The notification-row partial and the mention email's "see in center"
button built their /notifications/details/<id> links from the numeric
primary key, so mention, digest and reminder emails still linked to the
numeric URL on a semantic-identifier instance.
The split view already resolves the id through find_by_display_id, which
accepts both the numeric id and the semantic identifier, so handing it
the work package lets to_param render the display id. Also drops the
unused split_view_work_package_id helper, whose to_i wrongly suggested
the route only accepts a numeric id.
* Create the section component
* Create the form configuration component
* Create a controller
* change form template
* Use primer dialog for reset to defaults button
* show WP configuration modal while creating a related WPs table
* Fix the drag and drop functionality without save button
* Fix renaming functionality
* Use generic drag and drop in form configuration and move all client side action handling to server side
* Fix embedded query form configuration regressions
* Add data test selectors to all elements that we used for test
* update the current tests with the new implementations and design
* Add new tests for new controller of sections and rows
* WP quesry row should only have edit quesry action
* Update transformer spec regarding the new changes
* Fix the failing test in reset form configuration and some tests for actions
* Fix rubocop errors
* Fix eslint errors
* Add spec for removing a section
* Use condensed border boxes
* fix failing specs
* fix failing specs
* Switch the buttons in form configuration component
* Create the section at the top of the list
* Instead of using UUID, use the name of the group as the key
* Add missing check for EE for section actions
* Remove angular components
* Use action list instead of a border box for left side panel
* Reduce the margin between the right side panel and sub header, add some space to the query table left side, span to the whole available space
* Show validation errors while updating and creating a section
* Use a danger dialog for reset to default
* Add a confirmation for removing the section
* Align items in the row
* Use test_selector instead of data-test-selector
* Create move_action in rb file
* Create move_action in rb file
* Simplify section component
* Simplify form configuration component
* Remove dialog for rename and delete section on missing EE
* Create a component for inactive attribute list
* Create a separate component for reset dialog
* Remove EE feedback dialog
* Remove form partial which is not needed anymore
* Remove unused js strings
* Update using update_via_turbo
* Remove form configuration rows controller
* Create a blanksalte component
* Fix failing specs
* Fix failing specs
* Fix failing specs
* Remove unused translation strings
* Align form configuration section routes with actual create flow
* Change section to group
* Change section to group in services and controllers
* Change section to group in en.yml
* Fix rubocop errors
* Move the query group persistence assertion from the JS feature spec
to the synchronous form configuration groups controller spec.
* Reuse query service result in embedded query build
* Keep inactive attribute filter after turbo list refresh
* Extract form configuration group edit state into form model
* Fix the failing test
* Potential fix for pull request finding 'CodeQL / Potentially uninitialized local variable'
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
* Rename inactive attribute component inputs
* Refine reset dialog wording for form configuration
* Use direct Turbo action for adding attribute groups
* Reuse generic filter-list controller for inactive attributes
* Remove focus impelementation in ts
* Group form configuration Stimulus controllers under one namespace
* Use turbo request service in form configuration controller
* Clarify legacy group key normalization in form config contract
* Replace inactive attribute list wrapper via turbo stream
* Extract duplicate untitled group key generation into Type::FormGroup.next_untitled_key
* Auto-generate untitled group name on create instead of returning an error
* Avoid mixed return types in form config group create service
* Extract shared form configuration group service behavior into concern
* Fix spacing for the last group and italic font for the placeholder rows
* Replace Angular no-results component with Primer Banner on form configuration page
* Hide dropped element immediately to prevent flickering before Turbo Stream response
* Reload type before rendering create error to prevent duplicate groups
* Await service initialization before use to prevent potential race condition
* Replace sleep calls with deterministic waits in form configuration spec
* Handle malformed JSON and invalid query errors gracefully in form configuration update
* Make query group label a clickable button and empty group hint italic
---------
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
We used request.url and a back_url for the home path to redirect users
if they did not end up trying to access on a deep link.
In case you access / and get redirected by require_login, you want users
to end up on the after_login_default_redirect_url
Likewise, if you access /login without a back_url, you want the same
behavior
Deep linking logins are unchanged
https://community.openproject.org/work_packages/74756
This error is intended for cases when a method is
intentionally not implemented, because the module/class defining
it expects a subclass (or class including the module) to implement
the method.
This is intended to distinguish it from other cases, such as:
* feature not implemented yet
* edge case of a method call not yet supported
Notably it avoids the misuse of the Ruby-defined NotImplementedError,
which is only intended for much more specific scenarios:
> Raised when a feature is not implemented on the current platform. For example, methods depending on the fsync or fork system calls may raise this exception [...]
Also see https://docs.ruby-lang.org/en/master/NotImplementedError.html
The name of this setting was pretty outdated by now.
It might have disabled the entire API in the past, but that time
is long gone. By now the APIv3 can't be disabled at all and OpenProject
would fall apart if it was disabled.
The only thing that this setting changes, is whether users can create
an access token in their account settings and whether tokens created
this way are accepted by OpenProject. So naming and description have
been adapted accordingly.
The intention of this change is to always respond in the metadata-rich
version of the header that indicates things like the required scope and
the URL of the resource_metadata endpoint, which was previously hidden
and only visible if clients used a non-standard HTTP request header.
semantically it's probably the preferable version of the header by now
anyways, because:
* all APIs accept some kind of Bearer token, not all of them accept Basic auth
* Even API tokens can now be passed as Bearer tokens
Practically the Basic auth header also caused unintended browser pop-ups when the frontend
code didn't include the correct request header to avoid the Basic auth offer, this now can't
happen anymore, since the Basic auth version of the header is only returned, if the client actively
tried to authenticate through Basic auth.
Remark from Klaus. Not related to this PR, but emails are allowed to
start with numbers. So the id.to_i will return that number when the
email starts with one.
Klaus Zanders