v1.1.14

Highlights

• Approval workflow deadlock fix (app teams): Absences and time-entry corrections now correctly check for an assignable manager instead of treating "has colleagues" as "has manager".
• Routing hardening for /index.php installations: Admin users, admin teams, and settings calls now resolve app URLs consistently, including defensive fallback behavior when OC.generateUrl() is not available in context.
• Frontend request guardrails: Shared AJAX utilities now enforce centralized URL resolution, CSRF token handling, and cross-origin blocking by default.

UX and Accessibility

• Mobile consistency pass (WCAG 2.1 AA focused): Improved iPhone safe-area spacing, touch targets, and section rhythm across user and manager views for clearer mobile operation.

Documentation

• Updated changelogs, README, developer documentation, and user manuals to reflect URL/security guardrails and mobile behavior.

Install

Use the attached arbeitszeitcheck-1.1.14.tar.gz or install from the Nextcloud App Store.

Full changelog: see CHANGELOG.md in the app package.

v1.1.13

Highlights

• Month closure grace period and auto-finalization: Admins can configure a grace period after month end before automatic finalization runs. Pending approvals and open absence workflows still block finalization.
• App-admin allowlist and middleware enforcement: App administration can be restricted to selected Nextcloud admins with consistent 403 handling for authenticated non-app-admin users.
• Release pipeline hardening: Signing now targets the extracted release archive payload, reducing integrity-check drift between development trees and deployed archives.

Documentation

• Deployment guidance now explicitly requires deploying from the signed tarball.
• Added Docker-first security regression test commands for role-gating verification.
• User and developer docs updated for app-admin operations and month-closure behavior.

Install

Use the attached arbeitszeitcheck-1.1.13.tar.gz or install from the Nextcloud App Store.

Full changelog: see CHANGELOG.md in the app package.

v1.1.12

Highlights

• Revision-safe month finalization (optional) — Admin toggle for per-employee calendar-month sealing: canonical JSON snapshot, SHA-256 hash chain, append-only revisions, audit trail, and downloadable PDF summary. Finalized months are read-only via normal app APIs; admins can reopen with a mandatory audited reason.

Documentation

• User manuals (EN/DE), developer documentation, and compliance context updated for month closure (retention, limits: in-app tamper evidence, not QES).
• Follow-up: README development/test instructions, grace-period and auto-finalize behavior in user guides, developer guide corrections (no misleading npm run watch), docs/README index, package.json version aligned with info.xml.

Install

Use the attached arbeitszeitcheck-1.1.12.tar.gz or install from the Nextcloud App Store. For self-hosted installs, prefer deploying from a verified release archive; see release/deploy-from-release.sh in the repository.

Full changelog: see CHANGELOG.md in the app package.

v1.1.11

Highlights

• Added a dedicated manager/admin in-app view for employee absences with secure scope filtering and localized status labels.
• Improved manager/admin UX by restructuring sidebar navigation into clearer grouped sections and reducing top-level clutter.
• Added working time model copy flow with modal UX, safer duplicate handling, and improved localization rendering.

Security and Reliability

• Hardened absence iCal mail behavior with stricter status/date guards, recipient deduplication, and privacy-safe descriptions for substitute/manager recipients.
• Rolled back in-progress direct Nextcloud Calendar write/sync functionality; supported behavior remains optional .ics email attachments (no CalDAV sync).

Documentation

• Updated EN/DE changelogs and user manuals to reflect manager UX changes and final calendar behavior.

v1.1.10

ArbeitszeitCheck v1.1.10

Highlights

• Vacation rollover — service, scheduled job, occ command, database migration and rollover log; see CHANGELOG.md for details.
• Shared UI l10n — common partials for earlier availability of translated strings across views.
• Manager pending approvals — absence cards use server-provided summary.typeLabel so types show in the user’s language (e.g. German Urlaub), not raw codes.

Install

Upload the attached arbeitszeitcheck-1.1.10.tar.gz to your Nextcloud Apps section (manual install) or use the Nextcloud App Store once this version is published there.

Full changelog: see CHANGELOG.md in the app package.

ArbeitszeitCheck v1.1.6

ArbeitszeitCheck 1.1.6 (2026-03-27)

Added

• Development tooling: occ arbeitszeitcheck:generate-test-data CLI for deterministic demo data (time entries, absences, optional violations, demo app team).

Fixed

• Reports UI: Report type cards are no longer incorrectly disabled when a team-related scope is selected.
• Reports (tests): Team report CSV download test uses DataDownloadResponse::render()
• Team reports: Deduplicate user IDs before permission checks and aggregation.
• Absence type badges: Theme-safe contrast for vacation / sick / home office / other.

Changed

• Docker (dev): Example nextcloud image set to nextcloud:33 for local stacks.
• Reports layout: Reverted an overly aggressive full-width parameter form rule.

---

Full changelog: see CHANGELOG.md / CHANGELOG.de.md.

App store upload: use the SHA-256 from release/CHECKSUMS-1.1.6.txt (or verify with sha256sum locally).

GPG signature: not generated in CI here (no secret key). On your machine:

gpg --detach-sign --armor arbeitszeitcheck-1.1.6.tar.gz

Attach arbeitszeitcheck-1.1.6.tar.gz and optionally arbeitszeitcheck-1.1.6.tar.gz.asc to the GitHub release.

ArbeitszeitCheck v1.1.5

Fixed

• Fixed admin settings API URL handling to prevent duplicated paths like index.php/index.php/... on installations where URLs are already pre-generated by Nextcloud.
• Improved frontend AJAX error flow to avoid unhandled Promise rejections in callback-based consumers after expected API failures.

Technical

• Version bumped to 1.1.5 in app metadata.
• App signature and release artifacts regenerated for the new signed package.

Upgrade Notes

• This is a compatibility/stability patch release focused on admin settings save reliability and cleaner client-side error handling.
• No migration steps required for administrators.

1.1.4

1.1.4 – 2026-03-25

Fixed

• Routing/compatibility: Added indexApi() compatibility aliases for legacy endpoints to prevent 500 errors in the Nextcloud log.
• PHP fatal errors: Fixed constructor signature issues in AbsenceService and ComplianceService that could crash the app when loading services or saving settings.
• Reports security hardening: Hardened report preview endpoints with start <= end validation and a maximum date-range limit to reduce DoS risk from untrusted parameters.
• Admin “whole organization” scope: Correctly handle admin organization scope (userId="" = all enabled users) and enforce access checks so preview/download data stays consistent.
• Reports rendering: Improved Preview rendering for absence and compliance reports to match the actual report data structure.

Changed

• Reports UI semantics: Team scope is limited to the team overview/export semantics that the backend actually returns (prevents misleading previews/downloads).
• Organization download guidance: Added explicit UI messaging for organization scope download limitations until organization-wide export endpoints are implemented.

v1.1.3

1.1.3 – 2025-03-14

Behoben

• ArbZG-Compliance: Pausenprüfung korrigiert (9h/45min-Zweig erreichbar; Prüfung ≥9h vor ≥6h)
• Manager-Logik: employeeHasManager() nutzt nun getManagerIdsForEmployee() statt getColleagueIds()
• Berichte: getTeamHoursSummary() berücksichtigt Periodenparameter (Woche/Monat)
• Admin-Benutzer: hasTimeEntriesToday pro Benutzer statt systemweit
• UserSettingsMapper: Falsy-Null/Leerstring-Behandlung in getIntegerSetting, getFloatSetting, getStringSetting
• Routing: exportUsers-Route vor getUser verschoben (Shadowing behoben)
• Version1009-Migration: MySQL-Backticks durch portablen QueryBuilder ersetzt; OCP\DB\Types
• Doppelte Notifier-Registrierung: Aus Application.php boot() entfernt
• API-Sicherheit: Generische Fehlermeldungen statt roher Exceptions (SubstituteController, GdprController)
• PDF-Export: HTTP 422 mit klarer Meldung statt stillem CSV-Fallback
• LIKE-Injection: WorkingTimeModelMapper::searchByName() verwendet escapeLikeParameter()
• XSS: Modal-Titel in components.js escaped; compliance-violations.js innerHTML escaped
• Admin-Einstellungen: CSRF-requesttoken ergänzt
• AbsenceService DI: Konstruktorargument-Reihenfolge (IDBConnection) korrigiert
• Admin-Feiertage und -Einstellungen: englische Quellstrings für l10n
• UserDeletedListener: TeamMemberMapper und TeamManagerMapper per Injection
• XSS: Team-Namen in admin-teams.js bereinigt

Geändert

• CSS: Shadow-Light-Variable, scopierte Resets, Dark-Mode color-mix, semantische Farben, Navigationshöhe/z-index
• Uhr-Buttons: Doppel-Submit-Guard (deaktiviert während API-Aufrufen)
• initTimeline(): Max-Retry (20) gegen Endlosschleife
• Barrierefreiheit: aria-label auf Header-Buttons, Label für Admin-Suche, aria-modal im Willkommens-Dialog, englische l10n-Keys in Navigation
• Dokumentation: Interne Docs entfernt; docs/README ergänzt; Repo-URLs korrigiert
• Manager-Dashboard: l10n von PHP an JS übergeben für Übersetzungen
• Constants.php; benutzerfreundliche Fehlermeldungen

Hinzugefügt

• Version1010-Migration: Zusammengesetzte Indizes auf at_entries, at_violations, at_holidays, at_absences

v1.1.2

Release v1.1.2