Commit Graph

337 Commits

Author SHA1 Message Date
Weijie Zhao a214d68a44
feat(auth): sync avatar from OpenID providers (#821) 2025-06-16 15:59:31 +02:00
kolaente 6671ce38a8
chore: rename API test suites (#938) 2025-06-13 08:23:17 +00:00
kolaente da95463bb2
fix(migration): detect header lines in csv file when importing from TickTick (#937) 2025-06-13 07:45:54 +00:00
Dominik Pschenitschni 296577a875
fix: correct license header references (#882)
See originals:
- https://www.gnu.org/licenses/agpl-3.0.txt
- https://www.gnu.org/licenses/gpl-3.0.txt
2025-06-10 12:18:38 +02:00
Weijie Zhao 00c4148f05
feat(auth): add ForceUserInfo option to OpenID provider (#797)
Problem:

When using Casdoor as an OpenID provider, there's an inconsistency between the user information in the JWT token and the UserInfo endpoint. The token contains the user's unique ID in the `name` field, while the UserInfo endpoint correctly returns the user's display name.

Solution:

This PR adds a new `ForceUserInfo` option to the OpenID provider configuration. When enabled, it forces the use of the UserInfo endpoint to retrieve user information instead of relying on claims from the ID token.

Impact:

- Default behavior remains unchanged (backward compatible)
- New option allows administrators to force using UserInfo endpoint data
- Particularly useful for providers like Casdoor that don't fully comply with OIDC standards

Related:

I've opened an issue in the Casdoor repository (https://github.com/casdoor/casdoor/issues/3806) to discuss the root cause. However, changing Casdoor's token structure might cause significant compatibility issues for existing integrations, so it's unclear if this can be fixed at the provider level. This PR provides a workaround in Vikunja that doesn't affect existing functionality.
2025-05-20 08:06:34 +00:00
renovate[bot] 4a75f7d4da
chore(deps): update golangci/golangci-lint-action action to v7 (#462)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: kolaente <k@knt.li>
2025-04-02 09:28:56 +02:00
kolaente 7803fe8aef
fix(avatar): use keyvalue store to cache gravatar instead of map
Resolves https://community.vikunja.io/t/docker-crash-concurrent-map-writes-google-login/3454
2025-03-30 16:24:34 +02:00
kolaente 6847f44058
chore(openid): add more debug logging when retrieving token 2025-03-29 19:24:07 +01:00
kolaente 4ea3c01b5f
chore: add more debug logging when returning error 2025-03-29 18:21:34 +01:00
kolaente 13d4e0e00d
chore(utils): remove deprecated MakeRandomString function 2025-03-24 16:52:46 +01:00
kolaente 4d41a1bd9b
feat(kanban): create To-Do, Doing, Done buckets when creating a new kanban view 2025-03-21 19:16:52 +01:00
kolaente d522d40773
fix(migration): do not fail when an attachment is too large
Resolves https://vikunja.sentry.io/issues/6389417364/events/d79bdea146b54a9dace8c81e3f787975/
2025-03-21 18:03:27 +01:00
kolaente 23d2814b94
fix(migration): check if the provided file is a valid csv before importing 2025-03-21 17:53:05 +01:00
kolaente d19a93dece
fix(migration): check if uploaded csv is empty 2025-03-21 17:48:08 +01:00
kolaente e3f006c527
fix(i18n): add missing translations 2025-03-20 17:41:45 +01:00
kolaente 5a93379d81
fix(ldap): update user name and email during login 2025-03-20 17:24:00 +01:00
kolaente d585de77a4
fix(ldap): crop avatar when syncing 2025-03-20 17:19:58 +01:00
kolaente 164f2eab9d
feat(ldap): also look for username only when checking group membership 2025-03-19 22:16:12 +01:00
kolaente f4b9a9cccd
feat(ldap): make member id attribute configurable 2025-03-19 22:15:50 +01:00
kolaente e12ebfebed
feat(ldap): sync avatar from ldap 2025-03-18 18:28:54 +01:00
kolaente 26c7ceaed4
chore(avatar): decouple upload from web handler 2025-03-18 18:28:54 +01:00
kolaente 732431773d
fix(i18n): remove duplicate api strings 2025-03-18 18:23:47 +01:00
kolaente 99213c66ee chore(openid): use general external team sync 2025-03-18 16:36:00 +00:00
kolaente 216df5bedc feat(ldap): make group sync configurable 2025-03-18 16:36:00 +00:00
kolaente a3b19a7b3c feat(auth): refactor group sync 2025-03-18 16:36:00 +00:00
kolaente c2f286437c feat(auth): ldap group sync 2025-03-18 16:36:00 +00:00
kolaente 9f5c761fd9 chore(auth): rename error 2025-03-18 16:36:00 +00:00
kolaente 06851ca639 chore(auth): rename external team id find methods 2025-03-18 16:36:00 +00:00
kolaente 62beb3db2d feat(auth): rename oidc_id to external_id 2025-03-18 16:36:00 +00:00
kolaente 12aba8e9b1
chore(openid): move openid team struct to openid package 2025-03-17 17:34:49 +01:00
kolaente 87cfe89441
feat(ldap): add tests 2025-03-16 18:23:55 +01:00
kolaente 91f9fe5b96
fix(ldap): return meaningful error when providing wrong credentials 2025-03-16 18:23:55 +01:00
Marc f4a0c0ef31 feat(auth): sso fallback mapping (#3068)
Reviewed-on: https://kolaente.dev/vikunja/vikunja/pulls/3068
Reviewed-by: konrad <k@knt.li>
Co-authored-by: Marc <marc88@free.fr>
Co-committed-by: Marc <marc88@free.fr>
2025-03-02 15:21:09 +00:00
kolaente 4e93806a44
fix(auth): load oidc provider before trying to use it
Resolves https://kolaente.dev/vikunja/vikunja/issues/3067
2025-03-02 14:09:02 +01:00
kolaente 734033c843
fix(avatars): always return correct mime type for cached avatar 2025-03-02 13:33:40 +01:00
kolaente 2ead48c1e9
fix(migration): do not crash when relating a task to itself
Resolves https://community.vikunja.io/t/vikunja-import-error-tried-to-relate-a-task-with-itself/1105
2025-03-02 13:24:55 +01:00
kolaente 1d1295e065
feat(i18n): add translations for migration notifications 2025-03-02 12:33:30 +01:00
kolaente 250bb8ec99
fix(i18n): pass language to notification mail function 2025-03-02 12:29:31 +01:00
kolaente e9d9f04763
chore: improve debug logging 2025-02-03 17:42:17 +01:00
kolaente f898bdaf2d feat(auth): use config variable to check if we should verify tls 2025-01-28 09:59:08 +00:00
kolaente 03412dd358 feat(auth): verify ldap config before trying to connect 2025-01-28 09:59:08 +00:00
kolaente d22c3fb19e feat(auth): make ldap user filter configurable 2025-01-28 09:59:08 +00:00
kolaente 71cad7aa13 chore(auth): refactor creating users in openid and ldap 2025-01-28 09:59:08 +00:00
kolaente 38bb8de4f1 feat(auth): authenticate users via ldap 2025-01-28 09:59:08 +00:00
kolaente 090dd4b2f6
fix(user): do not allow changing name in settings when the user originates from an external auth provider
This improves the UX because it does not allow external users to change their name in Vikunja, since that change would be overridden once they log in again.

Resolves https://github.com/go-vikunja/vikunja/issues/357
2025-01-21 16:27:06 +01:00
kolaente 0e37049343
fix(migration): add more debug logging 2025-01-20 12:08:10 +01:00
kolaente 017fa1b5af
fix(restore): restore encoded float values properly
Resolves https://kolaente.dev/vikunja/vikunja/issues/2934
2025-01-09 15:42:12 +01:00
kolaente 7e66f3ec6b
fix(restore): make sure all json columns are properly restored 2025-01-09 15:40:22 +01:00
kolaente 3d5d17336e
fix(migration): return proper error when uploaded file is not a zip file
Resolves https://vikunja.sentry.io/share/issue/73a7b6f60b3e446e949d072016f31c22/
2025-01-09 14:32:24 +01:00
kolaente 47ff7d8ad3
fix(migration): fetch members when they do not exist
Resolves https://github.com/go-vikunja/vikunja/issues/378
2024-12-15 13:11:29 +01:00
kolaente c9a68d3a63
fix(openid): lint 2024-12-11 17:10:41 +01:00
kolaente 4512045cbf
fix: check if all required keys are available when parsing openid configuration
Related to https://github.com/go-vikunja/vikunja/issues/371
2024-12-11 16:25:41 +01:00
kolaente b8c4e0a91e
fix(openid): log error when config is still using array value 2024-11-18 12:16:38 +01:00
kolaente 05349ddb5c
feat!: config for auth providers now use a map instead of an array
The config values for openid providers now use a map with the provider as key instead of an array. For example before:

auth:
  openid:
    providers:
      - name: foo
        clientid: ...

now becomes:

auth:
  openid:
    providers:
      foo:
        clientid: ...

This allows us to read values for openid providers from files using the same syntax as everywhere and makes the configuration more predictable. It also allows configuring providers through env variables, though it is still required to set at least one value via the config file because Vikunja won't discover the provider otherwise.
2024-11-18 10:34:30 +01:00
kolaente 68636f27da
fix(files): use absolute path everywhere 2024-09-06 12:59:48 +02:00
kolaente 329de3aab3
chore(web): remove unused echo context 2024-08-29 16:20:39 +02:00
kolaente 2063da9eec
chore(web): move web handler package to Vikunja 2024-08-29 16:15:28 +02:00
kolaente 7a7e97770c
chore(errors): always add internal error to echo error 2024-08-29 15:39:34 +02:00
kolaente ebfd5f54d2
fix(migration): ensure project background gets exported and imported 2024-08-12 17:18:07 +02:00
kolaente 28b4eaee31
fix(migration): make sure tasks are associated to the correct view and bucket for data imported from Vikunja dump
This change fixes a bug where imported projects would contain the default views additionally to the ones included in the export. This also caused the tasks to not show up in the views and buckets where they should show up, the newly imported ones.

Resolves https://community.vikunja.io/t/migration-from-vikunja-export-duplicated-boards-local-to-oidc/2690
2024-08-12 17:00:16 +02:00
kolaente ecdb03aca8
fix(migration): correctly set bucket for related tasks
When creating a related task during the import, migrating would fail because the migration would try to add the task to a bucket before the task was created. This fix changes the order in which that happens to prevent the error.
2024-07-17 10:05:59 +02:00
kolaente 8439c9cc1e
fix(migration): failed migration typo 2024-07-15 12:10:29 +02:00
kolaente 359b07dabb
fix(views): move bucket update to extra endpoint
BREAKING CHANGE: The bucket id of the task model is now only used internally and will not trigger a change in buckets when updating the task.

This resolves a problem where the task update routine needs to know the view context it is in. Because that's not really what it should be used for, the extra endpoint takes all required parameters and handles the complexity of actually updating the bucket.
This fixes a bug where it was impossible to move a task around between buckets of a saved filter view. In that case, the view of the bucket and the project the task was in would be different, hence the update failed.
2024-07-02 16:34:53 +02:00
kolaente c17e4564e7
fix(migration): ensure tasks are put into the correct bucket when migrating from todoist
Resolves https://github.com/go-vikunja/vikunja/issues/254
2024-06-04 08:33:11 +02:00
kolaente 66e96322ea
fix: do not remove empty openid teams when none are present
Maybe resolves https://community.vikunja.io/t/empty-openid-team-cleanup-cron-error-removing-empty-openid-team-database-is-locked-error-when-exporting-data/2306/3
2024-04-25 14:21:31 +02:00
kolaente 409822442b
fix(backgrounds): return full project after uploading image 2024-04-22 18:33:43 +02:00
kolaente aec60f3591
feat(backgrounds): resize images to a maximum of 4K
Resolves https://kolaente.dev/vikunja/vikunja/issues/1373#issuecomment-43491
2024-04-22 18:29:58 +02:00
kolaente 0962aa4262
fix(restore): transform json fields during restore
Resolves https://community.vikunja.io/t/unable-to-restore-after-dump-and-export-also-not-working/2263/5
2024-04-21 13:45:49 +02:00
kolaente ce1d7778c7
fix(export): make export work with project views and new task positions 2024-04-13 21:07:06 +02:00
kolaente 6e2b540394
fix(migration): import task comments with original timestamps
Partially resolves https://community.vikunja.io/t/trello-import-comments-and-assignments/2174/14
2024-04-13 14:44:55 +02:00
Elscrux 61ee0bd5e2 feat(migration): include non upload attachments from Trello (#2261)
This makes the Trello migrator include attachments that are not file uploads. To include them in Vikunja without missing data, their text (usually links) will be appended to the Vikunja description.

Co-authored-by: Elscrux <nickposer2102@gmail.com>
Reviewed-on: https://kolaente.dev/vikunja/vikunja/pulls/2261
Reviewed-by: konrad <k@knt.li>
Co-authored-by: Elscrux <elscrux@gmail.com>
Co-committed-by: Elscrux <elscrux@gmail.com>
2024-04-10 22:12:06 +00:00
kolaente bc19a2fb78
fix(migration): import card comments from Trello when migrating
Related: https://community.vikunja.io/t/trello-import-comments-and-assignments/2174/3
2024-04-09 13:56:17 +02:00
kolaente 994aaeb920
fix(migration): trello: only fetch attachments when the card actually has attachments 2024-04-09 13:25:03 +02:00
Elscrux 8458e77341 feat(migration): Trello organization based migration (#2211)
Migrate Trello organization after organization to limit total memory allocation.
Related discussion: https://community.vikunja.io/t/trello-import-issues/2110

Co-authored-by: Elscrux <nickposer2102@gmail.com>
Co-authored-by: konrad <k@knt.li>
Co-authored-by: kolaente <k@knt.li>
Reviewed-on: https://kolaente.dev/vikunja/vikunja/pulls/2211
Reviewed-by: konrad <k@knt.li>
Co-authored-by: Elscrux <elscrux@gmail.com>
Co-committed-by: Elscrux <elscrux@gmail.com>
2024-04-09 10:54:38 +00:00
kolaente af3b0bbea1
fix: lint 2024-04-08 13:23:15 +02:00
kolaente e10cd368bf
feat(migration): notify the user when a migration failed
This change introduces notifications via mail when a migration fails. It will contain the error message and a hint to post it in the forum when Sentry is disabled, otherwise the error message will be sent directly to sentry and the notification will inform accordingly.
I've tried to balance "this thing failed, go figure it out" with "here is what we know and how you can get help", we'll see how well that approach works.
2024-04-08 12:15:24 +02:00
kolaente 0b9ef27d04
fix(migration): show correct message after starting a migration
Related to https://github.com/go-vikunja/vikunja/issues/238
2024-04-07 15:11:59 +02:00
kolaente 8bee5aa806
fix(project): return the full project when setting a background
Related to https://kolaente.dev/vikunja/vikunja/issues/2246
2024-04-07 14:53:57 +02:00
kolaente f3cdd7d15f
fix(views): import 2024-03-19 00:47:51 +01:00
kolaente 2502776460
feat(views)!: move task position handling to its own crud entity
BREAKING CHANGE: the position of tasks now can't be updated anymore via the task update endpoint. Instead, there is a new endpoint which takes the project view into account as well.
2024-03-19 00:47:46 +01:00
kolaente a5c51d4b1e feat: emoji reactions for tasks and comments (#2196)
This PR adds reactions for tasks and comments, similar to what you can do on Gitea, GitHub, Slack and plenty of other tools.

Reviewed-on: https://kolaente.dev/vikunja/vikunja/pulls/2196
Co-authored-by: kolaente <k@knt.li>
Co-committed-by: kolaente <k@knt.li>
2024-03-12 19:25:58 +00:00
kolaente 0910d5d2f2
chore(auth): refactor removing empty openid teams to cron job 2024-03-11 17:20:05 +01:00
kolaente 0057ac5836
fix(migration): only download uploaded attachments 2024-03-10 18:41:37 +01:00
kolaente ca0de680ad
fix(migration): import card covers when migrating from Trello 2024-03-10 16:30:06 +01:00
waza-ari ffa82556e0 feat(teams): add public flags to teams to allow easier sharing with other teams (#2179)
Resolves #2173
Co-authored-by: Daniel Herrmann <daniel.herrmann1@gmail.com>
Reviewed-on: https://kolaente.dev/vikunja/vikunja/pulls/2179
Reviewed-by: konrad <k@knt.li>
Co-authored-by: waza-ari <daniel.herrmann@makerspace-darmstadt.de>
Co-committed-by: waza-ari <daniel.herrmann@makerspace-darmstadt.de>
2024-03-10 14:04:32 +00:00
renovate d7fdefcead chore(deps): update golangci/golangci-lint docker tag to v1.56.2 (#2099)
Co-authored-by: kolaente <k@knt.li>
Reviewed-on: https://kolaente.dev/vikunja/vikunja/pulls/2099
Co-authored-by: renovate <renovatebot@kolaente.de>
Co-committed-by: renovate <renovatebot@kolaente.de>
2024-03-10 13:47:19 +00:00
Hangya c5e8ff66fb fix(migration): updated Trello color map to import all labels (#2178)
Trello has [added 20 color variants](https://www.atlassian.com/blog/trello/20-new-trello-label-colors) that were not imported, added them. Also added a fallback to save labels even if the color is not mapped yet.

Resolves https://community.vikunja.io/t/get-info-about-importation-trello/1968/16
Reviewed-on: https://kolaente.dev/vikunja/vikunja/pulls/2178
Reviewed-by: konrad <k@knt.li>
Co-authored-by: Hangya <ronkayj@gmail.com>
Co-committed-by: Hangya <ronkayj@gmail.com>
2024-03-10 11:23:38 +00:00
Christoph Ritzer 86983f50d4 fix(migration): Trello checklists (#2140)
Trello checklists are now properly converted to html checklists and put into the description.

Co-authored-by: kolaente <k@knt.li>
Reviewed-on: https://kolaente.dev/vikunja/vikunja/pulls/2140
Reviewed-by: konrad <k@knt.li>
Co-authored-by: Christoph Ritzer <chris@cloumail.at>
Co-committed-by: Christoph Ritzer <chris@cloumail.at>
2024-03-09 09:01:02 +00:00
kolaente e65c3ffe6b
fix(migration): convert trello card descriptions from markdown to html 2024-03-09 09:31:57 +01:00
kolaente dc291a51f5
fix(migration): do not expire trello token 2024-03-06 15:13:54 +01:00
waza-ari d69fc28125 fix(openid): OIDC teams should not have admins (#2161)
This PR fixes an issue discussed in #2152. Before this PR, the user who triggered team creation automatically got the admin flag set for this group, which makes perfect sense for the normal UI workflow. OIDC managed teams cannot be edited in Vikunja, and they're created automatically by the first user logging in having this team assigned. This PR therefore makes sure that OIDC managed team members do not receive the admin flag.

Co-authored-by: Daniel Herrmann <daniel.herrmann1@gmail.com>
Reviewed-on: https://kolaente.dev/vikunja/vikunja/pulls/2161
Reviewed-by: konrad <k@knt.li>
Co-authored-by: waza-ari <daniel.herrmann@makerspace-darmstadt.de>
Co-committed-by: waza-ari <daniel.herrmann@makerspace-darmstadt.de>
2024-03-05 22:08:39 +00:00
waza-ari a3154e805c fix(auth): use (issuer, name) to check for uniqueness of oidc teams (#2152)
The change introduced in #2150 introduces a bug where a Team would be re-created every time a user logs in, as the check if a team already exists was based on both the unique `oidcID` and the `name`. This PR proposes to only base the check on the ID, as this should be unique.

Co-authored-by: Daniel Herrmann <daniel.herrmann1@gmail.com>
Reviewed-on: https://kolaente.dev/vikunja/vikunja/pulls/2152
Reviewed-by: konrad <k@knt.li>
Co-authored-by: waza-ari <daniel.herrmann@makerspace-darmstadt.de>
Co-committed-by: waza-ari <daniel.herrmann@makerspace-darmstadt.de>
2024-03-04 20:26:45 +00:00
kolaente 379b0b24b3
fix(auth): test assertion 2024-03-02 15:38:01 +01:00
kolaente a4a0ea973a
feat(auth): update team name in Vikunja when it was changed in the openid provider 2024-03-02 15:27:15 +01:00
kolaente fc4303a778
chore(auth): add oidc suffix to openid team name in db
Related to https://kolaente.dev/vikunja/vikunja/issues/2150
2024-03-02 15:23:19 +01:00
kolaente 4f1f96f1e9
chore(auth): refactor openid team creation 2024-03-02 15:22:37 +01:00
viehlieb ed4da96ab1 feat: assign users to teams via OIDC claims (#1393)
This change adds the ability to sync teams via a custom openid claim. Vikunja will automatically create and delete teams as necessary, it will also add and remove users when they log in. These teams are fully managed by Vikunja and cannot be updated by a user.

Co-authored-by: kolaente <k@knt.li>
Reviewed-on: https://kolaente.dev/vikunja/vikunja/pulls/1393
Resolves https://kolaente.dev/vikunja/vikunja/issues/1279
Resolves https://github.com/go-vikunja/vikunja/issues/42
Resolves https://kolaente.dev/vikunja/vikunja/issues/950
Co-authored-by: viehlieb <pf@pragma-shift.net>
Co-committed-by: viehlieb <pf@pragma-shift.net>
2024-03-02 08:47:10 +00:00
kolaente e40a0043d4
fix(migration): do not halt the whole migration when copying a background file failed 2024-02-19 19:21:06 +01:00
kolaente 162741e940
fix: lint 2024-02-13 22:24:46 +01:00
kolaente 205f330f8a
fix(migration): make sure to correctly check if a migration was already running
This change fixes a bug where Vikunja would not correctly check if a migration was already running. That meant it was not possible for users who had never before migrated anything to start a migration, because Vikunja assumed they already had a migration running for them.
This state was neither properly reflected in the frontend, which is now fixed as well.
2024-02-13 22:21:59 +01:00