with reminders outside window for bug #2245
...
Add a second reminder to task 2 (in 2019, outside the test window)
and create task #47 with two reminders that straddle the test window
(2018-08-01 and 2019-03-01) but neither falls inside it. This exposes
the multi-row matching bug where separate EXISTS subqueries can match
different rows in the same sub-table.
2026-02-19 12:40:29 +01:00
John Starich
591a646f84
refactor: remove environment variable requirements for go test
2026-02-17 18:01:05 +01:00
kolaente
7fce4694fa
refactor(db): extract testable ResolveDatabasePath function ( #2193 )
...
Add DatabasePathConfig struct and ResolveDatabasePath function that
takes all dependencies as parameters, making it easier to test path
resolution logic in isolation. Should also fix the reported cases.
Resolves #2189
2026-02-08 10:47:57 +00:00
Biagio00
5b42724205
fix(kanban): repeating tasks dates won't update when moved in done bucket ( #1638 )
2025-11-14 16:57:53 +00:00
kolaente
7da2942ca6
fix: correctly set database path on windows ( #1616 )
2025-10-09 08:38:01 +00:00
kolaente
ec89b08fd5
fix(attachments): extend upload file size to form data ( #1577 )
...
Resolves https://github.com/go-vikunja/vikunja/issues/1494
2025-09-30 22:23:07 +00:00
kolaente
a81a3ee0e5
feat!: rename right to permission ( #1277 )
2025-08-13 11:05:05 +02:00
kolaente
4042f66efa
feat: show user export status in settings ( #1200 )
2025-07-30 15:50:26 +00:00
kolaente
4faf50a91f
fix(user): ensure deletion tokens can only be used by the user who created them
2025-07-23 11:18:37 +02:00
Copilot
9712dbe2ab
fix: MySQL constraint violations returning HTTP 500 instead of 400 for task bucket duplicates ( #1154 )
...
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: kolaente <13721712+kolaente@users.noreply.github.com>
Co-authored-by: kolaente <k@knt.li>
2025-07-22 08:59:12 +00:00
kolaente
ca83ad1f98
feat: move to slog for logging
2025-07-21 18:15:39 +02:00
kolaente
7985a6500a
fix: use assertions which are more specific
2025-07-18 23:18:04 +02:00
kolaente
07d83e67d7
feat(projects): add support for ParadeDB when searching for project
2025-07-18 23:18:04 +02:00
kolaente
1e3a68210a
chore(db): simplify MultiFieldSearch
2025-07-18 23:18:04 +02:00
kolaente
22579dffae
chore: cleanup unused helper
2025-07-18 23:18:04 +02:00
kolaente
a571d42f46
chore: refactor searching for link shares
2025-07-18 23:18:04 +02:00
kolaente
3db1ddcee4
feat(tasks): add support for ParadeDB when searching tasks
2025-07-18 23:18:04 +02:00
Dominik Pschenitschni
d48d88d442
fix: comment typo and misspellings
2025-07-02 17:46:21 +02:00
Dominik Pschenitschni
5b9d4fcc72
chore: add missing eof newlines ( #969 )
2025-06-17 09:11:32 +00:00
kolaente
6671ce38a8
chore: rename API test suites ( #938 )
2025-06-13 08:23:17 +00:00
kolaente
0145a8ba50
feat!(config): store sqlite file relative to rootpath ( #934 )
...
Moderately breaking change since in most cases the root path was already set next to the binary.
2025-06-13 09:16:25 +02:00
Dominik Pschenitschni
296577a875
fix: correct license header references ( #882 )
...
See originals:
- https://www.gnu.org/licenses/agpl-3.0.txt
- https://www.gnu.org/licenses/gpl-3.0.txt
2025-06-10 12:18:38 +02:00
kolaente
b010e3851c
fix(project): add position in test fixtures
2025-03-20 14:00:18 +01:00
kolaente
7e1aba7606
fix(kanban): correctly set default bucket id when duplicating project
...
Partially resolves https://community.vikunja.io/t/bugs-around-project-duplication-with-kanban-buckets/3433
2025-03-19 17:28:59 +01:00
kolaente
99213c66ee
chore(openid): use general external team sync
2025-03-18 16:36:00 +00:00
kolaente
62beb3db2d
feat(auth): rename oidc_id to external_id
2025-03-18 16:36:00 +00:00
kolaente
4e90c6bb78
chore(deps): update golangci-lint
2025-03-02 13:00:18 +01:00
kolaente
6673adf0b5
fix(filter): do not show tasks in filter results when they are filtered out by labels
...
This fixes a bug where tasks which were filtered out by their label would still be shown. That was caused by the way the filter query was translated to sql under the hood.
Resolves https://github.com/go-vikunja/vikunja/issues/394
2025-01-20 14:05:42 +01:00
John Doe
28d5cd7b28
feat: allow setting schema for connection in postgres ( #2777 )
...
This PR introduce a new config for database, `database.schema`, allowing user to specify a specific schema to use for their postgres database connection. As the default value is set, it will be backward compatible.
Related discussion: https://community.vikunja.io/t/postgres-database-has-error-pq-relation-tasks-does-not-exist/1333
Reviewed-on: https://kolaente.dev/vikunja/vikunja/pulls/2777
Co-authored-by: John Doe <hugosum.dev@protonmail.com>
Co-committed-by: John Doe <hugosum.dev@protonmail.com>
2024-10-26 16:06:47 +00:00
kolaente
a88124cfce
feat: make used bcrypt rounds configurable
...
This allows to configure the used bcrypt rounds and set it to 4 in tests, greatly speeding up the tests. It's not really required to set this to another value but it might be in the future as computers get faster.
2024-10-13 15:38:04 +02:00
kolaente
06305eb6b3
fix(subscriptions): correctly inherit subscriptions
...
Resolves https://community.vikunja.io/t/e-mail-notification-twice/2740/20
2024-09-03 22:04:11 +02:00
kolaente
8bfd0493b2
fix(deps): update golangci
2024-08-25 14:30:46 +00:00
kolaente
fa6546b6b2
feat(tasks): add tests for moving a task out of the done bucket
2024-06-18 13:40:41 +02:00
kolaente
9075a45cb8
fix(views): update test fixtures for new structure
2024-03-19 00:47:51 +01:00
kolaente
a5c51d4b1e
feat: emoji reactions for tasks and comments ( #2196 )
...
This PR adds reactions for tasks and comments, similar to what you can do on Gitea, GitHub, Slack and plenty of other tools.
Reviewed-on: https://kolaente.dev/vikunja/vikunja/pulls/2196
Co-authored-by: kolaente <k@knt.li>
Co-committed-by: kolaente <k@knt.li>
2024-03-12 19:25:58 +00:00
waza-ari
ffa82556e0
feat(teams): add public flags to teams to allow easier sharing with other teams ( #2179 )
...
Resolves #2173
Co-authored-by: Daniel Herrmann <daniel.herrmann1@gmail.com>
Reviewed-on: https://kolaente.dev/vikunja/vikunja/pulls/2179
Reviewed-by: konrad <k@knt.li>
Co-authored-by: waza-ari <daniel.herrmann@makerspace-darmstadt.de>
Co-committed-by: waza-ari <daniel.herrmann@makerspace-darmstadt.de>
2024-03-10 14:04:32 +00:00
kolaente
9624cc9e97
fix(filter): translate all tests
2024-03-09 19:06:35 +01:00
waza-ari
a3154e805c
fix(auth): use (issuer, name) to check for uniqueness of oidc teams ( #2152 )
...
The change introduced in #2150 introduces a bug where a Team would be re-created every time a user logs in, as the check if a team already exists was based on both the unique `oidcID` and the `name`. This PR proposes to only base the check on the ID, as this should be unique.
Co-authored-by: Daniel Herrmann <daniel.herrmann1@gmail.com>
Reviewed-on: https://kolaente.dev/vikunja/vikunja/pulls/2152
Reviewed-by: konrad <k@knt.li>
Co-authored-by: waza-ari <daniel.herrmann@makerspace-darmstadt.de>
Co-committed-by: waza-ari <daniel.herrmann@makerspace-darmstadt.de>
2024-03-04 20:26:45 +00:00
kolaente
ac8751e1be
fix(task): move done tasks to the done bucket when they are moved between projects and the new project has a done bucket
2024-03-03 18:13:47 +01:00
viehlieb
ed4da96ab1
feat: assign users to teams via OIDC claims ( #1393 )
...
This change adds the ability to sync teams via a custom openid claim. Vikunja will automatically create and delete teams as necessary, it will also add and remove users when they log in. These teams are fully managed by Vikunja and cannot be updated by a user.
Co-authored-by: kolaente <k@knt.li>
Reviewed-on: https://kolaente.dev/vikunja/vikunja/pulls/1393
Resolves https://kolaente.dev/vikunja/vikunja/issues/1279
Resolves https://github.com/go-vikunja/vikunja/issues/42
Resolves https://kolaente.dev/vikunja/vikunja/issues/950
Co-authored-by: viehlieb <pf@pragma-shift.net>
Co-committed-by: viehlieb <pf@pragma-shift.net>
2024-03-02 08:47:10 +00:00
kolaente
6b1e67485b
feat: fetch all projects with a recursive cte instead of recursive query
...
This change modifies the fetching of all projects to use a recursive common table expression instead of recursively calling the method.
2024-02-28 13:42:45 +01:00
kolaente
2dab2ccedd
feat: allow using sqlite in memory database
...
This allows running vikunja for testing purposes. You almost never want to run this in production.
2024-02-15 10:48:48 +01:00
kolaente
c05f51b923
chore(deps): update golangci-lint rules
2023-12-19 13:34:31 +01:00
Miguel Arroyo
225d65268d
feat(caldav): Add support for subtasks (i.e. `RELATED-TO` property) in CalDAV ( #1634 )
...
As I mentioned [here](https://kolaente.dev/vikunja/api/pulls/1442#issuecomment-55215 ), this is mainly a cleanup of @zewaren 's original [PR](https://kolaente.dev/vikunja/api/pulls/1442 ).
It adds support for the `RELATED-TO` property in CalDAV's `VTODO` and the `RELTYPE=PARENT` and `RELTYPE=CHILD` relationships. In other words, it allows for `ParentTask->SubTask` relations to be handled supported through CalDAV.
In addition to the included tests, this has been tested by both @zewaren & myself with DAVx5 & Tasks (Android) and it's been working great.
Resolves https://kolaente.dev/vikunja/api/issues/1345
Co-authored-by: Miguel A. Arroyo <miguel@codeheads.dev>
Co-authored-by: Erwan Martin <public@fzwte.net>
Reviewed-on: https://kolaente.dev/vikunja/api/pulls/1634
Reviewed-by: konrad <k@knt.li>
Co-authored-by: Miguel Arroyo <mayanez@noreply.kolaente.de>
Co-committed-by: Miguel Arroyo <mayanez@noreply.kolaente.de>
2023-11-10 22:44:03 +00:00
Peter H0ffmann
ad04d302af
chore: reverse the coupling of module log and config ( #1606 )
...
This way the config module can already use the log module with the same result (default logging to StdOut with Level INFO, same output as before) but ENV variables can already change the logging of config file related log output). It is now possible to dump as a cronjob without having to filter the default log about the used config file.
Also:
- all logging modules are now configurable when initializing which makes testing easier
- viper dependency removed from logging
- log correct settings when configured error level is invalid
- deprecation of value "false" for log.standard and log.events (already not mentioned in https://vikunja.io/docs/config-options/ )
Co-authored-by: Berengar W. Lehr <Berengar.Lehr@uni-jena.de>
Reviewed-on: https://kolaente.dev/vikunja/api/pulls/1606
Reviewed-by: konrad <k@knt.li>
Co-authored-by: Peter H0ffmann <hoffmannp@noreply.kolaente.de>
Co-committed-by: Peter H0ffmann <hoffmannp@noreply.kolaente.de>
2023-10-03 09:28:28 +00:00
kolaente
60bd5c8a79
feat: make default bucket configurable
2023-09-03 15:17:17 +02:00
kolaente
bbbb45d224
feat: move done bucket setting to project
2023-09-03 15:01:35 +02:00
kolaente
e3c5a93f4f
chore(api tokens): remove updated date from tokens as it can't be updated anyway
2023-09-01 11:16:36 +02:00
kolaente
d9bfcdab8e
feat(api tokens): add tests
2023-09-01 10:19:31 +02:00
kolaente
e518fb1191
chore: remove year from copyright headers
...
Resolves https://kolaente.dev/vikunja/api/pulls/1483
2023-09-01 08:32:28 +02:00
kolaente
acb03c430e
fix(user): allow deleting a user if they have a default project
...
Resolves https://github.com/go-vikunja/api/issues/78
2023-08-23 16:10:51 +02:00
kolaente
d83e3a0a03
chore: remove cache options
...
Cache was not working correctly, added more complexity and actually made response times slower. Because of this, I'm removing all cache options until we figure out a better solution.
Resolves https://kolaente.dev/vikunja/api/issues/1496
Resolves https://kolaente.dev/vikunja/api/issues/907
2023-06-08 17:05:36 +02:00
kolaente
ef94e0cf86
feat(projects): don't allow deleting or archiving the default project
2023-06-07 21:29:46 +02:00
kolaente
4b00f224d9
fix: reminder fixture
2023-05-24 15:52:33 +02:00
kolaente
353279cbff
fix: fetch all tasks for all projects
2023-05-24 15:52:33 +02:00
kolaente
746ac1098f
fix(test): adjust fixture bucket and list ids
2023-05-24 15:52:32 +02:00
kolaente
3b00a5c200
fix(test): fixtures
2023-05-24 15:52:32 +02:00
kolaente
017f771783
chore(test): show table content when db assertion failed
2023-05-24 15:51:56 +02:00
kolaente
03b7fa6dd3
fix(tests): subscription test fixtures
2023-05-24 15:51:56 +02:00
kolaente
5e6bff20f8
fix(tests): task permissions from parents
2023-05-24 15:51:56 +02:00
kolaente
03eb4ecd07
fix(tests): permission tests for parent projects
2023-05-24 15:51:56 +02:00
kolaente
0cd633981a
fix(project): recursively get all users from all parent projects
2023-05-24 15:51:56 +02:00
kolaente
537ba60f2d
fix(tasks): get all tasks from parent projects
2023-05-24 15:51:55 +02:00
kolaente
ceaa9c0e03
feat(subscriptions): make sure all subscriptions are inherited properly
2023-05-24 15:51:55 +02:00
kolaente
afe756e4c1
fix(tests): make the tests compile again
2023-05-24 15:51:55 +02:00
kolaente
7ad256f6cd
fix: correctly pass unix socket to xorm
2023-04-17 19:39:38 +02:00
kolaente
0a6bbc2efd
fix: using mysql via a socket
2023-04-17 10:48:59 +00:00
kolaente
dff4e01327
fix: ILIKE helper
2023-04-03 19:19:51 +02:00
kolaente
a7231e197e
feat: allow to find users with access to a project more freely
...
Related to https://kolaente.dev/vikunja/frontend/issues/2196
2023-04-03 18:49:04 +02:00
cernst
f45648a6f7
feat(caldav): Sync Reminders / VALARM ( #1415 )
...
Co-authored-by: ce72 <christoph.ernst72@googlemail.com>
Co-authored-by: kolaente <k@knt.li>
Reviewed-on: https://kolaente.dev/vikunja/api/pulls/1415
Reviewed-by: konrad <k@knt.li>
Co-authored-by: cernst <ce72@noreply.kolaente.de>
Co-committed-by: cernst <ce72@noreply.kolaente.de>
2023-04-01 11:09:11 +00:00
cernst
3f5252dc24
feat: Add relative Reminders ( #1427 )
...
Partially resolves #1416
Co-authored-by: ce72 <christoph.ernst72@googlemail.com>
Reviewed-on: https://kolaente.dev/vikunja/api/pulls/1427
Reviewed-by: konrad <k@knt.li>
Co-authored-by: cernst <ce72@noreply.kolaente.de>
Co-committed-by: cernst <ce72@noreply.kolaente.de>
2023-03-27 20:07:06 +00:00
kolaente
7a9611c2da
chore: cleanup
2023-03-13 14:28:36 +01:00
kolaente
06f1d2e912
fix: test fixtures
2023-03-13 14:28:07 +01:00
kolaente
8f4abd2fe8
feat: rename all list files
2023-03-13 14:28:06 +01:00
cernst
a62b57ac62
feat(caldav): import caldav categories as Labels ( #1413 )
...
Resolves #1274
Co-authored-by: ce72 <christoph.ernst72@googlemail.com>
Reviewed-on: https://kolaente.dev/vikunja/api/pulls/1413
Reviewed-by: konrad <k@knt.li>
Co-authored-by: cernst <ce72@noreply.kolaente.de>
Co-committed-by: cernst <ce72@noreply.kolaente.de>
2023-03-02 15:25:26 +00:00
clos
afdceb0aff
fix(list): when list background is removed, delete file from file system and DB ( #1372 )
...
Co-authored-by: testinho.testador <testinho.testador@noreply.kolaente.de>
Reviewed-on: https://kolaente.dev/vikunja/api/pulls/1372
Reviewed-by: konrad <k@knt.li>
Co-authored-by: clos <clos@noreply.kolaente.de>
Co-committed-by: clos <clos@noreply.kolaente.de>
2023-02-01 11:38:23 +00:00
kolaente
491a142378
fix: lint
2023-01-29 22:42:24 +01:00
kolaente
40411e4100
chore(task): add test to check if a task's reminders are duplicated
2023-01-26 16:06:49 +01:00
kolaente
b8c3b570a4
fix(restore): check if we're really dealing with a string
2022-12-02 14:49:32 +01:00
kolaente
47aae115df
fix(tasks): don't include undone overdue tasks from archived lists or namespaces in notification mails
...
Resolves https://kolaente.dev/vikunja/api/issues/1324
2022-12-01 18:07:30 +01:00
kolaente
fbc4b91e0f
fix(dump): make sure null dates are properly set when restoring from a dump
2022-12-01 17:53:02 +01:00
konrad
641a9da93d
fix: usage with postgres over unix socket ( #1308 )
...
Co-authored-by: kolaente <k@knt.li>
Reviewed-on: https://kolaente.dev/vikunja/api/pulls/1308
2022-11-04 12:25:06 +00:00
kolaente
622f2f0562
fix: look for the default bucket based on the position instead of the index
2022-11-03 15:10:20 +01:00
kolaente
fcb205a842
fix: use connection string for postgres
2022-10-01 16:57:06 +02:00
kolaente
b1fd13bbcb
feat: upgrade xorm
2022-10-01 16:25:29 +02:00
kolaente
1feb62cc45
fix: lint
2022-07-31 15:50:38 +02:00
kolaente
0f555b7ec7
fix: reset id sequence when importing a dump from postgres
2022-07-21 14:54:52 +02:00
kolaente
54348c5891
fix(restore): make sure to reset sequences after importing a dump when using postgres
...
Related to https://kolaente.dev/vikunja/api/issues/1199
2022-07-13 23:43:53 +02:00
kolaente
230478aae9
fix: remove credential escaping for postgres connections to allow for passwords with special characters
...
Resolves https://github.com/go-vikunja/api/issues/22
2022-07-07 18:04:16 +02:00
tuxthepenguin
4960a498ff
Add client-cert parameters of the Go pq driver to the Vikunja config ( #1161 )
...
Co-authored-by: tuxthepenguin <tux@saturnv.uphus-internal.de>
Reviewed-on: https://kolaente.dev/vikunja/api/pulls/1161
Reviewed-by: konrad <k@knt.li>
Co-authored-by: tuxthepenguin <tuxthepenguin@noreply.kolaente.de>
Co-committed-by: tuxthepenguin <tuxthepenguin@noreply.kolaente.de>
2022-04-23 15:46:00 +00:00
kolaente
5cf263a86f
feat: upgrade golangci-lint to 1.45.2
2022-03-27 16:55:37 +02:00
konrad
27119ad6d4
User account deletion ( #937 )
...
Co-authored-by: kolaente <k@knt.li>
Reviewed-on: https://kolaente.dev/vikunja/api/pulls/937
Co-authored-by: konrad <konrad@kola-entertainments.de>
Co-committed-by: konrad <konrad@kola-entertainments.de>
2021-08-11 19:08:10 +00:00
konrad
4c5f457313
Ensure case insensitive search on postgres ( #927 )
...
Reviewed-on: https://kolaente.dev/vikunja/api/pulls/927
Co-authored-by: konrad <konrad@kola-entertainments.de>
Co-committed-by: konrad <konrad@kola-entertainments.de>
2021-08-01 21:40:25 +00:00
konrad
6ccb85a0dc
Reorder tasks, lists and kanban buckets ( #923 )
...
Co-authored-by: kolaente <k@knt.li>
Reviewed-on: https://kolaente.dev/vikunja/api/pulls/923
Co-authored-by: konrad <konrad@kola-entertainments.de>
Co-committed-by: konrad <konrad@kola-entertainments.de>
2021-07-28 19:06:40 +00:00