- Perun now completely supports OAuth2 clients. Anybody can write and host own application and use Perun API on behalf of logged user if he approves it.
- Users can import own publications from Europe PMC, joining users account with OrcID identity is required.
- User now can't submit multiple duplicate registrations. In case of a browser lag, user was able to submit same form multiple times. This is now restricted on server side, to prevent confusion of user when receiving multiple notifications.
- Member_group attributes can be managed from GUI (on member detail - opened from group members tab or on resource detail - members setings sub-tab).
- We added new type of service propagation - DUMMY. From now on, if service is used on facility, but doesn't have destination, it's considered as error and displayed on "Service status" tab. If you wish to have data generated, but not sent (for testing or pulling data by yourself), you can create DUMMY destination for such service. It will switch service status to OK instead of ERROR when done.
- Unused items on registration form as grayed-out on application form settings page.
- forwardedScopedAffiliation and eduPersonScopedAffiliation can be used to fill form items on registration forms in order to get all users affiliations when he is logged-in through proxy IdP.
- Added CLI for changing and resetting user passwords - can be used only, when user does have access using some login/password to perun instance.
- We limited ability to search through all users in Perun instance for non admin and some admin roles.
- When synchronizing members with external source, we can specify, which member attributes shouldn't be overwritten, but rather merged (same user has 2 or more ext sources within single VO).
- API for working with sponsored members was updated.
- Listing and searching through VO/Group members was optimized for large lists.
- We now push schacHomeOrganizations and eduPersonScopedAffiliations attributes to Perun LDAP (containing data consolidated from all user identities).
- Password manager now can support MIT kerberos backend (until now only Heimdal implementation was supported).
- We've added possibility to limit concurrently running group synchronization, default is 10. Reason is to prevent some possible race conditions, until they are resolved correctly, plus ease Perun when instance is heavily synchronized and many groups starts at the same time.