v13.0.1

13.0.1 (2022-05-27)

Bug Fixes

• core: fixed typo in unscoped einfra login (9f6bf85)

v13.0.0

13.0.0 (2022-05-27)

Features

• core: module for unscoped login attributes (8d5cf7b)

BREAKING CHANGES

• core: LDAP schema needs to be updated.

v12.0.0

12.0.0 (2022-05-12)

Bug Fixes

• core: add new Service parameter to AuditParser and parseRpcMethods (4258007)
• core: check memberOrganizations attribute for null values (4d9aed6)
• core: don't include attributes from services that don't process expired members if user is assigned as expired member in that resource (7d97b0f)
• core: fix generating group data when members are filtered (c51df93)
• core: manual consent evaluation were not done properly (e1ff1d7)
• core: remove updating service during getData methods (6ec6be6)
• core: renamed attribute module namespace_UIDRanges (0877760)
• core: RPC role added to getConsentHubById policy (a4c5fae)
• core: use sync validation of members when linking VOs (29c82b9)
• gui: add property useExpiredMembers when updating service (5c1614c)
• gui: support CSRF protection in legacy gui apps (adae3dd)
• openapi: URL of searcher methods (7ad44a4)

Features

• cli: Added useExpiredMembers parameter (3253eee)
• core: added check that member is not managed by different vo (24f4cdc)
• core: allow manual consent evaluation for consent hub or service (3932cdd)
• core: changed studentIdentifiers module (c4e4635)
• core: expose API domain hint in CSRF filter (f2b9872)
• core: extend brand config with api domain (8e6a3bc)
• core: Manually run consents in gen scripts (6697e4b)
• core: pwd manager for lsaai (bb7235b)
• core: virtual attribute for checking if member can be altered (31edc8e)
• core: when adding/removing members to/from member vos, accordingly edit the membersOrganizations attribute and add/remove to/from parent vos (223c8db)
• mvn: upgrade to Spring Boot 2.6.7 / Spring 5.3.19 (abb1bdc)

BREAKING CHANGES

• core: new property "api" added to the perun-apps-config.yml
• core: new database version (Service flag for expired members usage added)

v11.1.0

11.1.0 (2022-04-19)

Bug Fixes

• core: updated vsupExchangeMail module to support multiple names (46c0fd7)

Features

• core: create missing members in hierarchical vos and update attribute (141a50a)

v11.0.0

11.0.0 (2022-04-11)

Bug Fixes

• core: add parser methods for consent and consentHub objects (2f98721)
• core: add RPC role to getConsentById policy (c7eee97)
• core: created consents contains only possible attributes (1441358)
• core: fix possible deadlock while evaluating consents (#3549) (6b10149)
• core: fixed authorization in getApplicationsPage() (bd31ed1)
• core: fixed generating userExtsource for elixir module (56375f1)
• core: fixed processing of empty ssh key value (204491d)
• core: fixed scope for lsaai login attribute (9d90459)
• core: fixed ssh keys value normalization in registrar (ec780cb)
• core: no longer get facilities for ConsentHubs twice in certain getter methods for Consents (34b42b9)
• core: return application ID in CantBeApprovedException (240e97a)
• registrar: fixed registration modules for LSAAI hostel (561385c)

Features

• core: add manager classes handling consents logic (3823606)
• core: add method to update consentHub (c628753)
• core: add new class ConsentHub (a56558f)
• core: add/remove facility from consent hub (ea22d09)
• core: Added method changeConsentStatus (aaf8f9e)
• core: Added methods for work with Consent (#3529) (4cbad0c)
• core: changed modules for lsaai and elixir (f1f38c6)
• core: evaluate consents in getData methods (9ede3fd)
• core: extended schema for approved aups (9ae3634)
• core: filter facilities out of Consent/ConsentHub objects (feac1c0)
• core: methods to create/delete/find consentHubs (#3524) (d916d2a)
• core: new class Consent (8a4399f)
• core: restrict adding user-related attributes on consent-requiring instances (c0b50c3)
• core: return also user id in IntegrationManager::getGroupMemberData() (5a5a200)
• core: support user country code in LDAP for c-scale (0677591)
• dispatcher: block propagation of services with no destination (89bd838)
• mvn: update to Spring Boot 2.6.6 (c6b073d)
• openapi: add new manager handling consents logic (0e465c0)
• openapi: add new schema ConsentHub (8ccfaa5)
• openapi: Added method changeConsentStatus (3268495)
• openapi: new class Consent (72d9fc2)

BREAKING CHANGES

• core: methods servicesManager/getHashedHierarchicalData and
  servicesManager/getHashedDataWithGroups are now returning only data
  about users with granted consents and creating consents for the users
  with insufficient consents (if the consent logic is turned on)
• core: on consent-enforcing instances adding new user-related attribute to service assigned to facility with consent-enforcing consentHub throws exception unless service is disabled
• core: DB UPDATE
• core: update DB

v10.1.1

10.1.1 (2022-04-05)

Bug Fixes

• core: fixed scope for lsaai login attribute (128e4f6)

v10.1.0

10.1.0 (2022-04-05)

Features

• core: changed modules for lsaai and elixir (f0250ae)
• core: extended schema for approved aups (1cf6e97)

v10.0.0

10.0.0 (2022-03-28)

Bug Fixes

• core: added debug logs when deleting Tasks (d420e7e)
• core: added missing return in utils manager method (bf6261e)
• core: extended schema for c-scale project (6b09001)
• core: make parameter attrNames of method getAllRichGroupsWithAttributesByName() optional (730c60f)

Features

• core: added memberOrganizations attribute (37a7e92)
• core: allow storing boolean attributes from registrar (def4321)
• core: avoid cyclic memberships (895c71f)
• core: forceConsents flag (fc1b00a)
• core: new class EnrichedVo (31b4242)
• core: remove AllUserExtSourcesDeletedForUser event as it's not being used (a8d86e0)
• core: return also group name and parent group id in IntegrationManager::getGroupMemberData() (17821ca)
• core: store relationship between vos (7e08272)
• mvn: update to Spring Boot 2.6.5 (2d7d273)
• openapi: added method getUserExtSourceByExtLoginAndExtSourceName (0f7b6cf)
• openapi: added methods from Searcher (a73c74f)
• openapi: added methods to OpenApi and VosManager (0417653)
• openapi: added updateUserExtSourceLastAccess (e283ff0)
• openapi: new class EnrichedVo (ec71186)

BREAKING CHANGES

• core: updated db

v9.0.0

9.0.0 (2022-03-14)

Bug Fixes

• core: pass all application's information to richApplication (ffb58b8)
• core: pass attribute to exception in ssh public key (45eee0e)
• core: verify membership status before retrieving admin roles (951a852)
• mfaTokens marked as deleted. (954b9ce)
• openapi: fixed support for getPerunRPCVersion response in Java client for OpenAPI (22c2a1c)
• openapi: verify membership status before retrieving admin roles (c3feacf)
• registrar: add new exception for the application form item (888398a)
• registrar: getApplicationsPage now returns only one application entry even if an application has multiple form data items. (4dbc97a)

Features

• allow to lookup users by IUID and ext source login (dbe9214)
• cli: add reloadAppsConfig to CLI (dd1a017)
• core: add method for retrieving RichMembers for VO without user attributes (fe87bfa)
• core: implement a method for reloading perun-apps-config.yml (cc76482)
• core: kerberosPrincipalsFileSuffix attribute module (47ebd41)
• core: kerberosPrincipalsFileSuffixTest (5ca0c9d)
• core: load membership role to session with authorization refresh (b525197)
• core: push C-SCALE attributes to LDAP (8c76dcf)
• core: solve default and associated roles for attribute rights (9d71412)
• mvn: update to Spring Boot 2.6.4 (76441c9)
• openapi: add 'getRichMembersWithoutUserAttributes' method for retrieving RichMembers for VO without user attributes (e981bcb)
• openapi: include form data with paginated applications (ccdd521)
• registrar: include form data with paginated applications (c5d428b)
• registrar: make searchString in applications page search in application_data table as well (fb8a2d1)

BREAKING CHANGES

• core: multiple methods in FacilitiesManager, GroupsManager, ResourcesManager, UsersManager and VosManager changed to return only admins with VALID status (both Vo and group), authzResolver/getRoles changed similarly to not return roles inherited from a non-valid membership in authorized group

v8.0.0

8.0.0 (2022-02-14)

Bug Fixes

• cli: load access token only in OIDC mode (1e77d84)
• core: modules marked as deprecated (edd5b16)
• core: Vo application notifications are sent only to valid admins (a0fe616)

Features

• cli: support authentication using OIDC (#3466) (fe3be32)
• core: create a new role that interacts with methods in AuditMessagesManagerEntry (d57507d)
• openapi: add get_group_members.py to Python CLI (07ecabf)
• openapi: allow paging for Applications (c017340)
• registrar: allow paging for Applications (be3b269)

BREAKING CHANGES

• core: method authzResolver/getRichAdmins changed to return only admins with VALID status (both Vo and group)