makeplane · torbenraab · Dec 30, 2023 · Jan 4, 2024 · Jan 4, 2024 · Jan 4, 2024
diff --git a/.github/workflows/build-test-pull-request.yml b/.github/workflows/build-test-pull-request.yml
@@ -25,7 +25,7 @@ jobs:
 
       - name: Get changed files
         id: changed-files
-        uses: tj-actions/changed-files@v38
+        uses: tj-actions/changed-files@v41
         with:
           files_yaml: |
             apiserver:

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -2,10 +2,10 @@ name: "CodeQL"
 
 on:
   push:
-    branches: [ 'develop', 'hot-fix', 'stage-release' ]
+    branches: [ 'develop', 'preview', 'master' ]
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: [ 'develop' ]
+    branches: [ 'develop', 'preview', 'master' ]
   schedule:
     - cron: '53 19 * * 5'
 

diff --git a/apiserver/.env.example b/apiserver/.env.example
@@ -39,9 +39,6 @@ OPENAI_API_BASE="https://api.openai.com/v1" # deprecated
 OPENAI_API_KEY="sk-" # deprecated
 GPT_ENGINE="gpt-3.5-turbo" # deprecated
 
-# Github
-GITHUB_CLIENT_SECRET="" # For fetching release notes
-
 # Settings related to Docker
 DOCKERIZED=1 # deprecated
 
@@ -61,6 +58,17 @@ ENABLE_EMAIL_PASSWORD="1"
 # Enable Magic link Login
 ENABLE_MAGIC_LINK_LOGIN="0"
 
+# Enable OpenID Connect Login - You can set the Issuer to get the Enpoints (URLs) automatically or set them manually
+# If you set the Endpoints manually the issuer should be empty to avoid overriding the endpoints
+OIDC_AUTO="0"
+OIDC_CLIENT_ID=""
+OIDC_CLIENT_SECRET=""
+OIDC_DISCOVERY=""
+OIDC_URL_AUTHORIZATION=""
+OIDC_URL_TOKEN=""
+OIDC_URL_USERINFO=""
+OIDC_URL_ENDSESSION=""
+
 # Email redirections and minio domain settings
 WEB_URL="http://localhost"
 

diff --git a/apiserver/plane/api/views/base.py b/apiserver/plane/api/views/base.py
@@ -104,15 +104,14 @@ def handle_exception(self, exc):
                 )
 
             if isinstance(e, ObjectDoesNotExist):
-                model_name = str(exc).split(" matching query does not exist.")[0]
                 return Response(
-                    {"error": f"{model_name} does not exist."},
+                    {"error": f"The required object does not exist."},
                     status=status.HTTP_404_NOT_FOUND,
                 )
 
             if isinstance(e, KeyError):
                 return Response(
-                    {"error": f"key {e} does not exist"},
+                    {"error": f" The required key does not exist."},
                     status=status.HTTP_400_BAD_REQUEST,
                 )
 

diff --git a/apiserver/plane/app/serializers/issue.py b/apiserver/plane/app/serializers/issue.py
@@ -30,6 +30,8 @@
     CommentReaction,
     IssueVote,
     IssueRelation,
+    State,
+    Project,
 )
 
 
@@ -69,19 +71,16 @@ class Meta:
 ##TODO: Find a better way to write this serializer
 ## Find a better approach to save manytomany?
 class IssueCreateSerializer(BaseSerializer):
-    state_detail = StateSerializer(read_only=True, source="state")
-    created_by_detail = UserLiteSerializer(read_only=True, source="created_by")
-    project_detail = ProjectLiteSerializer(read_only=True, source="project")
-    workspace_detail = WorkspaceLiteSerializer(read_only=True, source="workspace")
-
-    assignees = serializers.ListField(
-        child=serializers.PrimaryKeyRelatedField(queryset=User.objects.all()),
+    # ids
+    state_id = serializers.PrimaryKeyRelatedField(source="state", queryset=State.objects.all(), required=False, allow_null=True)
+    parent_id = serializers.PrimaryKeyRelatedField(source='parent', queryset=Issue.objects.all(), required=False, allow_null=True)
+    label_ids = serializers.ListField(
+        child=serializers.PrimaryKeyRelatedField(queryset=Label.objects.all()),
         write_only=True,
         required=False,
     )
-
-    labels = serializers.ListField(
-        child=serializers.PrimaryKeyRelatedField(queryset=Label.objects.all()),
+    assignee_ids = serializers.ListField(
+        child=serializers.PrimaryKeyRelatedField(queryset=User.objects.all()),
         write_only=True,
         required=False,
     )
@@ -100,8 +99,10 @@ class Meta:
 
     def to_representation(self, instance):
         data = super().to_representation(instance)
-        data['assignees'] = [str(assignee.id) for assignee in instance.assignees.all()]
-        data['labels'] = [str(label.id) for label in instance.labels.all()]
+        assignee_ids = self.initial_data.get('assignee_ids')
+        data['assignee_ids'] = assignee_ids if assignee_ids else []
+        label_ids = self.initial_data.get('label_ids')
+        data['label_ids'] = label_ids if label_ids else []
         return data
 
     def validate(self, data):
@@ -114,8 +115,8 @@ def validate(self, data):
         return data
 
     def create(self, validated_data):
-        assignees = validated_data.pop("assignees", None)
-        labels = validated_data.pop("labels", None)
+        assignees = validated_data.pop("assignee_ids", None)
+        labels = validated_data.pop("label_ids", None)
 
         project_id = self.context["project_id"]
         workspace_id = self.context["workspace_id"]
@@ -173,8 +174,8 @@ def create(self, validated_data):
         return issue
 
     def update(self, instance, validated_data):
-        assignees = validated_data.pop("assignees", None)
-        labels = validated_data.pop("labels", None)
+        assignees = validated_data.pop("assignee_ids", None)
+        labels = validated_data.pop("labels_ids", None)
 
         # Related models
         project_id = instance.project_id
@@ -544,7 +545,7 @@ class IssueSerializer(DynamicBaseSerializer):
     attachment_count = serializers.IntegerField(read_only=True)
     link_count = serializers.IntegerField(read_only=True)
 
-    # is
+    # is_subscribed
     is_subscribed = serializers.BooleanField(read_only=True)
 
     class Meta:

diff --git a/apiserver/plane/app/urls/authentication.py b/apiserver/plane/app/urls/authentication.py
@@ -10,6 +10,7 @@
     MagicGenerateEndpoint,
     MagicSignInEndpoint,
     OauthEndpoint,
+    OIDCEndpoint,
     EmailCheckEndpoint,
     ## End Authentication
     # Auth Extended
@@ -27,6 +28,7 @@
     #  Social Auth
     path("email-check/", EmailCheckEndpoint.as_view(), name="email"),
     path("social-auth/", OauthEndpoint.as_view(), name="oauth"),
+    path("oidc-auth/", OIDCEndpoint.as_view(), name="oidc"),
     # Auth
     path("sign-in/", SignInEndpoint.as_view(), name="sign-in"),
     path("sign-out/", SignOutEndpoint.as_view(), name="sign-out"),

diff --git a/apiserver/plane/app/urls/config.py b/apiserver/plane/app/urls/config.py
@@ -1,12 +1,17 @@
 from django.urls import path
 
 
-from plane.app.views import ConfigurationEndpoint
+from plane.app.views import ConfigurationEndpoint, MobileConfigurationEndpoint
 
 urlpatterns = [
     path(
         "configs/",
         ConfigurationEndpoint.as_view(),
         name="configuration",
     ),
+    path(
+        "mobile-configs/",
+        MobileConfigurationEndpoint.as_view(),
+        name="configuration",
+    ),
 ]
diff --git a/apiserver/plane/app/views/__init__.py b/apiserver/plane/app/views/__init__.py
@@ -22,6 +22,8 @@
 
 from .oauth import OauthEndpoint
 
+from .oidc import OIDCEndpoint
+
 from .base import BaseAPIView, BaseViewSet, WebhookMixin
 
 from .workspace import (
@@ -165,7 +167,7 @@
 
 from .exporter import ExportIssuesEndpoint
 
-from .config import ConfigurationEndpoint
+from .config import ConfigurationEndpoint, MobileConfigurationEndpoint
 
 from .webhook import (
     WebhookEndpoint,

diff --git a/apiserver/plane/app/views/base.py b/apiserver/plane/app/views/base.py
@@ -99,6 +99,7 @@ def handle_exception(self, exc):
             response = super().handle_exception(exc)
             return response
         except Exception as e:
+            print(e) if settings.DEBUG else print("Server Error")
             if isinstance(e, IntegrityError):
                 return Response(
                     {"error": "The payload is not valid"},
@@ -112,20 +113,18 @@ def handle_exception(self, exc):
                 )
 
             if isinstance(e, ObjectDoesNotExist):
-                model_name = str(exc).split(" matching query does not exist.")[0]
                 return Response(
-                    {"error": f"{model_name} does not exist."},
+                    {"error": f"The required object does not exist."},
                     status=status.HTTP_404_NOT_FOUND,
                 )
 
             if isinstance(e, KeyError):
                 capture_exception(e)
                 return Response(
-                    {"error": f"key {e} does not exist"},
+                    {"error": f"The required key does not exist."},
                     status=status.HTTP_400_BAD_REQUEST,
                 )
-
-            print(e) if settings.DEBUG else print("Server Error")
+
             capture_exception(e)
             return Response({"error": "Something went wrong please try again later"}, status=status.HTTP_500_INTERNAL_SERVER_ERROR)
 
@@ -216,14 +215,13 @@ def handle_exception(self, exc):
                 )
 
             if isinstance(e, ObjectDoesNotExist):
-                model_name = str(exc).split(" matching query does not exist.")[0]
                 return Response(
-                    {"error": f"{model_name} does not exist."},
+                    {"error": f"The required object does not exist."},
                     status=status.HTTP_404_NOT_FOUND,
                 )
 
             if isinstance(e, KeyError):
-                return Response({"error": f"key {e} does not exist"}, status=status.HTTP_400_BAD_REQUEST)
+                return Response({"error": f"The required key does not exist."}, status=status.HTTP_400_BAD_REQUEST)
 
             if settings.DEBUG:
                 print(e)