Alle bestehenden, nicht commiteten Änderungen als Ausgangsbasis für den
vision-2026 Branch übernommen (Veranstaltungsmodul, Serienbrief, etc.).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Neues System zur automatischen Verarbeitung eingehender E-Mails von
Destinatären. IMAP-Polling alle 15 Minuten via Celery Beat, automatische
Zuordnung zu Destinatären anhand der E-Mail-Adresse, Upload von Anhängen
zu Paperless-NGX.
Umfasst:
- DestinataerEmailEingang Model mit Status-Tracking
- Celery Task für IMAP-Polling und Paperless-Integration
- Web-UI (Liste + Detail) mit Such- und Filterfunktion
- Admin-Interface mit Bulk-Actions
- Agent-Dokumentation (SysAdmin, RentmeisterAI)
- Dev-Environment Modernisierung (docker compose v2)
Reviewed by: SysAdmin (STI-15), RentmeisterAI (STI-16)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Add Gramps Web service to both development and production compose files
- Configure Django-Gramps API integration environment variables
- Update production environment template with Gramps configuration
- Enable genealogy features for foundation family tree management
- Gramps Web will be accessible at /ahnenforschung in production
- Add @login_required decorator to home view function
- Ensures all views now require user authentication
- Prevents unauthorized access to homepage and dashboard
- Part of comprehensive authentication security implementation
- Add verwaltungskosten_delete view with confirmation page
- Add delete URL route and template
- Fix template action buttons to use proper URLs for edit/delete
- Include audit logging for deletions
- Add comprehensive delete confirmation with entry details
- Remove non-functional details button from action group
- Replace raw field objects with bound fields in get_permission_groups()
- Bound fields render properly as HTML checkboxes in templates
- Fixes display of Django field object strings instead of actual form inputs
- Rights management system now shows proper checkboxes with permission names
- Add fallback permission object when Permission.DoesNotExist
- Create proper display name from field_name for missing permissions
- Prevents raw Django field objects from being displayed in template
- Add monkey patch to Django LoginView.get_success_url() method
- Force redirect to /paperless/ when next parameter is empty or '/'
- Add comprehensive URL configuration for reverse proxy
- Set proper static/media URLs for subpath deployment
- Add USE_X_FORWARDED_HOST and USE_X_FORWARDED_PORT settings
This should definitively fix the redirect issue by intercepting Django's
internal redirect logic and ensuring users stay within Paperless scope.
- Configure LOGIN_REDIRECT_URL and LOGOUT_REDIRECT_URL to /paperless/
- Set proper cookie paths for session isolation (/paperless/ instead of /)
- Use environment variables for redirect URLs in paperless_custom_settings.py
- Add PAPERLESS_URL and PAPERLESS_FORCE_SCRIPT_NAME to env template
- Ensure FORCE_SCRIPT_NAME respects environment variable
This fixes the issue where logging into Paperless redirects to the root Django
app instead of staying within the Paperless scope. The docker-compose.yml
already has the correct environment variables set.
- Remove dashboard view from urls.py and views.py
- Delete dashboard.html template
- Remove dashboard navigation link from base.html
- Replace all dashboard redirects with home redirects in views.py
- Update all breadcrumb links from 'Dashboard' to 'Home' in templates
- Update German text from 'Dashboard' to 'Startseite' in auth templates
- Update 'Zurück zum Dashboard' links to 'Zurück zur Startseite'
The dashboard was redundant with the home page functionality.
All navigation now directs users to the main home page instead.
System check passes without issues after removal.
- Fixed signals.py which contained two signal handlers creating duplicate transactions
- Removed broken signal handler that created transactions without referenz
- Keep only the proper signal handler with PAY- referenz and duplicate prevention
- This resolves the issue where payments were deducted twice from account balance
- Cleaned up malformed docstring and signal structure in signals.py
The issue was that payments were processed by both:
1. Broken signal handler (empty referenz) - creating first transaction
2. Proper signal handler (PAY- referenz) - creating second transaction
Now only the proper handler runs, preventing double balance deduction.
- Implement automated payment tracking with Django signals
- Fix duplicate transaction creation with unique referenz system
- Add calendar system with CRUD operations and event management
- Reorganize navigation menu (rename sections, move admin functions)
- Replace Geschichte editor with EasyMDE markdown editor
- Add management commands for balance reconciliation
- Create missing transactions for previously paid payments
- Ensure account balances accurately reflect all payment activity
Features added:
- Calendar entries creation and administration via menu
- Payment status tracking with automatic balance updates
- Duplicate prevention for payment transactions
- Markdown editor with live preview for Geschichte pages
- Database reconciliation tools for payment/balance sync
Bug fixes:
- Resolved IntegrityError on payment status changes
- Fixed missing account balance updates for paid payments
- Prevented duplicate balance deductions on re-saves
- Corrected menu structure and admin function placement
🆕 NEW FEATURES:
- Wiki-style Geschichte (History) section with rich text editor
- Image upload support for history pages
- Quill.js rich text editor with formatting options
- Slug-based URLs for SEO-friendly history pages
- Image galleries with descriptions and alt-text support
🔧 MODELS:
- GeschichteSeite: Main history pages with rich content
- GeschichteBild: Image attachments for history pages
- Auto-generated slugs, sorting, publishing controls
📝 TEMPLATES:
- geschichte/liste.html: Card-based overview of all history pages
- geschichte/detail.html: Full page view with image gallery
- geschichte/form.html: Rich text editor for creating/editing pages
- geschichte/bild_form.html: Image upload interface
🎨 UI IMPROVEMENTS:
- Reorganized navigation menu into logical groups:
* Menschen & Finanzen (People & Finance)
* Immobilien & Land (Real Estate & Land)
* Verwaltung (Administration)
* Geschichte (History)
- More compact menu design saving horizontal space
- Better grouping with dropdown headers
🛠️ TECHNICAL:
- Rich text editor with Quill.js integration
- Image upload with validation and optimization
- Permission-based access controls
- Responsive design for all screen sizes
- Proper breadcrumb navigation
- Auto-slug generation from titles
- Changed from disabled DateInput to readonly TextInput for auto-generated payments
- Uses German date format (dd.mm.yyyy) for better user experience
- Added visual styling to indicate readonly state
- Preserves original date value through clean() method
- Set initial value for disabled faellig_am field in auto-generated payments
- Explicitly set widget value attribute to display current date
- Ensures the field shows the correct date even when disabled
- Changed readonly to disabled for faellig_am field in auto-generated payments
- Added clean method to preserve original due date for auto-generated payments
- This prevents validation errors when editing auto-generated quarterly payments
- Added empfaenger_iban, empfaenger_name, verwendungszweck to DestinataerUnterstuetzungForm
- Made faellig_am read-only for automatically generated quarterly payments
- Added proper placeholders for transfer data fields
- Template already supports these fields in Überweisungsdaten section
- Q1: Due December 15 (previous year)
- Q2: Due March 15
- Q3: Due June 15
- Q4: Due September 15
Added new management command fix_quarterly_payment_schedule to update existing payments
Document Submission (twice yearly):
- Q1 & Q2 documents: Due March 15 (Spring semester)
- Q3 & Q4 documents: Due September 15 (Fall semester)
Payment Schedule (quarterly):
- Q1 payments: Due March 15
- Q2 payments: Due June 15
- Q3 payments: Due September 15
- Q4 payments: Due September 15 (aligned with Fall semester docs)
This gives the desired Q4 payment due date of 15.09.2025 while maintaining
quarterly payment frequency and semester-based document submissions.
BREAKING CHANGE: Payment due dates now follow advance payment schedule:
- Q1 payments: Due December 15 of previous year
- Q2 payments: Due March 15 of same year
- Q3 payments: Due June 15 of same year
- Q4 payments: Due September 15 of same year
Changes:
- Updated create_quarterly_support_payment() to use advance schedule
- Enhanced diagnostic commands to check advance payment dates
- Added fix_advance_payment_dates command for comprehensive fixes
- Updated fix_q4_payment_dates to correct Q4 from 31.12 to 15.09
This aligns with semester-based document submissions while maintaining
the advance payment system where payments are made before each quarter.
This migration will automatically run during deployment and update
all existing quarterly confirmation deadlines to the new semester-based system:
- Q1: March 15 (Spring semester primary submission)
- Q2: June 15 (auto-approved when Q1 approved)
- Q3: September 15 (Fall semester primary submission)
- Q4: December 15 (auto-approved when Q3 approved)
No manual intervention required on VPS - GitHub Action will deploy and migrate automatically.
- add update_semester_deadlines: Update quarterly deadlines to semester-based system
- add check_deadlines: Check current deadline status and validation
- includes dry-run mode and year filtering options
- provides clear progress feedback and summaries
Usage on VPS after GitHub Action deployment:
python manage.py check_deadlines
python manage.py update_semester_deadlines --dry-run
python manage.py update_semester_deadlines
- Update quarterly confirmation deadlines to semester-based schedule:
- Q1: March 15 (covers Spring semester Q1+Q2)
- Q2: June 15 (auto-approved when Q1 approved)
- Q3: September 15 (covers Fall semester Q3+Q4)
- Q4: December 15 (auto-approved when Q3 approved)
- Add auto-approval functionality:
- Q1 approval automatically approves Q2 with same document status
- Q3 approval automatically approves Q4 with same document status
- New 'auto_geprueft' status with distinct badge UI
- Maintain quarterly payment cycle while simplifying document submissions
- Remove modal edit functionality, keep full-screen editor only
- Update copilot instructions documentation
Changes align with academic semester system where students submit
documents twice yearly instead of quarterly.
- Add django-otp and qrcode dependencies
- Create comprehensive 2FA views and templates in German
- Add 2FA setup, verification, and management interfaces
- Implement backup token system with 10 recovery codes
- Add TwoFactorMiddleware for session enforcement
- Integrate 2FA controls into user navigation menu
- Support QR code generation for authenticator apps
- Add forms for secure 2FA operations with validation
- Configure OTP settings and admin site integration
Features:
- Optional 2FA (users can enable/disable)
- TOTP compatible with Google Authenticator, Authy, etc.
- Backup codes for emergency access
- German language interface
- Session-based 2FA enforcement
- Password confirmation for sensitive operations
- Production-ready with HTTPS support
🐛 Root Cause Found & Fixed:
- Error occurred when accessing backup_job.created_by where the referenced user was deleted
- Django was trying to fetch a User object that no longer exists
- Changed to use backup_job.created_by_id instead of backup_job.created_by
- This avoids the foreign key lookup that was causing the 'User matching query does not exist' error
✅ Backup cancellation now works even when:
- Original creator user has been deleted from the database
- Foreign key relationship is broken but ID is still stored
The backup job can now be cancelled without triggering user lookup errors.
🐛 Debug Enhancement:
- Added extensive print statements to track execution flow
- Identify exact location where 'User matching query does not exist' occurs
- Added traceback logging for better error diagnosis
- Isolated potential problem areas: user access, model saves, audit logging
This will help pinpoint where the user query error happens during backup cancellation.
🐛 Enhanced Error Handling:
- Fixed 'User matching query does not exist' error in backup_cancel
- Handle case where backup_job.created_by is None (deleted user)
- Added error handling for audit logging to prevent cancellation failure
- Improved permission check to handle null created_by references
✅ Backup Cancellation Robustness:
- Now works even if the user who created the backup was deleted
- Audit logging failure won't prevent successful cancellation
- Better error isolation and reporting
The error occurred because the system tried to compare a null user reference
or failed during audit logging when user records were inconsistent.
🐛 Error Fixed:
- NameError: name 'BackupJob' is not defined in backup_cancel view
- Added missing 'from stiftung.models import BackupJob' import
✅ Backup cancellation now works correctly
- Users can cancel long-running backup jobs without errors
- Added local import following the same pattern as other backup functions
The error occurred when trying to cancel a running backup job due to missing model import.
🎯 Improvements Made:
- Increased pagination from 20 to 50 entries per page
- Added default sorting by last name (nachname) in ascending order
- Added visual sorting indicators with Font Awesome icons (up/down arrows)
- Added results info showing current page range and total count
- Display shows sorting method when active
📊 User Experience:
- List now shows 50 destinataers by default (as requested)
- Always sorted by last name for consistent browsing
- Clear visual feedback for which column is sorted
- Informative pagination showing 'X-Y of Z entries (50 per page)'
✅ Template & View Changes:
- Modified destinataer_list view in views.py
- Enhanced destinataer_list.html template
- Maintained all existing filtering and search functionality
🐛 Error Fixed:
- AttributeError: 'VierteljahresNachweis' object has no attribute 'completion_percentage'
- Line 5347 in destinataer_export view was calling completion_percentage()
- Corrected to call get_completion_percentage() which is the actual method name
✅ Export functionality now works correctly for destinataers with quarterly confirmations
The error occurred when exporting a destinataer that had quarterly tracking data.
All quarterly confirmation completion percentages are now properly exported.
🎯 Key Changes:
- Quarterly tracking now always visible (removed studiennachweis_erforderlich condition)
- Removed automatic support payment creation when 'Unterstützung bestätigt' checkbox is checked
- Support payments now ONLY created through quarterly confirmation approval workflow
- Updated auto-creation logic to create quarterly confirmations for ALL destinataers
- Updated 'no quarterly confirmations' message to be more user-friendly
🚫 Duplicate Prevention:
- No more duplicate destinataer entries in Unterstützungen list
- Single source of truth: quarterly confirmation system controls support payment creation
📋 Template Analysis:
- Reviewed all if/else statements in quarterly tracking section
- Kept all functional logic (status checks, file existence, permissions)
- Removed only the visibility-controlling conditions
✅ Result:
- Quarterly tracking always visible regardless of study proof requirements
- Clean separation between 'Unterstützung bestätigt' checkbox and support payment creation
- Eliminates the duplicate destinataer issue reported by user
Features added:
- ✅ Fixed quarterly confirmation approval system with URL pattern
- ✅ Added re-approval and status reset functionality for quarterly confirmations
- ✅ Synchronized quarterly approval status with support payment system
- ✅ Enhanced Destinataer export with missing fields (anrede, titel, mobil)
- ✅ Added quarterly confirmation data and documents to export system
- ✅ Fixed address field display issues in destinataer template
- ✅ Added quarterly statistics dashboard to support payment lists
- ✅ Implemented duplicate support payment prevention and cleanup
- ✅ Added visual indicators for quarterly-linked support payments
Technical improvements:
- Enhanced create_quarterly_support_payment() with duplicate detection
- Added get_related_support_payment() method to VierteljahresNachweis model
- Improved quarterly confirmation workflow with proper status transitions
- Added computed address property to Destinataer model
- Fixed template field mismatches (anrede, titel, mobil vs strasse, plz, ort)
- Enhanced backup system with operation tracking and cancellation
Workflow enhancements:
- Quarterly confirmations now properly sync with support payments
- Single support payment per destinataer per quarter (no duplicates)
- Approval button works for both eingereicht and geprueft status
- Reset functionality allows workflow restart
- Export includes complete quarterly data with uploaded documents
- Enhanced 'Alle Unterstützungen' view with IBAN and Verwendungszweck columns for better payment tracking
- Updated export functions to handle both legacy 'selected_fields' and new 'fields' parameters
- Added IBAN and Verwendungszweck to default export field selections
- Improved destinataer list UI by adding Status column and removing obsolete study proof field
- Fixed infinite growing animation bug in 'Größen der Grundstücke (Top 30)' chart by replacing Chart.js with CSS-based implementation
- Removed Bootstrap h-100 class conflicts that caused chart resize loops
- Remove complex GHCR image pulling logic that was causing deployment failures
- Always build containers from source code on production server
- Remove unused build job that pushes to container registry
- Use docker-compose up -d --build to ensure latest code is built and deployed
- This ensures all new features like quarterly confirmations are available in production
- Add VierteljahresNachweis model for quarterly document tracking
- Remove studiennachweis_erforderlich field (now always required)
- Fix modal edit view to include studiennachweis section
- Implement automatic DestinataerUnterstuetzung creation when requirements met
- Set payment due dates to exact quarter end dates (Mar 31, Jun 30, Sep 30, Dec 31)
- Add quarterly confirmation CRUD views with modal and full-screen editing
- Update templates with comprehensive quarterly management interface
- Include proper validation, status tracking, and progress indicators
- Created PRODUCTION_ENV_UPDATE.md with step-by-step fix for CookieError
- Provides SSH commands to add missing SESSION_COOKIE_NAME and CSRF_COOKIE_NAME
- Includes verification steps to confirm fix works
- Fixed empty cookie name issue in production by improving fallback logic
- Changed 'Neue Förderung' to 'Neue Unterstützung' in destinataer detail page
- Updated icon from fa-gift to fa-heart for better UX
- Workflow now correctly uses unterstuetzung_create with destinataer pre-population
Resolves CookieError: Illegal key '' in production environment
- Added configurable SESSION_COOKIE_NAME and CSRF_COOKIE_NAME to Django settings
- Main app now uses 'stiftung_sessionid' instead of default 'sessionid'
- Paperless continues using default 'sessionid' for separation
- All configuration centralized in .env files as requested
- Updated both development and production compose configurations
- Added session settings to env templates for easy deployment
This resolves the session conflict where logging into one app would
kick out sessions from the other app. Both applications now maintain
independent login sessions.
- Created custom Dockerfile extending official paperless-ngx image
- Added tesseract-ocr-deu package for German language OCR
- Set PAPERLESS_OCR_LANGUAGE=deu+eng environment variable
- Updated CI/CD pipeline to build and push custom paperless image
- Modified deployment script to pull paperless image from GHCR
- Tested locally: German (deu) language pack now available alongside English
- Updated git pull strategy to use fetch + reset instead of pull to handle divergent branches
- Added docker system prune to clean up build artifacts
- Modified image pulling to separate web services from standard images
- Added --no-build flag to prevent accidental local builds
- Addresses production 502 errors from failed deployments
- Local environment tested and working correctly
- All Destinataer improvements verified locally
- Trigger GitHub Actions to redeploy to production VPS
- Address 502 errors on production server
