Oliver Günther
3c9be3bdbe
* Add global permission for add_user * Rename fieldset for global roles to "Global" * Add permission to admin actions * Add index action to add_user permission * Redirect to first admin item if only one * Hide status action for non admins * Break down user form into partials for easier rendering * Disable some user form tabs for non-admins * Make users API and services conformant with endpoints * Fix references to DeleteService#deletion_allowed? * Authorize add_user on show as well * Only show invite user toolbar item with permission * Fix Delete Service spec * Fix the way user prefs are handled in service * Ensure session_id is treated as string This causes a cast error otherwise as it passes rack session locally * Fix service call on onboarding controller * Fix service call on users controller * Add delete spec for global user * Hide login attribute again when adding a new user * Render auth source correctly in simple form * Fix creating invited users through service The invitation requires the mail attribute to be present. Previously, there was a manual error added to the mail. As the errors are now determined by the contract + model, we now end up with all missing properties as errors. * Properly constraint attributes for non-admins * Add specs for global user * Start working on how to update password from UsersController that code is a mess... * Change permitted_params spec to include non-admin params * Fix create user service spec * Remove mail_notification param from users controller It's not part of the contract/params passed to user * Remove todos * Extend docs * Correct the way backlogs patches into the user settings * Remove superfluous UpdateUserService * Rewrite duplicated update service examples into common shared example * Remove duplicate password writable check * Base Users::DeleteContract on base delete contract * Move checks for active users into the UserAllowedService * Restore password writable check as it is not an attribute * Fix menus for global user * Allow global users to add custom fields * Allow global user add permission to reinvite user * Fix changed var name in update service spec * Ensure also invited or registered users can be authroized This ensure that e.g., invited users can also be set as watchers * fix typo Co-authored-by: ulferts <jens.ulferts@googlemail.com>
OpenProject API
OpenProject offers two APIs. The general purpose HATEOAS API v3 and the BCF API v2.1 api targeted towards BIM use cases.
Please note that we intend to keep this specification as accurate and stable as possible, however work on the API is still ongoing and not all resources and actions in OpenProject are yet accessible through the API.
This document will be subject to changes as we add more endpoints and functionality to the API. The development version of this document may have breaking changes while we work on new endpoints for the application.
We try to keep stable releases of OpenProject with changes to this API backwards compatible whenever possible.
API v3
The API v3 is a general purpose API supporting multiple use cases.
While by no means complete, a whole lot of different scenarios can be automatised which otherwise would have to be caried out by hand via the UI. Examples for this include managing work packages, projects and users.
BCF v2.1
This API supports BCF management in the context of BIM projects.
While this API supports way less use cases than the more generic API v3 it is compatible with the generic specification of a BCF API as defined by the standard. This, clients implementing the specification can manage topics and viewpoints.
--> Go to BCF API