For now, the reconciliation requests are imported through CSV in the
Django admin, which sends confirmation email to both addresses. When
both are checked, the actual reconciliation is processed, and all
user-related content is updated.
## Purpose
Fix#1616 // Replaces #1708
For now, the reconciliation requests are imported through CSV in the
Django admin, which sends confirmation email to both addresses. When
both are checked, the actual reconciliation is processed, and all
user-related content is updated.
## Proposal
- [x] New `UserReconciliationCsvImport` model to manage the import of
reconciliation requests through a task
(`user_reconciliation_csv_import_job`)
- [x] New `UserReconciliation` model to store the user reconciliation
requests themselves (a row = a `active_user`/`inactive_user` pair)
- [x] On save, a confirmation email is sent to the users
- [x] A `process_reconciliation` admin action process the action on the
requested entries, if both emails have been checked.
- [x] Bulk update the `DocumentAccess` items, while managing the case
where both users have access to the document (keeping the higher role)
- [x] Bulk update the `LinkTrace` items, while managing the case where
both users have link traces to the document
- [x] Bulk update the `DocumentFavorite` items, while managing the case
where both users have put the document in their favorites
- [x] Bulk update the comment system items (`Thread`, `Comment` and
`Reaction` items)
- [x] Bulk update the `is_active` status on both users
- [x] New `USER_RECONCILIATION_FORM_URL` env variable for the "make a
new request" URL in an email.
- [x] Write unit tests
- [x] Remove the unused `email_user()` method on `User`, replaced with
`send_email()` similar to the one on the `Document` model
## Demo page reconciliation success
<img width="1149" height="746" alt="image"
src="https://github.com/user-attachments/assets/09ba2b38-7af3-41fa-a64f-ce3c4fd8548d"
/>
---------
Co-authored-by: Anthony LC <anthony.le-courric@mail.numerique.gouv.fr>
Added:
- ✨(frontend) integrate configurable Waffle
- ✨ Import of documents
- 🚨(CI) gives warning if theme not updated
- ✨(frontend) Add stat for Crisp
- ✨(auth) add silent login
- 🔧(project) add DJANGO_EMAIL_URL_APP environment variable
Changed:
- ♿(frontend) improve accessibility:
- ♿️(frontend) fix subdoc opening and emoji pick focus
- ✨(backend) add field for button label in email template
Fixed:
- ✅(e2e) fix e2e test for other browsers
- 🐛(export) fix export column NaN
- 🐛(frontend) add fallback for unsupported Blocknote
languages
- 🐛(frontend) fix emojipicker closing in tree
- 🐛(frontend) display children in favorite
- 🐛(frontend) preserve typed text after @ on escape
Removed:
- 🔥(project) remove all code related to template
Security:
- 🔒️(trivy) fix vulnerability about jaraco.context
Not every project requires silent login.
This commit adds a new feature flag
FRONTEND_SILENT_LOGIN_ENABLED to enable or
disable silent login functionality.
Most of Docs app is configured thanks to environment
variables, except the url in the email that
was from the django site table.
Now we can set it with DJANGO_EMAIL_URL_APP
environment variable to have a better consistency.
We keep the previous way to avoid breaking
changes.
Image and document uploaded were limited to 10MB.
For the conversion service, we allow up to 20MB.
For the dev and feature environment, we have to increase this value
accordingly.
Added Helm templates for docspec deployment and service to enable
document specification conversion in the Kubernetes environment.
Updated Tiltfile, compose.yml, and Helm values to
configure docspec integration alongside the
backend converter service for document import functionality.
Integrate Waffle component based on LaGaufreV2
from @gouvfr-lasuite/ui-kit.
Waffle will be fully configurable via the app config,
allowing to be set through environment variables
and api-provided configuration.
Added:
- ✨(backend) add documents/all endpoint with descendants
- ✅(export) add PDF regression tests
- 📝(docs) Add language configuration documentation
- 🔒(helm) Set default security context
- ✨(backend) use langfuse to monitor AI actions
Changed:
- ♿(frontend) improve accessibility:
- ♿(frontend) make html export accessible to screen reader users
- ♿(frontend) add missing label and fix Axes errors to improve a11y
Fixed:
- ✅(backend) reduce flakiness on backend test
- 🐛(frontend) fix clickable main content regression
- 🐛(backend) fix TRASHBIN_CUTOFF_DAYS type error
- 💄(frontend) fix icon position in callout block
Security:
- 🔒️(backend) validate more strictly url used by cors-proxy endpoint
- 🔒️(frontend) fix props vulnerability in Interlinking
In order to be able to deploy this in a restricted k8s cluster, we set
this default security context.
We set it as default because it doesn't change the way the app runs.
So it is better to be more secured by default.
Signed-off-by: Pierre Ozoux Krebber <pierre@ozoux.net>
Added:
- ✨(helm) redirecting system
- 📱(frontend) add comments for smaller device
- ✨(project) add custom js support via config
Changed:
- 🥅(frontend) intercept 401 error on GET threads
- 🦺(frontend) check content type pdf on PdfBlock
- ✈️(frontend) pause Posthog when offline
Fixed:
- 🐛(frontend) fix tables deletion
- 🐛(frontend) fix children not display when first resize
Create a new Helm template for ingress redirects
and update the values.yaml file accordingly.
We will be able to manage ingress redirects
through Helm charts easily.
Added:
- ✨(backend) allow to create a new user in a marketing system
- ✨(backend) add async indexation of documents on save
(or access save)
- ✨(backend) add debounce mechanism to limit indexation jobs
- ✨(api) add API route to search for indexed documents in Find
- 🥅(frontend) add boundary error page
Changed:
- 🛂(backend) stop throttling collaboration servers
- 🚸(backend) use unaccented full name for user search
- 🌐(backend) internationalize demo
- ♿(frontend) improve accessibility:
- ♿️Improve keyboard accessibility for the document tree
Fixed:
- 🐛(frontend) paste content with comments from another document
- 🐛(frontend) Select text + Go back one page crash the app
The given_name and usual_name is not configured in the oidc scopes. When
a user connect to docs with the dev and feature configuration, we don't
have this informations.
Added:
- ✨ Add comments feature to the editor
- ✨(backend) Comments on text editor
- ✨(frontend) link to create new doc
Changed:
- ⚡️(sw) stop to cache external resources likes videos
- 💥(frontend) upgrade to ui-kit v2
- ⚡️(frontend) improve perf on upload and table of contents
- ♿(frontend) improve accessibility:
- ♿(frontend) improve share modal button accessibility
- ♿(frontend) improve screen reader support in DocShare modal
Fixed:
- 🐛(frontend) fix toolbar not activated when reader
- 🐛(frontend) preserve left panel width on window resize
- 🐛(frontend) prevent duplicate as first character in title
Depend the theme, you can have different Docs icons
in the header.
A customization was already possible from the
theme customization file, but now it is as
well possible to override the icon from the theme
itself, making it easier to manage different themes
with different icons.
We change the theme customization variable name
to "icon" instead of "logo", "logo" was already
used for the main logo of the application inside
the theme configuration.
Added:
- ✨(frontend) enable ODT export for documents
- ✨(frontend) improve mobile UX by showing subdocs count
Changed:
- ♻️(frontend) preserve @ character when esc is pressed
after typing it
- ♻️(frontend) make summary button fixed to remain visible
during scroll
- ♻️(frontend) pdf embed use full width
Fixed:
- ♿(frontend) improve accessibility:
- ♿(frontend) improve ARIA in doc grid and editor
for a11y
- ♿(frontend) improve accessibility and styling
of summary table
- ♿(frontend) add focus trap and enter key support
to remove doc modal
- 🐛(docx) fix image overflow by limiting width to
600px during export
- 🐛(frontend) fix fallback translations with Trans
- 🐛(pdf) fix table cell alignment issue in exported
documents
- 🐛(pdf) preserve image aspect ratio in PDF export
Added
- ✨(frontend) create skeleton component for DocEditor
- ✨(frontend) add an EmojiPicker in the document
tree and title
- ✨(frontend) ajustable left panel
Changed:
- ♻️(frontend) adapt custom blocks to new implementation
- ♻️(backend) increase user short_name field length
- 🚸(frontend) separate viewers from editors
Fixed:
- 🐛(frontend) fix duplicate document entries in grid
- 🐛(backend) fix trashbin list
- ♿(frontend) improve accessibility:
- ♿(frontend) remove empty alt on logo due to Axe
a11y error
- 🐛(backend) fix s3 version_id validation
- 🐛(frontend) retry check media status after page reload
- 🐛(frontend) fix Interlinking memory leak
- 🐛(frontend) button new doc UI fix
- 🐛(frontend) interlinking UI fix
Added:
- ✨(frontend) add pdf block to the editor
- ✨List and restore deleted docs
Changed:
- ♻️(frontend) Refactor Auth component for improved redirection logic
- ♻️(frontend) replace Arial font-family with token font
- ♿(frontend) improve accessibility:
- ♿(frontend) enable enter key to open documentss
- ♿(frontend) improve modal a11y: structure, labels, title
- ♿improve NVDA navigation in DocShareModal
- ♿ improve accessibility by adding landmark roles to layout
- ♿ add document visible in list and openable via enter key
- ♿ add pdf outline property to enable bookmarks display
- ♿ hide decorative icons from assistive tech with aria-hidden
- ♿ fix rgaa 1.9.1: convert to figure/figcaption structure
- ♿ remove redundant aria-label to avoid over-accessibility
- ♿ remove redundant aria-label on hidden icons and update tests
- ♿ improve semantic structure and aria roles of leftpanel
- ♿ add default background to left panel for better accessibility
- ♿ restyle checked checkboxes: removing strikethrough
- ♿ add h1 for SR on 40X pages and remove alt texts
- ♿ update labels and shared document icon accessibility
- 🍱(frontend) Fonts GDPR compliants
- ♻️(service-worker) improve SW registration and update handling
Fixed:
- 🐛(backend) duplicate sub docs as root for reader users
- ⚗️(service-worker) remove index from cache first strategy
- 🐛(frontend) fix 404 page when reload 403 page
- 🐛(frontend) fix legacy role computation
- 🛂(frontend) block editing title when not allowed
- 🐛(frontend) scroll back to top when navigate to a document
- 🐛(frontend) fix export pdf emoji problem
- 🐛(frontend) fix attachment download filename
- 🐛(frontend) exclude h4-h6 headings from table of contents
- 🔒(frontend) prevent readers from changing callout emoji
- 🐛(frontend) fix overlapping placeholders in multi-column layout
- 🐛(backend) filter invitation with case insensitive email
- 🐛(frontend) reduce no access image size from 450 to 300
- 🐛(frontend) preserve interlink style on drag-and-drop in editor
- ✨(frontend) load docs logo from public folder via url
- 🔧(keycloak) Fix https required issue in dev mode
To not create a breaking change, the logo in the
theme customization is now optional, meaning that
if no logo is provided, the default logo will be used.
We add some documentation about this feature.
The certifi ca certificate is now stored under a static path
(/cert/cacert.pem) to avoid issues when python is upgraded and the path
to the certificate changes.
Added:
- 👷(CI) add bundle size check job
- ✨(frontend) use title first emoji as doc icon in tree
Changed:
- ♻️(docs-app) Switch from Jest tests to Vitest
- ♿(frontend) improve accessibility:
- 🌐(frontend) set html lang attribute dynamically
- ♿(frontend) inject language attribute to pdf export
- ♿(frontend) improve accessibility of search modal
- ♿(frontend) add correct attributes to decorative and interactive icons
- 🎨(frontend) improve nav structure
- ♿️(frontend) keyboard interaction with menu
- ♿(frontend) improve header accessibility
- ♿(frontend) improve accessibility for decorative images in editor
- ♻️(backend) fallback to email identifier when no name
- 🐛(backend) allow ASCII characters in user sub field
- ⚡️(frontend) improve fallback width calculation
Fixed:
- 🐛(makefile) Windows compatibility fix for Docker volume mounting
- 🐛(minio) fix user permission error with Minio and Windows
- 🐛(frontend) fix export when quote block and inline code
- 🐛(frontend) fix base64 font
- 🐛(backend) allow editor to delete subpages
- 🐛(frontend) fix dnd conflict with tree and Blocknote
- 🐛(frontend) fix display bug on homepage
Added:
- ✨(helm) Service Account support for K8s Resources in Helm Charts
- ✨(backend) allow masking documents from the list view
- ✨(frontend) subdocs can manage link reach
- ✨(frontend) add duplicate action to doc tree
- ✨(frontend) Interlinking doc
- ✨(frontend) add multi columns support for editor
Changed:
- ♻️(frontend) search on all docs if no children
- ♻️(frontend) redirect to doc after duplicate
- 🔧(project) change env.d system by using local files
- ⚡️(frontend) improve tree stability
- ⚡️(frontend) improve accessibility
- 🛂(frontend) block drag n drop when not desktop
Fixed:
- 🐛(service-worker) Fix useOffline Maximum update depth exceeded
- 🐛(frontend) fix empty left panel after deleting root doc
- 🐛(helm) charts generate invalid YAML for collaboration API / WS
- 🐛(frontend) 401 redirection overridden
- 🐛(frontend) include root parent in search
Add support for specifying custom service accounts
in all Kubernetes resources in our Helm charts
to enable workload identity federation with managed
cloud services (PostgreSQL, Redis, etc.).
This allows deployments to authenticate to cloud
resources without embedding credentials in secrets.
Closes#890
Remove the service blocks outside the conditionals in the collaboration
API and WS templates.
Signed-off-by: Richard Jones <rich@linuxplicable.org>
Fixed:
- 🌐(frontend) keep simple tag during export
- 🐛(back) manage can-edit endpoint without created room in the ws
- 🐛(frontend) fix action buttons not clickable
- 🐛(frontend) fix crash share modal on grid options
Added:
- ✨(frontend) multi-pages
- ✨(frontend) Duplicate a doc
- ✨Ask for access
- ✨(frontend) add customization for translations
- ✨(backend) add ancestors links definitions to document abilities
- ✨(backend) include ancestors accesses on document accesses list view
- ✨(backend) add ancestors links reach and role to document API
- 📝(project) add troubleshoot doc
- 📝(project) add system-requirement doc
- 🔧(front) configure x-frame-options to DENY in nginx conf
- ✨(backend) allow to disable checking unsafe mimetype on attachment upload
- ✨(doc) add documentation to install with compose
- ✨ Give priority to users connected to collaboration server
(aka no websocket feature)
Changed:
- ♻️(backend) stop requiring owner for non-root documents
- ♻️(backend) simplify roles by ranking them and return only the max role
- 📌(yjs) stop pinning node to minor version on yjs docker image
- 🧑💻(docker) add .next to .dockerignore
- 🧑💻(docker) handle frontend development images with docker compose
- 🧑💻(docker) add y-provider config to development environment
- ⚡️(frontend) optimize document fetch error handling
Fixed:
- 🐛(backend) fix link definition select options linked to ancestors
- 🐛(frontend) table of content disappearing
- 🐛(frontend) fix multiple EmojiPicker
- 🐛(frontend) fix meta title
- 🔧(git) set LF line endings for all text files
- 📝(docs) minor fixes to docs/env.md
- ✨support `_FILE` environment variables for secrets
Removed:
- 🔥(frontend) remove Beta from logo
We want to configure cronjobs. Instead of declaring them one by one, we
use a CronJobList, the will all have the same pattern, mostly the
command and the schedule will change.
Our Helm chart wasn't suitable for use with Helm alone because jobs
remained after deployment. We chose to configure ttlSecondsAfterFinished
to clean up jobs after a period of time.
To have different footer per instance the
content of the footer is now configurable
from the theme customization file.
See THEME_CUSTOMIZATION_FILE_PATH env var.
Fix certificate directory reference that still pointed to Python 3.12 folder
after upgrading to Python 3.13. Resolves certificate verification errors in
tilt stack caused by incorrect certificate location.
