CHANGELOG#

Unreleased#

Bug Fixes#

[#60582] validate org unit validity on edit

Documentation#

[#60631] frontpage
[#xxxxx] bold text instead of headers

Chores#

[#57671] add service_api role to dev DIPEX client

35.3.0 (2024-04-25)#

Features#

graphql: [#59178] disable DataLoader caches

This commit disables caches on our GraphQL DataLoaders as they only use UUID as cache-key, but really depend on a much larger context for caching and thus exhibit incorrect cache characteristics.

The appropriate for this issue is to ensure that arguments are passed through the stack, and thus through the dataloader, rather than around the stack, as-is the case right now with GraphQL dates, that pass around the stack via the use of starlette_context.

Thus this is simply a temporary removal of the cache to eliminate a potential footgun, potentially at the cost of performence. If it turns out that the performance impact of this change is too great, it can be reverted at the cost of reintroducing the footgun.

35.2.0 (2024-04-25)#

Features#

graphql: [#59178] add engagement filter to org_units

This commit adds the option to filter org_units by engagements.

The implementation works by first resolving the engagement filter to a list of engagement UUIDs, which is then used to fetch the engagement objects, from which a list of org_unit UUIDs is extracted, finally this list of UUIDs is used to filter the UUID query.

35.1.0 (2024-04-25)#

Features#

graphql: [#59178] introduce temporality selectors

This commit introduces selectors to the GraphQL response temporality layer allowing API users to not only specify the filter time, but also the time for which data is returned.

Specifically it is now possible to set the at time for current data, such as with the following query:
query ReadEmployeeAt2010($uuid: UUID!) {
  employees(filter: {uuids: [$uuid]}) {
    objects {
      current(at: "2010-01-01") {
        validity {
          from
          to
        }
        name
      }
    }
  }
}
Which will return the data that was active on the 1st of January 2010, such as:
{
  "data": {
    "employees": {
      "objects": [
        {
          "current": {
            "validity": {
              "from": "2000-01-02T00:00:00+01:00",
              "to": "2019-12-31T00:00:00+01:00"
            },
            "name": "John Deere"
          }
        }
      ]
    }
  }
}
Similarly validities can also be queried with an interval, given start and end timestamps:
query ReadEmployeeDataBetween2000And2010($uuid: UUID!) {
  employees(filter: {uuids: [$uuid]}) {
    objects {
      validities(start: "2000-01-01", end: "2010-01-01") {
        validity {
          from
          to
        }
        name
      }
    }
  }
}
Which will return the data that was active in the interval between the 1st of January 2000 and the 1st of January 2010, such as:
{
  "data": {
    "employees": {
      "objects": [
        {
          "validities": [
            {
              "validity": {
                "from": "1900-01-01T00:00:00+01:00",
                "to": "2000-01-01T00:00:00+01:00"
              },
              "name": "Beforaza Deere"
            },
            {
              "validity": {
                "from": "2000-01-02T00:00:00+01:00",
                "to": "2019-12-31T00:00:00+01:00"
              },
              "name": "John Deere"
            }
          ]
        }
      ]
    }
  }
}
The introduction of this new behavior is fully backwards compatible with the old behavior, as it is only activated when at and start / end respectively is included on the temporal axis, something that was illegal in previous versions of the schema.

The behavior of start and end is identical to the uses in the filters, such that an unset start is interpreted as 'now', etc.

If at or start / end is specified the new behavior takes precedence over the old behavior of inheriting the result time from the filter time.

The functionality is backwards compatible to GraphQL v21, as this is when date handling was corrected, however the new syntax is accepted all the way back to GraphQL v14 although with the old date handling behavior.

Test improvements#

graphql: [#59178] added gentime helper to make timestamps more readable
graphql: [#59178] reorder setup_data to be chronological
graphql: [#59178] rename test person to ease understanding

This commit renames the test person in the temporality tests, from:

"Illyanna" to "Startasia"

"Tortheldrin" to "Middleton"

"Ferra" to "Lastarza"

With the names corresponding to their position in the change history. "Startasia" being at the start "Middleton" being in the middle and "Lastarza" being last.

35.0.2 (2024-04-24)#

Chores#

deps: [security] bump gunicorn from 21.2.0 to 22.0.0

35.0.1 (2024-04-24)#

Bug Fixes#

[#57671] KEYCLOAK_REALM_USERS json

Chores#

[#57671] align ci keycloak users with docker compose
[#57671] align keycloak users with mora{dev,test,demo}

35.0.0 (2024-04-24)#

Features#

[#57671] introduce service_api role

This commit introduces the service_api role, which controls whether OS2mo's ServiceAPI can be accessed or not. The goal of this change is to restrict access to the ServiceAPI until it can be completely eliminated.

Attempting to access the ServiceAPI without the proper permission now yields an authorization error stating that the ServiceAPI is gone.

BREAKING CHANGE:

After this commit only clients with the service_api role can access the ServiceAPI.

34.10.0 (2024-04-23)#

Features#

graphql: [#58204] support patch-updating fields in org_unit_update

This commit introduces GraphQL version 22.

GraphQL version 22 introduces breaking changes to the org_unit_update mutator, specifically with regards to the way UNSET (arguments not send) and null / None (arguments explicitly to clear the value) are handled.

Prior to the change most fields on the mutator were required, with some fields allowing nulls, however sending nulls did not clear the fields, rather nulls where simply ignored similar to unset fields.

In the new version most fields are optional, with unset fields retaining the prior behavior of not clearing the fields, but rather doing nothing, while sending nulls now specifically request clearing the value of the field (if possible).

Thus this commit enables HTTP PATCH semantics, where a single field can be updated and cleared without affecting the remaining fields on the object. This is the first mutator to undergo this treatment, but the plan is for all update mutators to exhibit this behavior.

As such to migrate from GraphQL v21, simply send the query as normal:
mutation OrgUnitUpdate($input: OrganisationUnitUpdateInput!) {
    org_unit_update(input: $input) {
        uuid
    }
}
But ensure that the provided input payload has undergone a transformation, where all null values are stripped from the payload:
{
  "uuid": "08eaf849-e9f9-53e0-b6b9-3cd45763ecbb",
  "validity": {"from": "2020-01-01"},
  "name": "new_org_name",
  "parent": null
}
to:
```json
{
  "uuid": "08eaf849-e9f9-53e0-b6b9-3cd45763ecbb",
  "validity": {"from": "2020-01-01"},
  "name": "new_org_name"
}

Test improvements#

graphql: [#58204] refactor test_update_org_unit_mutation_integration_test

34.9.1 (2024-04-23)#

Bug Fixes#

[#60448] org_unit resolver dates filter
[#60448] registration resolver dates filter

Test improvements#

graphql: [#59496] cache GraphQL load for test performance

Code Refactor#

[#60448] use get_sqlalchemy_date_interval in audit resolver

34.9.0 (2024-04-22)#

Features#

graphql: [#60575] support disabling old GraphQL versions

This commit introduces a new environmental variable MIN_GRAPHQL_VERSION which can be used to set the lowest GraphQL version to expose.

It currently defaults to 2, the lowest GraphQL version available, in order to be backwards compatible, but the goal for the future is to set it to the newest GraphQL version available, such that only the newest version is exposed by default.

Code Refactor#

[#60575] eliminate graphql_versions

This commit eliminates the graphql_versions list in favor of simply specifying the interval via a hardcoded maximum and the configuration provided minimum.

34.8.1 (2024-04-22)#

Performance improvements#

graphql: [#59496] lazy load GraphQL versions

This commit massively improves OS2mo's startup performance and baseline memory usage by lazy loading GraphQL versions.

Prior to this change all GraphQL versions were loaded during application startup, even if they were never gonna receive any calls whatsoever. Now they are loaded lazily on the first access and kept loaded forever after then.

The startup time is reduced from about 10 seconds to about 1.5 seconds, thus startup time has been reduced by about a factor of 6.

Additionally the baseline memory usage is reduced from about 210MiB (all GraphQL versions loaded statically) to 150MiB (No GraphQL versions loaded). The maximum memory usage with all GraphQL versions loaded and accessed is about 225MiB both before and after the change, scaling somewhat linearly for each GraphQL version that is loaded and used.

Documentation#

[#xxxxx] fix docs typo

Test improvements#

graphql: [#58204] fix test_parent_changes

This commit fixes the test_parent_changes to actually function on real data, the test was introduced in a broken state due to a misassumption around how the parent_uuid and parent fields works.

As it turns out parent_uuid will return the UUID of the root organisation rather than None when an organisation unit is a root in the organisation unit tree, while the parent lookup will return None.

Code Refactor#

graphql: [#58204] decomposition strip_none_and_unset
graphql: [#58204] convert org-unit create from pydantic to strawberry

This commit refactors the org_unit_create endpoint from using pydantic models to instead using strawberry models. The change is made as a proof-of-concept for eliminating pydantic models for creates in OS2mo.

graphql: [#58204] convert org-unit update from pydantic to strawberry

This commit refactors the org_unit_update endpoint from using pydantic models to instead using strawberry models. The change is made in preparation of supporting patch updates in OS2mo.

34.8.0 (2024-04-22)#

Features#

[#60506] make subtitute_roles into a list

Documentation#

[#60559] architecture docs

Test improvements#

graphql: [#58204] test desired org-unit parent mutator behavior

This commit introduces an test describing the desired org-unit parent mutator behavior, the test is currently xfailed as MO does not currently implement the desired behavior, but the xfail will be removed in a future PR where the behavior is implemented.

34.7.1 (2024-04-18)#

Features#

[#59798] remove rolle from service API

BREAKING:

This removes the deprecated details/role endpoints completely.

Bug Fixes#

reduce the threshold for primary engagements

The threshold for primary engagements are reduced from 3000 to 1. This allows any primary class with a scope of 1 or more to primary. This fixes an issue where the class "Ansat - ikke i løn" would not be considered the primary engagement even if it was the only engagement.

34.7.0 (2024-04-11)#

Features#

[#60454] prepend hash to opaque cursor

34.6.0 (2024-04-10)#

Features#

[#60425] employee delete mutator

Documentation#

[#60434] update landscape svg

34.5.0 (2024-04-09)#

Features#

[#60337] introduce exchange targeting

This commit introduced exchange targeting to OS2mo's refresh mutators.

This change allows for targeting integration specific exchanges, such that refresh events can be send to a specific integration instead of to all integration (without queue targeting) or to a specific queue with queue targeting.

The default behavior when not provided the newly added exchange argument is as it was before this change, ensuring that this change is backwards compatible.

34.4.3 (2024-04-09)#

Bug Fixes#

[#60337] deprecate *_refresh mutator queue

It never worked properly; to send to a specific queue, a message was sent to the "" exchange with the queue name as routing key. This routing key persisted all the way to the integration, which would receive an unexpected routing key.

We will introduce an exchange parameter instead. This also decouples the refresh caller from the implementation details of the integration's queue names.

34.4.2 (2024-04-08)#

Chores#

deps: bump sqlalchemy-utils from 0.41.1 to 0.41.2

34.4.1 (2024-04-07)#

Code Refactor#

[#59943] pairwise 🍐

CI improvements#

[#59294] rabbitmq management

Some integration tests need to inspect the overall state of the queues. This is not part of the AMQP protocol.

Chores#

deps: bump sqlalchemy from 2.0.28 to 2.0.29
[#60379] remove autopub

34.4.0 (2024-03-22)#

Features#

[#60206] merge lora-utils 🎉

34.3.7 (2024-03-15)#

Performance improvements#

[#59943] lockpicking
[#59943] reintroduce (some) concurrency

34.3.6 (2024-03-15)#

Performance improvements#

[#59943] make jinja sync again
[#59943] demogrify

Test improvements#

[#59943] use create_sessionmaker from db module

34.3.5 (2024-03-12)#

Bug Fixes#

[#60072] make the testing api work with new request-scoped session

34.3.4 (2024-03-11)#

Bug Fixes#

[#60058] allow empty brugervendtnoegle

34.3.3 (2024-03-11)#

Bug Fixes#

[#60047] fix hierarchies children

34.3.2 (2024-03-08)#

Code Refactor#

auth: [#59559] make the DIPEX client less special

This commit moves the DIPEX client from the ordinary realm-builder to the integration realm builder, as DIPEX is nothing but a collection of integrations and thus should not be treated differently than other integrations.

This commit is the first step in eliminating the DIPEX client and ensuring that each integration has its own client, thereby ensuring that we can track which integration makes which change in MO, w.r.t. the audit log.

Chores#

deps: bump sqlalchemy from 2.0.25 to 2.0.28

34.3.1 (2024-03-06)#

Performance improvements#

[#59943] cache _parse_timestamp less (for memory)
[#59943] cache get_date_interval

34.3.0 (2024-03-05)#

Features#

[#58428] SQLAlchemy OrganisationUnitFilter + subtree

Documentation#

[#59968] fix sd-skriv doc rendering
[#59968] include auditlog feature docs
[#59968] update on-prem description

Test improvements#

[#54344] remove graph_data_strat
[#54344] remove patched tests

Chores#

[#59968] make end-of-file-fixer ignore graphics

34.2.5 (2024-03-01)#

Performance improvements#

[#59943] jsonable_encode less

34.2.4 (2024-03-01)#

Performance improvements#

[#59943] merge sub-functions into filter_json_output

Before, we had 4 functions which all traversed the entire output and copied the structure 4 times. This was both slow and memory inefficient.

34.2.3 (2024-03-01)#

Bug Fixes#

[#59943] more properly escape sql improperly

34.2.2 (2024-03-01)#

Performance improvements#

[#59943] remove another deepcopy

make it explicit that it is mutating by removing the return.

[#59943] remove deepcopy from _consolidate_virkninger

Chores#

[#59943] log exceptions in graphql

34.2.1 (2024-02-29)#

Performance improvements#

[#59943] optimise critical lora sections

34.2.0 (2024-02-29)#

Features#

[#59797] transaction per request

Use a single database session for each incoming request.

34.1.3 (2024-02-26)#

Bug Fixes#

[#58757] "adapt" coroutine was never awaited

34.1.2 (2024-02-22)#

Bug Fixes#

fix even more log statements missing event

34.1.1 (2024-02-22)#

Bug Fixes#

fix missing event statement in log

34.1.0 (2024-02-21)#

Features#

improve logging on cpr_errors

34.0.1 (2024-02-20)#

Bug Fixes#

[#59741] make autocomplete work as expected by the tests

The _validities hack is no longer needed in GraphQL v21. The tests probably never worked.

Test improvements#

[#59741] fix graphql v17 tests
[#59741] fix search tests
[#59741] fix dataloaders tests
[#59741] don't xfail
[#59713] fix starting mo app multiple times in the same test
[#59713] uncomment test

34.0.0 (2024-02-19)#

Features#

[#58757] remove keycloak healthcheck

BREAKING CHANGE:

The keycloak healthcheck always returned True anyway. Migration guide: stop using this useless endpoint.

[#58757] remove oio_rest healthcheck

BREAKING CHANGE:

The oio_rest healthcheck always returned True anyway. Migration guide: stop using this useless endpoint.

[#58757] add equivalent error-handing
[#58757] allow connection injection into alembic

This allows us to set up a database connection and apply alembic migrations from the test suite.

[#58757] advance "one db connection"
[#58757] one db connection

Bug Fixes#

[#58757] structlog stack argument must be a string
[#58757] close amqp system with lifespan
[#58757] overwrite log handlers

Avoids ever-increasing duplicate log lines.

[#58757] call db.delete_object directly

Fixes a bug where it didn't work at all.

[#58757] add missing awaits

Test improvements#

[#58757] fix itusers test
[#58757] update test durations
[#58757] fix get_objects unit tests
[#58757] fix addresses tests
[#59741] fix registration tests
[#58757] make auth_headers function-scoped

Avoids the token running out before the test has a chance to use it.

[#58757] TestException -> FakeException

Things starting with 'test' are usually tests that need to be run.

[#58757] async patch_db_struct
[#58757] settings values must be strings
[#58757] upgrade pytest-asyncio, rewrite to event_loop_policy
[#58757] async patch_query_args
[#58757] remove unused app from lora tests
[#58757] conftest + testing api

This is a somewhat messy commit - sorry!

[#58757] suppress hypothesis function-scoped fixture healthcheck
[#58757] fix registration parsing tests
[#58757] fix autocomplete integration tests
[#58757] fix autocomplete tests

The test mocked pretty much everything.

[#58757] fix db tests
[#58757] fix manager tests
[#58757] fix v5 tests
[#58757] fix v3 tests
[#58757] fix healths tests

Pure luck that DAR was down while testing, lmao...

[#58757] fix service auth tests
[#58757] fix sql tests
[#58757] fix auth userref tests
[#58757] fix create organisation integration tests
[#58757] fix db models tests
[#58757] fix service api exports tests
[#58757] fix meta tests
[#58757] fix auditlog tests
[#58757] function-scoped uuid fixtures
[#58757] better output on assertion fails
[#58757] remove obsolete database helpers
[#58757] make oio tests pytest
[#58757] fix mocked_context
[#58757] custom implementation of pytest-asyncio's event_loop

Code Refactor#

[#58757] use sessionmaker dependency for starlette context

Before this change, the sessionmaker from app creation was bound to the starlette-context and used for dependency injection separately. Now, the sessionmaker is only used for dependency injection, which the starlette context now also uses.

[#58757] remove lora's connection
[#58757] use psycopg3 mogrify
[#58757] use alembic cli directly

DISABLE_ALEMBIC isn't used anywhere.

[#58757] inject connection into alembic and simplify

Chores#

[#58757] poetry update

Done last so it's easier to rebase MR.

[#58757] formatting

This is a bad commit - sorry!

[#58757] load_fixture_data_with_reset -> fixture_db
[#58757] remove psycopg2
[#58757] add some of the old configuration back into alembic
[#58757] use upstream alembic config from alembic init -t async

This doesn't work, but it does provide a nicer diff.

33.7.3 (2024-02-13)#

Bug Fixes#

[#58757] cache graphql schema

33.7.2 (2024-02-13)#

Bug Fixes#

[#58757] update strawberry

33.7.1 (2024-02-13)#

Bug Fixes#

[#58263] pick 'actual' extensions field

Test improvements#

[#58263] comment out tests

They pass, but the entire test suite can't run because of strange inter-dependencies. Will be solved with #58757/#59713.

33.7.0 (2024-02-06)#

Features#

[#58776] allow reading notes on registrations
graphql: [#58776] notes for itusers

Bug Fixes#

[#58776] distinct registrations

Currently, you get multiple of the same registration because we filter on a table where there can be many validities for one registration time.

33.6.0 (2024-02-02)#

Features#

graphql: [#xxxxx] introduce validities on Response

This commit introduces the validities field on the Response object in GraphQL in preparation of the deprecation and eventual elimination of the objects field on the Response object.

Chores#

[#58757] python 3.11

33.5.0 (2024-02-01)#

Features#

[#56520] save files in database instead of on disk

Test improvements#

[#59295] disable naughty test
[#59295] pytest durations

33.4.6 (2024-01-26)#

Bug Fixes#

[#59408] change Naldo origin to port 5000

33.4.5 (2024-01-23)#

Bug Fixes#

[#57700] introduce graphql version for dates fix (e3eee7ea)

Even though it was a bugfix, it was a breaking change.

WE DO NOT BREAK USERSPACE!

Chores#

[#57700] align graphql version docstrings

33.4.4 (2024-01-18)#

Code Refactor#

graphql: [#57700] remove unused neutral_element_constructor

The neutral_element_constructor concept was used in the class-based resolvers to allow for non-temporal (static) object types, but these have long since been eliminated and as such this constructor parameter has been unnecessary for a while.

Build improvements#

deps: bump alembic from 1.13.0 to 1.13.1

33.4.3 (2024-01-18)#

Bug Fixes#

[#57700] pass dates to nested fields in details shim
[#57700] GraphQL dates

Previously, the LoRa Connector was cached across the request without any regard for the actual loraparams it was initialised with (because the caching was applied to _create_graphql_connector, whose parameters never change). Now, the LoRa Connector is cached after it has been initialised with validity parameters. This means that the validity parameter parsing logic is no longer cached, but at least it is correct.

Note that the only reason the LoRa Connector is cached in the first place is to ensure the general DataLoader in lora.py works. When the Service API is removed, and GraphQL refactored, the Connector caching can be removed as well.

Test improvements#

[#57700] remove strawberry SchemaExtension patch shenanigans
[#57700] test from_date=None to_date=UNSET separately
[#57700] test from_date <= to_date separately

Code Refactor#

graphql: [#57700] refactor Response model argument

This commit removes the required model argument on the Response generic model in favor of extracting the model from the generic parameters.

This was previously stated as impossible as the reasoning behind the introduction of the model field, but that was in fact incorrect as proven by the existence of this change.

33.4.2 (2024-01-18)#

Bug Fixes#

graphql: [#57700] fix collections registrations

This commit fixes the registrations fields on the Response models. These fields were unintentionally broken by OS2mo 33.2.0, when a refactoring that restructured the resolvers from class-based to function-based had unintended side-effects.

The root-cause of the issue was a disabled test-case, as testing the registrations subsystem is currently not possible due to the way that database connections are configured during testing.

This commit simply fixes the issue, but does not protect against regressions in the future, as testing is still troublesome, and handled by another ticket, namely: 58757

33.4.1 (2024-01-18)#

Bug Fixes#

[#52457] allow deprecated saml encryption

See https://www.keycloak.org/docs/latest/upgrading/index.html#saml-sp-metadata-changes

When upgrading to Keycloak >= 24, this should be reverted. Beware that this requires coordination as all the IDP configurations have to be updated.

33.4.0 (2024-01-17)#

Features#

[#52457] upgrade keycloak

33.3.0 (2024-01-12)#

Features#

[#xxxxx] allow searching for engagement job function

33.2.0 (2024-01-10)#

Features#

graphql: [#56025] allow clearing extension attributes

Before this change, running a mutation alike:
mutation UpdateExtensionField(
  $uuid: UUID!,
  $start: DateTime!,
  $end: DateTime,
  $extension_3: String
) {
  engagement_update(
    input: {
      uuid: $uuid,
      validity: {from: $start, to: $end},
      extension_3: $extension_3
    }
  ) {
    uuid
  }
}
With arguments:
{
  "uuid": "00e96933-91e4-42ac-9881-0fe1738b2e59",
  "start": "2000-01-01T00:00:00+00:00",
  "end": null,
  "extension_3": ""
}
Would not actually clear extension_3 as the attributed would be filtered by the to_handler_dict helper method.

This change ensures that only Nones are filtered instead of all falsy values. In the future all UNSET fields to be filtered, but that requires a larger revamp to the GraphQL implementation moving away from pydantic models and towards Strawberry models.

Documentation#

graphql: [#58621] update the seed_resolver_func documentation

Test improvements#

graphql: [#56025] test clearing extension fields

Code Refactor#

graphql: [#58621] move seed_resolver to its own file
graphql: [#58621] move paged to its own file
graphql: [#58621] extract result_translation from seed_resolver
graphql: [#58621] eliminate PagedResolver
graphql: [#58621] eliminate filter2uuids
graphql: [#58621] eliminate Resolver
graphql: [#58621] eliminate seed_resolver
graphql: [#58621] eliminate to_paged
graphql: [#58621] convert ConfigurationResolver class to a function
graphql: [#58621] convert FileResolver class to a function
graphql: [#58621] convert HealthResolver class to a function
graphql: [#58621] convert RegistrationResolver class to a function
graphql: [#58621] convert AuditLogResolver class to a function
graphql: [#58621] eliminate to_paged_response
graphql: [#58621] convert FacetResolver class to a function
graphql: [#58621] convert ClassResolver class to a function
graphql: [#58621] convert AddressResolver class to a function
graphql: [#58621] convert AssociationResolver class to a function
graphql: [#58621] convert EmployeeResolver class to a function
graphql: [#58621] convert EngagementResolver class to a function
graphql: [#58621] convert ManagerResolver class to a function
graphql: [#58621] convert OwnerResolver class to a function
graphql: [#58621] convert OrganisationUnitResolver class to a function
graphql: [#58621] convert ITSystemResolver class to a function
graphql: [#58621] convert ITUserResolver class to a function
graphql: [#58621] convert KLEResolver class to a function
graphql: [#58621] convert LeaveResolver class to a function
graphql: [#58621] convert RoleResolver class to a function
graphql: [#58621] convert RelatedUnitResolver class to a function

33.1.0 (2024-01-05)#

Features#

[#58895] show enable_sp in graphql

The only purpose of this, is to make it possible to know whether or not the frontend should look up the entered CPR

33.0.2 (2024-01-04)#

Build improvements#

deps: bump sqlalchemy from 2.0.23 to 2.0.25

Bumps sqlalchemy from 2.0.23 to 2.0.25. - Release notes - Changelog - Commits

CI improvements#

[#58342] autoconfigure fastramqpi integration tests

33.0.1 (2024-01-03)#

Bug Fixes#

graphql: [#58997] fix collections registrations

This commit fixes the registrations fields on the Response models. These fields were unintentionally broken by OS2mo 32.12.0, when model filters were reimplemented to handle organisation functions correctly.

The root-cause of the issue was a disabled test-case, as testing the registrations subsystem is currently not possible due to the way that database connections are configured during testing.

This commit simply fixes the issue, but does not protect against regressions in the future, as testing is still troublesome, and handled by another ticket, namely: 58757

33.0.0 (2023-12-19)#

Features#

[#58757] mount lora as router

BREAKING CHANGE:

/lora's formatting of HTTPException will have changed the naming of the keys in the JSON response from "error" and "text" to "status_code" and "content", respectively.

ValueErrors from direct calls to /lora are now formatted by MOs exception handler, which can sometimes cause a status code 500 instead of 400 (which is still caused on some validation errors).

32.21.0 (2023-12-18)#

Features#

[#58822] call lora functions directly from MO

32.20.0 (2023-12-14)#

Features#

graphql: [#58592] added address scope filter
graphql: [#58592] added manager responsibility filter
graphql: [#58592] support filtering on org_unit managers

32.19.0 (2023-12-13)#

Features#

graphql: [#58392] address registration filter

{
  addresses(filter: {registration: {start: "2019-12-18T14:05:44"}}) {
    objects {
      uuid
    }
  }
}

Result:

{
  "data": {
    "addresses": {
      "objects": [
        {
          "uuid": "7d8642b0-16e7-439d-b105-d3d50887ca35"
        },
        {
          "uuid": "8c5b0b73-08df-4279-8764-5289441e5697"
        },
        {
          "uuid": "a4c1feac-f136-457e-8594-4d13b8f6e16e"
        },
        {
          "uuid": "2991f649-5eb4-42dc-abb8-41879c3bb59d"
        },
        {
          "uuid": "0367dc67-2314-4f9a-827b-c073600e0afa"
        },
        {
          "uuid": "a45b1596-e9e9-4bd7-94da-59773c2437ab"
        }
      ]
    }
  }
}

32.18.0 (2023-12-06)#

Features#

[#52769] terminate owner mutator

32.17.0 (2023-12-06)#

Features#

[#52769] update owner mutator

32.16.0 (2023-12-06)#

Features#

[#52769] create owner mutator

32.15.0 (2023-12-04)#

Features#

[#58794] allow MO to call LoRa directly

Introduces *direct functions that allows MO to call LoRa functionality without the http interface.

32.14.1 (2023-12-04)#

Build improvements#

deps: bump alembic from 1.12.1 to 1.13.0

Bumps alembic from 1.12.1 to 1.13.0. - Release notes - Changelog - Commits

32.14.0 (2023-12-01)#

Features#

[#58778] allow associating classes with it-systems

32.13.2 (2023-11-30)#

Build improvements#

deps: bump psycopg from 3.1.12 to 3.1.13

Chores#

lora: [#xxxxx] remove old setup method
lora: [#xxxxx] remove "restrictions"
lora: [#xxxxx] remove default-settings.toml
auth: [#xxxxx] remove auth
lora: [#xxxxx] remove /live and /ready
lora: [#xxxxx] remove /version

This is not used, and even causes an internal error, as the fields are not part of loras' settings object.

[#58675] pin a little more

32.13.1 (2023-11-29)#

Chores#

deps: bump jsonschema from 4.19.2 to 4.20.0

Bumps jsonschema from 4.19.2 to 4.20.0. - Release notes - Changelog - Commits

[#58675] pin less

32.13.0 (2023-11-29)#

Features#

[#52767] fix owner in GraphQL

32.12.1 (2023-11-29)#

Documentation#

[#55093] Auditlog docs

Build improvements#

deps: bump httpx from 0.25.0 to 0.25.2

Bumps httpx from 0.25.0 to 0.25.2. - Release notes - Changelog - Commits

32.12.0 (2023-11-29)#

Features#

graphql: [#58392] order registrations by start time

This comment ensures that registration entries are ordered by time.

graphql: [#58392] implement model field and filter

This commit ensures that organisation functions are handled correctly with regards to the registration model filter and field.

Previously an address registration with a given UUID would also be returned as an engagement with the same ID as the code did not distinguish the different organisation functions in the OIO standard.

The same applied to model filters, which would simply filter for any organisation function, not for the specific organisation function specified.

Now everything should be working correctly and the model field and filter should reflect the overloaded nature of organisation functions and their concrete models in OS2mo itself.

Chores#

backstage: [#xxxxx] introduce oio-rest API
backstage: [#xxxxx] introduce backstage resources

32.11.0 (2023-11-27)#

Features#

changelog: [#57397] use changelog template

32.10.0 (2023-11-27)#

Features#

backstage: [#xxxxx] OS2mo provides APIs

32.9.0 (2023-11-27)#

Features#

backstage: [#xxxxx] restructure backstage files
backstage: [#xxxxx] restructure backstage files

32.8.0 (2023-11-27)#

Features#

backstage: [#xxxxx] restructure backstage files

32.7.0 (2023-11-27)#

Features#

backstage: [#xxxxx] restructure backstage files

32.6.0 (2023-11-27)#

Features#

backstage: [#xxxxx] restructure backstage files

32.5.0 (2023-11-23)#

Features#

[#xxxxx] add backstage catalog file

32.4.3 (2023-11-16)#

Documentation#

add missing configuration parameters to rollekatalog docs
fix formatting of os2rollekatalog docs

Build improvements#

deps: bump ra-utils from 1.13.9 to 1.14.0

32.4.2 (2023-11-10)#

Chores#

deps: bump sentry-sdk from 1.32.0 to 1.34.0

32.4.1 (2023-11-10)#

Chores#

deps: bump uvicorn from 0.23.2 to 0.24.0.post1

32.4.0 (2023-11-10)#

Features#

graphql: [#58392] only allow vacating managers via updates
graphql: [#58392] allow vacating managers via GraphQL

Code Refactor#

shim: [#58392] shim terminate employee

32.3.4 (2023-11-10)#

Bug Fixes#

[#58485] ignore nested filters in seed_resolver

Chores#

dev: [#58485] bump os2mo-init

32.3.3 (2023-11-09)#

Chores#

deps: bump sqlalchemy from 2.0.21 to 2.0.23

32.3.2 (2023-11-09)#

Chores#

deps: bump httpx from 0.25.0 to 0.25.1

32.3.1 (2023-11-09)#

Bug Fixes#

[#58084] proper facet filtering

32.3.0 (2023-11-09)#

Features#

graphql: [#58392] rework terminate role
graphql: [#58392] rework terminate org_unit
graphql: [#58392] rework terminate manager
graphql: [#58392] rework terminate leave
graphql: [#58392] rework terminate kle
graphql: [#58392] rework terminate it user
graphql: [#58392] rework terminate it association
graphql: [#58392] rework terminate engagement
graphql: [#58392] rework terminate association
graphql: [#58392] rework terminate address

Documentation#

[#58448] tilfoejtitel

Code Refactor#

graphql: [#58392] remove unused trigger models
graphql: [#58392] use jsonable_encoder on role
graphql: [#58392] use jsonable_encoder on org_unit
graphql: [#58392] use jsonable_encoder on manager
graphql: [#58392] cleanup leave models
graphql: [#58392] use jsonable_encoder on KLE
graphql: [#58392] refactor out terminate to_handler_dict
graphql: [#58392] cleanup related_unit model
graphql: [#58392] align mutator names
graphql: [#58392] align mutator order
graphql: [#58392] align handler names in mutators
graphql: [#58392] align input names in mutators

32.2.1 (2023-11-08)#

Bug Fixes#

[#58270] release 6b32a99fcf922a84ebf87452d8f26a9a88ef4a0f

32.2.0 (2023-11-08)#

Features#

test: [#xxxxx] created unit test for employees decorate

This was done in relation to another issue, but i noticed the test would not cover the problem in that issue. But instead of removing the test I just moved it to this branch. The test is still relevant, and we are missing more tests.. but we also have plans on moving the responsibility of decorating search result data to the frontend, so more tests on this autocomplete logic is properly not a good idea to use to much time on

Bug Fixes#

autocomplete: [#xxxxx] updated employee & orgunit decorate methods to not query current anymore

Current is never used by autocomplete v2, since it searches across all of time.. its legacy from earlier development

Documentation#

[#58448] tilretningafmenu
[#58448] it-tilknytninger
[#58448] fiks anchorlink

32.1.1 (2023-11-07)#

Bug Fixes#

[#58325] validity_sub_query_hack() can now handle validity 'from_date=null, to_date=null'

32.1.0 (2023-11-07)#

Features#

validity_hacks: [#58325] address-, association- & engagement-types + ituser.itsystem

When setting from=null & to=null, our normal sug-queries will fail due to cached lora connector dates. When using a filter like this, we can now use an equivilant '_validity'-method, which will handle the validity dates + find the most correct version of the object. The '_validity'-methods have been marked with 'deprecated' since we need to get the correct ones working, by fixing so we don't store the filter-dates in the lora-connector + have a resolver which can accomondate multiple versions similar to the validity_hack-method

Bug Fixes#

test: [#58325] updated unit-test test_v2_decorate_orgunits after new validity hacks

Documentation#

[#57347] SDTool+ registrering UUID
[#58354] registrering UUID for developer Keycloak client

Code Refactor#

autocomplete: [#58325] orgunit + employee detail-types now use _validity hacks

32.0.0 (2023-11-02)#

Features#

graphql: [#56025] structured resolver filters

This commit introduces structured filters to GraphQL resolvers, such that it is now possible to make a query alike:
query FindPloneUser {
  itusers(
    filter: {
      itsystem: {user_keys: "Plone"},
      employee: {query: "Louise"}
    }
  ) {
    objects {
      current {
        user_key
        person {
          name
        }
      }
    }
  }
}
To find people named "Louise" that has IT users for the "Plone" ITSystem.

The result would be similar to:
{
  "data": {
    "itusers": {
      "objects": [
        {
          "current": {
            "user_key": "LouiseL",
            "person": [
              {
                "name": "Louise Schæffer Larsen"
              }
            ]
          }
        },
        {
          "current": {
            "user_key": "LouiseC",
            "person": [
              {
                "name": "Louise Lundstrøm Christiansen"
              }
            ]
          }
        }
      ]
    }
  }
}
Before this change several queries had to be done client side, namely:

A query to find people UUIDs from the search query.

A query to find the UUID of the "Plone" itsystem.

A query to produce our result using the previously found UUIDs
query FindPloneUser {
  itusers(
    filter: {
      employees: [
        # Result from first query here
        "cd64c199-a208-4a71-b334-6d896aa2f78d",
        "23bca421-9a36-4112-b3e4-70e53ddff96b"
      ]
      itsystem_uuids: [
        # Result from second query here
        "988dead8-7564-464a-8339-b7057bfa2665"
      ]
    }
  ) {
    objects {
      current {
        user_key
        person {
          name
        }
      }
    }
  }
}
Which all together would produce the same result as the new query.

At the same time all the old filters have been deprecated in favor of the new ones, such that if you used employees before, you should now rather use employee.uuids instead, such as:
query FindPloneUser {
  itusers(
    filter: {
      employee: {
        uuids: [
          # Result from first query here
          "cd64c199-a208-4a71-b334-6d896aa2f78d",
          "23bca421-9a36-4112-b3e4-70e53ddff96b"
        ]
      }
      itsystem: {
        uuids: [
          # Result from second query here
          "988dead8-7564-464a-8339-b7057bfa2665"
        ]
      }
    }
  ) {
    objects {
      current {
        user_key
        person {
          name
        }
      }
    }
  }
}
The filtering options available under the employee key of itusers top-level are the same that are available under the filter key of the employees top-level.

BREAKING CHANGE:

It is no longer possible to filter on both UUIDs and user-keys in GraphQL at the same time. This was never possible on top-level filters only sub-filters, this odd behavior has been removed such that sub-filters now behave the same way as top-level filters.

Code Refactor#

[#56025] rework filters using interfaces

31.11.3 (2023-10-31)#

Chores#

deps: bump fastapi from 0.104.0 to 0.104.1

31.11.2 (2023-10-31)#

Chores#

deps: bump jsonschema from 4.19.1 to 4.19.2

Bumps jsonschema from 4.19.1 to 4.19.2. - Release notes - Changelog - Commits

31.11.1 (2023-10-31)#

Bug Fixes#

[#58284] add user_key to leave mutators

31.11.0 (2023-10-30)#

Features#

[#57976] add search graphql feature flag
graphql: [#57754] add searching to employees
graphql: [#57754] add searching to org_units

Test improvements#

graphql: [#57754] add useless test

31.10.3 (2023-10-30)#

Chores#

deps: bump alembic from 1.12.0 to 1.12.1

Bumps alembic from 1.12.0 to 1.12.1. - Release notes - Changelog - Commits

31.10.2 (2023-10-27)#

Bug Fixes#

pass filterobject including dates to the facetresolver

Documentation#

[#57350] Incorporate review suggestions
[#57350] Add SDTOOL+ technical documentation

This documentation is aimed at devops people who configure, run and monitor SDTOOL+. (It is not aimed at developers who hack on SDTOOL+, nor end users who encounter the end results of SDTOOL+.)

Chores#

[#57350] Apply review suggestions

31.10.1 (2023-10-27)#

Bug Fixes#

fixed an issue where 'empty' owners on a class would cause an error

Test improvements#

autocomplete: [#57888] created unit-test for autocomplete v2 search_orgunits

Code Refactor#

autocomplete: [#57888] moved generation of sql query into _sqlalchemy_generate_query

This was done in order to create a better unit test for autocomplete.orgunits.search_orgunits()

31.10.0 (2023-10-23)#

Features#

graphql: [#58083] introduce new GraphQL version (v19)

GraphQL version 19 introduces breaking changes to a few terminate endpoints. Specifically the class_terminate, facet_terminate and itsystem_terminate mutators.

The breaking changes are similar for all the endpoints, namely that the validity argument has been inlined, such that these mutators are now aligned with the rest of the terminate mutators.

As such to migrate from GraphQL v18, simply send the input as normal:
mutation FacetTerminate($input: FacetTerminateInput!){
    facet_terminate(input: $input) {
        uuid
    }
}
But ensure that the provided input payload has undergone the following transformation:
{
  "uuid": "0872fb72-926d-4c5c-a063-ff800b8ee697",
  "validty": {
    "to": "2023-01-01"
  }
}
to:
{
  "uuid": "0872fb72-926d-4c5c-a063-ff800b8ee697",
  "to": "2023-01-01"
}
With a similar transformation for all calls to the other two mutators.

graphql: [#58083] align class, facet and itsystem terminate mutators

This commit ensures that the class_terminate, facet_terminate and itsystem_terminate mutators take validity arguments inline, instead of as a structured object, thus aligning them with all the other terminate mutators.

Test improvements#

autocomplete: [#57889] new unit test for decorate_orgunit_search_result with attrs
autocomplete: [#57889] created unit test for decorate_orgunit_search_result

31.9.2 (2023-10-23)#

Bug Fixes#

[#xxxxx] search_cpr and autocomplete_{user,org_unit} are not async

All three perform synchronous I/O and thus cannot be marked as async endpoints.

[#xxxxx] Mark all FastAPI endpoints as async

This MR attempts to do something about the spurious LocalProtocolError errors in MO: https://magenta-0r.sentry.io/issues/4382724653/

According to https://github.com/encode/uvicorn/issues/111#issuecomment-1369272260, the error can sometimes manifest itself if any of the app endpoints are defined as def ..., rather than async def ....

This MR changes the following MO endpoints:
@router.get("/keycloak.json")
@cpr_router.get("/e/cpr_lookup/", ...)
@router.get("/service/{rest_of_path:path}")
@router.get("/saml/sso/")
@config_router.post("/ou/{unitid}/configuration", ...)
@config_router.post("/configuration", ...)
and these LoRa endpoints:
@oio_router.get(classes_url, name="_".join([hierarchy, "classes"]))
@app.get("/", tags=["Meta"])
@app.get("/site-map", tags=["Meta"])
@app.get("/version", tags=["Meta"])
@app.get("/autocomplete/bruger", ...)
@app.get("/autocomplete/organisationsenhed", ...)
from def ... to async def ....

I have created the MR mostly to see if CI still passes.

Test improvements#

[#xxxxx] Fix missing await in get_classes unittest

Chores#

[#xxxxx] Lint configuration.py

31.9.1 (2023-10-19)#

Chores#

deps: bump fastapi from 0.103.2 to 0.104.0

Bumps fastapi from 0.103.2 to 0.104.0. - Release notes - Commits

31.9.0 (2023-10-19)#

Features#

[#57699] allow empty parent on org_unit edit
[#57699] allow empty parent on org_unit edit

31.8.0 (2023-10-19)#

Features#

[#56909] related_units mutators

31.7.0 (2023-10-19)#

Features#

[#xxxxx] ensure container image reproducibility

This change ensures that the OS2mo container image can built in a reproductive way, i.e. that the build process is deterministic and that two consecutive builds produce two binarily identical container images.

For details on why this is desirable please check:

https://reproducible-builds.org/

The reproducible images can be made using:
$ kaniko build \
    --reproducible
    --build-arg SOURCE_DATE_EPOCH=(git log -1 --pretty=%ct)
The above example uses kaniko instead of docker to build the image, as there is no way to set the layer timestamp with docker (which causes the hash to vary), kaniko has the --reproducible flag to work around this issue (buildah has a similar --timestamp flag).

The reproducibility is achieved in Python by means of SOURCE_DATE_EPOCH with PEP-552 being the relevant PEP standard.

Reproducibility is subject to all dependencies being versioned, and thus on the elimination of always latest "git" sourced dependencies.

31.6.2 (2023-10-18)#

Chores#

deps: [#xxxxx] use upstream commitizen

31.6.1 (2023-10-17)#

Bug Fixes#

[#58127] Run poetry.lock to update commitizen Git commit hash

Documentation#

[#58092] menupunkter til dansk
[#58092] opdateret forsidetekst
[#58092] Ret links

Code Refactor#

[#57958] cleanup get_orgunit user_settings code

31.6.0 (2023-10-11)#

Features#

graphql: [#57925] added address type specific address resolution

This commit adds a new field resolve to addresses in GraphQL, the field returns a 'resolvable address' interface with address-type specific subclasses allowing for different return fields from different address types.

For instance, the query:

query ResolveAddresses {
  addresses(limit: "10") {
    objects {
      current {
        uuid
        value
        resolve {
          value
          # Catch all non-overridden address types
          ... on DefaultAddress {
            __typename
            value
          }
          # For DAR addresses
          ... on DARAddress {
            __typename
            value

            description
            name

            road_code
            road_name
            house_number
            floor
            door
            zip_code
            zip_code_name
            municipality_code

            longitude
            latitude

            href
            streetmap_href
          }
          # For Multifield addresses
          ... on MultifieldAddress {
            __typename
            value

            value2
            name
          }
        }
      }
    }
  }
}

Returns a response similar to:

{
  "data": {
    "addresses": {
      "objects": [
        {
          "current": {
            "uuid": "0011406b-419f-4236-91e3-8040e9438370",
            "value": "5484071271",
            "resolve": {
              "value": "5484071271",
              "__typename": "DefaultAddress"
            }
          }
        },
        {
          "current": {
            "uuid": "00423155-3eab-4a4c-b0ad-33d5e8c186a5",
            "value": "0a3f50bc-57bd-32b8-e044-0003ba298018",
            "resolve": {
              "value": "0a3f50bc-57bd-32b8-e044-0003ba298018",
              "__typename": "DARAddress",
              "description": "Vifdam 20, 1. th, 6000 Kolding",
              "name": "Vifdam 20, 1. th, 6000 Kolding",
              "road_code": 9300,
              "road_name": "Vifdam",
              "house_number": "20",
              "floor": "1",
              "door": "th",
              "zip_code": "6000",
              "zip_code_name": "Kolding",
              "municipality_code": "0621",
              "longitude": 9.46877471,
              "latitude": 55.49564761,
              "href": "https://api.dataforsyningen.dk/adresser/...",
              "streetmap_href": "https://www.openstreetmap.org/...",
            }
          }
        }
      ]
    }
  }
}

Test improvements#

audit: [#57596] add end-to-end test for auditlog no log

31.5.0 (2023-10-10)#

Features#

graphql: [#58028] introduce new GraphQL version (v18)

GraphQL version 18 introduces breaking changes to the auditlog's models filter. Specifically it changes the type from an unconstrained string to a structured enum.

To migrate to GraphQL v18, simply send queries as you do now, but modify the models filter value according to the below table:

v17 v18

AuditLog AUDIT_LOG

Bruger PERSON

Facet FACET

ItSystem IT_SYSTEM

Klasse CLASS

Organisation ORGANISATION

OrganisationEnhed ORGANISATION_UNIT

OrganisationFunktion ORGANISATION_FUNCTION

Additionally you should translate the model field in responses according to the above table as well.

graphql: [#58028] introduce auditlog models filter enum

This commit changes the auditlog's models filter type from an unconstrained string to a structured enum.

The change is made as the sample space is already predetermined and derived from the source code itself, not from the data. Additionally having it as an enum allows for better IDE integration, as GraphQL IDEs can show the possible choice values.

31.4.2 (2023-10-09)#

Chores#

deps: bump aiohttp from 3.8.5 to 3.8.6

31.4.1 (2023-10-09)#

Documentation#

graphql: [#57596] document the auditlog 'model' filter

Chores#

deps: bump strawberry-graphql from 0.209.5 to 0.209.6

31.4.0 (2023-10-06)#

Features#

graphql: [#57596] order audit-log entries by time

This commit ensures that audit log entries are ordered by time.

If two entries have the exact same time, they are ordered by their IDs to ensure a consistent sorting for iteration.

Test improvements#

graphql: [#57596] add a test for audit log cursors

This commit adds a test for the regression introduced in OS2mo 28.1.0. This should ensure that a similar regression is never introduced.

31.3.2 (2023-10-05)#

Chores#

deps: bump strawberry-graphql from 0.205.0 to 0.209.5

Bumps strawberry-graphql from 0.205.0 to 0.209.5. - Release notes - Changelog - Commits

31.3.1 (2023-10-04)#

Documentation#

[#56158] updated employee & org_unit search/autocomplete documentation

Code Refactor#

autocomplete: [#xxxxx] refactor autocomplete to use UUIDs

CI improvements#

ramodels: [#57596] pin ra-data-models to Python 3.11

Chores#

deps: bump psycopg2-binary from 2.9.8 to 2.9.9

31.3.0 (2023-10-04)#

Features#

audit: [#57939] add support for selectively masked auditing

This commit adds the audit_readlog_no_log_uuids configuration variable, which enabled selective disabling the audit read log for specified UUIDs.

Please note that using this feature flag makes the audit readlog slightly incorrect and thus slightly untrustworthy.

It is mainly useful to avoid logging integrations that read tons of data. As otherwise the audit read log grows at an incredible pace.

31.2.1 (2023-10-04)#

Bug Fixes#

graphql: [#57596] fix audit log cursor

This commit fixes the GraphQL audit log cursor, which was unintentionally broken by OS2mo 28.1.0.

The issue was related to an improperly named database column in the code implementing query consistency of cursors across the bitemporality.

CI improvements#

[#55530] wait for os2mo-init in integration tests

Chores#

dev: [#57809] remove unused environmental variables
auth: [#57886] remove dead code

31.2.0 (2023-10-02)#

Features#

[#55530] amqp emit testing API
[#55530] remove VOID_WARRANTY_DISABLE_AMQP_DELAY feature flag

Use /testing/amqp/emit instead.

Test improvements#

[#55530] add proper typing to graphapi_post fixture

Code Refactor#

graphql: [#57548] reimplement GraphQL v14 shim

Chores#

[#55530] properly reuse AMQPSystem
[#55530] properly reuse async_sessionmaker

31.1.1 (2023-10-02)#

Code Refactor#

graphql: [#57548] reimplement GraphQL v15 shim

Chores#

deps: bump pydantic from 1.10.12 to 1.10.13

31.1.0 (2023-10-02)#

Features#

[#57548] ensure class hierarchies are supported
graphql: [#57548] remove nostatic dataloader
graphql: [#57548] introduce new GraphQL version (v17)

GraphQL version 17 introduces breaking changes to a few class related endpoints. Specifically the class_create and the class_update mutators.

The breaking changes to the class_create and class_update mutators are that both now require a validity argument in their input types. Allowing for bitemporal changes to the underlying data-entity.

As such to migrate from GraphQL v16, simply send the input as normal:
mutation ClassUpdate($input: ClassUpdateInput!){
    class_update(input: $input) {
        uuid
    }
}
But ensure that the provided input payload has undergone the following transformation:
{
  "uuid": "0872fb72-926d-4c5c-a063-ff800b8ee697",
  "name": "TestClass",
  "user_key": "testclass",
}
to:
{
  "uuid": "0872fb72-926d-4c5c-a063-ff800b8ee697",
  "name": "TestClass",
  "user_key": "testclass",
  "validity": {
      "from": null,
      "to": null
  }
}

graphql: [#57548] add support for bitemporal class writes in GraphQL
graphql: [#57548] add class_terminate mutator
[#57548] add support for bitemporal class reads in GraphQL

Bug Fixes#

graphql: [#57548] align get_one_class with get_one_facet
graphql: [#57548] include missing fields from v16
graphql: [#57548] make facet_uuid non optional in updates

Documentation#

graphql: [#57548] fix copied documentation strings

Test improvements#

graphql: [#57548] align terminate_class test with facet

Code Refactor#

[#57548] align get_one_class with get_one_facet
graphql: [#57548] align ClassCreate with FacetCreate
graphql: [#57548] align update_class with update_facet
graphql: [#57548] align create_class with create_facet
[#57548] no explicit input.uuid passing for GraphQL update_class
[#57548] remove note from *_class methods in GraphQL
[#57548] fixed bad typing on update_class in GraphQL
[#57548] moved gql class create- & input-models to .models & .inputs respectively

31.0.4 (2023-09-30)#

Chores#

deps: bump psycopg2-binary from 2.9.7 to 2.9.8

31.0.3 (2023-09-29)#

Chores#

deps: bump psycopg from 3.1.11 to 3.1.12

31.0.2 (2023-09-29)#

Chores#

deps: bump pydantic from 1.10.12 to 1.10.13

31.0.1 (2023-09-29)#

Test improvements#

fixture: [#57548] ensure data consistency in class fixtures

This commit ensures that class fixtures are internally consistent and uphold the upcoming bitemporal invariants. This is not a problem with static classes, but at the end of the day the fixture data was still inconsistent.

Code Refactor#

graphql: [#57548] reimplement GraphQL v9 shim
graphql: [#57548] reimplement GraphQL v2 shim

Chores#

deps: bump fastapi from 0.103.1 to 0.103.2

31.0.0 (2023-09-27)#

Features#

graphql: [#56602] incorporate MR feedback
graphql: [#56602] introduce new GraphQL version

GraphQL version 16 introduces breaking changes to a few facet related endpoints. Specifically the facet_create and the facet_update mutators.

The breaking changes to the facet_create and facet_update mutators are that both now require a validity argument in their input types. Allowing for bitemporal changes to the underlying data-entity.

As such to migrate from GraphQL v15, simply send the input as normal:
mutation FacetUpdate($input: FacetUpdateInput!){
    facet_update(input: $input) {
        uuid
    }
}
But ensure that the provided input payload has undergone the following transformation:
{
  "uuid": "0872fb72-926d-4c5c-a063-ff800b8ee697",
  "user_key": "Test",
}
to: ```json { "uuid": "0872fb72-926d-4c5c-a063-ff800b8ee697", "user_key": "Test", "validity": { "from": null, "to": null } }

graphql: [#56602] add support for bitemporal facet writes in GraphQL

This commit adds support for bitemporal creates and updates, by making a breaking change to the facet_create and facet_update endpoints and their corresponding input models.

While this is in itself a breaking change, it is not marked as such, as the following commit introduces a new GraphQL version to remedy this. The commits are kept separate as they are logically distinct.

graphql: [#56602] add facet_terminate mutator

This commit adds the facet_terminate mutator for terminating existing facets. It is introduced by addition to the existing GraphQL version.

The mutator can be used as any other terminate mutator in the GraphQL interface.

graphql: [#56602] add support for bitemporal facet reads in GraphQL

This commit adds support for bitemporal facet reads in GraphQL, achieved by making two non-breaking changes to the GraphQL interface, namely:

Adding the option to query validity on facet responses.

Returning a list of objects within the objects response key.

As such this change is minimal with regards to the API, however major changes have been made within the codebase to support the change.

Code Refactor#

graphql: [#56602] no explicit input.uuid passing

The input.uuid was never exposed on the API, and thus can be removed without breaking anything.

graphql: [#56602] remove note from *_facet methods

Notes were never exposed on the API, and thus can be removed without breaking anything.

graphql: [#56602] fix bad typing on update_facet

update_facet previously took a FacetCreate model on the helper method, it now takes a FacetUpdate model. As this only affects the helper method no wrong typing has been exposed via the API.

graphql: [#56602] move models and inputs from facets.py

This commit moves model entities from graphapi/versions/latest/facets.py into graphapi/versions/latest/models.py and input entities into graphql/versions/latest/inputs.py.

Imports have been fixed accordingly, such that this is a pure refactoring.

[#56602] prepare ReadingHandler for Facet support

This commit adds support for overriding the is_reg_valid function within the ReadingHandler class. is_reg_valid is a point of variability due to the way that the OIO standard utilizes different names for bitemporality for different data entities ("publiceret" for classes and facets, and "gyldighed" for all other entities)

Chores#

[#53863] remove references to AMQP_ENABLE_NEW_SUBSYSTEM

30.2.0 (2023-09-26)#

Features#

[#53863] database snapshot/restore testing API

30.1.0 (2023-09-26)#

Features#

[#57748] allow terminating owners

The pydantic validation failed for service/details/terminate with type=owner before this patch.

Code Refactor#

[#56602] clean up backend/mora/service/orgunit.py
[#56602] clean up backend/mora/service/org.py
[#56602] clean up backend/mora/service/handlers.py
[#56602] clean up backend/mora/service/employee.py
[#56602] clean up backend/mora/service/facet.py
[#56602] remove request wide bulking

30.0.1 (2023-09-26)#

Bug Fixes#

[#56602] revert 'disallow accidental type coercion to uuid'

This reverts commit 94379d911ad3054cc9ff8141aa4817b9e191511e

30.0.0 (2023-09-25)#

Features#

[#57816] allow infinite IT-systems

If we don't, existing database objects are illegal.

BREAKING CHANGE:

The GraphQL validity type was relaxed to allow infinite (null) from-dates. This is normally a non-breaking change, but the type's name was also changed from RAValidityInput to RAOpenValidityInput. Since validity on IT-systems was just introduced, we presume that no-one is relying on this yet, and choose to break it instead of introducing a new GraphQL version.

Test improvements#

[#56602] various small test cleanups

29.3.1 (2023-09-25)#

Bug Fixes#

[#56602] disallow accidental type coercion to uuid

29.3.0 (2023-09-25)#

Features#

57794 allow removing an orgunits parent#

Chores#

update dependencies

29.2.2 (2023-09-22)#

Build improvements#

deps: bump sqlalchemy from 2.0.20 to 2.0.21

Bumps sqlalchemy from 2.0.20 to 2.0.21. - Release notes - Changelog - Commits

29.2.1 (2023-09-22)#

Documentation#

[#56435] update sdtooldox

Chores#

deps: bump jsonschema from 4.19.0 to 4.19.1

Bumps jsonschema from 4.19.0 to 4.19.1. - Release notes - Changelog - Commits

29.2.0 (2023-09-22)#

Features#

graphql: [#57549] introduce new GraphQL version

GraphQL version 15 introduces breaking changes to a few itsystem related endpoint. Specifically the itsystem query endpoint, and the itsystem_create, itsystem_update and itsystem_refresh mutators.

The breaking changes to the itsystem query endpoint and the itsystem_refresh mutator should be minimal to most users, as it is simply a filter that has been given a new type, as such it only affects users that explicitly typed the filter in their query, to migrate from GraphQL v14 in such case, simply rename the filter type:
mutation ITSystemRefresh($filter: BaseFilter, $queue: String){
    itsystem_refresh(filter: $filter, queue: $queue)
}
to:
mutation ITSystemRefresh($filter: ITSystemFilter, $queue: String){
    itsystem_refresh(filter: $filter, queue: $queue)
}
With a similar change for the top-level itsystem query endpoint.

The breaking changes to the itsystem_create and itsystem_update mutators are a little more involved. First up the itsystem_update mutator now takes the ITSystemUpdateInput input-type, whereas GraphQL v14 unintentionally took the ITSystemCreateInput input-type. The newly introduced ITSystemUpdateInput input-type is still identical to its create counterpart, but keeping them separate allows for future non-breaking changes. The ITSystemCreateInput input-type itself has changed however as date arguments are now given inside a nested validity container, rather than on the input type itself. As such to migrate from GraphQL v15, simply fix the input type:
mutation ITSystemUpdate($input: ITSystemCreateInput!){
    itsystem_update(input: $input) {
        uuid
    }
}
to:
mutation ITSystemUpdate($input: ITSystemUpdateInput!){
    itsystem_update(input: $input) {
        uuid
    }
}
And ensure that the provided input payload has undergone the following transformation:
{
  "uuid": "0872fb72-926d-4c5c-a063-ff800b8ee697",
  "user_key": "Test",
  "name": "Test",
  "from": "1990-01-01T00:00:00+01:00",
  "to": null
}
to:
{
  "uuid": "0872fb72-926d-4c5c-a063-ff800b8ee697",
  "user_key": "Test",
  "name": "Test",
  "validity": {
      "from": "1990-01-01T00:00:00+01:00",
      "to": null
  }
}

[#57549] implemented new terminate gql mutator for itsystems
[#57549] implemented bitemporality for ITSystems, for read, create and update

Bug Fixes#

graphql: [#57549] revert itsystem_refresh changes
[#57549] pre-commit fixes
graphql: [#57549] redo ITSystemTerminate validity description
graphql: [#57549] revert 'fix' to employee terminate
graphql: [#57549] fix GraphQL v13 to still accept from_date and to_date
graphql: [#57549] ensure GraphQL v9 and v13 still work
graphql: [#57549] fix broken implementation of itsystem mutators
graphql: [#57549] ensure itsystem_update takes ITSystemUpdate inputs

Documentation#

graphql: [#57549] fix bad description on ITSystemUpdate
graphql: [#57549] fix bad description on ITSystemFilter

Test improvements#

graphql: [#57549] fixup test_itsystems_query v14 test
graphql: [#57549] remove obsolete tests for old implementation
graphql: [#57549] fix test_query_* itsystem tests
graphql: [#57549] add validity to graphql itsystem tests
ramodels: [#57549] add validity to ramodels itsystem test

Code Refactor#

graphql: [#57549] refactor dataloader getters context
graphql: [#57549] revert ValidityTerminate from->to restructure
graphql: [#57549] fix typo and error message in Validity
graphql: [#57549] default itsystem filter to None
graphql: [#57549] remove note from itsystem mutators

Chores#

[#57549] align new it-system handler with old ones
[#57549] move get_one_itsystem to handler/impl/it_system.py
graphql: [#57549] remove dead lora_itsystem_to_mo_itsystem helper
graphql: [#57549] remove unused functions

29.1.0 (2023-09-22)#

Features#

audit: [#57755] update the UUID used if OIDC tokens miss an UUID

This commit changes the default UUID set on audit entries when no UUID is explicitly provided in the Keycloak OIDC token from the old:
42c432e8-9c4a-11e6-9f62-873cf34a735f
to the new:
05211100-baad-1110-006e-6F2075756964
The purpose of this change is to be able to track which changes were made before the introduction of the new audit logging system, and changes that are made after, but where no UUID was provided on the OIDC token.

29.0.2 (2023-09-22)#

Documentation#

[#54635] fixbrokenlink

Chores#

deps: bump python from cc7372f to 2e37699

Bumps python from cc7372f to 2e37699.

29.0.1 (2023-09-21)#

CI improvements#

[#55530] add dipex keycloak client to ci integration tests
[#55530] run os2mo-init in ci integration tests

29.0.0 (2023-09-21)#

Features#

[#56025] amqp refresh mutator pagination

This avoids the confusing scenario where the HTTP request timed out, but some AMQP messages where still published. It is now the caller's responsibility to make sufficiently small queries. Additionally, the caller will now receive confirmation that each object's UUID was published to the exchange or queue.

BREAKING CHANGE:

This breaks all refresh mutators, but they have just been introduced (in a non-working state) so no one should be using them anyway.

[#56025] ITSystemFilter

BaseFilter is exposed in the schema. Introducing a separate type allows us to expose a properly-named type from now on. The resolver does not use the new filter, to avoid a breaking change.

28.6.0 (2023-09-20)#

Features#

[#57748] allow owner through it user
autocomplete: [#57748] show IT users where user_key is a UUID

Originally the intention of this commit was to change the AD test data to be a UUID in the user_key to test ownership through the employees' related IT user.

[#57748] add itsystem_uuids filter to ITUserFilter

Chores#

[#57748] bump dev frontend image

28.5.0 (2023-09-19)#

Features#

log: [#57754] add request_id to all log lines

This commit ensures that all log lines include a request_id to ease correlating which log lines correspond to the same HTTP request when multiple requests are being processed concurrently.

Bug Fixes#

graphql: [#57754] allow multiple errors in handle_gql_error

This commit ensures that multiple concurrent GraphQL exceptions are handled gracefully within the handle_gql_error helper function.

As such a proper error message should now be produced instead of the current:
Expected exactly one item in iterable, but got ... and perhaps more.

Documentation#

[#54342] systemlandskabdoss

Test improvements#

audit: [#57596] fix flakey test_auditlog_filters test

28.4.0 (2023-09-18)#

Features#

[#57530] use scope from primary_type class to determine primary status

Test improvements#

audit: [#57596] auditlog filter test

28.3.0 (2023-09-15)#

Features#

[#57476] added org_units.associations_validity as well to fix issue with past & future data

Bug Fixes#

[#52341] updated autocomplete decoration methods to use new _validity versions
[#52341] gql.orgunit addrs, itusers and ancestors now all use validity_sub_query_hack

Also moved ancestors_validity() down to the other validity hack methods for orgunits

[#52341] implemented new generic validity sub query hack for orgunit.ancestors_validity
[#52341] validity sub-query hack for employee engagements, addresses, associations and itusers

The validity sub query hack originates from orgunit.ancestors, but is genericly implemented, so it can be used for multiple sub queries. Note the hack is a bit different from orgunit ancestors, but can be used for that subquery as well

[#52341] missing feature flag confdb_autocomplete_attrs_employee for employee autocomplete v2

Test improvements#

[#52341] fixed multiple gql queries so they correctly accomondate POSSITIVE_INFINITY.year

"backend/mora/util.py::to_iso_date()" does a check for POSITIVE_INFINITY.year

[#57476] updated autocomplete decoration tests after implementing subquery validity hack
[#52341] fixed mock_get_settings for autocomplete v2 use on employee attrs

CI improvements#

[#55530] run amqp subsystem in ci integration tests

28.2.0 (2023-09-15)#

Features#

[#57272] amqp refresh mutators

28.1.3 (2023-09-14)#

Build improvements#

deps: bump httpx from 0.24.1 to 0.25.0

28.1.2 (2023-09-14)#

Build improvements#

deps: bump python from 8488a4b to cc7372f

28.1.1 (2023-09-14)#

Bug Fixes#

[#57650] don't set empty manager responsibility/level

The issue was caused by updating exactly one of manager responsibility or level but not the other. See the comment in the committed code for details. This is (currently) only a problem for manager's responsibility and level, as they are the only MO fields that share the same LoRa field.

This issue was known and documented (in the tests) since c28cd16899a1be280ae6132006bba05bff4d7ec8, but apparently was not disallowed in the GraphQL schema.

28.1.0 (2023-09-14)#

Features#

graphql: [#57328] consistent view when paginating

Only works on graphql versions greater than 4.

Documentation#

[#53423] docs

28.0.0 (2023-09-13)#

Features#

[#57646] delete engagement associations

BREAKING CHANGE:

Was never used. Shouldn't break anything.

27.0.3 (2023-09-13)#

Bug Fixes#

audit: [#57596] fix bad context manager usage in autocomplete

This commit fixes the /e/autocomplete/ and /o/autocomplete endpoints, when CONFDB_AUTOCOMPLETE_V2_USE_LEGACY is disabled. These endpoints were unintentionally broken by OS2mo 26.4.0.

The root-cause of the issue was a missing test-case for the endpoint. A couple of test-cases have been added to avoid similar regressions in the future.

27.0.2 (2023-09-13)#

Bug Fixes#

health: [#57628] fix broken identifier healthcheck

This commit fixes the /health/{identifier} endpoint, which was unintentionally broken by OS2mo 25.4.0.

The root-cause of the issue was a missing test-case for the endpoint. A couple of test-cases have been added to avoid similar regressions in the future.

27.0.1 (2023-09-13)#

Bug Fixes#

[#xxxxx] remove breaking changes
[#xxxxx] and add itassociation mutators
[#xxxxx] fix tests
[#xxxxx] fix leave fields in GraphQL schema

27.0.0 (2023-09-12)#

Features#

audit: [#57568] require auditor and registration roles

This commit makes the read_auditlog role required to access the auditlog top-level GraphQL object and the read_registration role required to access the registrations top-level GraphQL object.

BREAKING CHANGE:

While this is indeed a breaking change, as new permissions are now required for the auditlog and registrations, it should be non-breaking for most users as a corresponding change has been made to the Keycloak realm builder version 4.4.0.

26.5.0 (2023-09-12)#

Features#

[#56975] cache parsed token

This makes it so the JWT token is only parsed once for every request to MO. Before this, it was also parsed again much later for some queries which led to problems when the token expired while the request is processing.

[#56975] pass user uuid in header to LoRa

This makes it so LoRa does not re-parse the JWT token for many times for a single request to MO.

26.4.1 (2023-09-11)#

Build improvements#

deps: bump python from 02808bf to 8488a4b

Bumps python from 02808bf to 8488a4b.

26.4.0 (2023-09-11)#

Features#

audit: [#57488] fix broken database tests

This commit refactors a few database tests in the oio_rest test-suite, that were broken as a consequence of refactorings during the introduction of the audit read log.

audit: [#57488] introduce audit read log

This commit introduce an audit read log to OS2mo, tracking and logging all read operations within OS2mo. Every data access is committed to the database.

It can be activated by setting the AUDIT_READLOG_ENABLE feature flag. If the feature flag is not set, no audit read events are generated.

Enabling the audit read log has performance implications as each database read operation also has to write the audit log.

The audit log can be accessed via GraphQL on the newly introduced auditlog top level. It is possible to filter the audit read events by:

The actor who read the data

The data-types read

The time of the read operation

The data objects read

The read operation IDs themselves (mostly useful for auditing reads on the audit log itself)

For example:
query {
  auditlog(
    filter: {
      start: "2023-09-08T19:25:00",
      end: "2023-09-08T19:30:00",
      models: "OrganisationEnhed",
      actors: "0fb62199-cb9e-4083-ba45-2a63bfd142d7",
    },
    limit: "2",
  ) {
    objects {
      id
      actor
      model
      time
      uuids
    }
    page_info {
      next_cursor
    }
  }
}
Querying organisational units read by 0fb62199-cb9e-4083-ba45-2a63bfd142d7 on Friday the 8th of September between 19:25:00 and 19:30:00 o'clock.

Yielding a response akin to:
{
  "data": {
    "auditlog": {
      "objects": [
        {
          "id": "026518b2-0efe-4378-bcd6-d7a5b44fb2d4",
          "actor": "0fb62199-cb9e-4083-ba45-2a63bfd142d7",
          "model": "OrganisationEnhed",
          "time": "2023-09-08T19:26:47.521352+02:00",
          "uuids": [
            "0a946185-4712-5c4b-9bbf-b0894603b9a3",
            "23a2ace2-52ca-458d-bead-d1a42080579f",
            "25abf6f4-fa38-5bd8-b217-7130ce3552cd",
            "32865a87-3475-5dbd-accb-d7659603f0b7",
            "7a8e45f7-4de0-44c8-990f-43c0565ee505",
            "a6773531-6c0a-4c7b-b0e2-77992412b610",
            "b6c11152-0645-4712-a207-ba2c53b391ab",
            "c9d51723-b777-5878-af66-30626e2f9d66"
          ]
        },
        {
          "id": "09a36983-d552-450f-b1bd-f264d01d992c",
          "actor": "0fb62199-cb9e-4083-ba45-2a63bfd142d7",
          "model": "OrganisationEnhed",
          "time": "2023-09-08T19:26:47.439182+02:00",
          "uuids": [
            "fb2d158f-114e-5f67-8365-2c520cf10b58"
          ]
        }
      ],
      "page_info": {
        "next_cursor": "Mg=="
      }
    }
  }
}
Showing two distinct read operations and which entities were read.

In this case the two operations correspond to a detail review in the frontend and the tree-view in the frontend.

Test improvements#

audit: [#57488] add tests for audit read log

This commit introduced two integration tests for the audit log functionality. More tests would have been desirable, but are hard to achieve do to the different database connectors at play.

For more details, see big the comment contained within:

backend/tests/graphapi/test_registration.py

[#57488] reimplement truncate_all_tables helper

This commit reimplements the truncate_all_tables test helper using SQLAlchemy operations replacing the previous implementation using raw sql statements.

The change was made to ensure interoperability with the rest of the fixtures in the test-suite, in particular issues related to using the empty_db fixture in OS2mo's test-suite.

26.3.0 (2023-09-08)#

Features#

[#57239] ITAssociation terminate mutator

26.2.0 (2023-09-08)#

Features#

[#57238] update ITAssociation mutator

26.1.0 (2023-09-07)#

Features#

[#57237] create ITAssociation mutator

26.0.0 (2023-09-06)#

Features#

[#57272] remove org_unit_refresh mutator

BREAKING CHANGE:

The mutator was only used by the GraphQL shim; all callees were using the service API endpoint. The logic has been moved (back) into the service API to make room for the new AMQP-based refresh mutators.

This partially reverts commit c5f172aa24d87660631b3f3a05e8b122f776ff14.

Chores#

[#57272] move filters to separate module

25.4.1 (2023-09-06)#

Bug Fixes#

[#xxxxx] fix update manager mutator To allow editing a manager into being vacant, the mutator needs allow 'person' to be None. Until now, we filtered out all fields that were None.

25.4.0 (2023-09-06)#

Features#

[#57272] graphql filters as an object

This commit introduces a new GraphQL version; GraphQL v14.

GraphQL version 14 introduces a breaking change to the filter variables taken by the resolvers. Specifically, it moves them from top-level arguments to a Filter object.

To migrate from GraphQL v13, nest your filtering parameters in the filter object, e.g. from:
query MyQuery {
  addresses(
    from_date: "2023-09-01",
    address_type_user_keys: "EmailEmployee",
  ) {
    objects {
      uuid
    }
  }
}
to
query MyQuery {
  addresses(
    filter: {
      from_date: "2023-09-01",
      address_type_user_keys: "EmailEmployee",
    },
  ) {
    objects {
      uuid
    }
  }
}

Chores#

[#57272] fix hypothesis FailedHealthCheck

The method TestGraphAPI.test_queries was called from multiple different executors. This may lead to flaky tests and nonreproducible errors when replaying from database.

25.3.0 (2023-09-05)#

Features#

db: [#57491] remove unused database entities

This commit removes 43 unused database tables along with their corresponding table constraints, functions and sequences.

25.2.1 (2023-09-05)#

Documentation#

[#57456] fix on-prem specs
[#57456] fix development docs
[#57456] fix lederhåndtering rendering
[#57456] more restructuring w/Alex
[#57456] fix index
[#57456] restructure documentation
[#57456] remove outdated or irrelevant docs

Build improvements#

deps: bump fastapi from 0.103.0 to 0.103.1

Bumps fastapi from 0.103.0 to 0.103.1. - Release notes - Commits

25.2.0 (2023-09-04)#

Features#

[#57134] leave terminate mutator

25.1.1 (2023-09-01)#

Documentation#

audit: [#55093] initial documentation of the auditlog

Chores#

deps: bump alembic from 1.11.3 to 1.12.0

25.1.0 (2023-09-01)#

Features#

[#57133] leave update mutator

Documentation#

[#57046] rettelserdoc
[#57046] sdskriv
[#57046] emailnotifs

25.0.1 (2023-09-01)#

Build improvements#

deps: bump sentry-sdk from 1.29.2 to 1.30.0

Bumps sentry-sdk from 1.29.2 to 1.30.0. - Release notes - Changelog - Commits

25.0.0 (2023-08-31)#

Features#

[#56846] remove changed_since arg from service api

BREAKING CHANGE:

The argument "changed_since" has been removed from all service api endpoints. In some sense, this is not a breaking change, because the feature never worked and is currently unused.

Bug Fixes#

[#56846] read current time with DEFAULT_TIMEZONE

Before this patch, the timezone was "replaced" which doesn't update the actual timestamp accordingly. The issue could manifest itself, for instance, if it is 5 minutes past midnight in Denmark, and the system is running in UTC (22:05). In this case now would return 22:05 but think it was danish time.

Documentation#

[#57046] merdoks
[#57046] ret rapporter docs
[#57046] menudocs
[#57046] mere doks
[#57046] authautdocs
[#57046] opdatere docs
[#57046] opdatering af docs

Chores#

[#56846] tz implementation parity between graphql and service API
[#57272] fix nginx dev proxy

24.6.0 (2023-08-28)#

Features#

[#55406] created custom GraphQL sub-query for orgunit.ancestors called 'ancestors_validity'

Bug Fixes#

[#55406] autocomplete-v2.2 now uses new gql orgunit.ancestors_validity query for decoration
[#55406] fixed Response.current.active_now() AttributeError issue and removed old try-catch
[#55406] Reverted hacks old hacks for autocomplete-ancestors

24.5.2 (2023-08-27)#

Build improvements#

deps: bump fastapi from 0.101.1 to 0.103.0

Bumps fastapi from 0.101.1 to 0.103.0. - Release notes - Commits

24.5.1 (2023-08-27)#

Build improvements#

deps: bump python from 85b3d19 to 02808bf

Bumps python from 85b3d19 to 02808bf.

24.5.0 (2023-08-25)#

Features#

[#57272] cache introspection queries

Documentation#

[#56158] ændringer til orgviewerdokumentation
[#56158] miniændring til MED-org

24.4.0 (2023-08-25)#

Features#

[#57272] enable stdin in docker for pdb debugging

Documentation#

[#57047] Update documentation again
[#56158] tilpasing af dokumentation om håndtering af ledere
[#57047] Update documentation

24.3.0 (2023-08-24)#

Features#

[#53863] feature flag to disable the AMQP delay

Your warranty is now void.

24.2.0 (2023-08-24)#

Features#

[#57240] add possibility to query for it associations

Documentation#

[#57117] slutbrugerdokumentation til email notifikationer

Code Refactor#

graphql: [#57145] implement v7 as a shim
graphql: [#57145] implement v8 as a shim

24.1.0 (2023-08-23)#

Features#

graphql: [#57145] cleanup employee mutators

This commit introduces a new GraphQL version, GraphQL v12.

GraphQL version 13 introduces a breaking change to the input variables taken by the employee_create and employee_update-mutators. Specifically it removes the name, nickname, cpr_no, givenname, from and to input variable, which were previously optional arguments.

As such name now has to be given using the structured form, using given_name and surname, and correspondingly nickname has to be given using nickname_given_name and nickname_surname. cpr_no should be given using cpr_number while from and to should be given via the validity argument. All of these arguments have been made required and the mutually exclusivity validators have been removed.

To migrate from GraphQL version 12, make the following changes to your code: * rename givenname to given_name * rename cpr_no to cpr_number * restructure from and to to validity: {from: ..., to: ...} * recode name to given_name / surname as:
given_name, surname = name.rsplit(" ", 1)
* recode nickname similarly to name

Documentation#

[#57047] Add documentation for end users
[#57172] add ldap docs for end users

24.0.0 (2023-08-22)#

Features#

[#57219] decouple amqp subsystem from FastAPI app

This patch decouples the new AMQP subsystem from the FastAPI app, meaning one can run separately and without knowledge of the other.

A new CLI subcommand is introduced (mora.cli amqp start) to launch the AMQP subsystem as a process.

This change will increase the performance of the overall system as one can deploy many ASGI apps alongside a single AMQP subsystem.

BREAKING CHANGE:

MO deployments with the new amqp subsystem will need to change their deployment method to accomodate this.

AMQP_ENABLE_NEW_SUBSYSTEM environment variable no longer has an effect.

[#57219] reduce new amqp db load

Bug Fixes#

[#57219] init error

23.32.2 (2023-08-21)#

Build improvements#

deps: bump click from 8.1.6 to 8.1.7

Chores#

[#53863] fix mo init

23.32.1 (2023-08-21)#

Bug Fixes#

[#53863] always run on port 5000

Ideally, we'd run on port 80, but 5000 is hardcoded so many places now. In Danish, this is what's known as a 'falliterklæring'.

CI improvements#

[#53863] actually wait for rabbitmq before running integration tests

23.32.0 (2023-08-21)#

Features#

[#53863] add testing endpoint to flush AMQP messages

This is needed for integration tests to avoid having to wait up to a minute for the AMQP messages.

CI improvements#

[#53863] wait for rabbitmq before running integration tests

23.31.2 (2023-08-18)#

Bug Fixes#

[#xxxxx] add local Naldo prod build address to Keycloak

CI improvements#

[#53863] set GUNICORN_WORKERS=1 in integration tests

Chores#

document :latest in integration test CI template

23.31.1 (2023-08-18)#

Bug Fixes#

[#53863] expose port in Dockerfile

CI improvements#

[#53863] fix integration tests

23.31.0 (2023-08-18)#

Features#

[#57129] role terminate mutator + minor typos

23.30.0 (2023-08-18)#

Features#

[#57128] role update mutator

23.29.1 (2023-08-17)#

Build improvements#

deps: bump python from e7b98cb to 85b3d19

Bumps python from e7b98cb to 85b3d19.

23.29.0 (2023-08-17)#

Features#

graphql: [#57145] offer person in addition to employee in reading

This commit ensures that the entire reading schema offers person as a readable field in addition to employee which has now been deprecated.

23.28.0 (2023-08-17)#

Features#

graphql: [#57145] align engagement create + update mutators

This commit ensures that the engagement_create and engagement_update mutators take the person argument in addition to the employee argument, which has been deprecated.

Chores#

[#53863] remove export_schema

Use the /graphql/vX/schema.graphql` API instead.

23.27.0 (2023-08-17)#

Features#

graphql: [#57145] align ituser create + update mutators

This commit ensures that the same arguments are taken by the ituser_create and ituser_update mutators.

CI improvements#

[#53863] disable new AMQP subsystem
[#53863] msg_broker isn't a valid DNS hostname

A lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character.

[#53863] reusable integration test template
[#53863] don't set MO settings environment variables for unit tests

23.26.1 (2023-08-17)#

Bug Fixes#

[#57192] second fix timezones
[#57192] quickfix for the timezone mess

23.26.0 (2023-08-17)#

Features#

graphql: [#57145] remove type input from the ituser_manager mutator

This commit introduces a new GraphQL version, GraphQL v12.

GraphQL version 12 introduces a breaking change to the input variables taken by the ituser_create-mutator. Specifically it removes the type input variable, which was previously an optional argument that should always have its value set to: it. Setting it to any other value will break invariants in the underlying code leading to undefined behavior.

The argument had the default value of it and as such the issue only arises if the caller explicitly sends a different value. The argument has however been removed entirely in version 12, as it is leaking implementation-specific details and should never have been exposed.

To migrate from GraphQL version 11, simply stop sending type with your queries.

graphql: [#57145] remove type input from the ituser_manager mutator

This commit introduces a new GraphQL version, GraphQL v12.

GraphQL version 12 introduces a breaking change to the input variables taken by the ituser_create-mutator. Specifically it removes the type input variable, which was previously an optional argument that should always have its value set to: it. Setting it to any other value will break invariants in the underlying code leading to undefined behavior.

The argument had the default value of it and as such the issue only arises if the caller explicitly sends a different value. The argument has however been removed entirely in version 12, as it is leaking implementation-specific details and should never have been exposed.

To migrate from GraphQL version 11, simply stop sending type with your queries.

23.25.1 (2023-08-17)#

Build improvements#

deps: bump alembic from 1.11.2 to 1.11.3

Bumps alembic from 1.11.2 to 1.11.3. - Release notes - Changelog - Commits

23.25.0 (2023-08-17)#

Features#

graphql: [#57145] align employee read

This commit ensures that the fields readable from employees are the same as given to the employee_create and employee_update mutators.

The change was made backwards compatibility, such that you can now query both: * cpr_number and cpr_no * given_name and givenname * nickname_given_name and nickname_givenname Of which the latters are being deprecated and subject to removal in the future.

Chores#

[#53863] remove obsolete TRUNCATE_API
[#53863] remove obsolete TESTING_API
[#53863] remove obsolete lora settings documentation

23.24.0 (2023-08-17)#

Features#

graphql: [#57145] nested validity on employee_update

This commit introduces a nested validity object on the employee_update mutator, to align it with all other mutators.

The original unnested validity fields of from_date and to_date are still kept for backwards compatibility, but both have been deprecated.

Documentation#

[#57154] oprydning i menu

23.23.1 (2023-08-16)#

Build improvements#

deps: bump python from bc1d76a to e7b98cb

Bumps python from bc1d76a to e7b98cb.

23.23.0 (2023-08-16)#

Features#

graphql: [#57145] align employee create + update mutators

This commit ensures that the same arguments are taken by the employee_create and employee_update mutators.

As a side-effect both mutators now take, both: * cpr_number and cpr_no * given_name and givenname Of which the latters are being deprecated and subject to removal in the future.

Additionally both mutators also now take name and nickname, both of which are deprecated in favor of their structured counterparts.

CI improvements#

[#53863] use templates

23.22.0 (2023-08-16)#

Features#

graphql: [#57145] align association create + update mutators

This commit ensures that the same arguments are taken by the association_create and association_update mutators.

As a side-effect both mutators now take both person and employee as the address person reference, with the latter being deprecated and subject to removal in the future.

graphql: [#57145] align association create + update mutators

This commit ensures that the same arguments are taken by the association_create and association_update mutators.

As a side-effect both mutators now take both person and employee as the address person reference, with the latter being deprecated and subject to removal in the future.

graphql: [#57145] align association create + update mutators

This commit ensures that the same arguments are taken by the association_create and association_update mutators.

As a side-effect both mutators now take both person and employee as the address person reference, with the latter being deprecated and subject to removal in the future.

23.21.0 (2023-08-16)#

Features#

graphql: [#57145] remove type input from the create_manager mutator

This commit introduces a new GraphQL version, GraphQL v11.

GraphQL version 11 introduces a breaking change to the input variables taken by the manager_create-mutator. Specifically it removes the type input variable, which was previously an optional argument that should always have its value set to: manager. Setting it to any other value will break invariants in the underlying code leading to undefined behavior.

The argument had the default value of manager and as such the issue only arises if the caller explicitly sends a different value. The argument has however been removed entirely in version 11, as it is leaking implementation-specific details and should never have been exposed.

To migrate from GraphQL version 10, simply stop sending type with your queries.

23.20.0 (2023-08-16)#

Features#

graphql: [#57145] remove uuid selector from various mutators

This commit introduces a new GraphQL version, GraphQL v10.

GraphQL version 10 introduces a breaking change to the input variables taken by the class_update, facet_update and itsystem_update mutators. These mutators took a separate uuid input variable besides the one contained within the input object itself, leading to potential inconsistencies besides the fact that it was not aligned with the other mutators.

In the future all mutators may get a uuid selector (and have uuid removed from within the input), but this change, should it occur, will be introduced in a new version, and will make the change consistently across all mutators.

This change simply aims to ensure consistency across our existing mutators.

To migrate from version 9 to version 10, remove the uuid parameter from class_update (or facet_update / itsystem_update) and provide the uuid inside the input object instead.

Version 9:
mutation TestClassUpdate($input: ClassUpdateInput!, $uuid: UUID!) {
    class_update(input: $input, uuid: $uuid) {
        uuid
    }
}
Version 10:
mutation TestClassUpdate($input: ClassUpdateInput!) {
    class_update(input: $input) {
        uuid
    }
}
Where uuid is now within input.

23.19.0 (2023-08-16)#

Features#

[#57132] leave create mutator

Documentation#

[#57154] mere dokumentation
[#57154] test docs

23.18.7 (2023-08-16)#

Build improvements#

deps: bump sqlalchemy from 2.0.19 to 2.0.20

Bumps sqlalchemy from 2.0.19 to 2.0.20. - Release notes - Changelog - Commits

CI improvements#

[#53863] new keycloak realm builder

23.18.6 (2023-08-15)#

Build improvements#

deps: bump fastapi from 0.100.0 to 0.101.1

23.18.5 (2023-08-15)#

Build improvements#

deps: bump jsonschema from 4.18.4 to 4.19.0

23.18.4 (2023-08-15)#

Build improvements#

deps: bump python from d73088c to bc1d76a

23.18.3 (2023-08-15)#

Build improvements#

deps: bump alembic from 1.11.1 to 1.11.2

23.18.2 (2023-08-15)#

Build improvements#

deps: bump psycopg2-binary from 2.9.6 to 2.9.7

23.18.1 (2023-08-15)#

Build improvements#

deps: bump uvicorn from 0.23.1 to 0.23.2

23.18.0 (2023-08-15)#

Features#

graphql: [#57145] align address create + update mutators

This commit ensures that the same arguments are taken by the address_create and address_update mutators.

As a side-effect both mutators now take both person and employee as the address person reference, with the latter being deprecated and subject to removal in the future.

Bug Fixes#

graphql: [#57145] fix broken exception code

This commit fixes 3 occurrences of raising exceptions thrown by exceptions.ErrorCodes. It also types the __call__ override within ErrorCodes to ensure proper typing by mypy.

Code Refactor#

graphql: [#57145] refactor out gen_uuid

This commit removes 15 duplicates of gen_uuid by refactoring it out as a global helper function.

23.17.0 (2023-08-15)#

Features#

graphql: [#57145] change org_unit_terminate input variable

This commit introduces a new GraphQL version, GraphQL v9.

GraphQL version 9 introduces a breaking change to the input variable name of the org_unit_terminate-mutator's input-variable, which did not align with the other mutators.

To migrate from version 8 to version 9, change the name of org_unit_terminate's input-variable from unit to input.

Version 8:
mutation TestTerminateOrgUnit($input: OrganisationUnitTerminateInput!) {
    org_unit_terminate(unit: $input) {
        uuid
    }
}
Version 9:
mutation TestTerminateOrgUnit($input: OrganisationUnitTerminateInput!) {
    org_unit_terminate(input: $input) {
        uuid
    }
}

23.16.4 (2023-08-15)#

Build improvements#

deps: bump sentry-sdk from 1.28.1 to 1.29.2

23.16.3 (2023-08-14)#

Build improvements#

deps: bump psycopg from 3.1.9 to 3.1.10

23.16.2 (2023-08-14)#

Documentation#

[#54660] Update docs for rollecatalog

Build improvements#

deps-dev: bump hypothesis from 6.82.0 to 6.82.4

23.16.1 (2023-08-14)#

Documentation#

[#57048] igen Vejledning til KLE-opmærkning, vedligehold og eksport

Build improvements#

deps: [#xxxxx] fix lora-utils dependency
deps: [#xxxxx] fix serviceplatform dependency

23.16.0 (2023-08-14)#

Features#

[#57127] role mutators

Documentation#

[#57048] Vejledning til KLE-opmærkning, vedligehold og eksport

23.15.0 (2023-08-11)#

Features#

[#56443] add primary field to association mutators. (same as engagements)

Documentation#

[#57048] Introduce KLE guide to documentation

23.14.0 (2023-08-10)#

Features#

[#57101] fixed bug in get_graphql_equivalent_by_uuid() for at-argument

The at-arg can be None, but the logic always assumed it was set. We now default to NOW if at-arg is None

23.13.6 (2023-08-10)#

Bug Fixes#

[#57073] fix gql current to include today

Documentation#

os2sync_export: [#57049] update docs for os2sync_export

23.13.5 (2023-08-09)#

Bug Fixes#

[#57073] fix time when included in current in gql

23.13.4 (2023-08-08)#

Bug Fixes#

[#56892] gql orgunit.parent seed_resolver now uses 'first()' and includes root.validity

seed_resolver_last have been removed since it didnt make sense to use. I forgot to include the root.validity properly in the last fix.

23.13.3 (2023-08-08)#

Bug Fixes#

[#56892] Added missing 'current' to orgunit graphql decorate query

Also minimized the query little

[#56892] Created new seed_resolver_last() for OrganisationUnit.parent

Returns last element of parent orgunit objects, or defaults to None. This was needed when searching for orgunit.ancestors across all time.

23.13.2 (2023-08-03)#

Bug Fixes#

[#56892] moved lora_connector gql dates override hack to 'get_connector' for consistency

23.13.1 (2023-08-03)#

Bug Fixes#

[#56892] HACK for graphapi.reader get_role_type_by_uuid, which overrides lora_connector dates

Created new method 'update_validity_dates' for our lora_connector, so we can update a lora_connector's validity after it have been created, since validity could only be set in the constructor. And since we use pythons LRU cache when new'ing lora_connectors, the validity is only set the first and only time a lora_connector is newed. The lora_connector dates can now be changed after it is returned by LRU cache.

23.13.0 (2023-08-01)#

Features#

[#56892] autocomplet-v2.2 employees now goes through 'all time' and uses at-date

If multiple results was found, the at-date is used to find a result with a valid validity. If there are no results with valid validity, the gql 'current'-field will be used for the result

[#56892] added 'validity' to org_unit autocomplete-v2.2 results

This was done, after changing org_unit autocomplete-v2.2, so it does not use timemachine-date, whichs makes it possible to search for org_units in the past and future. Validity is needed in order to change the frontends current 'timemachine'-date, if a search-result is choosen, which interval either ends in the past or starts in the futre

Bug Fixes#

[#56892] removed 'registrations' from autocomplete-v2 org_unit-decorate new v8 gql-query
[#56892] removed timemachine-date from orgunit-autocomplete-v2 + updated gql to use v8 from v4

Test improvements#

[#56892] updated autocomplete-v2.2 after adding 'validity' to search-results

23.12.0 (2023-07-28)#

Features#

[#53863] testing API

This allows for much easier integration/end-to-end/acceptance tests in external integrations.

Bug Fixes#

[#53863] fix KLE test broken in 41606207

23.11.9 (2023-07-28)#

Bug Fixes#

[#53863] bump ramqp

This fixes an issue trying to send json-unserialisable objects.

23.11.8 (2023-07-28)#

Bug Fixes#

[#53863] don't publish orig_class to amqp

23.11.7 (2023-07-27)#

Bug Fixes#

[#53863] deduplicate log levels

Previously, we had both OS2MO_LOG_LEVEL and LOG_LEVEL. We use LOG_LEVEL in our other programs, so the OS2MO_ prefix is dropped and defaulted to INFO, thereby deprecating the dev environment override.

23.11.6 (2023-07-27)#

Build improvements#

deps: bump strawberry-graphql from 0.195.3 to 0.196.1

Bumps strawberry-graphql from 0.195.3 to 0.196.1. - Release notes - Changelog - Commits

23.11.5 (2023-07-26)#

Bug Fixes#

[#53004] instrument properly
[#53004] properly close new amqp subsystem

Chores#

[#53004] fix tests
[#53004] passthrough calls to the OS2mo test app / LoRa

This is needed because Starlette now uses HTTPX in their TestApp. Previously, requests was used, which meant calls on the test app were hidden from respx. They aren't anymore, so respx complains that we are making unmocked calls.

[#53004] replace service_client.{get,post} with .request

Starlette 0.21.0 changed the TestClient implementation: it replaced the requests library with httpx. As those libraries have different APIs, this change break tests for Starlette's users.[1]

[1] https://github.com/Kludex/bump-testclient

[#56918] update dependencies

23.11.4 (2023-07-25)#

Chores#

deps: bump os2mo-dar-client from 0.1.0 to 0.2.3

23.11.3 (2023-07-25)#

Bug Fixes#

auth: [#56940] fix missing context variable passing

This bugfix remedies an unforeseen issue in OS2mo 23.11.0 related to context variable passing across OS2mos internal HTTPX boundary to LoRa.

Before this fix the functionality described in OS2mo 23.11.0 was faulty, always just setting the "magic number" UUID instead of the JWT token UUID. This bugfix ensures that it is now working correctly.

Test improvements#

auth: [#56940] test set_authorization_user

23.11.2 (2023-07-24)#

Build improvements#

deps: bump jsonschema from 4.18.3 to 4.18.4

23.11.1 (2023-07-24)#

Build improvements#

deps: bump aiohttp from 3.8.4 to 3.8.5

Bumps aiohttp from 3.8.4 to 3.8.5. - Release notes - Changelog - Commits

23.11.0 (2023-07-24)#

Features#

auth: [#56940] implement set_authenticated_user

This commit ensures that all changes written to registrations in the database have the correct user references.

Before this change all registration user references would simply be set to: 42c432e8-9c4a-11e6-9f62-873cf34a735f, a "magic number" UUID that was introduced to OS2mo/LoRa in December of 2015 and has been used since then as the only user reference.

Thus after this commit the "magic number" UUID should appear much less frequently, although it is still used for backwards compatibility for occasions when the user reference cannot be extracted from the JWT token from Keycloak.

The implementation has been written using starlette-context to pass the user reference outside of the stack, to get it into LoRa's database layer without actually modifying the entire call stack. It has been implemented in accordance with:

https://starlette-context.readthedocs.io/en/latest/fastapi.html

In the future when shimming has been implemented fully, and LoRa's REST API has been eliminated a better solution can probably be made by passing it inside the call stack, but this is the solution for now.

Code Refactor#

[#56940] remove unused variables

This commit simply eliminates dead code.

[#56940] add CORSMiddleware directly

This commit ensures that the CORSMiddleware is instances alike all other middlewares on initialization instead of after application construction using the app.add_middleware.

[#56940] rewrite manage_request_scoped_globals as dependency
[#56940] rewrite AccesslogMiddleware as FastAPI middleware
[#56940] rewrite LoRaNOOPChangePlugin as FastAPI middleware
[#56940] rewrite GraphQLDatesPlugin as dependency
[#56940] rewrite GraphQLContextPlugin as dependency
[#56940] rewrite DARLoaderPlugin as dependency
[#56940] rewrite LoRaConnectorPlugin as dependency
[#56940] rewrite QueryArgContextPlugin as dependency

23.10.2 (2023-07-24)#

Build improvements#

deps-dev: bump hypothesis from 6.81.2 to 6.82.0

23.10.1 (2023-07-24)#

Build improvements#

deps: bump strawberry-graphql from 0.195.2 to 0.195.3

Bumps strawberry-graphql from 0.195.2 to 0.195.3. - Release notes - Changelog - Commits

23.10.0 (2023-07-21)#

Features#

[#56859] make org_unit required for KLE

Chores#

[#56927] add primary field to engagement mutators

23.9.1 (2023-07-18)#

Build improvements#

deps: bump gunicorn from 20.1.0 to 21.0.1

Bumps gunicorn from 20.1.0 to 21.0.1. - Release notes - Commits

23.9.0 (2023-07-17)#

Features#

[#56859] kle update/terminate mutators

Test improvements#

graphql: [#56472] Add testing of engagement extensions

23.8.7 (2023-07-17)#

Build improvements#

deps: bump strawberry-graphql from 0.195.0 to 0.195.2

Bumps strawberry-graphql from 0.195.0 to 0.195.2. - Release notes - Changelog - Commits

23.8.6 (2023-07-17)#

Build improvements#

deps: bump sqlalchemy from 2.0.18 to 2.0.19

Bumps sqlalchemy from 2.0.18 to 2.0.19. - Release notes - Changelog - Commits

23.8.5 (2023-07-17)#

Build improvements#

deps: bump prometheus-fastapi-instrumentator from 6.0.0 to 6.1.0

Bumps prometheus-fastapi-instrumentator from 6.0.0 to 6.1.0. - Release notes - Changelog - Commits

23.8.4 (2023-07-17)#

Build improvements#

deps-dev: bump hypothesis from 6.81.1 to 6.81.2

Bumps hypothesis from 6.81.1 to 6.81.2. - Release notes - Commits

23.8.3 (2023-07-17)#

Build improvements#

deps: bump uvicorn from 0.22.0 to 0.23.0

Bumps uvicorn from 0.22.0 to 0.23.0. - Release notes - Changelog - Commits

23.8.2 (2023-07-17)#

Build improvements#

deps: [security] bump cryptography from 41.0.1 to 41.0.2

Bumps cryptography from 41.0.1 to 41.0.2. This update includes a security fix. - Release notes - Changelog - Commits

23.8.1 (2023-07-15)#

Build improvements#

deps: bump strawberry-graphql from 0.194.4 to 0.195.0

Bumps strawberry-graphql from 0.194.4 to 0.195.0. - Release notes - Changelog - Commits

23.8.0 (2023-07-14)#

Features#

test: [#xxxxx] fixup respx mock

Build improvements#

deps: [security] bump httpx from 0.19.0 to 0.23.0

Bumps httpx from 0.19.0 to 0.23.0. This update includes a security fix. - Release notes - Changelog - Commits

23.7.10 (2023-07-14)#

Chores#

deps: bump python from 3.10 to 3.11

Bumps python from 3.10 to 3.11.

23.7.9 (2023-07-14)#

Chores#

deps: bump psycopg2-binary from 2.8.6 to 2.9.6

Bumps psycopg2-binary from 2.8.6 to 2.9.6. - Release notes - Changelog - Commits

23.7.8 (2023-07-14)#

Chores#

deps: bump sentry-sdk from 1.27.1 to 1.28.1

23.7.7 (2023-07-14)#

Chores#

deps: bump click from 8.1.4 to 8.1.5

Bumps click from 8.1.4 to 8.1.5. - Release notes - Changelog - Commits

23.7.6 (2023-07-14)#

Chores#

deps: bump jsonschema from 4.18.2 to 4.18.3

Bumps jsonschema from 4.18.2 to 4.18.3. - Release notes - Changelog - Commits

23.7.5 (2023-07-13)#

Chores#

deps: bump strawberry-graphql from 0.180.5 to 0.194.4

Bumps strawberry-graphql from 0.180.5 to 0.194.4. - Release notes - Changelog - Commits

23.7.4 (2023-07-13)#

Chores#

deps: bump sqlalchemy from 2.0.17 to 2.0.18

23.7.3 (2023-07-13)#

Chores#

deps: bump jsonschema from 4.18.0 to 4.18.2

23.7.2 (2023-07-13)#

Chores#

deps-dev: bump pytest-asyncio from 0.21.0 to 0.21.1

Bumps pytest-asyncio from 0.21.0 to 0.21.1. - Release notes - Commits

23.7.1 (2023-07-13)#

Chores#

deps-dev: bump hypothesis from 6.80.1 to 6.81.1

Bumps hypothesis from 6.80.1 to 6.81.1. - Release notes - Commits

23.7.0 (2023-07-13)#

Features#

[#56859] create KLE mutator tests

Documentation#

graphql: [#53111] add version 8 migration guide

23.6.0 (2023-07-12)#

Features#

[#50473] shim list_details

23.5.0 (2023-07-12)#

Features#

graphql: [#50473] introduce owner reading to GraphQL

This commit introduces reading of owner objects to our GraphQL interface.

It should be noted that owner objects are not implemented as fully yet. This change only introduces the object itself, not all its realations.

However it is not possible to run queries alike these:
{
  org_units {
    objects {
      current {
        owners {
          uuid
        }
      }
    }
  }
}
Or:
{
  owners {
    objects {
      current {
        uuid
      }
    }
  }
}
And to check if a given organisation unit has owners attached or not.

23.4.0 (2023-07-12)#

Features#

[#53863] graphql schema header

The header is mostly introduced to include the version, but the license header is a nice-to-have that allows us to pull the schema more easily in our integration repos.

Chores#

[#53863] remove newlines from the beginning of docstrings

23.3.0 (2023-07-12)#

Features#

[#56859] create KLE mutator

23.2.2 (2023-07-11)#

Bug Fixes#

graphql: [#53111] change mutator input-name from 'at' to 'input, to align with other mutators

This commit introduces a new GraphQL version, GraphQL v8. I stumbled upon the name of an input on the address_terminate-mutator, which didn't align with the other mutators and changed it from 'at' to 'input'.

To migrate to the new version, change all current GraphQL calls from version 7 (/graphql/v7) to version 8 (/graphql/v8) and change the variable name for the mutator address_terminate from at to input.

23.2.1 (2023-07-10)#

Bug Fixes#

graphql: [#56850] fix typo in org_create implementation

Chores#

[#56847] do not reload on changes to tests

It's a little annoying that we have to specify the reload paths explicitly. When (if) we restructure the project to have tests outside the main package, this can be removed.

23.2.0 (2023-07-10)#

Features#

graphql: [#56850] introduce create root organisation GraphQL mutator

This change introduces a new GraphQL mutator for creating the root organisation within OS2mo. Previously the root organisation could only be created by calling LoRa directly.

To create the root organisation using the new mutator, simply call:
mutation CreateRootOrganisation {
  org_create(input: {municipality_code: 720}) {
    municipality_code
    name
    user_key
    uuid
  }
}
On an entirely empty OS2mo instance. The expected result is:
{
  "data": {
    "org_create": {
      "municipality_code": 720,
      "name": "root",
      "user_key": "root",
      "uuid": "0b835cf9-4eb8-420b-9037-7d917d2112f9"
    }
  }
}
If the root organisation was successfully created.

Calling the mutator when an existing root-organisation exists results in an error alike the following:
{
  "data": null,
  "errors": [
    {
      "message": "Root organisation already exists",
      "locations": [
        {
          "line": 2,
          "column": 3
        }
      ],
      "path": [
        "org_create"
      ]
    }
  ]
}

Chores#

[#56847] in-line os2mo-fastapi-utils

23.1.0 (2023-07-08)#

Features#

[#56849] add expose_lora flag to OS2mo

Before this change all OS2mo instances would always expose all of LoRas REST API on the /lora prefix.

This change makes this behavior configurable, such that deployments can decide whether or not they want to expose LoRa. This is the first step in the progress of eliminating LoRas REST API, in line with the goal of only exposing OS2mo data through the GraphQL interface.

Documentation#

[#56277] remove obsolete installation instructions
[#56708] updatereportsdocs
[#56708] updateledere
[#56708] updateledere
[#56708] updateomadadocs
[#56708] add omada docs

23.0.1 (2023-07-05)#

Bug Fixes#

[#56780] use the last published state of classes

23.0.0 (2023-07-05)#

Features#

[#52180] remove support from legacy database sessions

This commit removes the code that allows OS2mo to reads legacy session tokens from the database. A replacement for this mechanism was introduced in OS2mo 21.1.0 where it became possible to give valid legacy session tokens via the os2mo_legacy_sessions environmental variable.

Additionally the following environmental variables have been removed:

os2mo_legacy_session_support:

Was previously a boolean flag stating whether to activate the legacy session backend. This has been superseeded by the os2mo_legacy_sessions environmental variable, such that if a non-empty list of legacy sessions are provided, the legacy backend is activated.

session_db_*:

Was previously various configuration variables to connect to the sessions database, has now been eliminated completely.

BREAKING CHANGE:

This commit is a breaking change for customers that have not yet migrated away from legacy sessions or whom have not migrated to the newly introduced environmental variable for legacy sessions.

The preferred migration path is to avoid using legacy sessions as they are potentially insecure, however if a temporary workaround is required a somewhat straight forward migrations path to using the environmental variable exists.

Simply extract all active session tokens from the sessions database table (i.e. the session_id) column. Entries have a format similar to:
session:a5b7b0b7-77c5-4ede-ae2e-a8c6e2998a6d
Remove the session: prefix and provide the UUIDs as a JSON-list to the os2mo_legacy_sessions environmental variable.

Documentation#

[#56708] updatelederhaandtering
[#56708] updatemenu1
[#56708] updatemenu
[#56708] updatedocsagainagain
[#56708] updatedocsagain

22.10.0 (2023-07-04)#

Features#

[#56754] introduce CONSOLIDATE feature flag

Chores#

major pita: [#56754] fix pre-commit

22.9.0 (2023-07-03)#

Features#

graphql: [#56757] allow setting nickname when creating employees

Before this commit it was not possible to set nickname when creating an employee using the employee_create mutator. A workaround was however possible as the employee_update mutator allowed for setting it.

Thus it was possible to create an employee without a nickname using the employee_create mutator and then immediately add a nickname using the employee_update mutator, however this workflow is cumbersome and includes the risk of having the employee in OS2mo without a nickname for a certain amount of time.

This commit does not solve the general issue of mismatches between create and update operations, but rather solves the specific issue with nicknames. In the future all these distinctions should be dealt with, such that whatever can be edited after creation also can be set during creation.

22.8.7 (2023-07-03)#

Bug Fixes#

[#56754] org_unit_type is required

22.8.6 (2023-06-30)#

Bug Fixes#

[#55737] convert UUID-or-empty-string type to a proper optional UUID type

Documentation#

[#56708] updatetopmenu
[#56708] updatereports

Apply 1 suggestion(s) to 1 file(s)

[#56708] updatedocs
[#56708] updatemenuitem

22.8.5 (2023-06-29)#

Chores#

deps-dev: bump hypothesis from 6.79.3 to 6.80.0

Bumps hypothesis from 6.79.3 to 6.80.0. - Release notes - Commits

22.8.4 (2023-06-29)#

Bug Fixes#

[#56654] replace file download authorization cookie

OS2mo 21.12.0 unintentionally broke the file downloads for some users.

File downloads were broken as a consequence of two seemingly unrelated facts, namely: 1. The 4KB limit on cookies (RFC2109 (6.3), RFC2965 (5.3), and RFC6265) 2. The introduction of new roles in the role-based access control system.

Before this commit the file download authorization cookie was set to the JWT token as provided by Keycloak. This allowed the backend to verify the token on download using the Keycloak public signing key.

However as new roles were introduced the size of the JWT tokens grew, eventually surprissing the 4KB limit on cookies, thus the web-browser would reject the cookie thereby breaking file downloads.

This fix modifies the value returned in the file download authorization cookie to be a random UUID instead of the JWT token, thus ensuring that the output size is fixed. The cookie UUID will be valid for 10 minutes.

This change also adds a new database table to keep track of the file tokens.

22.8.3 (2023-06-28)#

Documentation#

[#56069] update path
[#56069] Update png
[#56069] updatemenu
update org-chart.md
create organisationsopmærkning.md
update os2sync_export docs to reflect the new configs and event-driven structure

Chores#

deps: bump sqlalchemy from 2.0.16 to 2.0.17

22.8.2 (2023-06-27)#

Documentation#

graphql: [#55434] rework org-unit documentation

Chores#

deps-dev: bump pytest from 7.3.2 to 7.4.0

Bumps pytest from 7.3.2 to 7.4.0. - Release notes - Changelog - Commits

22.8.1 (2023-06-27)#

CI improvements#

[#56627] remove review apps

Chores#

deps-dev: bump hypothesis from 6.79.2 to 6.79.3

Bumps hypothesis from 6.79.2 to 6.79.3. - Release notes - Commits

22.8.0 (2023-06-26)#

Features#

[#56402] expose LoRa noop in http header

Documentation#

[#XXXXX] Update drawing of MO overview

22.7.2 (2023-06-23)#

Chores#

deps: bump sentry-sdk from 1.25.1 to 1.26.0

Bumps sentry-sdk from 1.25.1 to 1.26.0. - Release notes - Changelog - Commits

22.7.1 (2023-06-23)#

Chores#

deps-dev: bump hypothesis from 6.79.1 to 6.79.2

Bumps hypothesis from 6.79.1 to 6.79.2. - Release notes - Commits

22.7.0 (2023-06-23)#

Features#

graphql: [#55434] add parent and children to facet

Chores#

[#54447] fix docker compose

22.6.1 (2023-06-22)#

Bug Fixes#

[#56588] fixed autocomplete v2 addr/email search, which was missing awaits
[#56588] added missing match on CPR-number to autocomplete v2, for employees

22.6.0 (2023-06-22)#

Features#

graphql: [#56469] Add extension fields to mutators

Documentation#

graphql: [#55434] further work on documentation
graphql: [#55434] ensure cpr_no has cprtype
graphql: [#55434] rework related_units documentation
graphql: [#55434] rewrite ituser docs
graphql: [#55434] rewrite engagement_association docs
graphql: [#55434] rewrite engagement docs
graphql: [#55434] rewrite employee docs
graphql: [#55434] rework query documentation
graphql: [#55434] rework class documentation
graphql: [#55434] rework role documentation
graphql: [#55434] rework org_unit documentation
graphql: [#55434] rework association documentation
graphql: [#55434] rework address documentation

Chores#

[#54447] remove unused env variable
[#54447] move comment, remove CMD overwrite

22.5.0 (2023-06-20)#

Features#

[#54774] re-introduced optional uuid-argument for GraphQL Class- & ITSystem-Create mutations

This was done since ex AAK needs to use their own UUIDs and we are migrating them to use GraphQL instead of using the LOS importer

Test improvements#

[#54774] fixed gql test test_itsystem_create_mocked - Mock now gets called with a UUID arg

after re-introducing pre-defined UUIDs on create for classes and itsystems, we now invoke oio_rest.db.create_or_import_object with the UUID arg, which was just left out before

22.4.1 (2023-06-20)#

Documentation#

graphql: [#55434] create upload_file mutator documentation
graphql: [#55434] add mutation delete warning documentation

Build improvements#

deps-dev: bump hypothesis from 6.79.0 to 6.79.1

Bumps hypothesis from 6.79.0 to 6.79.1. - Release notes - Commits

22.4.0 (2023-06-19)#

Features#

[#55093] introduce registrations endpoint

22.3.1 (2023-06-19)#

Build improvements#

deps-dev: bump hypothesis from 6.78.2 to 6.79.0

Bumps hypothesis from 6.78.2 to 6.79.0. - Release notes - Commits

22.3.0 (2023-06-19)#

Features#

graphql: [#55434] eliminate UUIDReturn

Documentation#

graphql: [#55434] rewrite org_unit_refresh documentation to strawberry.auto
graphql: [#55434] rewrite org_unit documentation to strawberry.auto
graphql: [#55434] rewrite manager documentation to strawberry.auto
graphql: [#55434] rewrite leave documentation to strawberry.auto
graphql: [#55434] rewrite kle documentation to strawberry.auto
graphql: [#55434] rewrite ituser documentation to strawberry.auto
graphql: [#55434] rewrite employee documentation to strawberry.auto
graphql: [#55434] rewrite itsystem documentation to strawberry.auto
graphql: [#55434] rewrite facet documentation to strawberry.auto
graphql: [#55434] rewrite engagement_association documentation to strawberry.auto
graphql: [#55434] rewrite class documentation to strawberry.auto
graphql: [#55434] rewrite engagement documentation to strawberry.auto
graphql: [#55434] rewrite association documentation to strawberry.auto
graphql: [#55434] rewrite address documentation to strawberry.auto
graphql: [#55434] create bitemporal documentation
graphql: [#55434] rework related_units documentation
graphql: [#55434] rewrite more documentation

22.2.8 (2023-06-15)#

Documentation#

graphql: [#55434] rewrite association documentation
graphql: [#55434] rework roles documentation
graphql: [#55434] rework health documentation
graphql: [#55434] rework file documentation
graphql: [#55434] fix bad limit formatting

Build improvements#

deps-dev: bump hypothesis from 6.76.0 to 6.78.2

Bumps hypothesis from 6.76.0 to 6.78.2. - Release notes - Commits

22.2.7 (2023-06-15)#

Documentation#

graphql: [#55434] document resolver arguments
graphql: [#55434] document resolver arguments
graphql: [#55434] spread cursor and limit-types
graphql: [#55434] rewrite documentation
graphql: [#55434] rework configuration documentation
graphql: [#55434] rework version documentation
graphql: [#55434] rework org documentation

Build improvements#

deps-dev: bump pre-commit from 3.3.2 to 3.3.3

Bumps pre-commit from 3.3.2 to 3.3.3. - Release notes - Changelog - Commits

Chores#

mypy: [#55434] fix mypy pre-commit issue

22.2.6 (2023-06-13)#

Bug Fixes#

[#55042] allow full access to admins

Backwards-compatible fix for !1594. Before OS2mo v21.12.0, the 'admin' role was checked directly in MO. After v21.12.0, the role was made into a composite role in keycloak, and as such handling of the 'admin' was removed from MO in favour of checking the specific roles individually. This is only a backwards-compatible change in the context of the whole stack, including the keycloak realm builder, which maintains these roles. Aarhus, however, manually manages their (our!) keycloak configuration, and as such the change is breaking in their environment.

22.2.5 (2023-06-13)#

Build improvements#

deps-dev: bump requests-mock from 1.10.0 to 1.11.0

Bumps requests-mock from 1.10.0 to 1.11.0. - Release notes - Commits

22.2.4 (2023-06-13)#

Build improvements#

deps: bump pydantic from 1.10.8 to 1.10.9

Bumps pydantic from 1.10.8 to 1.10.9. - Release notes - Changelog - Commits

22.2.3 (2023-06-13)#

Build improvements#

deps: bump sentry-sdk from 1.25.0 to 1.25.1

Bumps sentry-sdk from 1.25.0 to 1.25.1. - Release notes - Changelog - Commits

22.2.2 (2023-06-13)#

Build improvements#

deps: bump sqlalchemy from 2.0.15 to 2.0.16

Bumps sqlalchemy from 2.0.15 to 2.0.16. - Release notes - Changelog - Commits

22.2.1 (2023-06-13)#

Build improvements#

deps-dev: bump pytest from 7.3.1 to 7.3.2

22.2.0 (2023-06-13)#

Features#

graphql: [#55433] added extended error context

This commit adds a Strawberry GraphQL extension to provide fuller error messages when using GraphQL endpoints implemented atop Service API functionality.

It works by extracting exception context from the FastAPI HTTPException, providing the context as an error extension in GraphQL.

For instance calling the address_update mutator previously, while providing a new value but not prodiving address_type would yield:

{
  "data": null,
  "errors": [
    {
      "message": "ErrorCodes.V_MISSING_REQUIRED_VALUE",
      "locations": [
        {
          "line": 2,
          "column": 3
        }
      ],
      "path": [
        "address_update"
      ]
    }
  ]
}

While now it yields:

{
  "data": null,
  "errors": [
    {
      "message": "ErrorCodes.V_MISSING_REQUIRED_VALUE",
      "locations": [
        {
          "line": 2,
          "column": 3
        }
      ],
      "path": [
        "address_update"
      ],
      "extensions": {
        "error": true,
        "description": "Missing address_type",
        "status": 400,
        "error_key": "V_MISSING_REQUIRED_VALUE",
        "key": "address_type",
        "obj": {
          "uuid": "0071a6f6-41ab-4f45-a8c0-5de31168f094",
          "value": "1231",
          "validity": {
            "from": "2023-01-01",
            "to": null
          }
        }
      }
    }
  ]
}

Including the entire extended error context, such that the user is made aware of what they did wrong.

22.1.1 (2023-06-13)#

Bug Fixes#

[xxxxx] make manager_type and manager_level required, since they can't be created without

22.1.0 (2023-06-12)#

Features#

[#54468] GraphQL schema export through API instead of CLI

Chores#

[#54468] refactor graphql router

22.0.11 (2023-06-09)#

Bug Fixes#

[xxxxx] make employee-field at manager object optional (allow creating vacant manager-objects)

22.0.10 (2023-06-09)#

Build improvements#

deps: [security] bump cryptography from 40.0.2 to 41.0.0

22.0.9 (2023-06-08)#

Bug Fixes#

[xxxxx] fix manager responsibilities

Making the query:
managers {
    responsibilities {
      name
    }
}
returned an empty list, while:
managers {
    responsibility_uuids
}
returned a list of uuids, due to a typo.

22.0.8 (2023-06-05)#

Build improvements#

deps: bump strawberry-graphql from 0.180.1 to 0.180.5

Bumps strawberry-graphql from 0.180.1 to 0.180.5. - Release notes - Changelog - Commits

22.0.7 (2023-06-05)#

Build improvements#

deps: bump sentry-sdk from 1.24.0 to 1.25.0

Bumps sentry-sdk from 1.24.0 to 1.25.0. - Release notes - Changelog - Commits

22.0.6 (2023-06-05)#

Build improvements#

deps-dev: bump hypothesis from 6.75.9 to 6.76.0

Bumps hypothesis from 6.75.9 to 6.76.0. - Release notes - Commits

22.0.5 (2023-06-05)#

Bug Fixes#

[#56294] fix broken address class dropdowns after MO 18.17.0

This commit makes a change similar to OS2mo 22.0.4, but ensures that the fix is also applied to address classes, such as visibility and address type.

22.0.4 (2023-06-05)#

Bug Fixes#

[#56294] fix broken class dropdowns after MO 18.17.0

OS2mo 18.17.0 unintentionally broke the frontend, by having the facet children Service API endpoint (/o/{orgid}/f/{facet}/) return the published field in the JSON response.

While this was a minor change, it unintentionally broke the equality check that sets dropdowns to their existing value, thus leaving dropdowns unset.

This change ensures that the published field is always returned from all ServiceAPI endpoints, such that the equality check will once again be working as expected. The change does however depend on a corresponding frontend change which ensures that the published field is never stripped.

22.0.3 (2023-06-05)#

Bug Fixes#

[#56345] don't instrument in-flight requests

Do we really need it?

[#56345] don't collect static metrics on every request

22.0.2 (2023-06-02)#

Test improvements#

[#55760] incorporate test-databases feedback
[#55760] spawn multiple separate test-databases

Build improvements#

deps: bump strawberry-graphql from 0.178.1 to 0.180.1

Bumps strawberry-graphql from 0.178.1 to 0.180.1. - Release notes - Changelog - Commits

22.0.1 (2023-06-01)#

Test improvements#

[#55760] remove testing db module into test folder
[#55760] refactor test_organisation_unit.py
[#55760] rewrite lora integration unittest to pytest
[#55760] actually teardown testing db

Build improvements#

deps-dev: bump hypothesis from 6.75.6 to 6.75.9

Bumps hypothesis from 6.75.6 to 6.75.9. - Release notes - Commits

22.0.0 (2023-05-31)#

Test improvements#

[#55760] remove the LoRa testing API

This commit removes the LoRa testing API, that was previously available on /lora/testing if the testing_api environment variable was set to True.

BREAKING CHANGE:

As this commit removes a public facing interface it is a breaking change.

It is however our belief that noone uses this API and thus no migration path is provided.

[#55760] make the testing_db fixture session scoped
[#55760] remove sample_structures_minimal fixture
[#55760] remove sample_structures_minimal fixture

21.13.4 (2023-05-31)#

Documentation#

[#56069] Remove orgviewer from index

Test improvements#

[#55760] split test_employee to avoid loading sample_structure in test
[#55760] remove _mox_testing_api helper
[#55760] convert class-scoped fixtures to session scoped ones
[#55760] remove load_fixture_data_with_class_reset
[#55760] removed unused testing code
[#55760] rewrite test integratation association unittest to pytest
[#55760] rewrite test integratation employee rbac unittest to pytest
[#55760] rewrite test integratation owner unittest to pytest
[#55760] remove dead test code from integratation owner
[#55760] rewrite test integratation org-unit unittest to pytest
[#55760] rewrite test integratation association unittest to pytest
[#55760] rewrite test integratation org-unit unittest to pytest

Build improvements#

deps: bump strawberry-graphql from 0.178.0 to 0.178.1

Bumps strawberry-graphql from 0.178.0 to 0.178.1. - Release notes - Changelog - Commits

21.13.3 (2023-05-29)#

Chores#

deps-dev: bump hypothesis from 6.75.5 to 6.75.6

Bumps hypothesis from 6.75.5 to 6.75.6. - Release notes - Commits

21.13.2 (2023-05-27)#

Test improvements#

[#55760] rewrite test integratation rbac unittest to pytest

Chores#

deps-dev: bump hypothesis from 6.75.3 to 6.75.5

Bumps hypothesis from 6.75.3 to 6.75.5. - Release notes - Commits

21.13.1 (2023-05-26)#

Bug Fixes#

[#53725] cache graphql schema in shims

This makes all shims ~500ms faster.

Test improvements#

[#55760] rewrite test integratation manager unittest to pytest
[#55760] rewrite test integratation role unittest to pytest
[#55760] rewrite test integratation engagement unittest to pytest
[#55760] rewrite test integratation employee unittest to pytest
[#55760] rewrite test integration termination unittest to pytest

Chores#

[#53725] bump os2mo-init version

21.13.0 (2023-05-25)#

Features#

graphql: [#52443] emulate historical support for static entities

This commit introduces a new version of our GraphQL interface; GraphQL version 7, motivated by a breaking change to the response formats for the facet, class and itsystems data-types, ensuring that these top-level types now return formats akin to the rest of the data types in the interface ensuring uniformity across (bi-)temporal data-types.

The new response formats are available in version 7, while the old version is available in version 6 and all previous versions.

Please note that this change does not in fact implement (bi-)temporality for the mentioned data-types, but rather just adapt the interface in preparation of the future implementation of (bi-)temporality.

To migrate to the new schema, change all current GraphQL calls from version 6 (/graphql/v6) to version 7 (/graphql/v7) and modify queries for the mentioned data-types, from:
{
  facets {
    objects {
      user_key
    }
  }
}
to:
{
  facets {
    objects {
      current {
        user_key
      }
    }
  }
}
And modify the corresponding code that extract the data to strip the extra current wrapper object layer.

Test improvements#

[#55760] rewrite test integration termination unittest to pytest
[#55760] rewrite test lora unittest to pytest
[#55760] rewrite service org_units async unittest to pytest
[#55760] rewrite service org_units count unittest to pytest
[#55760] rewrite integration itsystem async write unittest to pytest
[#55760] rewrite integration itsystem write unittest to pytest
[#55760] rewrite integration itsystem read unittest to pytest

21.12.11 (2023-05-25)#

Build improvements#

deps-dev: bump pytest-cov from 4.0.0 to 4.1.0

Bumps pytest-cov from 4.0.0 to 4.1.0. - Release notes - Changelog - Commits

21.12.10 (2023-05-24)#

Bug Fixes#

[#56201] defer owner/user checking

Before, the Keycloak token would immediately be rejected if it had the 'owner' role, but didn't also supply a user uuid. This caused issues with the new Keycloak realm builder[1], as the 'admin' role was changed from being a role in OS2mo to a composite role directly in keycloak. Whereas the previous implementation supplied MO with a token containing the 'admin' role, the new realm builder sends a token containing all create_, delete_ etc. roles, including the 'owner' role. We allow tokens to have the 'owner' role, without also supplying a user UUID, until it is needed to verify ownership.

[1] https://git.magenta.dk/rammearkitektur/keycloak-realm-builder/-/merge_requests/66

21.12.9 (2023-05-24)#

Bug Fixes#

[#56049] make token-parsing work

21.12.8 (2023-05-24)#

Documentation#

Documentation: [#56060] Sort paths

Build improvements#

deps: bump pydantic from 1.10.7 to 1.10.8

21.12.7 (2023-05-23)#

Bug Fixes#

[#56049] properly log authentication exceptions
[#56049] properly log authentication exceptions

21.12.6 (2023-05-23)#

Build improvements#

deps: bump strawberry-graphql from 0.177.1 to 0.178.0

Bumps strawberry-graphql from 0.177.1 to 0.178.0. - Release notes - Changelog - Commits

21.12.5 (2023-05-23)#

Build improvements#

deps: bump alembic from 1.11.0 to 1.11.1

Bumps alembic from 1.11.0 to 1.11.1. - Release notes - Changelog - Commits

21.12.4 (2023-05-23)#

Build improvements#

deps: bump sentry-sdk from 1.23.0 to 1.23.1

Bumps sentry-sdk from 1.23.0 to 1.23.1. - Release notes - Changelog - Commits

21.12.3 (2023-05-23)#

Documentation#

graphql: [#55434] rework the GraphQL documentation

This commit reworks the GraphQL documentation such that it better reflects the current state of the GraphQL implementation in OS2mo, and to include a fuller documentation of the tooling around GraphQL.

It also introduced a migration guide to help integration developers migrate their GraphQL use from older versions to newer versions.

Build improvements#

deps-dev: bump pre-commit from 3.3.1 to 3.3.2

Bumps pre-commit from 3.3.1 to 3.3.2. - Release notes - Changelog - Commits

21.12.2 (2023-05-23)#

Test improvements#

[#56141] added employee autocomplete v2 test to verify GraphQL part
[#56141] added orgunit autocomplete v2 test to verify GraphQL part

the test was added, since other tests uses 'xfail' decorator, due to our new SQLAlchemy models not working with the way we run and reset our test db, when running in parralel (the tests works fine isolated alone)

Build improvements#

deps: bump sqlalchemy from 2.0.13 to 2.0.15

Bumps sqlalchemy from 2.0.13 to 2.0.15. - Release notes - Changelog - Commits

21.12.1 (2023-05-17)#

Documentation#

[#56060] Add remaining docs for managersync

Build improvements#

deps: bump strawberry-graphql from 0.176.3 to 0.177.1

21.12.0 (2023-05-17)#

Features#

graphql: [#56049] added mutator roles

This commit adds create, update, terminate, delete and refresh role checks to the appropriate mutators, replacing the previous admin role check that was protecting all mutators before.

As such the admin role is no longer special with regards to GraphQL mutators, but rather it is just a composite role, which happens to contain all of the direct low-level roles.

This change is intended to be entirely non breaking, as the admin role should already contain all the direct low-level roles as its composites.

graphql: [#56049] added mutator roles

This commit adds create, update, terminate, delete and refresh role checks to the appropriate mutators, replacing the previous admin role check that was protecting all mutators before.

As such the admin role is no longer special with regards to GraphQL mutators, but rather it is just a composite role, which happens to contain all of the direct low-level roles.

This change is intended to be entirely non breaking, as the admin role should already contain all the direct low-level roles as its composites.

Documentation#

[#56060] Add more images
[#56060] New directory for images for os2mo manager sync

Code Refactor#

graphql: [#56049] refactor read roles

This commit refactors how reading permissions are implemented, turning our gen_read_permission function into a more generic gen_permission function, implementing the old behavior simply as a partial function application, preseeded with the read prefix. Additionally the signature of the gen_permission function is now stronger typed, taking in Literals instead of just plain strings, thus ensuring better developer productivity and IDE support.

21.11.3 (2023-05-16)#

Build improvements#

deps: bump sentry-sdk from 1.22.2 to 1.23.0

Bumps sentry-sdk from 1.22.2 to 1.23.0. - Release notes - Changelog - Commits

21.11.2 (2023-05-16)#

Build improvements#

deps: bump alembic from 1.10.4 to 1.11.0

21.11.1 (2023-05-16)#

Bug Fixes#

[#55985] hotfix which skips invalid employee autocomplete v2 attrs

employee autocomplete v2 attrs was found by the assumtion that assoications always had a association_type. Apperently we have data on AAK test, that does not follow this standard. This hotfix then skips these attrs, so autocomplete still works

21.11.0 (2023-05-16)#

Features#

graphql: [#55976] added facet_update mutator

This change introduces the facet_update mutator used to update facets. The mutator takes two arguments, the UUID of the facet to update and a FacetUpdateInput, which is currently identical to the FacetCreateInput.

The update endpoint cannot be used to create new facets, it can only be used to update or reactivate existing facets.

In order to update a facet using this mutator, simply call it like below:
mutation UpdateFacet {
  facet_update(
    uuid: "e75f74f5-cbc4-4661-b9f4-e6a9e05abb2d",
    input: {
      user_key: "EmployeeAddressType"
    }
  ) {
    uuid
  }
}
After this call the facet will now have the specified data.

21.10.0 (2023-05-16)#

Features#

graphql: [#55978] reimplement facet create mutator

This change introduces a new version of our GraphQL interface; GraphQL version 6, motivated by breaking change to the facet_create mutator. The new facet_create mutator is available in version 6, while the old version is available in version 5.

In version 5 the facet_create-mutator is implemented atop the RADataModel's LoraFacet and calls LoRa through the intern ASGI app. However in version 6 the mutator is instead implemented as a very thin translation directly atop LoRas create_or_import_object function.

Although this change was planned to be a pure refactoring, several issues were identified during the refactoring, eventually leading to the refactoring becoming a breaking change motivating the new version of the GraphQL interface.

These issues are listed below, from the following motivating mutation:
mutation CreateFacet {
  facet_create(input: {
    type: "facet"
    uuid: "00000000-fee1-baad-fa11-dead2badc0de"
    user_key: "EmployeeAddressType"
    org_uuid: "3b866d97-0b1f-48e0-8078-686d96f430b3"
    parent_uuid: "182df2a8-2594-4a3f-9103-a9894d5e0c36"
  }) {
    uuid
  }
}
This mutation call is valid in version 5, but has several issues:

type is an optional argument that shall always have its value set to: facet. Setting it to any other value will break invariants in the underlying code leading to undefined behavior. The argument has the default value of facet and as such the issue only arises if the caller explicitly sends a different value. The argument has however been removed entirely in version 6, as it is leaking implementation-specific details and should never have been exposed.

uuid is an optional argument used for explicitly setting the UUID to be assigned to the newly created facet. We generally prefer entities to have randomly generated UUIDs instead of predetermined ones to avoid issues such as UUID conflicts. The argument has the default of using randomly generated UUIDs. The argument has been been removed entirely in version 6, opting to instead always generate random UUIDs for newly created facets.

org_uuid is a required argument that shall always have its value set to the root organisation's UUID. Setting it to any other value will break invariants in the underlying code leading to undefined behavior. The argument does not have a default value, and as such the caller has to look up the UUID of the root organisation whenever they want to create a new facet. The argument has been removed entirely in version 6, as it is leaking implementation-specific details and should never have been exposed.

parent_uuid is an optional argument, which was supposed to set the facet's parent relation to the UUID provided, however in version 5 it does nothing whatsoever, and is a completely ignored. The argument has been removed entirely in version 6, as having dead code exposed in the interface is an anti-pattern. The argument may be reintroduced in the future, but in a functional way.

Thus in version 6 the above motivation mutation would now look like the following instead:
mutation CreateFacet {
  facet_create(input: {
    user_key: "EmployeeAddressType"
  }) {
    uuid
  }
}
Vastly simplifying the interface and avoiding the predetermined, non-random UUID anti-pattern.

To migrate from GraphQL version 6, simply stop sending type, uuid org_uuid and facet_parent with your queries. If you happen to "need" to set the uuid please get in contact so we can discuss potential solutions.

21.9.1 (2023-05-16)#

Bug Fixes#

[#55985] hotfix to force orgunit & employee autocomplete v2 to use graphql-v4

Test improvements#

oio_rest: [#55973] rework unittest to pytest

21.9.0 (2023-05-15)#

Features#

graphql: [#55760] upgrade strawberry and add sentry tracing

This commit upgrades Strawberry to version 0.177.0 which introduces an extension for SentryTracing. As we are already using Sentry, we have decided to enable this extension along with the upgrade.

21.8.1 (2023-05-15)#

Build improvements#

deps-dev: bump hypothesis from 6.75.2 to 6.75.3

Bumps hypothesis from 6.75.2 to 6.75.3. - Release notes - Commits

21.8.0 (2023-05-15)#

Features#

[#55985] created employee autocomplete v2 (new) test to verify search by itsystem
[#55985] two tests for employee autocomplete v2 (new) to verify search by name and email
[#55985] created integration test for employee autocomplete v2 new structure for uuid hits
[#55985] created utility 'is_detail_unpublished' to verify if details have been unpublished

we then use this new utility in the 'mora.service.autocomplete' module

Bug Fixes#

[#55985] employee autocomplete v2 (new) now parses addr URNs in a better way

we could not just simply apply util.urnquote() on the search string, but had to analyze if the string is a valid UUID or EMAIL, and if so, the search string needs to be handled in a custom way

[#55985] fixed autocomplete v2 orgunit tests after path-change, which now comes from GraphQL
[#55985] fixed the utility query_to_search_phrase to wrap regex as '^{regex}$'

we didnt use start and end of line symbols before, which cause some UUIDs to be treated as 'only digits, spaces and separators'

[#55985] employee autocomplete v2 new structure can now match on addrs and itsystems
[#55985] employee autocomplete v2 new structure can search by name

i also added the query part for the time-machine date (called 'at') for both name and uuid hits

[#55985] employee autocomplete v2 can now use new structure and can match on UUID
[#55985] moved autocomplete service to its own module

For easier separation of orgunit and employee autocomplete code.

21.7.0 (2023-05-12)#

Features#

graphql: [#55760] update org_unit shim to GraphQL version 5
graphql: [#55760] update org shim to GraphQL version 5
graphql: [#55760] update it_systems shim to GraphQL version 5
graphql: [#55760] update insight shim to GraphQL version 5
graphql: [#55760] update facet shim to GraphQL version 5
graphql: [#55760] update exports shim to GraphQL version 5
graphql: [#55760] update employee shim to GraphQL version 5
graphql: [#55760] update configuration shim to GraphQL version 5
graphql: [#55760] update address shim to GraphQL version 5
graphql: [#55760] update role test to GraphQL version 5
graphql: [#55760] update get_uuids to GraphQL version 5
graphql: [#55760] remove cursor from v4 and offset from v5

This commit removes the cursor argument from GraphQL version 4 and the offset parameter from GraphQL version 5, as GraphQL version 4 did indexed-based pagination while GraphQL version 5 does cursor-based pagination and as we do not want to mix the two styles.

An offset to cursor translation layer has been implemented in the GraphQL version 4 implementation, such that the latest version / GraphQL version 5 only has to support cursor-based pagination, this is done using insider information on the format of the cursors.

graphql: [#55760] introduce pagination

This change introduces a new version of our GraphQL interface; GraphQL version 5, motivated by a major breaking change restructuring to our entire top-level reading schema, made in order to introduce pagination for all multi-element data-types.

The pagination is implemented via cursor-based pagination, for more details check: https://strawberry.rocks/docs/guides/pagination/cursor-based

The old non-paginated reading schema is still available in version 4 and all other previous versions.

In version 4 and previous versions querying high element count data-types had a tendency to timeout due to the sheer number of elements which had to be fetched and transformed from the database. The timeout issue could even occur on low element count data-types given sufficiently complex queries.

Various workarounds and hacks was being employed to work around this issue, such as implementing pagination for complex queries client side, by initially only requesting the UUIDs of elements in the first query, and then sending a sequence of complex queries each with a subset of the UUIDs returned by the initial query.

It is our hope that the new paginated version of the reading schema will eliminate the need for such workarounds, thus allowing the caller to specify their query with exactly the data that they need and desire, choosing a pagination limit that allows the query to return within the timeout limit.

To migrate to the new paginated schema, without actually utilizing the pagination simply change all current GraphQL calls from version 4 (/graphql/v4) to version 5 (/graphql/v5), and modify your call from:
{
  employees {
    uuid
    objects {
      givenname
    }
  }
}
to:
{
  employees {
    objects {
      uuid
      objects {
        givenname
      }
    }
  }
}
And modify the code that extracts the data from:
result = client.execute(query)
employees = result["employees"]
to:
result = client.execute(query)
employees = result["employees"]["objects"]
To actually utilize the pagination a little more work must be put in. First the above query must be parameterized, as such:
query PaginatedEmployees($cursor: Cursor) {
  employees(limit: 2, cursor: $cursor) {
    objects {
      uuid
      objects {
        user_key
      }
    }
    page_info {
      next_cursor
    }
  }
}
Requesting 2 employees in the response via the limit parameter, yielding a response alike this:
{
  "data": {
    "employees": {
      "objects": [
        ...  # 2 employee objects here
      ],
      "page_info": {
        "next_cursor": "Mg=="
      }
    }
  }
}
Now as the implementation is cursor-based, to fetch the next two employees we must provide the value from next_cursor ("Mg==") in the cursor argument of our query in the next iteration, repeating for each iteration until the next_cursor becomes null at which point the data has been exhausted and all data entries have been iterated through.

Test improvements#

graphql: [#55760] added pagination test for GraphQL version 5
graphql: [#55760] added pagination test for GraphQL version 4
graphql: [#55760] update graphapi_reads test to GraphQL version 5
graphql: [#55760] update service_exports test to GraphQL version 5
graphql: [#55760] update dangling foreign key test to GraphQL version 5
graphql: [#55760] update seed resolver test to GraphQL version 5
graphql: [#55760] update related unit test to GraphQL version 5
graphql: [#55760] update rbac test to GraphQL version 5
graphql: [#55760] update pagination test to GraphQL version 5
graphql: [#55760] update organisation unit test to GraphQL version 5
graphql: [#55760] update middleware test to GraphQL version 5
graphql: [#55760] update manager test to GraphQL version 5
graphql: [#55760] update leave test to GraphQL version 5
graphql: [#55760] update kles test to GraphQL version 5
graphql: [#55760] update ituser test to GraphQL version 5
graphql: [#55760] update itsystem test to GraphQL version 5
graphql: [#55760] update facet test to GraphQL version 5
graphql: [#55760] update engagement test to GraphQL version 5
graphql: [#55760] update employee test to GraphQL version 5
graphql: [#55760] update delete test to GraphQL version 5
graphql: [#55760] update current test to GraphQL version 5
graphql: [#55760] update class test to GraphQL version 5
graphql: [#55760] update association test to GraphQL version 5
graphql: [#55760] update address test to GraphQL version 5

Code Refactor#

graphql: [#55760] move single object fields together

This commit moves the org and version GraphQL top-level fields to the bottom of the query object. This is purely a cosmetic change to the code, and should not affect anyone.

Chores#

graphql: [#55760] introduce version 5

This commit introduces the skeleton for GraphQL version 5 in preparation of the introduction of pagination. GraphQL Version 4 is setup to contain a full copy of the query schema since the introduction of pagination will modify the entire top-level reading schema.

[#55760] remove redundant healthcheck code

21.6.4 (2023-05-12)#

Code Refactor#

graphql: [#55760] restructure GraphQL versioning

This change refactors the GraphQL versioning code such that each version inherits from the following version instead of versions inheriting from the latest version.

The change has been made to try reduce the chance of bugs being introduced in the future.

Build improvements#

deps: bump sqlalchemy from 2.0.12 to 2.0.13

Bumps sqlalchemy from 2.0.12 to 2.0.13. - Release notes - Changelog - Commits

dev-deps: [#55760] fix commitizen dependency

21.6.3 (2023-05-10)#

Bug Fixes#

set keep-alive time for [uvi|guni]corn

Code Refactor#

[#55090] cleaner implementation of orgunit autocomplete _gql_get_orgunit_path

21.6.2 (2023-05-09)#

Bug Fixes#

[#55090] generate orgunit autocomplete 'path' through GraphQL

Code Refactor#

[#55090] generate orgunit autocomplete 'path' through GraphQL

21.6.1 (2023-05-08)#

Build improvements#

deps: bump sentry-sdk from 1.22.1 to 1.22.2

21.6.0 (2023-05-08)#

Features#

graphql: [#55975] added class_update mutator

This change introduces the class_update mutator used to update classes. The mutator takes two arguments, the UUID of the class to update and a ClassUpdateInput, which is currently identical to the ClassCreateInput.

The update endpoint cannot be used to create new classes, it can only be used to update or reactivate existing classes.

In order to update a class using this mutator, simply call it like below:
mutation UpdateClass {
  class_update(
    uuid: "e75f74f5-cbc4-4661-b9f4-e6a9e05abb2d",
    input: {
      name: "Postal Address",
      user_key: "AdressePostEmployee",
      facet_uuid: "5b3a55b1-958c-416e-9054-606b2c9e4fcd"
    }
  ) {
    uuid
  }
}
After this call the class will now have the specified data.

21.5.2 (2023-05-08)#

Bug Fixes#

[#55128] add addresses to error messages

21.5.1 (2023-05-08)#

Bug Fixes#

[#55972] dar health falsely timed out, upped timeout

Test improvements#

[#55975] rewrite endpoint uniqueness test

This change rewrites test_ensure_endpoint_function_names_are_unique from including and thereby instancing our top-level uvicorn app, to instead using the test_app fixture.

Chores#

[#55975] change gunicorn / uvicorn initialization to application factory

This commit changes our gunicorn / uvicorn initialization to use the application factory pattern via the create_app function, instead of having a main.py file, with the sole purpose of importing and calling the create_app function.

The application factory pattern is preferable as it forces users of the application to consider the lifecycle of the application they create and as it decentivize the anti-pattern of using global variables.

21.5.0 (2023-05-08)#

Features#

graphql: [#55973] added facet_delete mutator

This change introduces the facet_delete mutator used to do bitemporal deletion, this mutator behaves similarly to the class_delete mutator introduced in OS2mo 21.4.0, but for facets instead of classes, so please check out the changelog for release for details.

Test improvements#

oio_rest: [#55973] removed unnecessary and flaky test

This change removes the test_build_registration_dokument testcase, as it is a flaky and unnecessary test. The flakiness occured as a result of the partial removal of the dokument data type from LoRa in version 3.0.0, and has been sporadically failing ever since.

As the dokument data type has mostly been removed, removing this test should not negatively affect anyone.

21.4.0 (2023-05-08)#

Features#

graphql: [#55963] added class_delete mutator

This change introduces the class_delete mutator used to do bitemporal deletion, not to be confused with class_terminate which does temporal 'deletion', aka terminates the validity for a class by a given date.

As this mutator works on the bitemporal time-axis, it should only be used by clients that fully understand the underlying bitemporal model, including how a bitemporal delete affects the registration history.

In order to do bitemporal deletion using this mutator, simply call it with a UUID like below:
mutation DeleteClass {
  class_delete(uuid: "4e337d8e-1fd2-4449-8110-e0c8a22958ed") {
    uuid
  }
}
After this call the class will no longer show up in any temporal listing. Do note that doing bitemporal deletions on entities that are referenced will leave dangling references to the class potentially breaking invariants in the data.

It is currently the callers responsibility to ensure that references are dealt with before doing bitemporal deletions.

21.3.0 (2023-05-06)#

Features#

graphql: [#55893] reimplement class mutator

This change introduces a new version of our GraphQL interface; GraphQL version 4, motivated by breaking change to the class_create mutator. The new class_create mutator is available in version 4, while the old version is available in version 3.

In version 3 the class_create-mutator is implemented atop the ClassRequestHandler and thus atop the entire Service API to LoRa translation layer. However in version 4 the mutator is instead implemented as a very thin translation directly atop LoRas create_or_import_object function.

Although this change was planned to be a pure refactoring, several issues were identified during the refactoring, eventually leading to the refactoring becoming a breaking change motivating the new version of the GraphQL interface.

These issues are listed below, from the following motivating mutation:
mutation CreateClass {
  class_create(input: {
    type: "class"
    uuid: "00000000-fee1-baad-fa11-dead2badc0de"
    name: "Office Number"
    user_key: "EmployeeOfficeNumber"
    scope:"TEXT"
    facet_uuid: "5b3a55b1-958c-416e-9054-606b2c9e4fcd"
    org_uuid: "3b866d97-0b1f-48e0-8078-686d96f430b3"
  }) {
    uuid
  }
}
This mutation call is valid in version 3, but has several issues:

type is an optional argument that shall always have its value set to: class. Setting it to any other value will break invariants in the underlying code leading to undefined behavior. The argument has the default value of class and as such the issue only arises if the caller explicitly sends a different value. The argument has however been removed entirely in version 4, as it is leaking implementation-specific details and should never have been exposed.

uuid is an optional argument used for explicitly setting the UUID to be assigned to the newly created class. We generally prefer entities to have randomly generated UUIDs instead of predetermined ones to avoid issues such as UUID conflicts. The argument has the default of using randomly generated UUIDs. The argument has been been removed entirely in version 4, opting to instead always generate random UUIDs for newly created classes.

org_uuid is a required argument that shall always have its value set to the root organisation's UUID. Setting it to any other value will break invariants in the underlying code leading to undefined behavior. The argument does not have a default value, and as such the caller has to look up the UUID of the root organisation whenever they want to create a new class. The argument has been removed entirely in version 4, as it is leaking implementation-specific details and should never have been exposed.

Thus in version 4 the above motivation mutation would now look like the following instead:
mutation CreateClass {
  class_create(input: {
    name: "Office Number"
    user_key: "EmployeeOfficeNumber"
    scope:"TEXT"
    facet_uuid: "5b3a55b1-958c-416e-9054-606b2c9e4fcd"
  }) {
    uuid
  }
}
Vastly simplifying the interface and avoiding the predetermined, non-random UUID anti-pattern.

To migrate from GraphQL version 3, simply stop sending type, uuid and org_uuid with your queries. If you happen to "need" to set the uuid please get in contact so we can discuss potential solutions.

Chores#

deps: [#55893] run poetry update

Ran poetry update for both os2mo and ramodels to resolve build issues in CI.

21.2.5 (2023-05-04)#

Build improvements#

deps-dev: bump pre-commit from 3.2.2 to 3.3.1

Bumps pre-commit from 3.2.2 to 3.3.1. - Release notes - Changelog - Commits

21.2.4 (2023-05-04)#

Build improvements#

deps: bump strawberry-graphql from 0.176.1 to 0.176.3

Bumps strawberry-graphql from 0.176.1 to 0.176.3. - Release notes - Changelog - Commits

21.2.3 (2023-05-03)#

Build improvements#

deps: bump strawberry-graphql from 0.176.0 to 0.176.1

Bumps strawberry-graphql from 0.176.0 to 0.176.1. - Release notes - Changelog - Commits

CI improvements#

[#54556] Utilise changes patterns in GitLab CI

21.2.2 (2023-05-02)#

Build improvements#

deps: bump strawberry-graphql from 0.175.1 to 0.176.0

Bumps strawberry-graphql from 0.175.1 to 0.176.0. - Release notes - Changelog - Commits

21.2.1 (2023-05-02)#

Documentation#

changelog: [#55893] rework old changelog

This change reworks the old changelog such that it is more in line with the dynamically generated after OS2mo version 12.11.1.

OS2mo has gone through a lot of different release management paradigms, and by extension a lot of different ways to generate our changelog.

Roughly 4 different paradigms have been in play:

Before version 0.9.0

At this stage release management was an entirely manual process and no changelog was being maintained, as such no changelog exists from OS2mo releases prior to version 0.9.0 and the best place to look for a changelog is probably the commit history, although no convention was in place for that either, so the commit history at this change is of doubtful quality.

From version 0.9.0 to version 1.18.1

At this stage release management was still an entirely manual process, however a changelog was manually kept and maintained, and as such all versions from 0.9.0 have entries in the changelog.

From version 2.0.0 to version 12.11.1

At this stage release management became systematized by utilizing autopub as our release management software, automation and convention, and as such all releases from version 2.0.0 have entries in the changelog albeit with a different format from version before version 2.0.0.

This change was motivated by the need for release automation and the prospect of removing the release manager role from our team.

After version 12.11.1

At this stage release management was changed from autopub to the vastly more popular semantic-release, with our changelog being generated by commitizen.

This change was motivated by our transition to conventional commits as our commit message convention, in part itself motivated by the much better off-the-shelf tooling available using a known convention. Additionally we were motivated by the prospect of enabling merge-trains to ease and improve developer productivity by side-stepping the issue of continuously having to rebase ones merge-request in an attempt to get it merged.

Build improvements#

deps-dev: [#55893] upgrade commitizen

21.2.0 (2023-05-01)#

Features#

[#49791] created test to verify autocomplete_v2 legacy logic is being invoked correctly
[#49791] created integration test for autocomplete_v2 to verify address renames

The issue #49791 had the issue we displayed the old value of the address / BVN value, this integration test verifies this is not the case anymore

[#49791] added app.state.sessionmaker to admin_client fixture to enable sqlalchemy
[#49791] added debug logs telling if autocomplete_v2 uses new or legacy logic
[#49791] created multiple integration tests for autocomplete_v2
[#49791] created first integration test for new autocomplete_v2 logic

It verifies we can search for a custom addr-attribute through the autocomplete_v2 endpoint

[#49791] created new test data for autocomplete_v2

Also fixed existing tests after adding new test data, so they dont fail. We have a lot of tests which do counts on our test data

[#49791] updated autocomplete_v2 endpoint to use new sqlalchemy models + graphql

NOTE: new logic is only active if confdb_autocomplete_v2_use_legacy=False

[#49791] created new structure for autocomplete_v2 endpoint

If feature flag 'confdb_autocomplete_v2_use_legacy' have been set, the endpoint will use the new logic, which will currently just return emtpy lists

[#49791] changed sqlalchemy Literal to sqlalchemy.Enum for orgunit_rel_code + orgfunc_rel_code
[#49791] created new feature flag for autocomplete_v2 updated sqlalchemy models + graphql

Bug Fixes#

[#49791] at-date is now a bound variable instead of being used directly in the SQL

It was not possible to do SQL injections based on the way the sql was made, but now we are sure

21.1.1 (2023-05-01)#

Bug Fixes#

[#XXXXX] Rename AD guide properly for Viborg
[#XXXXX] Add new AD guide for Viborg

21.1.0 (2023-05-01)#

Features#

auth: [#52129] support legacy sessions via environmental variables

OS2mo used to have a flask-based homebrewed SAML single sign-on solution implemented using a backing Postgres database. This homebrewed solution was retired in OS2mo 2.0.0 as Keycloak was added as backing service to manage authentification and SAML single sign-on.

To ease the transition to Keycloak, the backing database was kept around along with a new legacy session support system. This system exists till today and works by checking legacy authentification headers against the old backing database, allowing access if any of the old SAML-tokens are used.

As most users have migrated to Keycloak the use of this database has become mostly obsolete, and only very few session tokens are still in use.

This change introduces a new environmental variable:

os2mo_legacy_sessions

Which when configured using a JSON-list of UUIDs replace the session database as the source of legacy session tokens to check against when using the legacy authentification backend. The goal of introducing this change is to eliminate the backing sessions database in favor of the new environmental variable before eliminating the legacy authentification system in its entirety.

21.0.12 (2023-05-01)#

Build improvements#

deps: bump strawberry-graphql from 0.174.0 to 0.175.1

21.0.11 (2023-05-01)#

Build improvements#

deps-dev: bump hypothesis from 6.74.1 to 6.75.1

Bumps hypothesis from 6.74.1 to 6.75.1. - Release notes - Commits

21.0.10 (2023-05-01)#

Build improvements#

deps: bump sqlalchemy from 2.0.11 to 2.0.12

Bumps sqlalchemy from 2.0.11 to 2.0.12. - Release notes - Changelog - Commits

21.0.9 (2023-04-30)#

Build improvements#

deps: bump sentry-sdk from 1.21.0 to 1.21.1

Bumps sentry-sdk from 1.21.0 to 1.21.1. - Release notes - Changelog - Commits

21.0.8 (2023-04-28)#

Bug Fixes#

graphql: [#53506] workaround for dangling foreign keys

OS2mo 18.22.0 unintentionally broke the optional list fields in the GraphQL interface, whenever the underlying fields in the database were containing dangling foreign key references.

The field was broken accidentally by the assumption that there was no dangling foreign keys in the database, and that dangling foreign keys were indeed disallowed by the database itself, however as this assumption was untrue, the code based on the assumption introduced a breaking behavior.

This change does not resolve the underlying dangling foreign key issue, but rather it simply ensures that dangling foreign key references are handled in a similar way to how they were handled before OS2mo 18.22.0, such that the unintentional breaking changes is fixed.

A test is also included to document the current behavior in the presence of dangling foreign keys, and it has been validated that the behavior of the GraphQL interface is now as it was before OS2mo 18.22.0, or in other words, that the breaking change only occurs between OS2mo 18.22.0 and the release containing this commit.

In the future the dangling foreign key reference issue should be resolved on the database layer, but it is in itself a separate issue from the resolver reuse introducing a breaking change, and as such, out of scope for this fix.

Test improvements#

graphql: [#53506] prove dangling foreign key issue

This commit introduces a test to prove that we have dangling pointer issues in OS2mo, and to prove that an unintention breaking change was introduced in OS2mo 18.22.0.

21.0.7 (2023-04-28)#

Build improvements#

deps-dev: bump hypothesis from 6.74.0 to 6.74.1

21.0.6 (2023-04-28)#

Build improvements#

deps: bump uvicorn from 0.21.1 to 0.22.0

CI improvements#

dependabot: [#52761] allow 100 dependabot MRs

Before this change dependabot would only create up to 5 simultaneously open MRs, however only getting 5 when there would potentially be 25, hides the problem of our old dependencies. We would much rather be flooded by MRs and know we have a problem, than not be flooded and thus be unaware of the issue.

21.0.5 (2023-04-28)#

Build improvements#

deps: bump sqlalchemy from 2.0.10 to 2.0.11

21.0.4 (2023-04-28)#

Build improvements#

deps: bump sqlalchemy-utils from 0.41.0 to 0.41.1

Bumps sqlalchemy-utils from 0.41.0 to 0.41.1. - Release notes - Changelog - Commits

21.0.3 (2023-04-27)#

Build improvements#

deps: bump strawberry-graphql from 0.171.3 to 0.174.0

21.0.2 (2023-04-27)#

Build improvements#

deps-dev: bump asgi-lifespan from 1.0.1 to 2.1.0

Bumps asgi-lifespan from 1.0.1 to 2.1.0. - Release notes - Changelog - Commits

21.0.1 (2023-04-27)#

Build improvements#

deps-dev: bump hypothesis from 6.72.4 to 6.74.0

Bumps hypothesis from 6.72.4 to 6.74.0. - Release notes - Commits

21.0.0 (2023-04-26)#

Bug Fixes#

graphql: [#55433] fix broken GraphiQL auth and deprecations

OS2mo 20.1.1 upgraded our strawberry-graphql from version 0.137.1 to 0.171.3, and included various changes to our codebase to ensure that the test-suite kept passing with the newer versions of GraphQL. However the test coverage seems to have been insufficient as the upgrade unintentionally broke our custom Javascript injections into GraphiQL, thus removing the custom Javascript code responsible for deprecation notices on older GraphQL versions and for redirecting the user to Keycloak for authentification.

This change introduces a new test-case, which ensures that our custom Javascript is indeed injected when we expect it to be, and additionally introduces a change to ensure that the injection does in fact happen again.

The issue arose from a vaguely documented breaking change in the FastAPI integrations interface in Strawberry. The Strawberry version that broke our GraphiQL injections was 0.169.0, and contained the following breaking change notice:

Unfortunately, this release does contain some breaking changes, but they are minimal and should be quick to fix.

Flask get_root_value and get_context now receive the request

Sanic get_root_value now receives the request and it is async

When reading the changelog it seemed like the breaking changes were the ones listed, and thus not related to us, as we use the FastAPI integration, rather than the Flask or Sanic integration, however a breaking change for FastAPI was also included, although very poorly documented. As highlighted by Github user kkroening on the related Pull Request on Github:

A couple of other subtle breaking changes (AFAICT) with strawberry.fastapi.GraphQLRouter:

Removal of get_graphiql_response

Use of GraphQLRouter.get_graphiql_response() must be changed to GraphQLRouter.render_graphiql(response). ...

However as this was not part of the changelog, it was not fixed during the initial upgrade.

20.1.14 (2023-04-26)#

Build improvements#

deps: bump sentry-sdk from 1.20.0 to 1.21.0

Bumps sentry-sdk from 1.20.0 to 1.21.0. - Release notes - Changelog - Commits

20.1.13 (2023-04-26)#

Build improvements#

deps-dev: bump hypothesis from 6.72.2 to 6.72.4

Bumps hypothesis from 6.72.2 to 6.72.4. - Release notes - Commits

20.1.12 (2023-04-25)#

Bug Fixes#

[#53650] Return the CPR verbatim, as supplied by frontend
[#53650] Don't strip leading zeroes from day/month/year in cleaned CPR

20.1.11 (2023-04-25)#

Build improvements#

deps-dev: bump pre-commit from 2.21.0 to 3.2.2

Bumps pre-commit from 2.21.0 to 3.2.2. - Release notes - Changelog - Commits

20.1.10 (2023-04-25)#

Build improvements#

deps-dev: bump pytest-split from 0.8.0 to 0.8.1

20.1.9 (2023-04-25)#

Build improvements#

deps: bump alembic from 1.10.3 to 1.10.4

Bumps alembic from 1.10.3 to 1.10.4. - Release notes - Changelog - Commits

20.1.8 (2023-04-24)#

Build improvements#

deps-dev: bump hypothesis-graphql from 0.9.2 to 0.10.0

Bumps hypothesis-graphql from 0.9.2 to 0.10.0. - Release notes - Changelog - Commits

20.1.7 (2023-04-24)#

Build improvements#

deps-dev: bump hypothesis from 6.62.1 to 6.72.2

Bumps hypothesis from 6.62.1 to 6.72.2. - Release notes - Commits

20.1.6 (2023-04-24)#

Build improvements#

deps-dev: bump pytest-asyncio from 0.19.0 to 0.21.0

Bumps pytest-asyncio from 0.19.0 to 0.21.0. - Release notes - Commits

20.1.5 (2023-04-24)#

Build improvements#

deps: bump alembic from 1.10.3 to 1.10.4

Bumps alembic from 1.10.3 to 1.10.4. - Release notes - Changelog - Commits

20.1.4 (2023-04-24)#

Build improvements#

deps: bump sentry-sdk from 1.17.0 to 1.20.0

Bumps sentry-sdk from 1.17.0 to 1.20.0. - Release notes - Changelog - Commits

20.1.3 (2023-04-24)#

Build improvements#

deps-dev: bump pytest-cov from 3.0.0 to 4.0.0

Bumps pytest-cov from 3.0.0 to 4.0.0. - Release notes - Changelog - Commits

20.1.2 (2023-04-24)#

Build improvements#

deps: [security] bump cryptography from 39.0.0 to 39.0.1

Bumps cryptography from 39.0.0 to 39.0.1. This update includes security fixes. - Release notes - Changelog - Commits

20.1.1 (2023-04-24)#

Chores#

deps: bump strawberry-graphql from 0.137.1 to 0.171.3

Bumps strawberry-graphql from 0.137.1 to 0.171.3. - Release notes - Changelog - Commits

graphql: [#55433] upgrade strawberry-graphql to 0.160.0

The purpose of the upgrade is to get a newer version of strawberry.

The version is only pushed to 0.160.0 instead of all the way as 0.160.0 introduces an interface change for extensions, thus only updating to 0.16.0 ensures that the changeset for this change is limited in scope to only the necessary changes to support the new interface in our custom extensions.

graphql: [#55433] upgrade strawberry-graphql to 0.151.3

The main purpose of the upgrade is to enable upgrading to a newer version of FastAPI, as this may be important for security.

Additionally version 0.145.0 of strawberry contains a huge improvement (according to upstream) with regards to error handling, and thus a huge boost to developer productivity and happiness. Please check the strawberry changelog for further details.

20.1.0 (2023-04-24)#

Features#

graphql: [#52761] introduce itsystem_update mutator

20.0.1 (2023-04-24)#

Chores#

deps: bump sqlalchemy from 2.0.9 to 2.0.10

Bumps sqlalchemy from 2.0.9 to 2.0.10. - Release notes - Changelog - Commits

20.0.0 (2023-04-24)#

Chores#

graphql: [#55433] remove version 1 of GraphQL

BREAKING CHANGE: This change is a breaking change, although we expect no customers to be affected, as our metrics report no calls to the GraphQL version in the last 90 days.

If you do find yourself negatively affected by this change, please follow the below migration guide to migrate to version 2 of GraphQL.

Assuming a query alike:
query OrganisationUnitParentQuery {
  org_units(uuids: [$uuid]) {
    current {
      parent {
        uuid
      }
    }
  }
}
The result on version 1 of GraphQL would be:
{
  "data": {
    "org_units": [
      {
        "current": {
          "parent": [
            {
              "uuid": "2665d8e0-435b-5bb6-a550-f275692984ef"
            }
          ]
        }
      }
    ]
  }
}
While on version 2 of GraphQL the result would be:
{
  "data": {
    "org_units": [
      {
        "current": {
          "parent": {
            "uuid": "2665d8e0-435b-5bb6-a550-f275692984ef"
          }
        }
      }
    ]
  }
}
The difference is subtle, namely that parent used to return a single element list containing the parent object, while it now returns an optional parent object instead.

Thus to migrate from version 1 to version 2, simply remove whatever code that extracts the element from within the list, and use the element directly.

19.5.2 (2023-04-21)#

Bug Fixes#

[#55737] do not filter uuid and bvn if they are both empty

This fixes a bug where MO was trying to make the following change to LoRa:

{
    "note": "Rediger tilknytning",
    "tilstande": {
        ...
    },
    "relationer": {
        "tilknyttedeenheder": [{
            "uuid": "9634d0e0-e33f-4200-a600-000006280002"
            "virkning": {
                "from": "2022-05-31 22:00:00+00",
                "to": "2023-01-01T00:00:00+01:00",
                "from_included": True,
                "to_included": False
            },
        }],
        "tilknyttedefunktioner": [{
            "virkning": {
                "from": "2023-01-01T00:00:00+01:00",
                "to": "2023-06-30 22:00:00+00",
                "from_included": True,
                "to_included": False
            }
        }]
    }
}

Notice the missing uuid in tilknyttedefunktioner. The change does not conform to LoRa's JSON-schema:

Failed validating 'oneOf' in
schema['properties']['relationer']['properties']['tilknyttedefunktioner']['items']:
    {'oneOf': [{'additionalProperties': False,
                'properties': {'objekttype': {'type': 'string'},
                               'uuid': {'$ref': '#/definitions/uuid'},
                               'virkning': {'$ref': '#/definitions/virkning'}},
                'required': ['uuid', 'virkning'],
                'type': 'object'},
               {'additionalProperties': False,
                'properties': {'objekttype': {'type': 'string'},
                               'urn': {'$ref': '#/definitions/urn'},
                               'virkning': {'$ref': '#/definitions/virkning'}},
                'required': ['urn', 'virkning'],
                'type': 'object'},
               {'additionalProperties': False,
                'properties': {'urn': {'$ref': '#/definitions/empty_string'},
                               'uuid': {'$ref': '#/definitions/empty_string'},
                               'virkning': {'$ref': '#/definitions/virkning'}},
                'required': ['urn', 'uuid', 'virkning'],
                'type': 'object'}]}

On instance['relationer']['tilknyttedefunktioner'][0]:
    {'virkning': {'from': '2023-01-01T00:00:00+01:00',
                  'from_included': True,
                  'to': '2023-06-30 22:00:00+00',
                  'to_included': False}}

MO edits objects (in prepare_edit) by retrieving them from LoRa, applying some modification, and then writing the object back. In this case, the data returned by LoRa did not conform to its own schema:

{
  "id": "fd5d9561-6956-46a3-a2db-a209297ceb18",
  "registreringer": [{
        ...
      "attributter": {...},
      "tilstande": {...},
      "relationer": {
          ...
          "tilknyttedeenheder": [{
              "uuid": "f9cd7b97-46d1-4c00-9600-000008140002",
              "virkning": {
                  "from": "2023-02-28 23:00:00+00",
                  "to": "2023-06-30 22:00:00+00",
                  "from_included": true,
                  "to_included": false
              }
          }],
          "tilknyttedefunktioner": [{
              "virkning": {
                  "from": "2023-02-28 23:00:00+00",
                  "to": "2023-06-30 22:00:00+00",
                  "from_included": true,
                  "to_included": false
              }
          }]
      }
  }]
}

Again, notice the missing uuid in tilknyttedefunktioner.

This bug was probably introduced by filter_empty() in 089f2fd641cf50ed73af195a9cfc6082503aa600, which removes dict keys with falsy values, but largely ignored due to only being a problem when MO tries to write the data back to LoRa; there is no validation on the data returned by LoRa. 'relation_nul_til_mange' seems to be the only type using #/definitions/empty_string, so the solution - for now - is a shortsighted function which patches the empty dict keys back in for this specific case.

Chores#

[#55737] bump fixture-loader version

19.5.1 (2023-04-21)#

Bug Fixes#

graphql: [#53506] add missing permission class for mutators

This change adds a previously missing permission class to mutators, checking that the users are indeed authenticated, before checking whether they are authorized.

The change has no security implications as the authorization check implicitly also checks for authenticity as it needs the Keycloak token roles for the role based access control.

Thus the main purpose of the change is to clean-up the code, while also improving the usability of the GraphQL interface, by improving the error message when calling without proper authentication.

Calling without proper authentication before this change, would lead to the following response:
{
  "data": null,
  "errors": [
    {
      "message": "An unknown error occurred.",
      "locations": [
        {
          "line": 1,
          "column": 12
        }
      ],
      "path": [
        "ituser_create"
      ]
    }
  ]
}
While with this change, the response becomes:
{
  "data": null,
  "errors": [
    {
      "message": "Not authenticated",
      "locations": [
        {
          "line": 1,
          "column": 12
        }
      ],
      "path": [
        "ituser_create"
      ]
    }
  ]
}

19.5.0 (2023-04-21)#

Features#

[#53506] mutators return model responses

This change modifies and expands the mutator response type. Thus expanding the capability of the GraphQL interface.

The change is non-breaking and expands all non-static mutator replies to respond with Response-models alike how the top-level replies behave.

Previously an IT-user could created with a mutator alike this one:
mutation {
  ituser_create(
    input: {
      person: "0004b952-a513-430b-b696-8d393d7eb2bb",
      user_key: "Roark",
      itsystem: "a1608e69-c422-404f-a6cc-b873c50af111",
      validity: {from: "2023-01-01"}
    }
  ) {
    uuid
  }
}
With uuid being the only queryable field on the result, however with this change we can now query the return as-if we had fetched it using the top-level field:
mutation {
  ituser_create(
    input: {
      person: "0004b952-a513-430b-b696-8d393d7eb2bb",
      user_key: "Roark",
      itsystem: "a1608e69-c422-404f-a6cc-b873c50af111",
      validity: {from: "2023-01-01"}
    }
  ) {
    uuid
    current {
      employee {
        name
      }
    }
  }
}
Getting back data about the employee / person we pointed to using the UUID, by the reference on the resulting object:
{
  "data": {
    "ituser_create": {
      "uuid": "adad4ba8-80a5-442c-aa69-a7e818d20577",
      "current": {
        "employee": [
          {
            "name": "Howard Roark"
          }
        ]
      }
    }
  }
}

19.4.0 (2023-04-21)#

Features#

[#52859] fix ituser tests

Documentation#

changelog: [#53506] expand changelog

This commit changes how the changelog is generated.

Previously the changelog was generated using an upstream Jinja template, which conservatively did not include commit-messages such as the one you are reading right now in changelog, however as our application is open-source the commit-messages are publicly available anyway, and as such there is no harm in including them in the changelog.

Additionally the changelog now also includes a icon for commits that contain breaking changes.

The changelog Jinja template can be found in docs/changelog.md.j2.

19.3.0 (2023-04-20)#

Features#

[#55128] created integration test which verifies orgunits with addresses cannot be terminated
[#55128] added new termination exception for when trying to terminate org_units with addrs

Bug Fixes#

[#55128] updated existing tests after adding new test data for orgunit + addresses

Updated tests: - test_integration_org_unit.Tests.test_tree - test_integration_service.test_orgunit_search - graphapi.test_addresses.test_address_filters - graphapi.test_organisation_units.test_org_unit_parent_filter - graphapi.test_organisation_units.test_org_unit_hierarchy_filter - graphapi.test_pagination.test_pagination - shimmed.test_organisation.TestOrganisationEndpoints.test_get_organisation - shimmed.test_organisation.TestOrganisationEndpoints.test_get_children - shimmed.test_organisation.TestOrganisationEndpoints.test_get_children_with_counts

[#55128] fixed tests verifying rbac permission when terminating org_units

it's no longer allowed to terminate org_units with adresses. A new test org_unit without details was therefor needed.

19.2.0 (2023-04-19)#

Features#

[#53506] add support for reading the current object

This change exposes actual-state data via our GraphQL interface. Thus simplifying the use of our GraphQL interface.

The change is non-breaking and expands top-level replies with a new queryable field called current:
query {
  org_units(from_date: null, to_date: null) {
    uuid
    current {
      name
    }
    objects {
      name
      validity {
        from
        to
      }
    }
  }
}
Where a response might look like this:
{
  "data": {
    "org_units": [
      {
        "uuid": "1caba8d9-6b9f-506b-b845-9a8c4f5b8a03",
        "current": {
          "name": "Egtved børnehus"
        },
        "objects": [
          {
            "name": "Jordrup børnehave",
            "validity": {
              "from": "1960-01-01T00:00:00+01:00",
              "to": "2000-03-31T00:00:00+02:00"
            }
          },
          {
            "name": "Egtved børnehus",
            "validity": {
              "from": "2000-04-01T00:00:00+02:00",
              "to": "2049-12-31T00:00:00+01:00"
            }
          },
          {
            "name": "Kolding Daginstitution",
            "validity": {
              "from": "2050-01-01T00:00:00+01:00",
              "to": null
            }
          }
        ]
      }
    ]
  }
}
In objects we see the history of the kindergarten from its inception in January of 1960, through a journey of increased centralization becoming Egtved kindergarten and nursery in the 2000, before finally becoming Kolding daycare center in 2050.

This change simply adds the current field which returns the object entry that is active as of right now. The field might be null if none of the results in objects are active at query-time.

It is the goal in the future that the current field will always be set to the query-time value of the entity, irregardless of the values found in objects. This behavior will be introduced with a future restructuring of the schema.

19.1.0 (2023-04-19)#

Features#

[#53506] add support for reading registrations

This change exposes bitemporal registrations via our GraphQL interface. Thus expanding the capability of the GraphQL interface to answer queries, such as:

Was a given entity changed in a given time-frame?

When was a given entity last changed, and who changed it?

How frequently is a given entity changed?

What changes have a given user made in a given time-frame?

The change is non-breaking and expands top-level replies with a new queryable field called registrations:
query {
  org_units {
    uuid
    registrations {
      registration_id
      start
      end
      actor
    }
  }
}
Where a response might look like this:
{
  "data": {
    "org_units": [
      {
        "uuid": "1caba8d9-6b9f-506b-b845-9a8c4f5b8a03",
        "registrations": [
          {
            "registration_id": 241,
            "start": "2023-04-19T11:14:35.121135+02:00",
            "end": null,
            "actor": "42c432e8-9c4a-11e6-9f62-873cf34a735f"
          },
          {
            "registration_id": 239,
            "start": "2017-01-12T08:12:24.148346+02:00",
            "end": "2023-04-19T11:14:35.121135+02:00",
            "actor": "42c432e8-9c4a-11e6-9f62-873cf34a735f"
          }
        ]
      }
    ]
  }
}
To convey the information that the organisation unit was originally created on the 12th of January 2017, and then changed on the 19th of April 2023, to the state that it has now. Note that registrations do not concern themselves with the historical changes that occur to the organisation unit itself, only to when changes to that historical view was made.

19.0.0 (2023-04-18)#

Code Refactor#

[#50474] split up get_detail into multiple functions

This change splits the highly generic: /service/{type}/{id}/details/{function} endpoint, that previously took type (ou/e) and function (address, association, engagement, etc) and deconstructs it into 24 specific endpoints.

The purpose of this change is to get endpoint-specific metrics to allow us to determine which endpoints are actually in use, and which endpoints are unused and therefore can be removed. Removing endpoints outright is desirable as it reduces the complexity of the stack and also minimizes the work required for shimming the Service API.

Additionally this charge also supports the future work of shimming the Service API, by splitting a highly generic and therefore almost unshimmable function into very meaningful shimmable handlers.

Finally splitting the endpoint allows FastAPI to generate meaningful and useful API documentation and OpenAPI Specification.

BREAKING CHANGE: This change is a breaking change, although very minorly so.

Previously calling with an unknown type or function would return a HTTP 400 status-code, but now it returns a HTTP 404 status-code instead.

18.23.5 (2023-04-18)#

Bug Fixes#

[#53650] Restore support for "erstatningspersonnummer" CPRs

Test improvements#

[#53506] rewrite test_terminate_association_directly
[#53506] rewrite test_terminate_association_in_the_past
[#53506] rewrite test_employee
[#53506] rewrite test_children
[#53506] rewrite test_facet_create_and_update
[#53506] added tests for seed_resolver

Code Refactor#

[#53506] cleanup test_integration_association.py

18.23.4 (2023-04-18)#

Build improvements#

deps-dev: bump pytest from 7.2.1 to 7.3.1

Bumps pytest from 7.2.1 to 7.3.1. - Release notes - Changelog - Commits

18.23.3 (2023-04-18)#

Bug Fixes#

[#53506] fix graphql user_key filtering

18.23.2 (2023-04-17)#

Build improvements#

deps-dev: bump parameterized from 0.8.1 to 0.9.0

18.23.1 (2023-04-17)#

Chores#

deps: bump sqlalchemy-utils from 0.38.3 to 0.41.0

18.23.0 (2023-04-17)#

Features#

[#53229] add test and adjust other tests to having an extra employee
[#53229] allow setting a cpr-number on existing user created without cpr

Chores#

[#53506] extended changelog to include all our cc verbs

18.22.5 (2023-04-17)#

Bug Fixes#

[#53506] fix engagement association typed as engagement

OS2mo 18.22.0 unintentionally broke the engagement_association field on the engagement entity in the GraphQL interface.

The field was broken accidentally by a mistyping stating that the field had the type engagement rather than engagement_association. The issue was discovered automatically by the hypothesis property-based testing, although not during the review of the initial merge request.

This fix changes the type of the field to engagement_association as it should have been all along. No further tests are added since the automated test-suite managed to identify the issue, but a discussion on the number of examples run though the property-based testing has been started to address whether more examples should be run, such that counter-examples and thereby issues are found sooner.

18.22.4 (2023-04-17)#

Chores#

deps: bump sqlalchemy from 2.0.7 to 2.0.9

Bumps sqlalchemy from 2.0.7 to 2.0.9. - Release notes - Changelog - Commits

18.22.3 (2023-04-17)#

Chores#

deps: bump aiohttp from 3.8.3 to 3.8.4

Bumps aiohttp from 3.8.3 to 3.8.4. - Release notes - Changelog - Commits

18.22.2 (2023-04-17)#

Chores#

deps: bump sqlalchemy from 2.0.7 to 2.0.9

Bumps sqlalchemy from 2.0.7 to 2.0.9. - Release notes - Changelog - Commits

18.22.1 (2023-04-17)#

Bug Fixes#

[#53506] fix org_unit_refresh lazy resolution

OS2mo 18.21.0 unintentionally broke the org_unit_refresh GraphQL mutator, and by extension via shimming the corresponding /ou/{unitid}/refresh Service API endpoint.

The mutator was broken accidentally by a systematic refactoring across the entire codebase. This refactoring was okay in all other instances, however the org_unit_refresh mutator is implemented directly atop the low-level dataloader, and as such was broken when the low-level dataloader changed its interface in the transition to lazy resolution of top-level results.

The fact that the mutator was broken without any test-failures from the test-suite indicates that the mutator is not tested rigorously enough currently.

This change merely fixes the underlying problem without actually introducing more rigorous testing to ensure that a similar regression occur in the future. A follow-up change should ensure that the mutator is tested rigorously.

This change does not resolve the root-cause of the mutator breaking either. Namely, this change does not restructure the code such that the mutator utilizes the top-level resolver instead of the low-level dataloader. A follow-up change should ensure that the mutator is refactored to be inline with the rest of the codebase.

Test improvements#

[#50473] convert unittest to pytest

18.22.0 (2023-04-12)#

Features#

[#53506] utilize resolvers in org-unit.managers
[#53506] utilize resolvers in roles
[#53506] utilize resolvers in related-units
[#53506] utilize resolvers in org-units
[#53506] utilize resolvers in manager
[#53506] utilize resolvers in leave
[#53506] utilize resolvers in KLE
[#53506] utilize resolvers in it-user
[#53506] utilize resolvers in facet
[#53506] utilize resolvers in engagement-assocation
[#53506] utilize resolvers in engagement
[#53506] utilize resolvers in employee
[#53506] utilize resolvers in class
[#53506] utilize resolvers in association
[#53506] utilize resolvers in address
[#53506] utilize resolvers in schema

This features changes how all field resolvers are implemented.

Previously field-level resolvers were implemented separately from top-level resolvers, implementing a subset of the features available on the top-level resolver.

This feature eliminates the separate resolvers in favor of just using the top-level resolvers everywhere, as such with this feature it is now possible to utilize top-level filtering and functionality on field-level nested queries.

The feature is implemented by seeding parameters to the top-level resolvers from the context in which they are invoked. For instance when querying engagements under org_units, the org_units parameter on the engagements top-level resolver is automatically set to the org-unit in question.

I.e.:
query {
  org_units(uuids: "f06ee470-9f17-566f-acbe-e938112d46d9") {
    objects {
      engagements(employees: "be39de52-060a-4ae3-b705-ba46dd9b27a6") {
        uuid
      }
    }
  }
}
Calls the engagements-resolver with: * org_units="f06ee470-9f17-566f-acbe-e938112d46d9" * employees="be39de52-060a-4ae3-b705-ba46dd9b27a6"

Similar to how it would be called from the top-level:
query {
  engagements(
    org_units: "f06ee470-9f17-566f-acbe-e938112d46d9",
    employees: "be39de52-060a-4ae3-b705-ba46dd9b27a6") {
      uuid
  }
}

Bug Fixes#

[#53506] fix broken org-unit resolver seed

Code Refactor#

[#53506] rename seeded resolvers
[#53506] refactor ancestors to use method recursion
[#53506] refactor top_level_facet to use recursion
[#53506] refactor out user-key to uuid translation
[#53506] ensure pre-commit passes
[#53506] remove root_model from seed_resolver
[#53506] introduce uuid(s)2list
[#53506] rewrite definitions to use global lazy annotated types
[#53506] remove unused filter-function
[#53506] rewrite lazy-types to annotated
[#53506] remove unused dataloaders

Style#

[#53506] pre-commit

Chores#

[#53506] review feedback
[#53506] added annotation todo

18.21.2 (2023-04-11)#

Chores#

deps: bump uvicorn from 0.18.3 to 0.21.1

18.21.1 (2023-04-11)#

Chores#

deps: bump alembic from 1.10.2 to 1.10.3

Bumps alembic from 1.10.2 to 1.10.3. - Release notes - Changelog - Commits

18.21.0 (2023-04-04)#

Features#

[#53506] allow objects to be lazily resolved
[#53506] added runtime GraphQL middleware

GraphQL / Strawberry runtime can now be requested by sending the "X-REQUEST-RUNTIME" request header. Sending this header ensures that a "runtime" extension attribute will be returned along with the GraphQL response, for instance:
  "extensions": {
    "runtime": 1.1780643130005046
  }
This is especially nice while debugging performance issues in GraphiQL.

Test improvements#

[#53506] remove faulty pytestmark override
[#53506] fixup broken tests

Code Refactor#

[#53506] introduce to_response decorator
[#53506] restructure dataloaders

test: [#53506] fixup broken tests

[#53506] introduce response cache-field
[#53506] replace starmap with list comprehension
[#53506] restructure resolvers
[#53506] introduce more entity resolvers

Chores#

[#53506] remove python version from pre-commit config

18.20.0 (2023-04-04)#

Features#

[#55602] version metrics when not configured
[#55602] always return boolean
[#55602] return set instead of list or set
[#55602] add few accurate type hints

Chores#

add os2sync version to docs

18.19.0 (2023-03-30)#

Features#

[#53354] GraphQL schema extension for LoRa pagination

The "pagination out of range sentinel" - if you will - is implemented by returning a boolean in the GraphQL extensions field. We experimented with raising an error, and letting clients check result.errors, but this worked poorly as there seems to be no way to avoid the exception showing up in the console/log. It seems it is best to express this expected "error" in the schema[1], but as we will be moving to a cursor-based approach in a new GraphQL API version shortly (#50653), we opted for this solution which does not break the existing schema.

[1] https://strawberry.rocks/docs/guides/errors

18.18.0 (2023-03-28)#

Features#

[#49554] added new feature flag, to toggle org unit hierarchy when creating new ones

18.17.0 (2023-03-28)#

Features#

[#54774] unit tests for get_classes and format_lora_results_only_newest_relevant_lists

Located in the mora.graphapi.latest.dataloaders module

[#54774] added 'published'-attr to MOClassReturn and get_classes graphql query
[#54774] created formatting method for get_classes, to ensure a max of 1 element in lists

Bug Fixes#

[#54774] format_lora_results_only_newest_relevant_lists iterates through lora_result directly

We dont use zip/unzip, but yields the result of format_lora_results_only_newest_relevant_lists

[#54774] renamed method and reverted to zip(*) instead of unzip
[#54774] replaced test_format_lora_results_only_newest_relevant_lists with 3 new tests

For better readability

[#54774] added try-catch around unzip of lora_results, when the lora_results generator is empty

Done in format_lora_results_only_newest_relevant_lists, and was implemented to make new pagination tests parse.

[#54774] added mora.util.parsedatetime + transform_lora_object now only modifies data
[#54774] added docstring to gen_paths and optimized code based on feedback
[#54774] added 'published'-attr to Tests::test_facet since we now also expose this field

18.16.0 (2023-03-24)#

Features#

[#53354] LoRa offset/limit pagination

This is hopefully not the final form, but will accept a potentially breaking-change later to get pagination working now.

[#53354] LoRa offset/limit pagination

This is hopefully not the final form, but will accept a potentially breaking-change later to get pagination working now.

18.15.9 (2023-03-24)#

Chores#

deps: bump python-multipart from 0.0.5 to 0.0.6

18.15.8 (2023-03-24)#

Chores#

deps: bump prometheus-fastapi-instrumentator from 5.10.0 to 6.0.0

18.15.7 (2023-03-24)#

Chores#

deps: bump pydantic from 1.10.6 to 1.10.7

Bumps pydantic from 1.10.6 to 1.10.7. - Release notes - Changelog - Commits

18.15.6 (2023-03-22)#

Bug Fixes#

allow terminating kles

18.15.5 (2023-03-21)#

Code Refactor#

[#52215] remove werkzeug dependency

Apply 1 suggestion(s) to 1 file(s)

Chores#

deps: bump pydantic from 1.10.4 to 1.10.6

Bumps pydantic from 1.10.4 to 1.10.6. - Release notes - Changelog - Commits

[#52215] move pytest-timeouts to dev dependencies

18.15.4 (2023-03-21)#

Bug Fixes#

[#49791] autocomplete sqlalchemy2 compatibility

Code Refactor#

[#52215] rewrite _get_args

18.15.3 (2023-03-21)#

Bug Fixes#

use sentry with fastapi ext

Code Refactor#

[#52215] remove dead code

18.15.2 (2023-03-20)#

Bug Fixes#

[#52215] convert flask exception to fastapi

Code Refactor#

[#52215] rewrite restriction_to_registration

18.15.1 (2023-03-20)#

Chores#

deps: bump sqlalchemy from 2.0.5.post1 to 2.0.7

Bumps sqlalchemy from 2.0.5.post1 to 2.0.7. - Release notes - Changelog - Commits

18.15.0 (2023-03-20)#

Features#

[#49763] new amqp subsystem

18.14.0 (2023-03-17)#

Features#

[#49763] repr's for common models
[#49763] proper relation codes

Bug Fixes#

[#49763] let black care for line lenghts

18.13.0 (2023-03-16)#

Features#

[#55196] add envvar for show birthday in searchbar

18.12.1 (2023-03-15)#

Chores#

deps: bump alembic from 1.9.2 to 1.10.2

18.12.0 (2023-03-14)#

Features#

[#49763] sqlalchemy/db module for os2mo

Chores#

[#49763] install psycopg3
[#49763] upgrade sqlalchemy

18.11.0 (2023-03-14)#

Features#

[#xxxxx] Rewrote tests with other data
[#xxxxx] Adjusted test properly
[#xxxxx] Fixing precommit
[#xxxxx] introduce ancestors on org-units

Bug Fixes#

[#xxxxx] Added test for ancestor
[#xxxxx] Ran Black to fix commit
[#xxxxx] Ran Black and updated precommits

18.10.0 (2023-03-13)#

Features#

[#54774] Revert get_effects for GraphQL facets (!1397)

18.9.0 (2023-03-13)#

Features#

[#45844] Codegen CLI

18.8.1 (2023-03-13)#

Build improvements#

deps: bump starlette-context from 0.3.5 to 0.3.6

Bumps starlette-context from 0.3.5 to 0.3.6. - Release notes - Commits

18.8.0 (2023-03-08)#

Features#

[#55092] add env variable to fix datepicker (change is in OS2mo-Frontend repo)

18.7.0 (2023-03-07)#

Features#

enable auto-merge on dependabot

18.6.0 (2023-03-07)#

Features#

[#54774] created unit test for dataloaders.get_classes, to verify get_effects() is applied
[#54774] created unit test to verify custom association type classes

Added new test-data for a custom association type class, which have multiple states and attributes. One of the states have published=ikkePubliceret and a name attr with '-'

Bug Fixes#

[#54774] fixed tests.graphapi.test_classes.test_class_facet_filter after new test data

We need new test data to verify classes with multiple states, attributes and relations. This required we implemented get_effects in dataloaders.py::get_classes and not just in load_facet_classes.

[#54774] updated from-dates on test classes + published attr for add in MOClassReturn

We need to fix dates after implementing get_effects for classes, which otherwise will make invalid duplicates. ex from 1900 to 2016 and then 2016 to infinity, but on elements which should only have 1900 to infinity. Also fixed so we now expect the new attr 'published' after adding it to MoClassReturn

[#54774] implemented get_effects in load_facet_classes and exposed MOClassReturn.published attr

get_effects was required to accomondate the LOS importer. The exposure of the MOClassReturn.published is so the frontend can determine what t o show

Chores#

[#xxxxx] added dependabot for pip packages

18.5.2 (2023-02-27)#

Bug Fixes#

move setup_metrics to startup event

Chores#

deps: use official prometheus-fastapi-instrumentator with our upstream changes

18.5.1 (2023-02-23)#

Bug Fixes#

[#54774] replaced dataloaders.load_facet_classes with dataloaders.get_classes

The two methods make the same LoRa call, load_facet_classes then just wraps this result so it fits a facet more directly. The wrapping is now done in the graphapi.versions.latest.schema.py::Facet.classes instead

18.5.0 (2023-02-20)#

Features#

added new CONFDB setting called confdb_dipex_version

We use this setting to output on the frontend page of OS2Mo, what version of DIPEX is being used for import & export of data, to and from the system.

Bug Fixes#

bumped version of python from 3.10 to 3.11

Documentation#

apply suggestion
rewrite bullet list
update os2sync_export documentation
move os2sync_export to exporters

Build improvements#

[#42309] Remove k8s runner opt-in

K8s runners is the default now.

CI improvements#

[#52164] Delete .releaserc.yaml

18.4.0 (2023-02-07)#

Features#

[#52582] release add of new confdb env-var, to hide employee association columns

18.3.2 (2023-02-07)#

Bug Fixes#

implemented now-date equal-check in validity_tuple to fix issue in list_addresses_ou

This also includes us supplying validity_tuple with a now-attr in list_addresses_ou + we have added types to the now-arg for validity_tuple, so its clear that we dont allow strings

18.3.1 (2023-02-02)#

Bug Fixes#

[#54412] Fix flaky CPR tests

CI improvements#

[#54412] xfail SP_API_VERSION tests
[#50427] Fix pytest-split and pytest-randomly not working together

See https://github.com/jerry-git/pytest-split#interactions-with-other-pytest-plugins

18.3.0 (2023-01-31)#

Features#

reduce log level for health check

18.2.1 (2023-01-31)#

Bug Fixes#

fix ancestor tree with empty list

also propagate some type hints

18.2.0 (2023-01-30)#

Features#

[#54412] Use api_version (not version) kwarg in get_citizen call
[54412] SP_API_VERSION specifies the API version used for CPR lookups

This anticipates upcoming changes in service_person_stamdata_udvidet which will allow to connect to both version 4 and 5 of the /service/CPR/PersonBaseDataExtended API in Serviceplatformen.

This is necessary to support both existing and new MO customers who use the CPR lookup facility by way of a service agreement with Serviceplatformen. Existing customers use version 4 of the API (and upgrading is tough), while new customers are only able to use version 5, as Serviceplatformen no longer onboard new customers on version 4.

Chores#

[#54412] Try to fix failing tests
[#54412] Update service_person_stamdata_udvidet to 1.0.3

This version of service_person_stamdata_udvidet supports the api_version kwarg that we need to use in order to specify version 4 or 5 of the Serviceplatform CPR API.

18.1.0 (2023-01-27)#

Features#

[#53506] Remove time-based GraphQL versions feature flags

This was actually a really bad idea.

18.0.1 (2023-01-27)#

Bug Fixes#

[#54060] properly filter org unit attributes on edit

prepare_edit would previously get all attribute validities from lora (-inf,inf), and use the last one as the "previous" object in the edit. This is based on the (wrong) assumption that objects do not already have a validity in the future, which is only true if you are editing the latest. This seems to be true in almost all reading handlers (as they are mostly identical copies of each other). This is tracked separately in #54578.

18.0.0 (2023-01-27)#

Features#

[#54590] Release set ENABLE_SP false by default

BREAKING CHANGE: The flag is now false by default. Before it was true. That's breaking.

[#54590] Set ENABLE_SP false by default

17.0.0 (2023-01-26)#

Features#

[#54590] Remove DUMMY_MODE feature flag

BREAKING CHANGE: The flag has been superseded by the ENABLE_SP flag. Note, however, that if DUMMY_MODE was previously true, ENABLE_SP should be false.

16.3.1 (2023-01-26)#

Features#

[#54590] Set ENABLE_SP false by default
[#54590] Remove DUMMY_MODE feature flag

The flag has been superseded by the ENABLE_SP flag. Note, however, that if DUMMY_MODE was previously true, ENABLE_SP should be false.

Bug Fixes#

[#54590] Revert bad commits

16.3.0 (2023-01-26)#

Features#

[#53506] GraphQL export schema cli command

16.2.2 (2023-01-25)#

Bug Fixes#

[#54340] allow creating models with specific uuid

16.2.1 (2023-01-24)#

Bug Fixes#

[#53506] GraphiQL deprecation notice

16.2.0 (2023-01-24)#

Features#

[#53506] GraphiQL deprecation notice

Chores#

[#54412] Bump os2mo-init

16.1.0 (2023-01-23)#

Features#

[#52992] Remove ENABLE_CORS feature flag

16.0.0 (2023-01-20)#

Features#

[#50427] no longer include CPRs in HTTPExceptions

This is essentially just a refactor of does_employee_with_cpr_already_exist motivated by the CPRs in the exceptions.

BREAKING CHANGE: No longer includes CPR in HTTPExceptions

Chores#

[#52218] add dependabot for docker image

15.13.0 (2023-01-18)#

Features#

[#52128] Optimize legacy authentication

Previously legacy authentication ran 2 queries, one to update the expiration time and one to check if the token exists, now only the update query is run, and the number of rows updated is used to determine if access should be given.

[#52128] Mark legacy authentication tokens as used

Currently there is no way to see if a legacy authentication token is alive or not. This has lead to a large number (millions in some cases) of session tokens being kept alive in the legacy session database.

This change attempts to rectify this by setting expiry to 9999-12-31 for legacy tokens that are actually being requested, thus enabling us to eliminate a large number of dead tokens at a later stage.

The long-term goal is still to eliminate the legacy authentication mechanism entirely, but a short-term goal is to get rid of unused / dead tokens, and a mid-term goal could be to replace the session database with environmental variables.

15.12.1 (2023-01-18)#

Bug Fixes#

[#54112] Bump OS2mo FastAPI Utils to v1.3.0 for token leeway

CI improvements#

[#42309] Remove keycloak db

This functionality did not work.

With the new Gitlab runners based on Kubernetes, it is not possible to have two Gitlab CI/CD job services run on the same port. It is possible on docker. We tried fix it in dca7d1318dfb7ae9f9eaccb560877b36f8b080fd, by making mox-db and keycloak-db bind on different ports. It did not work because the POSTGRES_PORT env var is not read. If we used the correct PGPORT, we likely could make it work.

However, Keycloak does not actually use the datatabase. It prints

Using Embedded H2 database

on every run.

Instead of having keycloak-db start on the correct port and still be unused, we simply remove it and rely on the embedded database instead.

[#42309] Use separate ports for GitLab CI services

This is required because the keycloak and mox databases run concurrently in CI. On the Kubernetes GitLab runner, all services run in the same pod, which means that we cannot reuse the same port for multiple services, since they share IP.

15.12.0 (2023-01-16)#

Features#

[#54363] sentry support

CI improvements#

[#42309] Opt-in to the k8s runner

15.11.0 (2023-01-12)#

Features#

add option to read related engements from addresses from the service api

15.10.1 (2023-01-10)#

Bug Fixes#

fetch_keycloak_token was never awaited in legacy auth

15.10.0 (2023-01-09)#

Features#

[#52761] introduce itsystem_delete mutator

15.9.0 (2023-01-09)#

Features#

[#52761] introduce itsystem_create mutator

The mutator is implemented directly atop LoRa's db methods, thereby bypassing all the writing handlers within OS2mo, and thus the mutator only works on OS2mo instances with internal LoRa. A guard clause is in place to ensure that a warning is produced on OS2mo instances running with an external LoRa instance.

This mutator marks the start of tightly integrating OS2mo and LoRa, and thus marking the start of OS2mo claiming control over the database.

Test improvements#

[#xxxxx] remove testcafe endpoints
[#xxxxx] rework test_triggers.py
[#xxxxx] remove unnecessary ConfiguredOrganisation.clear()
[#xxxxx] rework tests/test_integration_leave.py
[#xxxxx] rework test_integration_validator.py
[#xxxxx] rework test_integration_related_units.py
[#xxxxx] rework test_integration_kle.py
[#xxxxx] rework test_integration_configuration_settings.py
[#xxxxx] rework test_integration_address.py
[#xxxxx] cleanup cases.py
[#xxxxx] cleanup cases.py
[#xxxxx] rework test_service_address.py
[#xxxxx] rework test_service_org_unit.py
[#xxxxx] remove address_handler/base.py
[#xxxxx] rework test_triggers.py
[#xxxxx] rework test_integration_configuration_settings.py
[#xxxxx] rework test_service_common.py
[#xxxxx] rework test_details.py
[#xxxxx] rework test_health.py
[#xxxxx] rework test_cpr.py
[#xxxxx] restructure cases.py
[#xxxxx] rework test_org.py
[#xxxxx] reuse fixtures using scoping
[#xxxxx] rework test_autocomplete.py
[#xxxxx] rework test_handler_reading_orgfunkreadinghandler.py
[#xxxxx] rework test_service_auth.py
[#xxxxx] rework test_employees.py
[#xxxxx] rework test_validator.py

CI improvements#

[#xxxxx] cleanup conftest

Chores#

[#52084] Copyright without years v2

See 955cfe3be9d81743f889db6ce2a53052e4534b7a.

[#52084] Copyright without years

The Berne Convention states that copyright “must be automatic; it is prohibited to require formal registration”. The often-used copyright lines are not necessary to protect our rights. They can still serve a purpose as they are informational and make the ownership question quite clear. The year ranges add questionable value though.[1]

[1] https://daniel.haxx.se/blog/2023/01/08/copyright-without-years/

15.8.0 (2023-01-06)#

Features#

[#53701] GraphiQL auth

15.7.0 (2023-01-05)#

Features#

[#54164] Make address engagement relation secondary

Before, an address could be related to exactly one of {employee, org_unit, engagement}. Now, an address is primarily associated with either an employee or org_unit, and at the same time possibly also associated with an engagement.

Test improvements#

[#54164] Use UnitTest self.assertX in UnitTests

Using raw assert, like you would in pytest, does not give proper error messages when used from UnitTest classes.

15.6.1 (2023-01-03)#

Features#

[#53701] Remove GraphiQL feature flag

BREAKING CHANGE

The graphiql_enable flag has been removed. The default is now to always enable the interface. It was originally intended to be disabled in production based on best practices from graphql.org, but we don't care about introspection queries in an open source application.

Bug Fixes#

[#50647] disable broken fetch_authenticated_user behavior

Test improvements#

mark test as xfail for now

15.6.0 (2022-12-22)#

Features#

[#50647] set database user references to keycloak user

This change sets LoRa database user references on changes to the user uuid set on the keycloak authentification token, such that changes can be tracked back to the user or integration that made them. Thereby replacing the current behavior of simply hardcoding user references to the magical UUID of "42c432e8-9c4a-11e6-9f62-873cf34a735fm". If no keycloak authentification token can be found, the behavior defaults back to this magical UUID.

To understand the historic behavior of user references that may be found in old LoRa databases, please read the timeline below:

May 2015:

User references are introduced into LoRa (e915ea85). At this time all user references are hardcoded to the UUID: "615957e8-4aa1-4319-a787-f1f7ad6b5e2c".

August 2015:

Support for wstrust / wso2 is introduced, and if configured for use, the user reference used is the SAML id. At the same time a bug is introduced such that the hardcoded uuid from May of 2015 no longer work when wstrust is disabled, thus leaving broken references in LoRa when this is the case.

December of 2016:

The bug introduced in August of 2015 is fixed, and a new hardcoded UUID is introduced, namely: "42c432e8-9c4a-11e6-9f62-873cf34a735fm". As such user references will no longer be broken, but rather either by the SAML id or the new magical UUID.

January of 2020:

Support for wstrust / wso2 is removed from LoRa, and thus all user references are now hardcoded to the magical uuid that was introduced in December of 2016.

December of 2022:

This pull request is introduced into OS2mo, mapping keycloak user references to LoRa user references whenever keycloak user references are available, defaulting to the magical uuid from December of 2016 if it is not.

Code Refactor#

[#50647] set database user references via OS2mo middleware

This change restructures how the LoRa database user references on changes is set. Previously it was hardcoded deep within LoRa, but with this change it is seeded via a context variable from a middleware in OS2mo.

This change is in itself just a refactoring, but it enables us to modify the source used for the database user reference in the future.

CI improvements#

[#54109] Parallel Unit-tests

15.5.1 (2022-12-21)#

Bug Fixes#

[#54109] Add engagement_uuid to ITUserWrite

15.5.0 (2022-12-20)#

Features#

[#53763] GraphQL: Allow filtering on address engagement

15.4.0 (2022-12-19)#

Features#

[#53763] Add engagement field to ITUser ra-model

Code Refactor#

[#52761] replace Address*Type with UUIDReturn
[#52761] replace AssociationType with UUIDReturn
[#52761] replace Employee*Type with UUIDReturn
[#52761] replace Engagement*Type with UUIDReturn
[#52761] replace ManagerType with UUIDReturn
[#52761] replace OrganisationUnitType with UUIDReturn
[#52761] replace ITUserType with UUIDReturn
[#52761] replace FacetType with UUIDReturn
[#52761] replace ClassCreateType with UUIDReturn

Chores#

[#53763] Remove useless comments
[#53763] Remove leftover comments
[#53763] Remove obsolete options

15.3.0 (2022-12-14)#

Features#

[#53763] Allow linking IT User to an engagement

15.2.0 (2022-12-14)#

Features#

[#50647] expanded the default blaklist_categories for creating addr_create hypothesis test data

15.1.0 (2022-12-13)#

Features#

[#49722] Update API docs on "IT associations"

DoD:

Når dokumentationen opfylder følgende:
1) Eksemplerne skal være tilgængelige både i bash/curl (det nuværende)
og PowerShell.
2) Elementer i eksempel-responsen tages med i dokumentationen.
3) Dokumentationen skal give eksempler på, hvordan en it-tilknytning kan
søges frem ud fra et it-konto-brugernavn.
4) Dokumenter terminering/lukning af en it-tilknytning via API.
5) Ændring af layout, så der ikke skal scrolles horisontalt for at se
kommentarer på payloads, mm.

Documentation#

[#xxxxx] Update implementation guide

CI improvements#

[#52316] fix tests for random execution order
[#52316] introduce pytest-randomly

Chores#

[#50647] bump dependencies

Somehow poetry.lock isn't synchronised with pyproject.toml.

15.0.0 (2022-12-09)#

Features#

[#50647] Remove obsolete CONFDB_SHOW_OWNER feature flag

BREAKING CHANGE:

Removing the feature flag is a breaking change, but everybody has it set enabled anyway.

14.0.0 (2022-12-09)#

Features#

[#50647] Release remove ENABLE_INTERNAL_LORA feature flag

BREAKING CHANGE: This removes the ENABLE_INTERNAL_LORA feature flag, which nobody uses anymore.

[#50647] Remove ENABLE_INTERNAL_LORA feature flag

Test improvements#

[#50647] Remove test slowness check

Build improvements#

[#52164] move pyproject.toml to the project root

It is good practice for pyproject.toml to be in the project root. This should also ensure that a lot of OS2mo specific code can be eliminated from our CI templates, and such.

CI improvements#

[#53763] Fix race condition

When overwriting a keyword inherited from an extends-parent job, the whole value is overwritten: A list is not appended to.

You can see this if you "Show dependencies" here: https://git.magenta.dk/rammearkitektur/os2mo/-/pipelines/105086

13.1.1 (2022-12-07)#

Bug Fixes#

[#52164] attempt at fixing our changelog

Chores#

[#xxxxx] include new frontend in dev environment

The new frontend will now be available on http://localhost:5000/new

[#48988] Remove GRAPHQL_ENABLE feature flag

13.1.0 (2022-12-01)#

Features#

[#49554] service api udstiller org_unit_hierarchy

13.0.0 (2022-11-30)#

Features#

[#51194] removed the frontend code from the backend container

BREAKING CHANGE:

With this change the backend can no longer serve frontend code. The statics_enable feature flag has been removed. Thus the frontend container must be run standalone, and the endpoints for the backend and frontend must be mounted together by ingress.

12.14.2 (2022-11-28)#

Bug Fixes#

[#51194] fix broken frontend development environment

CI improvements#

[#xxxxx] utilize concrete config-updater templates
[#xxxxx] simplify test setup
[#xxxxx] simplify image build and release
[#xxxxx] utilize do-not-interrupt meta template

12.14.1 (2022-11-28)#

Bug Fixes#

[#52822] Add filter in RBAC code for vacant owners

12.14.0 (2022-11-28)#

Features#

[#51194] use released frontend for backend

Chores#

[#51194] removed the frontend code from the OS2mo repository
[#51194] remove leftover autopub release template
[#51194] remove frontend development tools
[#xxxxx] Removed NEWS.md from build step

12.13.0 (2022-11-25)#

Features#

[#xxxxx] introduce conventional commits changelog

12.12.0 (2022-11-25)#

Features#

[#xxxxx] introduce conventional commits

12.11.1 (2022-11-24)#

[#52581] Fixed so mo-entry edit-modals get its data reset when hiding the modal, unless the hide is triggered after the CRUD action.

12.11.0 (2022-11-24)#

[#53718] Add support for creating ITUsers for org_units

12.10.0 (2022-11-11)#

[#50647] Make LoRa async(-ish)

12.9.1 (2022-11-11)#

[#53229] Fix cpr lookup to serviceplatformen

12.9.0 (2022-11-08)#

[#53518] Add latest_graphql_url fixture

12.8.0 (2022-11-08)#

[#53510] paginate health checks

12.7.0 (2022-11-07)#

[#52581] it-system-entry fields disabled if the component is loaded in an edit-mode.

12.6.0 (2022-11-03)#

[#51707] Removed triggerless attribute from mora.service.

12.5.0 (2022-11-03)#

[#51707] Removed triggerless attribute from GraphQL models.

12.4.0 (2022-11-01)#

graphql: [#53280] Add 'hierarchies' filter to org_unit

12.3.0 (2022-10-31)#

[#53047] Add pagination for Healths and bump API to v3

12.2.0 (2022-10-28)#

[#51146] Created AddressCreate GraphQL mutator

12.1.0 (2022-10-28)#

[#51150] Created/fixed employee update GraphQL mutator.

12.0.1 (2022-10-28)#

[#52822] Let RBAC code use ancestor tree with validity from -infinity to +infinity

12.0.0 (2022-10-25)#

[#52421] Fix RBAC

We had discrepancies between the role names in keycloak and MO. Now, all role names are as configured in keycloak.

11.31.1 (2022-10-24)#

[#51884] Fix bug in graphql to allow an association to be vacant.

11.31.0 (2022-10-21)#

[#53184] Add ituser_delete mutator
[#53184] Add engagement_delete mutator
[#53184] Add address_delete mutator

11.30.2 (2022-10-14)#

[#51146] Added @pytest.mark.slow to tests failing in pipelines with 'Timeout >5.0s'.

11.30.1 (2022-10-13)#

[#51382] Bump keycloak-realm-builder in devenv from 3.12.0 to 3.16.0

11.30.0 (2022-10-12)#

[#51154] Created mutator OrganisationUnitUpdate, wrote tests, refactored various spellings of "organisation"

11.29.0 (2022-10-12)#

[#49089] Added new feature flag "dar_address_autocomplete_includes_access_addresses", which will enable/disable access address lookup in DAWA in organisation-addr-autocomplete endpoint.

11.28.1 (2022-10-11)#

[#52971] Made employee_uuid optional for associations, meaning we allow an association to be vacant.

11.28.0 (2022-10-10)#

[#52805] Terminate Manager mutator

11.27.0 (2022-10-10)#

[#52797] Association terminate mutator

11.26.0 (2022-10-07)#

[#52801] Created mutator for the ManagerUpdate model.

11.25.0 (2022-10-06)#

[#51162] Address update mutator

11.24.0 (2022-10-06)#

[#52793] Associations update mutator

11.23.0 (2022-10-06)#

[#51158] Create mutator for UpdateEngagement

11.22.0 (2022-10-06)#

[#51670] ITUserUpdate mutator + added "primary" field to ITUserCreate

11.21.1 (2022-10-03)#

[#52930] Fix frontend not working for any negative timezone offset

11.21.0 (2022-09-29)#

[#51666] Created mutator for creating IT-users

11.20.0 (2022-09-29)#

[#52822] Remove validation which wouldn't allow moving root org-units.

11.19.0 (2022-09-28)#

[#52316] Added association_type filter to associations in GraphQL

11.18.0 (2022-09-28)#

graphql: [#51653] Facet create mutator

11.17.0 (2022-09-27)#

[#52316] Added employees and org_units filter to associations in GraphQL

11.16.0 (2022-09-27)#

[#52316] Added employees and org_units filter to engagements in GraphQL

11.15.0 (2022-09-27)#

[#52316] Added employee filter to addresses in GraphQL

11.14.0 (2022-09-27)#

[#52316] Added employees and org_units filter to managers in GraphQL

11.13.0 (2022-09-27)#

[#52316] Added facet filter to classes in GraphQL

11.12.0 (2022-09-27)#

[#52316] Added address_type filter to addresses in GraphQL

11.11.0 (2022-09-27)#

[#52316] Cleanup Employee Create

This commit changes how the RequestHandler dict is generated. It is now generated via to_handler_dict similar to how create_org_unit does it.

All the relevant tests have been rewritten to follow the style that create_org_unit utilizes.

Finally the input model has been modified, with the following changes:

Take a separate givenname (first name) and surname (last name)

Previously the code took just a 'name' and the backend had to split it up. We prefer to get structured data directly from the source over trying to derive it on demand.

Ensures names are actually set

Previously the code would accept the empty string for the name parameter, however the validation logic actually acquires a non-empty string.

A change has been made to ensure that the strings are actually set.

The CPR number field has been renamed from cpr_no to cpr_number

Bytes are cheap and we might as well use a fuller name.

The CPR number field has been made optional

We deploy OS2mo in non-danish contexts, thus we cannot assume a CPR number is always available. We could consider converting it to a more generic 'national identification number' concept.

User-key has been added

A lot of integrations utilize the user-key for a domain specific key, for instance the employee identifier in the HR system.

Note: This is really a breaking change as name has been removed, and as cpr_no has been renamed, thus breaking the current interface. Usually we would handle such a change by creating a new GraphQL version, however as noone uses the current interface yet, we are okay with breaking it without creating a new version.

11.10.0 (2022-09-27)#

[#xxxxx] Added parents filter to org_units in GraphQL

11.9.0 (2022-09-26)#

[#51178] Add mo-class mutator

11.8.1 (2022-09-25)#

[#51674] IT-user terminate bugfix and model correction

11.8.0 (2022-09-24)#

[#51181] introduce organization unit create mutator

11.7.2 (2022-09-21)#

[#50861] Fix compatibility shim for v1 org unit parent behaviour

11.7.1 (2022-09-21)#

[#51872] Fix GraphQL schema context extension

We need to store a reference counter, instead of a simple boolean, to ensure we do not set is_graphql=False as soon as the first nested schema execution exits.

11.7.0 (2022-09-20)#

[#50861] Make GraphQL org unit parent return an optional single object.

The old behaviour -- returning an optional list, which always contained exactly one element -- has been deprecated, but will continue to work in the v1 GraphQL API until 2023-03-01. Consumers should upgrade to /graphql/v2 as soon as possible.

11.6.0 (2022-09-20)#

[#52316] Require admin for all GraphQL mutators

11.5.0 (2022-09-20)#

[#51898] Created a new test to verify DetailTermination.validity.to is allowed to be None.

11.4.1 (2022-09-20)#

[#51176] Fixed typo in filename

11.4.0 (2022-09-19)#

[#51176] Restricted string type object

11.3.4 (2022-09-18)#

[#52023] Upgrade dependencies

11.3.3 (2022-09-17)#

[#52316] Eliminate validators package

11.3.2 (2022-09-17)#

[#52316] Remove unused packages

11.3.1 (2022-09-17)#

[#52316] Remove dependencies

11.3.0 (2022-09-16)#

[#52591] Only require UUID for owners

11.2.3 (2022-09-14)#

[#52455] Allow detail type role to be terminated

11.2.2 (2022-09-13)#

[#44361] Remove unused database indexes

11.2.1 (2022-09-13)#

[#50727] Remove integrationsdata from all the models using RABase.

11.2.0 (2022-09-13)#

graphql: [#51672] IT-user terminate mutator

11.1.1 (2022-09-12)#

[#52453] Bugfix: forward LoRa query parameters to MO container if using "internal LoRa"

11.1.0 (2022-09-12)#

[#50727] Remove the field integrationsdata from the database, APIs, models, etc.

11.0.2 (2022-09-09)#

[#52084] Fix ramodels release

11.0.1 (2022-09-09)#

[#52084] Make Engagement.primary optional

11.0.0 (2022-09-08)#

[#52131] Expose the file_storage setting to the frontend
[#52131] Change the default file_storage backend from filesystem to noop. This disables file upload on all servers without a overwrite. This was overwritten for all salt deployment in MR2494.

10.5.2 (2022-09-08)#

Install poetry in a isolated environment

This fixes build problems where poetry changes the dependencies for poetry itself when installing packages.

This also cleans up the Dockerfile for various rot.

10.5.1 (2022-09-07)#

[#51898] Fixed DetailsTerminate in mora.service, so its validity argument is of type OpenValidity, which allows to_date to be none.

10.5.0 (2022-09-07)#

[#50647] Add versioning to the GraphQL API

Clients should always refer and pin themselves to a specific version of the GraphQL API, which is available on /graphql/vX. Navigating to /graphql in a browser will redirect to GraphiQL for the latest version. POSTing to the legacy /graphql endpoint is still supported for compatibility, but support will be dropped in the near future.

10.4.0 (2022-09-06)#

[#51150] Created GraphQL mutator for updating an employee.

10.3.0 (2022-09-05)#

[#51184] Created GraphQL mutator for terminating employees.

10.2.0 (2022-09-02)#

[#52089] Created GraphQL mutator for creating employees.

10.1.0 (2022-09-02)#

[#51972] Add ITSystem to ITUser Strawberry mode

10.0.1 (2022-09-01)#

[#51091] Added missing 'it'-type as a possible ramodels.Detail.type value.

10.0.0 (2022-09-01)#

[#50998] Change dynamic classes in association models to be a single UUID in stead of a list. Adds loader for Dynamic classes in graphql.

9.8.2 (2022-09-01)#

[#52254] Fixes mypy error by setting None as default value in optional fields.

9.8.1 (2022-08-31)#

[#51935] Run Alembic migrations for mox database on MO container startup

9.8.0 (2022-08-30)#

[#51175] Endpoint "/service/details/terminate" now uses the new ra-data-model "DetailTermination" instead of an anonymous dict.

9.7.5 (2022-08-30)#

[#51957] Bugfix: An employee is allowed to have multiple primary "IT associations", as long as the related "IT user" objects differ from each other. The related "IT users" are allowed to belong to the same "IT system".

9.7.4 (2022-08-29)#

[#52011] Moves ramodels into backend while maintaining the poetry project in the root folder.

9.7.3 (2022-08-26)#

[#52021] Make new ClassWrite backwards-compatible with old FacetClass

9.7.2 (2022-08-26)#

[#50137] Rewrote additional testcases and made corrected coding errors

9.7.1 (2022-08-25)#

[#51091] Remove integrationdata from lora responses

9.7.0 (2022-08-25)#

[#51174] Created new GraphQL mutator for terminating address-details.

9.6.0 (2022-08-25)#

[#51953] Remove FacetClass model and related test.

9.5.0 (2022-08-24)#

[#51173] Endpoint "/service/details/terminate" now uses the new ra-data-model "DetailTermination" instead of an anonymous dict.

9.4.0 (2022-08-23)#

[#51170] GraphQL engagement terminate mutator

9.3.0 (2022-08-23)#

[#51650] GraphQL write models for Facets and mo-classes

9.2.0 (2022-08-22)#

[#51173] Created new model DetailTermination, representing a termination of os2mo-service-details.

9.1.5 (2022-08-19)#

[#50137] Rewrote last unittest.Testcase to pytest style

9.1.4 (2022-08-19)#

[#50484] Fix accidental switchup between validate_unique_group_on_create and validate_primary_group_on_create

9.1.3 (2022-08-19)#

[#50137] Rewrote tests to make independant from unittest.

9.1.2 (2022-08-18)#

[#50998] Fix issue with picking dynamic classes on associations

9.1.1 (2022-08-18)#

[#51760] Use tag from OS2MO when releasing ra-data-models to pypi.

9.1.0 (2022-08-18)#

[#43046] Introduce filestorage interface

9.0.3 (2022-08-18)#

[#xxxxx] Refactored ITSystems handler

9.0.2 (2022-08-18)#

[#50137] Rewrote testings of various functions

9.0.1 (2022-08-18)#

[#51760] Fix ra-data-model pages path

9.0.0 (2022-08-18)#

[#51760] Merge ra-data-models repo into OS2MOs repo.

5.9.3 (2022-08-17)#

[#50484] Fix group-wise validation of "IT associations" when editing (disallow multiple associations in same organisation unit.)

5.9.2 (2022-08-17)#

[#51858] Frontend code should now read the feature flag autocomplete_use_new_api without the confdb_ prefix

5.9.1 (2022-08-16)#

[#51166] Renamed new model "MoraTriggerOrgUnit" to "OrgUnitTrigger" so naming convention makes sense.
[#51166] Removed commented code not in use from graphapi.model "Validity".

5.9.0 (2022-08-15)#

[#51177] Use ClassWrite model from RAModels

5.8.1 (2022-08-12)#

[#50137] Rewrote uuid extractor from Unittest

5.8.0 (2022-08-12)#

[#51165] Implemented RA Data Models for the organisation-unit termination endpoint, instead of dict.
[#51166] Implemented GraphQL mutator for terminating organisation-unit
[#51166] Implemented GraphQL mutator for terminating organisation-unit

5.7.1 (2022-08-11)#

[#xxxxx] Removed dead address code

5.7.0 (2022-08-11)#

[#50137] Updated Python image for support of M1. Rewrote remaining tests from unittest to pytest.

5.6.0 (2022-08-03)#

[#51514] Frontend linting

5.5.0 (2022-07-29)#

[#47564] Introduce GraphQL read permissions

5.4.4 (2022-07-28)#

[#50647] Fix LoRa get version for real

5.4.3 (2022-07-28)#

[#50647] Fix LoRa get version

5.4.2 (2022-07-28)#

[#50647] Fix required LoRa db_password settings

5.4.1 (2022-07-28)#

[#50647] Eliminated dead code

5.4.0 (2022-07-28)#

[#50647] Eliminated MO client

LoRa healthchecking now happens via the LoRa client.

Keycloak healthchecking has been removed completely, as we only communicate with Keycloak once on startup when we fetch the JWKS.

5.3.0 (2022-07-27)#

[#50647] Call directly into LoRa application from MO when using internal LoRa

5.2.0 (2022-07-27)#

[#50449] Shim address autocomplete

5.1.0 (2022-07-27)#

[#50438] Shim search_cpr

5.0.0 (2022-07-27)#

[#xxxxx] Merge LoRa into OS2mo

4.47.0 (2022-07-26)#

[#48001] Remove v1 API

4.46.0 (2022-07-25)#

[#47371] Change base docker image

4.45.1 (2022-07-22)#

[#50861] Fix frontend not working without auth

4.45.0 (2022-07-22)#

[#51165] Implemented RA Data Models for the organisation-unit termination endpoint, instead of dict.

4.44.0 (2022-07-21)#

[#51555] Structured access logs

4.43.0 (2022-07-21)#

[#44717] Remove unused confdb

4.42.2 (2022-07-21)#

[#51194] Actually mount MO frontend on root

4.42.1 (2022-07-20)#

[#51194] Mount MO frontend on root

4.42.0 (2022-07-20)#

[#51194] Let MO frontend handle 404s

4.41.0 (2022-07-19)#

[#51523] Filter out non-existant responses

4.40.2 (2022-07-15)#

[#51459] Bugfix group validation of multiple primary IT users in the same IT system

4.40.1 (2022-07-14)#

[#51511] Autocomplete frontend: handle "null" values in "path" when displaying organisation unit paths

4.40.0 (2022-07-12)#

[#51396] Adds filter on "list org units" endpoint to filter by org_unit_hierarchy

4.39.0 (2022-07-08)#

[#51444] CPR filter i GraphQL

4.38.2 (2022-07-05)#

[#46148] Call LoRa connector without arguments

4.38.1 (2022-07-04)#

graphql: [#50108] Add support for user_key in statics

4.38.0 (2022-07-01)#

graphql: [#50108] Add support for user_key

4.37.1 (2022-06-30)#

[#50993] Allow editing class owners

4.37.0 (2022-06-30)#

[#51194] Align routes in docker/nginx.conf.template and backend/mora/app.py

4.36.1 (2022-06-30)#

[#50839] Fixes the "is_primary" flag in engagements when reading with GraphQL.

4.36.0 (2022-06-23)#

[#50972] Sort org tree by name instead of user_key

4.35.5 (2022-06-22)#

[#50891] Update fixture loader to version 1.2

4.35.4 (2022-06-21)#

[#50959] Handle absent UUID in _ITUserGroupValidation.get_validation_item_from_mo_object

4.35.3 (2022-06-21)#

[#50958] get_mo_object_primary_value: handle primary being None

4.35.2 (2022-06-14)#

[#50653] Added mypy plugin for Strawberry, various code refactorings

4.35.1 (2022-06-14)#

[#50878] Bugfix: use httpx client in AutocompleteScope.fetch

4.35.0 (2022-06-14)#

[#50707] Introduce OS2mo admin

4.34.0 (2022-06-14)#

[#49594] Expose the primary class of IT users in the UI, and add group validation rules

4.33.0 (2022-06-13)#

[#50508] New enable_sp and enable_dar configuration options

4.32.1 (2022-06-13)#

[#50698] Generate test coverage report (HTML) when running MO test suite locally

4.32.0 (2022-06-09)#

[#50448] Shim get_navlinks

4.31.1 (2022-06-09)#

[#50436] Fix casts to from_pydantic

4.31.0 (2022-06-08)#

[#50483] Add support for "group-wise" validations. Use when validating "IT users" and "IT associations".

4.30.0 (2022-06-04)#

[#50456] Shim trigger_external_integration

4.29.0 (2022-06-03)#

[#50464] Shim download_csv

4.28.0 (2022-06-03)#

[#50462] Prepare shim get_insight_data

4.27.0 (2022-06-03)#

[#50484] Allow more than one association per employee in the same organisation unit.

4.26.0 (2022-06-03)#

[#50435] Shim get_classes

4.25.2 (2022-06-03)#

[#50725] Fix use of LoRa class owners

4.25.1 (2022-06-02)#

[#50483] Fix frontend code to edit IT associations

4.25.0 (2022-06-02)#

[#50463] Shim get_insight_filenames

4.24.0 (2022-06-02)#

[#50444] Shim set_org_unit_configuration

4.23.0 (2022-06-01)#

[#50463] Preparation to shim get_insight_filenames

4.22.1 (2022-06-01)#

[#50496] Add support form amqp_ environment variables

4.22.0 (2022-05-26)#

[#50441] Shim download_export_file

4.21.0 (2022-05-26)#

[#50442] Shim upload_export_file

4.20.0 (2022-05-25)#

[#50440] Shim list_export_files

4.19.0 (2022-05-24)#

[#49535] Fix a permanent redirect in users browsers for our old saml SSO.

This works by redirecting back to the initial redirect path (/), and thus triggering a redirect cycle in the browser, which in effect makes the browser try to fetch the initial redirect path, thus clearing the permanent redirect.

4.18.0 (2022-05-24)#

[#50434] Shim get_all_class_children endpoint

4.17.0 (2022-05-24)#

[#50428] Shim get_all_classes_children endpoint

4.16.0 (2022-05-24)#

[#47023] Replace AIOHTTP with HTTPX as LoRa HTTP client

4.15.0 (2022-05-23)#

[#50421] Shim get_all_classes endpoint

4.14.0 (2022-05-23)#

[#50415] Shim list_facets endpoint

4.13.0 (2022-05-23)#

[#50414] Shim get_class endpoint

4.12.0 (2022-05-23)#

[#50522] Legacy tokens are owner

4.11.0 (2022-05-19)#

[#49631] UI: use engagement_job_function_bvn facet, if available ("Brugervendt stillingsbetegnelse")

4.10.3 (2022-05-18)#

[#50369] Fix visibility bug in addresses

4.10.2 (2022-05-17)#

[#49624] Fixes wider dropdown on IT-Associations for a better user experience

4.10.1 (2022-05-16)#

[#50303] Fix bitemporal address error in shim

4.10.0 (2022-05-12)#

[#50067] Implement EngagementAssociation in GraphQL

4.9.0 (2022-05-12)#

[#47920] Shim Organisation Unit endpoints

4.8.0 (2022-05-11)#

[#49896] Convert MO to using RAMQP

4.7.1 (2022-05-09)#

[#50189] Bump RAModels to 5.12.4

4.7.0 (2022-05-02)#

[#48771] Enable statics endpoint switch

4.6.1 (2022-04-29)#

[#49705] Fix broken file-download auth when using legacy backend.

4.6.0 (2022-04-26)#

[#49955] Limit database connection usage in mora.auth.keycloak.legacy to one database connection per MO worker process.

4.5.1 (2022-04-26)#

[#49849] Fix seniority bug

4.5.0 (2022-04-22)#

[#49706] Add support for full AMQP url

4.4.0 (2022-04-20)#

[#43046] Added file-upload endpoint

4.3.3 (2022-04-20)#

[#49772] Add UUID to nouath token

4.3.2 (2022-04-20)#

[#49831] Fix aiohttp trigger bug

4.3.1 (2022-04-08)#

[#49715] Fix manager inheritance bug

4.3.0 (2022-04-06)#

[#49705] Change auth on /service/exports/{filename} to be cookie-based

4.2.7 (2022-04-06)#

[#49616] Fix substitute role translation error

4.2.6 (2022-04-04)#

[#49552] Fix race condition in GitLab pipeline

4.2.5 (2022-03-31)#

[#49533] Fix class loading errors via new RAModels version

4.2.4 (2022-03-30)#

[#49533] Deploy new version to see if COMMIT_TAG is fixed

4.2.3 (2022-03-30)#

[#49533] Load org unit children using UUIDs directly from connector

4.2.2 (2022-03-28)#

[#48638] Force version release after pipeline fix

4.2.1 (2022-03-24)#

[#49296] Introduce schemathesis

4.2.0 (2022-03-24)#

[#45758] Implement "IT associations", a type of associations which couple an "IT User" and an "Association"

4.1.1 (2022-03-17)#

[#49273] Fix ordering in loads

4.1.0 (2022-03-16)#

[#47917] Shim out organisation endpoints

4.0.0 (2022-03-03)#

[#48919] OS2mo 4.0 - with GraphQL enabled as default!

This release introduces GraphQL reads in a stable version, with support for historic queries. No breaking changes will be made to the GraphQL API in this version.

3.35.0 (2022-03-03)#

[#48309] Bump LoRa version in CI and local dev to 4.4.1 (= introduces Alembic in LoRa)

3.34.2 (2022-03-01)#

[#45065] Make MO Organisational Unit overview respect selected date

3.34.1 (2022-02-25)#

[#48745] Testing new config-updater url

3.34.0 (2022-02-22)#

[#48786] Fix version

3.33.2 (2022-02-21)#

[#48745] Utilize new config-updater

3.33.1 (2022-02-21)#

[#42981] Fixup broken CI release stage and dev environment

3.33.0 (2022-02-19)#

[#42981] Split the MO backend and frontend into seperate containers

Two seperate containers must now be started in order to launch MO with UI.

3.32.1 (2022-02-16)#

[#47844] Parse Base64 auth UUID as little endian bytes, as that is what is sent to us from ADFS

3.32.0 (2022-02-15)#

[#48553] Add support for Keycloak Base64 encoded UUID attribute

The ObjectGUID LDAP attribute sent from ADFS to Keycloak, is sent as a Base64 encoded byte-string. There is no easy way to perform conversion of this in either ADFS or Keycloak, so we add additional support for this eventuality in our KeycloakToken.

3.31.0 (2022-02-11)#

[#48565] Pluralise KLE Aspects

3.30.5 (2022-02-09)#

[#42981] Test new docker-release template

3.30.4 (2022-02-07)#

[#47514] Rename default Keycloak client name to 'mo-frontend'

3.30.3 (2022-02-03)#

[#48177] Rearrange GraphAPI code, fix typing

3.30.2 (2022-02-02)#

[#48307] Fix and type dataloaders, check Nones

3.30.1 (2022-02-01)#

[#48176] Use models from RAModels

3.30.0 (2022-02-01)#

[#47789] Add manager inheritance for organisation units

3.29.13 (2022-01-28)#

[#47788] Add filtering of addresses per address type

3.29.12 (2022-01-24)#

[#48042] GraphQL: make reference to org_unit's plural for RelatedUnits

3.29.11 (2022-01-21)#

[#48003] Fix bug in dataset health endpoint

3.29.10 (2022-01-20)#

[#48074] Turn off GraphiQL in production

3.29.9 (2022-01-19)#

[#48039] Fix double event loop for real

3.29.8 (2022-01-19)#

[#47851] Make health output optionally null

3.29.7 (2022-01-19)#

[#48039] Fix double event loop

3.29.6 (2022-01-18)#

[#47969] Update docstrings in GraphAPI related files

3.29.5 (2022-01-17)#

[#47770] Test of GraphQL class and facet reading

3.29.4 (2022-01-17)#

[#48000] Test of GraphQL ITSystem reading

3.29.3 (2022-01-17)#

[#47985] Remove trailing Type from GraphQL models

3.29.2 (2022-01-14)#

[#47961] Fix UI trailing slash issues

3.29.1 (2022-01-14)#

[#47761] Test the GraphAPI for details read

3.29.0 (2022-01-14)#

[#47761] Rename GraphQL endpoints to plural

3.28.0 (2022-01-13)#

[#47918] Shim out itsystem endpoints

3.27.0 (2022-01-13)#

[#47916] Convert healthchecks to GraphQL

3.26.0 (2022-01-13)#

[#47915] Shim out version endpoint

3.25.0 (2022-01-13)#

[#47674] Removed integrationdata endpoint

3.24.0 (2022-01-12)#

[#47751] Kubernetes liveness and readiness probe

3.23.7 (2022-01-11)#

[#47680] Update dependencies

3.23.6 (2022-01-10)#

[#47680] Remove validity from Klasser and Facetter in the GraphQL API

3.23.5 (2022-01-05)#

[#47784] Temporarily remove heavy metrics

We have discovered that metrics are being updated on EVERY REQUEST against MO! Not just on requests against the /metrics endpoint, as we had imagined.

This means that every single request against MO results in 5 requests to other systems. Among these is a request to DAR, which means that MOs minimum request response-time is the round-trip time to DAR.

This change temporarily disables these 5 metrics, with a plan to reintroduce them later.

3.23.4 (2022-01-05)#

[#47759] Fix person_uuid -> employee_uuid in ReadingHandlers for GraphQL

3.23.3 (2022-01-05)#

[#47699] Use employee consistently instead of mixing person and employee

3.23.2 (2022-01-05)#

[#47681] Remove imports from impl for GraphQL

3.23.1 (2022-01-05)#

[#47742] Update translation of two files.

3.23.0 (2022-01-05)#

[#47101] Connect details to organisational units with GraphQL

3.22.0 (2022-01-04)#

[#47652] Add option to show GIR logo instead of OS2MO

3.21.0 (2022-01-03)#

[#44717] Added confdb metric to ease removal

3.20.0 (2021-12-22)#

[#47101] Connect org_units to details using GraphQL

3.19.0 (2021-12-22)#

[#47101] Connect details to Employee with GraphQL

3.18.3 (2021-12-21)#

[#47101] Connect Employee to details with GraphQL

3.18.2 (2021-12-21)#

Fix check of UUIDs in GraphQL reads

3.18.1 (2021-12-21)#

[#47640] Only load unique UUIDs in main GraphQL schema

3.18.0 (2021-12-20)#

[#47090] Initial work on facets in GraphQL

3.17.1 (2021-12-18)#

[#47608] Initial work on new release cadence

3.17.0 (2021-12-17)#

[#47099] Implement GraphQL reading of RelatedUnits

3.16.0 (2021-12-17)#

[#47090] Initial work on class GraphQL

3.15.1 (2021-12-17)#

[#45051] Remove DAR multiloop dataloader workaround

3.15.0 (2021-12-17)#

[#7100] Implement Role- and ITUser reading in GraphQL

3.14.0 (2021-12-17)#

[#47093] Implement Association reading in graphQL

3.13.0 (2021-12-17)#

[#47097] Implement Leave reading in GraphQL

3.12.0 (2021-12-17)#

[#47091] Implement address reading in GraphQL

3.11.0 (2021-12-17)#

[#47096] Implement KLE reading in GraphQL

3.10.0 (2021-12-16)#

[#47094] Allow read of engagements through GraphQL

3.9.4 (2021-12-16)#

[#47594] Delete sync requests, use async httpx

3.9.3 (2021-12-16)#

[#46544] Share AMQP connection pools

3.9.2 (2021-12-08)#

[#46388] Changes misleading link description

3.9.1 (2021-12-03)#

[#47388] Remove GraphQL auth classes

3.9.0 (2021-12-03)#

[#47415] Update Organisation GraphQL implementation to use datamodel from ramodels

3.8.4 (2021-12-03)#

[#47196] Revert auth changes

3.8.3 (2021-12-02)#

[#47386] Implement Gitlab CI templates

3.8.2 (2021-12-01)#

[#47088] Update Employee GraphQL read implementation

3.8.1 (2021-12-01)#

[#47196] Fix auth check on configuration endpoints

3.8.0 (2021-12-01)#

[#47360] Add possibility of returning flat objects from ReadingHandler'

3.7.1 (2021-12-01)#

[#47196] Support generating the Keycloak hostname dynamically based on where OS2mo is deployed

This can be controlled via a new configuration value CONFDB_DYNAMIC_KEYCLOAK_URL

3.7.0 (2021-12-01)#

[#46388] Added download insights as CSV to the frontend

3.6.2 (2021-11-30)#

Parse seniority as Optional[datetime]. Return None if applicable in read

3.6.1 (2021-11-29)#

[#47087] Update OrganisationUnit GraphQL implementation

3.6.0 (2021-11-24)#

[#47144] Add cpr_validate_birthdate feature flag which can disable the default validation of CPR birthdates

3.5.1 (2021-11-24)#

[#43398] Fix legacy auth support supporting too few concurrent SQLalchemy connections

3.5.0 (2021-11-23)#

[#46388] Added download insights as CSV endpoint

3.4.9 (2021-11-22)#

[#47086] Switch from ASGI to FastAPI integration

3.4.8 (2021-11-15)#

[#46937] Fixed GraphQL auth bug

3.4.7 (2021-11-04)#

[#xxxxx] Ensure FluxCD is working again

3.4.6 (2021-11-04)#

[#46395] Fix missing route

3.4.5 (2021-10-28)#

[#46561] Cache LoRa Connector to allow for proper DataLoader usage in lora.py
[#46561] Fix get_configured_organisation broken on cold cache

3.4.4 (2021-10-26)#

[#46389] Fix bug in employee validation

3.4.3 (2021-10-26)#

[#46522] Proper caching for LoRa DataLoader

3.4.2 (2021-10-22)#

[#46504] Fix memory leak caused by in_separate_thread introduced in 718bfa5e.

3.4.1 (2021-10-21)#

[#46389] Bugfix update logic when forcing a new parent on an org unit

3.4.0 (2021-10-21)#

[#46067] Optimise fetching from LoRa using Strawberry DataLoader.
[#46024] Send parameters to lora through HTTP GET body as JSON.

3.3.0 (2021-10-18)#

[#43749] Further work on GraphQL

3.2.0 (2021-10-18)#

[#45841] Add legacy auth session support

3.1.0 (2021-10-12)#

[#45717] V1 API moved behind feature flag pending removal

3.0.1 (2021-10-12)#

[#44886] Fix missing '/indsigt' route in backend

3.0.0 (2021-10-11)#

[#46240] Update LoRa to version 2.1.0. Most users will want to set LORA_AUTH=false in their environment.
[#46240] Update Keycloak Realm Builder to version 2.3.0.

2.7.0 (2021-10-11)#

[#46170] Allow a limited termination period on org functions

2.6.0 (2021-10-09)#

[#45051] Made DAR lookups async using os2mo-dar-client

2.5.0 (2021-10-08)#

[#46142] Converted our AMQP Trigger to be async

2.4.4 (2021-09-27)#

[#45211] Read OS2mo version and commit sha from build arg environment variables

2.4.3 (2021-09-27)#

[#45924] Fix performance issues caused by introduction of httpx.

2.4.2 (2021-09-24)#

[#45886] Add LoRa HTTPX client timeout configuration. Fixes a bug where requesting large OU trees would time out.

2.4.1 (2021-09-24)#

[#44432] Fix race-condition in bulking cache.
[#45482] Fix bulking for OrgUnit and Facet.

2.4.0 (2021-09-23)#

[#43749] Added GraphQL endpoint and single endpoint

2.3.0 (2021-09-09)#

[#44120] Allow searching for engagement associations by org unit.

2.2.2 (2021-09-07)#

[#43749] Add poetry to build project

2.2.1 (2021-09-06)#

[#44806] Fix TestCafe no longer be reliant on an actual config database

2.2.0 (2021-09-06)#

[#45028] Fix and extend support for historic values in v1 API by supporting new ?validity=<start>/<end> syntax.

2.1.6 (2021-09-03)#

[#41555] Second attempt on introducing salt-automation fluxcd automatic image updater for dev

2.1.5 (2021-09-03)#

[#41555] Introduce salt-automation fluxcd automatic image updater for dev

2.1.4 (2021-09-03)#

[#44747] Fold up v1 endpoints.

2.1.3 (2021-09-02)#

[#45263] Only perform token UUID check when RBAC is enabled

2.1.2 (2021-09-02)#

[#44918] Don't crash if asked to update a nonexistent LoRa object

2.1.1 (2021-08-30)#

[#41555] Run tests in parallel.

2.1.0 (2021-08-27)#

[#44747]: Added Pydantic models to v1 API endpoints.

2.0.1 (2021-08-26)#

Optimized GitLab CI to only run the absolutely necessary tasks.

2.0.0 (2021-08-26)#

Features#

[#45211] Added commit shas and tags to docker images.
[#44806] Role-bases access control (RBAC) for the employee part of the system. See notes about configuration in the documentation.
[#44082] Role-based access control (RBAC) for the organization part of the system. The feature is enabled via an ENV variable
[#43998] Rework docker-compose.yaml and made database-backing on confdb configurable.
[#44744] Cleaned up tags in the OpenAPI docs endpoint (/docs)
[#44744] Added keycloak support on the OpenAPI docs endpoint (/docs)
[#44717] Added confdb environment settings, adjusted confdb healthcheck, disabled set configuration endpoints
[#44746] Expanded AMQP events with service-uuid, cleanup in trigger module
[#43364] Added sslmode to database connection options
[#44187] Add structured logs. Improvements to debugging/troubleshooting
[#42774] Add English translation. The user can now choose Danish or English screen texts by clicking the flags in the nav bar
[#42869] Added delta-api parameter "changed_since" to /api/v1/ endpoints
[#43544] Keycloak authentication. Keycloak container, DB and config added
[#41560] New org-funk: Owners
[#44181] Add Opentelemetry instrumentation
[#43364] Reimplement settings using Pydantic and environment variables
[#37599] Users can now terminate organisation unit registrations (as an alternative to terminating the entire organisation unit)
[#44188] Add local Grafana/OpenTelemetry development environment (:3000/explore)
[#44596] Implement Prometheus FastAPI instrumentor, new metrics endpoint with version and health checks
[#38239] Users can now search on more properties of employees and organisation units.
[#39858] Users can now see additional properties of employees and organisation units in the search results, if configured.
[#44530] Speed up the search for matching organisation units from the "org unit picker", if configured.

Bug Fixes#

[#44674] Editing an organisation unit's start date caused the wrong start date to be used

1.18.1 (2021-07-07)#

Bug Fixes#

[#44470] Fix request flags bleeding through to other requests

1.18.0 (2021-07-01)#

Features#

[#40933] "Create employee" dialog now allows creating an employee without any engagements

Bug Fixes#

[#42821] The search input field sometimes "swallowed" the first few characters typed. Fixed.

1.17.2 (2021-07-01)#

Bug Fixes#

[#44281] Fix LoRa HTTP connector

1.17.1 (2021-06-18)#

Bug Fixes#

[#44071] Fix HTTP trigger integration

1.17.0 (2021-05-12)#

Features#

[#42778] Make CPR optional
[#42073] New /api/v1/ endpoints introduced, API currently still unstable
[#42779] Added new address scope: Multifield Text (2-fields)
[#41914] Replaced Flask with FastAPI
[#42780] Added seniority field (and conf_db setting to hide it)
[#42034] Added entities as proper frontend entity (behind configuration)
[#42864] Added new org_func: engagement_association, linking engagements to org_units
[#42033] Improved on the UI-aspects of extension_X fields
[#42920] Added create and update facet class endpoint
[#43300] Implement auth for FastAPI

1.16.1 (2021-04-20)#

Bug Fixes#

[#43091] Fix DAR health endpoint timeout issue

1.16.0 (2021-04-06)#

Features#

[#41387] Allowed frontend to create and edit (but not move) root units
[#38904] Deprecated read-only
[#39857] When selecting an organisation unit from a tree dropdown, you can now type to search by name
[#40863] MO backend can now expose the number of associations and engagements in each organisation unit
[#41658] Run Vue unittests in Gitlab CI. This adds a new 'Build frontend' step to our 'build' stage, as well as a new 'Vue-unit-tests' stage to our 'test' stage
[#39853] Users can now specify a date when searching. This allows finding inactive organisation units, etc.
[#41915] Prepare MO to utilize FastAPI LoRa.
[#42112] Allow UI to set and change engagement ID (bvn)
[#42033] Made extension_X fields on engagements UI-wise configurable in conf_db
[#41973] Allowed addresses pointing to engagements
[#41894] Added refresh trigger event
[#40932] Users can now filter the displayed organisation unit tree if the new facet 'org_unit_hierarchy' is set up.

1.15.0 (2021-03-08)#

Features#

[#40700] Added HTTP(s) Trigger system

Bug Fixes#

[#41952] facet children not properly ported to async

1.14.1 (2021-03-04)#

Bug Fixes#

[#40621] Allow vacant associations, creatable from organisation unit
[#40719] Simplify validations for edits involving org units

1.14.0 (2021-02-11)#

Features#

[#40303] Add "Links" dropdown to top navigation, displaying custom links for an organisation
[#40960] Performance improvement: Bulk calls to lora (with request-wide cache , but without automation-magic)

1.13.0 (2021-01-22)#

Features#

[#40619] Added substitute to associations tab under organisations
[#40828] Remove default_page_size parameter, making paged endpoints return the full sized result per default
[#40828] Remove tree_search_limit parameter
[#39316] Addresses using TEXT scope are now displayed and edited as multiline text
[#39859] The "Organisation" page layout (split) can be controlled by the user
[#40177] Edit nickname as two separate fields (given name and surname)
[#39841] Fix time machine date picker
[#40620] Improved association presentation and extended the editing capabilities in the UI

Bug Fixes#

[#39855] When editing employees, sometimes misleading error messages were displayed

1.12.0 (2021-01-08)#

Features#

[#39858] Added field in ConfDB to optionally show user_key to searches
[#39856] Changed log messages from uuid to human readable, no functionality changed
[#40170] Fix bug in frontend, allowing better performance when moving organisations
[#40169] Ported lora connection to async, thereby achieving better performance
[#40678] Changed filtering process, thereby achieving better performance
[#40695] Fix bug in facet children endpoint, bug introduced at async port

1.11.0 (2020-12-14)#

Features#

[#39323] Remove request size limit for uuid lookup against LoRa, MOX should now be started with --limit-request-line 0
[#38650] Config value migrated from VARCHAR to TEXT
[#38650] Alembic introduced for ConfDB migration
[#40028] Remove history icon from GUI
[#39418] Disable typing in tree-picker GUI elements
[#39370] Reordered organization (facet) and substitute fields, no functionality changed
[#39375] Added configuration option for hiding cpr_no from UI
[#39367] Fix backend issue when editing associations

1.10.2 (2020-11-13)#

Features#

[#39244] Added root filter to orgunit search
[#39244] Unified the paged_filtered_get and paged_get methods, thus changing the order of paged lists throughout MO. The order is now by UUID instead of by user_key / bvn.
[#39468] Fix bug where UI query page didn't work with Excel files

1.10.1 (2020-10-26)#

Features#

[#38941] Fix bug where it was possible to create KLE objects without 'aspect'
[#38788] Implement uuid search filters

1.10.0 (2020-10-23)#

Features#

[#35785] Fix bug where Flask would lock the database during requests with auth, preventing other concurrent requests
[#39199] Fix bug where UI facet pickers would not use existing values when editing

1.9.2 (2020-10-19)#

Features#

[#38909] Added Configurable CORS.
[#38973] Update class/facet service endpoints to only return minimal set of data, with options to return individual additional attributes.
[#38973] Add internal speedups for bulk get requests towards LoRa
[#38041] Enables filtering facet classes based upon the selected org-unit. This applies only to creating new org-units.

1.9.1 (2020-10-06)#

Bug Fixes#

[#38803] Handle employees not having a user_key

1.9.0 (2020-09-18)#

Features#

[#38237] Removed an expensive superfluous search filter from employee search.
[#38398] The create dialog for the various relations now allow the user to create multiple objects at once.

Bug Fixes#

[#35937] Fix an issue regarding binding dynamic classes to associations during association creation. Previously the binding was only created during edits.

1.8.1 (2020-09-14)#

Features#

[#38371] Enabled configuration setting to toggle whether a manager should be inherited in the UI for a given org unit.

1.8.0 (2020-09-11)#

Features#

[#35937] Removed a duplicate entry from backend/mora/mapping.py
[#35937] Parameterized ancestor tree helper function.
[#35937] Parameterized Tree Picker / Viewer
[#35937] Dynamic recursive facet / class picker on Association View. Which dynamic facets to show can be picked using the :code:association_dynamic_facets configuration variable in conf_db.
[#38241] Fixed bug in org unit validation preventing users from moving and terminating certain org units

1.7.1 (2020-08-12)#

Features#

[#30083] Upgraded to Python 3.8.5

1.7.0 (2020-08-11)#

Features#

[#30083] Upgraded to PostgreSQL 11 and Python 3.8.
[#36672] Add 'kaldenavn' to employees, with a separate UI tab for tracking changes.

1.6.4 (2020-08-10)#

Bug Fixes#

[#37553] Fix bug when trying to create leave without engagements

1.6.3 (2020-07-10)#

Features#

[#37231] Remove the organisation page overview

1.6.2 (2020-06-22)#

Features#

[#34943] Add support for specifying SP domain for SAML auth

Bug Fixes#

[#34847] Update documentation for SAML auth
[#34849] Add more robust handling of deprecated settings
[#36952] Fix org unit end date picker being locked when editing
[#36953] Fix dates being off by one when reading from API

1.6.1 (2020-04-03)#

Features#

[#35673] Add 'engagement' field to leave objects

Bug Fixes#

[#35531] Fix org unit rename dialog error handling
[#35897] Fix conf_db health endpoint not catching certain errors
[#35992] Fix sticky backend errors in UI modals

1.6.0 (2020-03-24)#

Features#

[#27622] Enable use of serviceplatformen/cpr exttest
[#28808] UI now shows the versions of OS2mo and LoRa, with links to release notes.
[#33525] Implement support for KLE annotations in OS2mo
[#33262] Employee list output now includes CPR numbers
[#34448] Implement read-only mode for OS2mo UI, toggled through an API.

1.5.0 (2020-02-27)#

Features#

[#33975] Set today's date as default for datepicker.
[#32045] Fixed employee search for the first key press.
[#34444] Add tab routing for employee and organization.
[#31732] Adjust table columns.
[#34157] Add 10 generic extension fields to engagement objects

Chores#

[#34430] Update LoRa dependency to 1.6.1
[#27622] Update service_person_stamdata_udvidet dependency to 0.2.0
[#34481] Add new defaults to config database

1.4.0 (2020-01-22)#

Features#

[#32759] Add support for displaying a button on org units for triggering external integrations.
[#33761] Add org unit as auto default for select unit input field in OrganisationUnitMove.
[#33450] Add support for new data consolidation features in LoRa

Bug Fixes#

[#34006] Inherited managers are now properly calculated when an existing manager is terminated
[#29417] It is no longer possible to delete an inherited manager

Chores#

[#32417] Missing defaults for configuration database are now inserted individually during init_db
[#34178] Add support for specifying Flask SERVER_NAME for when the application is deployed behind a proxy

1.3.0 (2019-12-11)#

Features#

[#32964] Added support for new primary and org unit level fields

Bug Fixes#

[#33569] Changes in the past are now properly reimplemented for terminations, renames and moves.
[#33456] Configuration database initialization now only inserts default values if they are not present

Chores#

[#32964] Refactored reading code

1.2.0 (2019-12-04)#

Features#

[#29760] Best practises updated concerning OS2Sync integration
[#32467] We now once again allow performing edits in the past
[#31978] Better logs.
[#32838] Health endpoints have been implemented to show the status of OS2mo and the various systems on which it depends.

Bug Fixes#

[#28830] Small update of configuration documentation
[#30983] Fixed editing org units not taking time planning user settings into account
[#31851] Date pickers are now properly locked to the validities of the associated org units

Chores#

[#32713] Use Gitlab CI instead of Jenkins.
Changed the way test are run:
[#31797] Letting OS2mo use the LoRa defined in settings insead of creating one internally
[#31758] Constructed a new small test dataset in JSON instead of the generated one in SQL for integration test. Update facets in test to reflect reality.
[#31912] Use the new JSON test dataset for end-to-end tests and expand it greatly.
[#31799] Seperate linting from unit and integration tests.
[#31798] Seperate end-to-end test from unit and integration tests.
Remove copy services by:
[#32687] Copy :file:db_extensions.json to LoRa.
[#32677] Move database setup to a new postgres-os2mo <https://git.magenta.dk/rammearkitektur/postgres-os2mo>__ image.

1.1.0 (2019-10-09)#

Features#

[#32200] Implement configuration option to hide CPR numbers, so CPR values aren't returned from backend, and cannot be searched for.
[#32174] Update documentation for authentication and authorization
[#33033] Best practises expanded to cover payroll systems integration
[#29760] Best practises updated concerning OS2Sync integration

1.0.0 (2019-10-04)#

Features#

[#29741] AMQP messages moved to new Trigger module (on-after)
[#30983] Make time planning field on org units hidden based on configuration
[#29129] Org unit location delimiter is now backslash
[#29417] Prevent users from editing inherited managers
[#32048] Prevent users from editing org unit user keys
[#32059] Visibility is now enabled for all address types

Bug Fixes#

[#22316] Ensure update payloads sent to LoRa satisfy validation requirements
[#31661] org is now correctly an optional (deprecated) parameter on creation of various objects
[#29129] Fix org unit details modal not reacting to errors from backend when creating new objects
[#31851] Creating relations for org units now correctly takes the org unit validity into account when limiting the date pickers.
[#29604] Redirect to the page of a newly created org unit
[#29548] We now prevent the user from terminating managers (and other relations), before they are active.
[#32053] Return all klasser belonging to a facet, regardless of the page limit set in configuration

Chores#

[#29626] DAR address objects can now be inserted regardless of whether DAR is up, using force. DAR address objects in LoRa no longer include the 'pretty' address, to simplify saving the object.
[#31732] Adjusted table and removed org_unit and engagement-ID from engagement and associatied tabs for organisation.

0.21.0 (2019-09-04)#

API Changes#

/service/e/create:

Our validation now prevents creating an employee without a CPR number. To bypass this check, specify force=1.

Features#

[#29738] user_key can be entered in UI for organisational units. if none is entered, the uuid of the organisational unit is used like before
[#31024] Organisation drop down removed. Organisation has been moved into configuration values. Strictly enforced in 'production', less so in development / testing
[#27213] AMQP messages are sent whenever an object is created, edited or deleted which allows anyone to build custom & powerful integrations.
[#30094] Allow organisational units to have no addresses, rather than forcing them to have a phone and physical location.

Bug Fixes#

[#29761] Date pickers moved to the top of the various forms
[#30093] The shown units in the organisation unit pickers now reflect the dates selected in the date pickers
[#29669] Fix terminating units past any date they've been changed in the future.
[#29700] Ensure that date dropdowns always focus a selectable date, rather than e.g. the creation date of an old unit.
[#29245] EAN and P-number validation now behave as expected
[#29244] We no longer automatically add +45 to phone numbers
[#29563] Fix renaming or moving units that have a termination date.
[#30095] Address missing error in CPR search by automatically performing said search. And filter out any dashes while at it.
[#29569] Validate addresses related to their unit and employee when editing rather than merely at creation.
[#29570] Ensure the error messages when validating a unit move are correct and in the correct locations.
[#31425] Better handling of addresses with empty 'brugervendtnoegle'
[#31029] We should no longer crash when reading orgfunk effects with more than one attribute

0.20.1 (2019-07-15)#

This release only contains documentation fixes

0.20.0 (2019-07-10)#

Chores#

[#24130] The configuration module now has a public api, allowing for dynamic changes of the configuration options.
[#30233] Conf module and sessions module have been dockerized

0.19.0 (2019-06-27)#

Chores#

[#28686] + [#28687]: Add Dockerfile for both production and development.
[#28804] MO now distinguishes between given name and surname.

0.18.0 (2019-05-22)#

Features#

[#29234] AD integration cookbook added to documentation
[#26857] Removed manager address for create employee and employee and organisation tabs.

Bug Fixes#

[#29019] Never ending loop in manager inheritance
[#28017] Changed style for user settings - location and user key.
[#29200] We now properly clear the store when switching org units/employees to prevent 'old data' from showing.
[#29200] Fixed spinners when loading table data.
[#29603] Spinner is now shown when tree view is loading

Chores#

[#26407] Allow selecting optional components per deployment.

0.17.0 (2019-04-30)#

Features#

[#25411] organisation units can show managers by inheritance from parent
[#28323] Added 'fraction' field to engagements
[#28563] Added feature for generating 'thin' responses when reading details, where only the UUIDs of relations are returned as opposed to deep lookups being performed.

Bug Fixes#

[#28563] Fixed bug where attribute extensions were not used for chunking on reads

0.16.0 (2019-03-22)#

Features#

[#27687] + [#27777]: The various organisationfunktion relations now support both user_key and integration_data.
[#25396] Implemented validation of individual fields in frontend using backend validation API.
[#25416] Added engagement ID to column engagement for employee and organisation.
[#26961] Add support for marking associations as “primary”.

Bug Fixes#

[#27228] Clicking the “Save” button in the organisation mapper now shows a confirmation that the operation succeeded.
[#26402] The “Save” button on the organisation mapper now correctly deactivates when successfully saving changes.

Chores#

[#27526] TestCafe test for employee association tab for create, edit and terminate popups.
[#27527] TestCafe test for organisation manager tab for create, edit and terminate popups.
[#27959] Documentation added on how to set up a SAML SSO instance for testing and development.

0.15.1 (2019-03-19)#

Documentation#

This release merely contains minor tweaks to the documentation.

0.15.0 (2019-03-11)#

API Changes#

/service/e/(uuid:employee_uuid)/terminate:

The defaults for employee termination changed, and now affect managers similarly to any other functions. To achieve the previous behaviour of merely marking manager functions as vacant, set "vacant": true in the JSON request. Please note that this is the inverse of the previous terminate_all parameter, which no longer has any affect.

Chores#

[#27431] The address_property facet is now named visibility.

Features#

[#27299] Config check on startup, DUMMY_MODE instead of PROD_MODE,
[#26459] Add support for terminating relations, such as associations, addresses, etc., using a separate dialog.
[#25575] Added visibility for addresses with a phone number and exposed them in columns - address, association and manager for employee and organisation.
[#25407] Added checkbox message alert validation for workflow employee terminate.
[#27336] Remove association addresses.
[#25174] Add support for marking engagements as “primary”.
[#27261] We can now read the username from the SAML session NameID
[#27290] Add support for assigning time planning to organisational units.

Bug Fixes#

[#25671] Organisation is now properly set when creating new employee.
[#25694] Changed table columns layout to align between table future, present and past.
[#26886] Fixed duplicate for addresses in create organisation unit and employee move many workflow now works again.
[#27149] Dont show terminate button for employee detail tabs for workflows - employeeTerminate and employeeMoveMany.
[#27218] Fixed exception being thrown when creating new DAR addreses, where the address lookup fails.
[#27155] Ensure that we show all unit roots when reloading a unit page.
[#27153] Fixed the error and success messages for organisation and employee.
[#27488] Fixed 401 not redirecting to login

0.14.1 (2019-02-22)#

Features#

[#27244] Associations no longer have job functions. 'Tilknytningstype' renamed to 'Tilknytningsrolle'.

0.14.0 (2019-01-30)#

Features#

[#25405] Submit button for create new and edit modals for organisation units and employees is no longer disabled if the form is invalid
[#25394] It is now no longer possible to perform edits taking effect before the current date.
[#25100] It is now possible to optionally also terminate associated manager roles when terminating an employee.
[#24702] Allow marking organisational units as related to each other.
[#26368] Add support for using ?validate=0 as a query parameter for disabling certain validations.
[#25409] Added backend support for specifying visibility for phone number address objects.
[#25706] Added more meaningful error message when editing addresses.
[#25406] All text has been moved into a translation file
[#25404] A validation ensures that a person (cpr) cannot be created twice in the database

Chores#

[#25577] Implemented more facets for address types and job functions. Updated handling of facets throughout.
[#26070] Input fields now inherit from a common base.
[#26531] Employee workflow stores are now only loaded when they are needed.
[#26551] Restructured how frontend files are organised.
[#26600] Some styling issues.
[#26604] Menu items and shortcuts can now be added via an internal API.
[#26675] Moved i18n and validation import into seperate files.
[#26658] Added constant names to global store.
[#25053] Addresses are now modeled using organisationfunktion, in order to further streamline and unify the modeling of relations.
[#26686] Added documentation to frontend.

Bug Fixes#

[#25405] Submit button for create new and edit modals for organisation units and employees is no longer disabled if the form is invalid
[#25028] Time machine is working again.
[#25579] Address race condition when quickly switching between units in the tree view at the left.
[#25186] Hidden person input for create employee manager.
[#25690] Ignore spacing in address type input field.
[#26368] Validation no longer prevents adding an association if it duplicates another inactive association.
[#25704] Set max-width on the detail view table columns to ensure consistent alignment.
[#25696] Added remove button for dates.
[#26890] Fixed regression that broke viewing the details of a unit in the termination dialog.
[#26898] Ensure that detail view for organisation mapper shows all related units.
[#26788] Fixed the manager edit popup to submit with a blank employee picker field.
[#26801] Adjust styling of missing address note for associations such that it no longer appears as an error.
[#26787] Added check for org unit valid dates in the datepicker.
[#26874] Added scrollbar overflow-x for table.
[#25697] Added scrollbars to the dropdown menu when choosing Unit in Create Employee
[#24493] Added indication of where a value is missing in Create Unit
[#24492] Name change was not reflected before the page was updated manually
[#24933] Internet Explorer stopped validating input fields. Works again now.

0.13.0 (2018-11-30)#

Features#

[#24880] Switch to a new implementation of the tree view which allows rendering the tree view properly on load, keeps the selection updated when changing units, and eventually enables rendering filtered trees for to make searching easier.
[#24880] Implement LiquorTree in order to underpin the ability to map between Organizational units

Chores#

[#21966] Implemented use of vuex for employee workflows.
[#23779] Added custom UUID url converter, stringifying UUID parameters in order to standardise our use of UUIDs internally.
[#24797] Integration data added to employee and organisational unit.
[#25136] Refactored front end code.
[#24700] Backend ready for the Phonebook

Known bugs#

[#25579] Quickly switching between org units in the tree causes a race condition.
[#25671] Newly created employees can not be found using the search function.

0.12.0 (2018-11-16)#

Features#

[#23928] We now use our Flask SAML SSO <https://github.com/magenta-aps/flask_saml_sso/>_ module for authentication. Session is now shared between OS2MO and LoRa.
[#22382] Manager hierarchy - the service returns all managers in a hierarchical order
[#24077] We now support access addresses in addition to regular addresses from Dansk Adresseregister, with combined autocompletion of the two.

Chores#

[#25193] Improved handling of external configuration files for OS2MO. A warning is no longer triggered on unknown settings.
[#24545] OS2MO 2.0 as an OS2 Level 3 Product
[#24664] Meet the requirements of the standard or explain why you do not https://mora.readthedocs.io/en/master/README.html?highlight=sag#lora-backend-model
[#24656] Documentation of the requirements for operating the solution https://mora.readthedocs.io/en/master/cookbook.html#best-practices-for-implementering
[#24659] Only one version of the core code: https://github.com/OS2mo
[#24662] Best practice for implementing the solution in your organization https://mora.readthedocs.io/en/master/cookbook.html#best-practices-for-implementering
[#24661] Presentation material https://www.magenta.dk/?service=rammearkitektur & https://os2.eu/projekt/os2mo
[#24663] Codestandards https://mora.readthedocs.io/en/master/README.html#kodestandarder
[#24665] Process plan for the implementation of the solution https://mora.readthedocs.io/en/master/cookbook.html#best-practices-for-implementering
[#24655] Open Source license criteria are met https://mora.readthedocs.io/en/master/README.html#licens-og-copyright

Bug Fixes#

[#24738] Removed sorting and icons for some columns.

Known bugs#

[#25405] Validation errors when creating org unit relations outside of the parent org unit range are not properly shown in UI

0.11.1 (2018-11-02)#

Bug Fixes#

[#25028] Timemachine now shows and updates the organisation unit view when changing organisation unit

0.11.0 (2018-10-30)#

Features#

[#24547] Backend support for modifying the name and CPR number of employees.
[#24400] Better documentation of command line interface.
[#24750] Added functionality for listing and retrieving generated export files from external directory.
[#24092] Added functionality for creating managers through the organisation interface in UI, including vacant managers.
[#24131] Added a simple configuration module that makes it possible to hide remove fields and tabs in the UI.
[#23960] A new page in the UI, /forespoergsler, offers CSV exports of certain specific queries.
[#23276] Support for synchronising user names and CPR numbers added to the agent for fetching personal data from Serviceplatformen.
[#24214] Added associations to employees in the MED-organisation in Ballerup Kommune.

Chores#

[#21966] Implemented use of Vuex in frontend.
[#24654] Source code is relocated to the OS2mo organisation <https://github.com/OS2mo>_ on GitHub.
[#24658] Technical implementation available as a sub-page on our ReadTheDocs site <https://mora.readthedocs.io/en/development/dev.html>_.
[#24657] The solution is fully documented on ReadTheDocs <https://mora.readthedocs.io/>_.
[#24660] Communication documents for the business and strategic level created at:
OS2mo’s næste sprint går i retning af OS2-produktet og udvikling af integrationer <https://os2.eu/blog/os2mos-naeste-sprint-gaar-i-retning-af-os2-produktet-og-udvikling-af-integrationer>_
Lokal rammearkitektur og IDM med OS2MO & OS2rollekatalog <https://os2.eu/blog/lokal-rammearkitektur-og-idm-med-os2mo-os2rollekatalog>_.

Bug Fixes#

[#24150] When terminating an employee, mark any manager roles it possesses as vacant rather than terminating them.
[#24069] Handle DAR address errors gracefully, displaying the error message rather than suppressing all addresses.
[#24077] Allow entering DAR access addresses as well as regular adresses in all fields, and allow reading historical addresses.
[#24810] Support for Internet Explorer 11.
[#24570] Sorting now works after performing an update.

0.10.1-post1 (2018-10-12)#

Bug Fixes#

A missing check for Node packages broke the mox <http://github.com/magenta-aps/mox/> test suite.

Known bugs#

[#24134] Sorting doesn't work after performing an update.

0.10.1 (2018-10-08)#

Features#

[#22849] Updated SAML implementation, with support for signed requests, single sign-on and single logout.
[#22381] Replace 'Enhedsnummer' with a description of the location of the organisational unit.
[#23558] Added the possibility to create managers without employees through the ou endpoint, thus allowing for vacant manager positions.
[#24014] Since we now model IT systems using an organisationfunktion, we can now represent the account name.
[#22849] Added handling for user permissions, giving a fitting error if a user attempts an action without the correct permissions.
[#23976] Employees with their associated relations can now be created with one API call. All requests are now validated before being submitted to LoRa, to prevent half-writes.
[#24134] Columns in the UI can now be sorted.
[#24135] Dropdowns are now alphabetically sorted.
[#24068] Clicking the OS2-icon in the top left corner now takes you to the landing page.
[#23793] Support has been added for P-nummer as address type.
[#23781] Managers now have a separate set of address types.

Chores#

[#23559] REST API now uses and enforces ISO 8601 dates in all cases except history display. All from or to dates must either lack a timestamp or correspond to midnight, Central European time.
[#23559] The terminate endpoints for employees as well as units now read the date from the to field rather than from.
[#24198] We now model IT systems using organisationfunktion rather than a direct relation.
[#23558] The employee is now optional on managers.

API Changes#

[#24200] Move all writing and editing APIs from /service/ou and /service/e/ to a shared endpoint /service/details. This primarily means that writing operations no longer require knowledge of the user, allowing e.g. vacant managers.

Bug Fixes#

[#24067] Fixed being able to edit root organisational units
[#23559] Display end dates inclusively, so that the year ends 31 December rather than 1 January.

Known bugs#

[#24134] Sorting doesn't work after performing an update.

0.9.0 (2018-09-07)#

Features#

[#23778] Support for IT-systems on units

Chores#

[#23992] Updated API documentation and README
[#23993] Reorganisation of source code layout
[#23994] Refactoring of frontend code

Bug Fixes#

[#24012] Fixed hotkey support
[#24013] Fixed rename unit dialog not being populated correctly

v17	v18
`AuditLog`	`AUDIT_LOG`
`Bruger`	`PERSON`
`Facet`	`FACET`
`ItSystem`	`IT_SYSTEM`
`Klasse`	`CLASS`
`Organisation`	`ORGANISATION`
`OrganisationEnhed`	`ORGANISATION_UNIT`
`OrganisationFunktion`	`ORGANISATION_FUNCTION`