- Simplified UI when manually adding users to VOs or Groups. Now we have single search button and table shows all results - users found inside and outside of a VO.
- Users from Charles University can import own publications from OBD to Perun.
- Partial fix for Chrome on Windows using Kerberos authentication. User was requested to enter credentials multiple times, since Chrome doesn't trust whole domain, but most top-level path. User is now requested to enter credentials twice at most.
- Members are no longer validated if membership expiration is set to future and current status is "disabled". Only "expired" members are validated like this.
- Notifications about future account expiration are no longer sent, if user has submitted (pending) membership extension application.
- Perun now completely supports OAuth2 clients. Anybody can write and host own application and use Perun API on behalf of logged user if he approves it.
- Users can import own publications from Europe PMC, joining users account with OrcID identity is required.
- User now can't submit multiple duplicate registrations. In case of a browser lag, user was able to submit same form multiple times. This is now restricted on server side, to prevent confusion of user when receiving multiple notifications.
- Member_group attributes can be managed from GUI (on member detail - opened from group members tab or on resource detail - members setings sub-tab).
- We added new type of service propagation - DUMMY. From now on, if service is used on facility, but doesn't have destination, it's considered as error and displayed on "Service status" tab. If you wish to have data generated, but not sent (for testing or pulling data by yourself), you can create DUMMY destination for such service. It will switch service status to OK instead of ERROR when done.
- Unused items on registration form as grayed-out on application form settings page.
- forwardedScopedAffiliation and eduPersonScopedAffiliation can be used to fill form items on registration forms in order to get all users affiliations when he is logged-in through proxy IdP.
- Added CLI for changing and resetting user passwords - can be used only, when user does have access using some login/password to perun instance.
- We limited ability to search through all users in Perun instance for non admin and some admin roles.
- When synchronizing members with external source, we can specify, which member attributes shouldn't be overwritten, but rather merged (same user has 2 or more ext sources within single VO).
- API for working with sponsored members was updated.
- Listing and searching through VO/Group members was optimized for large lists.
- We now push schacHomeOrganizations and eduPersonScopedAffiliations attributes to Perun LDAP (containing data consolidated from all user identities).
- Password manager now can support MIT kerberos backend (until now only Heimdal implementation was supported).
- We've added possibility to limit concurrently running group synchronization, default is 10. Reason is to prevent some possible race conditions, until they are resolved correctly, plus ease Perun when instance is heavily synchronized and many groups starts at the same time.