From d194cc7a5a3daa624989e34e65968d3ba2733337 Mon Sep 17 00:00:00 2001
From: Lauri Ojansivu <x@xet7.org>
Date: Wed, 22 May 2019 20:15:24 +0300
Subject: - [CAS allowed LDAP
 groups](https://github.com/wekan/meteor-accounts-cas/pull/4).

Thanks to ppoulard !

Please test.

Related #2356
---
 packages/meteor-accounts-cas/cas_client.js |  7 ++++++-
 packages/meteor-accounts-cas/cas_server.js | 33 +++++++++++++++++++++++++-----
 2 files changed, 34 insertions(+), 6 deletions(-)

diff --git a/packages/meteor-accounts-cas/cas_client.js b/packages/meteor-accounts-cas/cas_client.js
index bd94be6b..ca9288ae 100644
--- a/packages/meteor-accounts-cas/cas_client.js
+++ b/packages/meteor-accounts-cas/cas_client.js
@@ -81,7 +81,12 @@ Meteor.loginWithCas = function(options, callback) {
             // check auth on server.
             Accounts.callLoginMethod({
                 methodArguments: [{ cas: { credentialToken: credentialToken } }],
-                userCallback: callback
+                userCallback: err => {
+                    // Fix redirect bug after login successfully
+                    if (!err) {
+                        window.location.href = '/';
+                    }
+                }
             });
         }
     }, 100);
diff --git a/packages/meteor-accounts-cas/cas_server.js b/packages/meteor-accounts-cas/cas_server.js
index 15c1b174..2e8edef2 100644
--- a/packages/meteor-accounts-cas/cas_server.js
+++ b/packages/meteor-accounts-cas/cas_server.js
@@ -71,14 +71,37 @@ class CAS {
                 callback({message: 'Empty response.'});
               }
               if (result['cas:serviceResponse']['cas:authenticationSuccess']) {
-                var userData = {
+                const userData = {
                   id: result['cas:serviceResponse']['cas:authenticationSuccess'][0]['cas:user'][0].toLowerCase(),
-                }
+                };
                 const attributes = result['cas:serviceResponse']['cas:authenticationSuccess'][0]['cas:attributes'][0];
-                for (var fieldName in attributes) {
+
+                // Check allowed ldap groups if exist (array only)
+                // example cas settings : "allowedLdapGroups" : ["wekan", "admin"],
+                let findedGroup = false;
+                const allowedLdapGroups = Meteor.settings.cas.allowedLdapGroups || false;
+                for (const fieldName in attributes) {
+                  if (allowedLdapGroups && fieldName === 'cas:memberOf') {
+                    for (const groups in attributes[fieldName]) {
+                      const str = attributes[fieldName][groups];
+                      if (!Array.isArray(allowedLdapGroups)) {
+                        callback({message: 'Settings "allowedLdapGroups" must be an array'});
+                      }
+                      for (const allowedLdapGroup in allowedLdapGroups) {
+                        if (str.search(`cn=${allowedLdapGroups[allowedLdapGroup]}`) >= 0) {
+                          findedGroup = true;
+                        }
+                      }
+                    }
+                  }
                   userData[fieldName] = attributes[fieldName][0];
-                };
-                callback(undefined, true, userData);
+                }
+
+                if (allowedLdapGroups && !findedGroup) {
+                  callback({message: 'Group not finded.'}, false);
+                } else {
+                  callback(undefined, true, userData);
+                }
               } else {
                 callback(undefined, false);
               }
-- 
cgit v1.2.3-1-g7c22


From 634df8f6f26a7a7a2df6f87a705d322d88638425 Mon Sep 17 00:00:00 2001
From: Lauri Ojansivu <x@xet7.org>
Date: Wed, 22 May 2019 21:37:01 +0300
Subject: - Fix: OAuth2 Requested Scopes are wrong / cannot be configured.

Thanks to DominikPf and xet7 !

Closes #2412
---
 Dockerfile                         |  2 ++
 docker-compose.yml                 |  4 ++++
 releases/virtualbox/start-wekan.sh |  4 ++++
 server/authentication.js           |  4 ++--
 snap-src/bin/config                | 10 +++++++++-
 snap-src/bin/wekan-help            | 12 ++++++++++++
 start-wekan.bat                    | 19 +++++++++++++++++++
 start-wekan.sh                     |  4 ++++
 8 files changed, 56 insertions(+), 3 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index bb40bea4..bdd3b4ca 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -40,6 +40,8 @@ ENV BUILD_DEPS="apt-utils bsdtar gnupg gosu wget curl bzip2 build-essential pyth
     OAUTH2_ID_MAP="" \
     OAUTH2_USERNAME_MAP="" \
     OAUTH2_FULLNAME_MAP="" \
+    OAUTH2_ID_TOKEN_WHITELIST_FIELDS=[] \
+    OAUTH2_REQUEST_PERMISSIONS=['openid','profiles','email'] \
     OAUTH2_EMAIL_MAP="" \
     LDAP_ENABLE=false \
     LDAP_PORT=389 \
diff --git a/docker-compose.yml b/docker-compose.yml
index a9886593..aaeb47b0 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -324,6 +324,10 @@ services:
       #- OAUTH2_USERINFO_ENDPOINT=/oauth/userinfo
       # OAuth2 Token Endpoint.
       #- OAUTH2_TOKEN_ENDPOINT=/oauth/token
+      # OAUTH2 ID Token Whitelist Fields.
+      #- OAUTH2_ID_TOKEN_WHITELIST_FIELDS=[]
+      # OAUTH2 Request Permissions.
+      #- OAUTH2_REQUEST_PERMISSIONS=['openid','profile','email']
       # OAuth2 ID Mapping
       #- OAUTH2_ID_MAP=
       # OAuth2 Username Mapping
diff --git a/releases/virtualbox/start-wekan.sh b/releases/virtualbox/start-wekan.sh
index 0a44946a..cb48db37 100755
--- a/releases/virtualbox/start-wekan.sh
+++ b/releases/virtualbox/start-wekan.sh
@@ -81,6 +81,10 @@
         #export OAUTH2_AUTH_ENDPOINT=/oauth2/v2.0/authorize
         #export OAUTH2_USERINFO_ENDPOINT=https://graph.microsoft.com/oidc/userinfo
         #export OAUTH2_TOKEN_ENDPOINT=/oauth2/v2.0/token
+        # OAUTH2 ID Token Whitelist Fields.
+        #export OAUTH2_ID_TOKEN_WHITELIST_FIELDS=[]
+        # OAUTH2 Request Permissions.
+        #export OAUTH2_REQUEST_PERMISSIONS=['openid','profile','email']
         # The claim name you want to map to the unique ID field:
         #export OAUTH2_ID_MAP=email
         # The claim name you want to map to the username field:
diff --git a/server/authentication.js b/server/authentication.js
index 5ca45b68..328b1cb3 100644
--- a/server/authentication.js
+++ b/server/authentication.js
@@ -76,8 +76,8 @@ Meteor.startup(() => {
             authorizationEndpoint: process.env.OAUTH2_AUTH_ENDPOINT,
             userinfoEndpoint: process.env.OAUTH2_USERINFO_ENDPOINT,
             tokenEndpoint: process.env.OAUTH2_TOKEN_ENDPOINT,
-            idTokenWhitelistFields: [],
-            requestPermissions: ['openid'],
+            idTokenWhitelistFields: process.env.OAUTH2_ID_TOKEN_WHITELIST_FIELDS || [],
+            requestPermissions: process.env.OAUTH2_REQUEST_PERMISSIONS || ['openid','profile','email'],
           },
         }
       );
diff --git a/snap-src/bin/config b/snap-src/bin/config
index 1d766257..b950c9e5 100755
--- a/snap-src/bin/config
+++ b/snap-src/bin/config
@@ -3,7 +3,7 @@
 # All supported keys are defined here together with descriptions and default values
 
 # list of supported keys
-keys="DEBUG MONGODB_BIND_UNIX_SOCKET MONGODB_BIND_IP MONGODB_PORT MAIL_URL MAIL_FROM ROOT_URL PORT DISABLE_MONGODB CADDY_ENABLED CADDY_BIND_PORT WITH_API ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURES_BEFORE ACCOUNTS_LOCKOUT_KNOWN_USERS_PERIOD ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURE_WINDOW ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURES_BERORE ACCOUNTS_LOCKOUT_UNKNOWN_USERS_LOCKOUT_PERIOD ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURE_WINDOW EMAIL_NOTIFICATION_TIMEOUT CORS MATOMO_ADDRESS MATOMO_SITE_ID MATOMO_DO_NOT_TRACK MATOMO_WITH_USERNAME BROWSER_POLICY_ENABLED TRUSTED_URL WEBHOOKS_ATTRIBUTES OAUTH2_ENABLED OAUTH2_LOGIN_STYLE OAUTH2_CLIENT_ID OAUTH2_SECRET OAUTH2_SERVER_URL OAUTH2_AUTH_ENDPOINT OAUTH2_USERINFO_ENDPOINT OAUTH2_TOKEN_ENDPOINT OAUTH2_ID_MAP OAUTH2_USERNAME_MAP OAUTH2_FULLNAME_MAP OAUTH2_EMAIL_MAP LDAP_ENABLE LDAP_PORT LDAP_HOST LDAP_BASEDN LDAP_LOGIN_FALLBACK LDAP_RECONNECT LDAP_TIMEOUT LDAP_IDLE_TIMEOUT LDAP_CONNECT_TIMEOUT LDAP_AUTHENTIFICATION LDAP_AUTHENTIFICATION_USERDN LDAP_AUTHENTIFICATION_PASSWORD LDAP_LOG_ENABLED LDAP_BACKGROUND_SYNC LDAP_BACKGROUND_SYNC_INTERVAL LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS LDAP_ENCRYPTION LDAP_CA_CERT LDAP_REJECT_UNAUTHORIZED LDAP_USER_AUTHENTICATION LDAP_USER_SEARCH_FILTER LDAP_USER_SEARCH_SCOPE LDAP_USER_SEARCH_FIELD LDAP_SEARCH_PAGE_SIZE LDAP_SEARCH_SIZE_LIMIT LDAP_GROUP_FILTER_ENABLE LDAP_GROUP_FILTER_OBJECTCLASS LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT LDAP_GROUP_FILTER_GROUP_NAME LDAP_UNIQUE_IDENTIFIER_FIELD LDAP_UTF8_NAMES_SLUGIFY LDAP_USERNAME_FIELD LDAP_FULLNAME_FIELD LDAP_MERGE_EXISTING_USERS LDAP_SYNC_USER_DATA LDAP_SYNC_USER_DATA_FIELDMAP LDAP_SYNC_GROUP_ROLES LDAP_DEFAULT_DOMAIN LDAP_EMAIL_MATCH_ENABLE LDAP_EMAIL_MATCH_REQUIRE LDAP_EMAIL_MATCH_VERIFIED LDAP_EMAIL_FIELD LDAP_SYNC_ADMIN_STATUS LDAP_SYNC_ADMIN_GROUPS HEADER_LOGIN_ID HEADER_LOGIN_FIRSTNAME HEADER_LOGIN_LASTNAME HEADER_LOGIN_EMAIL LOGOUT_WITH_TIMER LOGOUT_IN LOGOUT_ON_HOURS LOGOUT_ON_MINUTES DEFAULT_AUTHENTICATION_METHOD"
+keys="DEBUG MONGODB_BIND_UNIX_SOCKET MONGODB_BIND_IP MONGODB_PORT MAIL_URL MAIL_FROM ROOT_URL PORT DISABLE_MONGODB CADDY_ENABLED CADDY_BIND_PORT WITH_API ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURES_BEFORE ACCOUNTS_LOCKOUT_KNOWN_USERS_PERIOD ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURE_WINDOW ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURES_BERORE ACCOUNTS_LOCKOUT_UNKNOWN_USERS_LOCKOUT_PERIOD ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURE_WINDOW EMAIL_NOTIFICATION_TIMEOUT CORS MATOMO_ADDRESS MATOMO_SITE_ID MATOMO_DO_NOT_TRACK MATOMO_WITH_USERNAME BROWSER_POLICY_ENABLED TRUSTED_URL WEBHOOKS_ATTRIBUTES OAUTH2_ENABLED OAUTH2_LOGIN_STYLE OAUTH2_CLIENT_ID OAUTH2_SECRET OAUTH2_SERVER_URL OAUTH2_AUTH_ENDPOINT OAUTH2_USERINFO_ENDPOINT OAUTH2_TOKEN_ENDPOINT OAUTH2_ID_MAP OAUTH2_USERNAME_MAP OAUTH2_FULLNAME_MAP OAUTH2_ID_TOKEN_WHITELIST_FIELDS OAUTH2_EMAIL_MAP OAUTH2_REQUEST_PERMISSIONS LDAP_ENABLE LDAP_PORT LDAP_HOST LDAP_BASEDN LDAP_LOGIN_FALLBACK LDAP_RECONNECT LDAP_TIMEOUT LDAP_IDLE_TIMEOUT LDAP_CONNECT_TIMEOUT LDAP_AUTHENTIFICATION LDAP_AUTHENTIFICATION_USERDN LDAP_AUTHENTIFICATION_PASSWORD LDAP_LOG_ENABLED LDAP_BACKGROUND_SYNC LDAP_BACKGROUND_SYNC_INTERVAL LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS LDAP_ENCRYPTION LDAP_CA_CERT LDAP_REJECT_UNAUTHORIZED LDAP_USER_AUTHENTICATION LDAP_USER_SEARCH_FILTER LDAP_USER_SEARCH_SCOPE LDAP_USER_SEARCH_FIELD LDAP_SEARCH_PAGE_SIZE LDAP_SEARCH_SIZE_LIMIT LDAP_GROUP_FILTER_ENABLE LDAP_GROUP_FILTER_OBJECTCLASS LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT LDAP_GROUP_FILTER_GROUP_NAME LDAP_UNIQUE_IDENTIFIER_FIELD LDAP_UTF8_NAMES_SLUGIFY LDAP_USERNAME_FIELD LDAP_FULLNAME_FIELD LDAP_MERGE_EXISTING_USERS LDAP_SYNC_USER_DATA LDAP_SYNC_USER_DATA_FIELDMAP LDAP_SYNC_GROUP_ROLES LDAP_DEFAULT_DOMAIN LDAP_EMAIL_MATCH_ENABLE LDAP_EMAIL_MATCH_REQUIRE LDAP_EMAIL_MATCH_VERIFIED LDAP_EMAIL_FIELD LDAP_SYNC_ADMIN_STATUS LDAP_SYNC_ADMIN_GROUPS HEADER_LOGIN_ID HEADER_LOGIN_FIRSTNAME HEADER_LOGIN_LASTNAME HEADER_LOGIN_EMAIL LOGOUT_WITH_TIMER LOGOUT_IN LOGOUT_ON_HOURS LOGOUT_ON_MINUTES DEFAULT_AUTHENTICATION_METHOD"
 
 # default values
 DESCRIPTION_DEBUG="Debug OIDC OAuth2 etc. Example: sudo snap set wekan debug='true'"
@@ -166,6 +166,14 @@ DESCRIPTION_OAUTH2_FULLNAME_MAP="OAuth2 Fullname Mapping. Example: name"
 DEFAULT_OAUTH2_FULLNAME_MAP=""
 KEY_OAUTH2_FULLNAME_MAP="oauth2-fullname-map"
 
+DESCRIPTION_OAUTH2_ID_TOKEN_WHITELIST_FIELDS="OAuth2 ID Token Whitelist Fields. Example: []"
+DEFAULT_OAUTH2_ID_TOKEN_WHITELIST_FIELDS="[]"
+KEY_OAUTH2_ID_TOKEN_WHITELIST_FIELDS="oauth2-id-token-whitelist-fields"
+
+DESCRIPTION_OAUTH2_REQUEST_PERMISSIONS="OAuth2 Request Permissions. Example: ['openid','profile','email']"
+DEFAULT_OAUTH2_REQUEST_PERMISSIONS="['openid','profile','email']"
+KEY_OAUTH2_REQUEST_PERMISSIONS="oauth2-request-permissions"
+
 DESCRIPTION_OAUTH2_EMAIL_MAP="OAuth2 Email Mapping. Example: email"
 DEFAULT_OAUTH2_EMAIL_MAP=""
 KEY_OAUTH2_EMAIL_MAP="oauth2-email-map"
diff --git a/snap-src/bin/wekan-help b/snap-src/bin/wekan-help
index 59917395..56f418ff 100755
--- a/snap-src/bin/wekan-help
+++ b/snap-src/bin/wekan-help
@@ -130,6 +130,18 @@ echo -e "\t$ snap set $SNAP_NAME oauth2-token-endpoint='/oauth/token'"
 echo -e "\t-Disable the OAuth2 Token Endpoint of Wekan:"
 echo -e "\t$ snap set $SNAP_NAME oauth2-token-endpoint=''"
 echo -e "\n"
+echo -e "OAuth2 ID Token Whitelist Fields."
+echo -e "To enable the OAuth2 ID Token Whitelist Fields of Wekan:"
+echo -e "\t$ snap set $SNAP_NAME oauth2-id-token-whitelist-fields='[]'"
+echo -e "\t-Disable the OAuth2 ID Token Whitelist Fields of Wekan:"
+echo -e "\t$ snap set $SNAP_NAME oauth2-id-token-whitelist-fields=''"
+echo -e "\n"
+echo -e "OAuth2 Request Permissions."
+echo -e "To enable the OAuth2 Request Permissions of Wekan:"
+echo -e "\t$ snap set $SNAP_NAME oauth2-request-permissions=\"['openid','profile','email']\""
+echo -e "\t-Disable the OAuth2 Request Permissions of Wekan:"
+echo -e "\t$ snap set $SNAP_NAME oauth2-request-permissions=''"
+echo -e "\n"
 echo -e "OAuth2 ID Mapping."
 echo -e "To enable the OAuth2 ID Mapping of Wekan:"
 echo -e "\t$ snap set $SNAP_NAME oauth2-id-map='username.uid'"
diff --git a/start-wekan.bat b/start-wekan.bat
index 7b204f13..72ab1fea 100755
--- a/start-wekan.bat
+++ b/start-wekan.bat
@@ -91,6 +91,25 @@ REM # OAuth2 Token Endpoint. Example: /oauth/token
 REM # example: OAUTH2_TOKEN_ENDPOINT=/oauth/token
 REM SET OAUTH2_TOKEN_ENDPOINT=
 
+
+REM # OAUTH2 ID Token Whitelist Fields.
+REM SET OAUTH2_ID_TOKEN_WHITELIST_FIELDS=[]
+
+REM # OAUTH2 Request Permissions.
+REM SET OAUTH2_REQUEST_PERMISSIONS=['openid','profile','email']
+
+REM # OAuth2 ID Mapping
+REM SET OAUTH2_ID_MAP=
+
+REM # OAuth2 Username Mapping
+REM SET OAUTH2_USERNAME_MAP=
+
+REM # OAuth2 Fullname Mapping
+REM SET OAUTH2_FULLNAME_MAP=
+
+REM # OAuth2 Email Mapping
+REM SET OAUTH2_EMAIL_MAP=
+
 REM ------------------------------------------------------------
 
 REM # LDAP_ENABLE : Enable or not the connection by the LDAP
diff --git a/start-wekan.sh b/start-wekan.sh
index f94cb66c..25fd9bb1 100755
--- a/start-wekan.sh
+++ b/start-wekan.sh
@@ -141,6 +141,10 @@ function wekan_repo_check(){
       #export OAUTH2_USERINFO_ENDPOINT=/oauth/userinfo
       # OAuth2 Token Endpoint.
       #export OAUTH2_TOKEN_ENDPOINT=/oauth/token
+      # OAUTH2 ID Token Whitelist Fields.
+      #export OAUTH2_ID_TOKEN_WHITELIST_FIELDS=[]
+      # OAUTH2 Request Permissions.
+      #export OAUTH2_REQUEST_PERMISSIONS=['openid','profile','email']
       # OAuth2 ID Mapping
       #export OAUTH2_ID_MAP=
       # OAuth2 Username Mapping
-- 
cgit v1.2.3-1-g7c22


From 8add28d3284b453ba7e2f82817b85d8da1dbb7b2 Mon Sep 17 00:00:00 2001
From: Lauri Ojansivu <x@xet7.org>
Date: Wed, 22 May 2019 21:42:59 +0300
Subject: Update changelog.

---
 CHANGELOG.md | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 56c91e3c..e0f6057a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,18 @@
+# Upcoming Wekan release
+
+This release adds the following new features:
+
+- [CAS allowed LDAP groups](https://github.com/wekan/meteor-accounts-cas/pull/4).
+  Thanks to ppoulard. Please test. Related [#2356](https://github.com/wekan/wekan/issues/2356).
+
+and fixes the following bugs:
+
+- [Fix](https://github.com/wekan/wekan/commit/634df8f6f26a7a7a2df6f87a705d322d88638425):
+  [OAuth2 Requested Scopes are wrong / cannot be configured](https://github.com/wekan/wekan/issues/2412).
+  Thanks to DominikPf and xet7.
+
+Thanks to above GitHub users for their contributions and translators for their translations.
+
 # v2.74 2019-05-14 Wekan release
 
 This release fixes the following bugs:
-- 
cgit v1.2.3-1-g7c22


From 697aaa895dd5756f01f26f16e515b04dcda4ffb3 Mon Sep 17 00:00:00 2001
From: Lauri Ojansivu <x@xet7.org>
Date: Wed, 22 May 2019 21:44:23 +0300
Subject: Update translations.

---
 i18n/uk.i18n.json | 34 +++++++++++++++++-----------------
 1 file changed, 17 insertions(+), 17 deletions(-)

diff --git a/i18n/uk.i18n.json b/i18n/uk.i18n.json
index 5c641f26..f260f5f4 100644
--- a/i18n/uk.i18n.json
+++ b/i18n/uk.i18n.json
@@ -1,6 +1,6 @@
 {
     "accept": "Прийняти",
-    "act-activity-notify": "Сповіщення діяльності",
+    "act-activity-notify": "Сповіщення активності",
     "act-addAttachment": "added attachment __attachment__ to card __card__ at list __list__ at swimlane __swimlane__ at board __board__",
     "act-deleteAttachment": "deleted attachment __attachment__ at card __card__ at list __list__ at swimlane __swimlane__ at board __board__",
     "act-addSubtask": "added subtask __subtask__ to card __card__ at list __list__ at swimlane __swimlane__ at board __board__",
@@ -17,7 +17,7 @@
     "act-completeChecklist": "completed checklist __checklist__ at card __card__ at list __list__ at swimlane __swimlane__ at board __board__",
     "act-uncompleteChecklist": "uncompleted checklist __checklist__ at card __card__ at list __list__ at swimlane __swimlane__ at board __board__",
     "act-addComment": "commented on card __card__: __comment__ at list __list__ at swimlane __swimlane__ at board __board__",
-    "act-createBoard": "Створити Коробко",
+    "act-createBoard": "Дошку __board__створено",
     "act-createSwimlane": "created swimlane __swimlane__ to board __board__",
     "act-createCard": "created card __card__ to list __list__ at swimlane __swimlane__ at board __board__",
     "act-createCustomField": "created custom field __customField__ to card __card__ at list __list__ at swimlane __swimlane__ at board __board__",
@@ -39,26 +39,26 @@
     "act-withBoardTitle": "__board__",
     "act-withCardTitle": "[__board__] __card__",
     "actions": "Дії",
-    "activities": "Діяльність",
-    "activity": "Активність",
-    "activity-added": "додав %s до %s",
+    "activities": "Діяльності",
+    "activity": "Діяльність",
+    "activity-added": "%s додано до %s",
     "activity-archived": "%s перенесено до архіву",
-    "activity-attached": "прикріпив %s до %s",
-    "activity-created": "створив %s",
-    "activity-customfield-created": "створив налаштовуване поле",
-    "activity-excluded": "виключено %s з %s",
-    "activity-imported": "імпортовано %s до %s з %s",
-    "activity-imported-board": "імпортовано %s з %s",
-    "activity-joined": "приєднався %s",
-    "activity-moved": "переміщений %s з %s до %s",
+    "activity-attached": "%s прикріплено до %s",
+    "activity-created": "%sстворено",
+    "activity-customfield-created": "Створено спеціальне поле",
+    "activity-excluded": "%s виключено з %s",
+    "activity-imported": "%s імпортовано до %s з %s",
+    "activity-imported-board": "%s імпортовано з %s",
+    "activity-joined": "%s приєднано",
+    "activity-moved": "%s переміщено з %s до %s",
     "activity-on": "%s",
-    "activity-removed": "видалив %s з %s",
-    "activity-sent": "відправив %s до %s",
+    "activity-removed": "%s видалено з %s",
+    "activity-sent": "%s відправлено до %s",
     "activity-unjoined": "unjoined %s",
-    "activity-subtask-added": "додав підзадачу до %s",
+    "activity-subtask-added": "Додано підзадачу до %s",
     "activity-checked-item": "checked %s in checklist %s of %s",
     "activity-unchecked-item": "unchecked %s in checklist %s of %s",
-    "activity-checklist-added": "додав список до %s",
+    "activity-checklist-added": "Додано контрольний список до %s",
     "activity-checklist-removed": "removed a checklist from %s",
     "activity-checklist-completed": "completed checklist __checklist__ at card __card__ at list __list__ at swimlane __swimlane__ at board __board__",
     "activity-checklist-uncompleted": "uncompleted the checklist %s of %s",
-- 
cgit v1.2.3-1-g7c22


From d83cb75f95e94524e1117111ca0dd063021cf3b8 Mon Sep 17 00:00:00 2001
From: Lauri Ojansivu <x@xet7.org>
Date: Wed, 22 May 2019 21:47:49 +0300
Subject: v2.75

---
 CHANGELOG.md           | 4 ++--
 Stackerfile.yml        | 2 +-
 package.json           | 2 +-
 sandstorm-pkgdef.capnp | 4 ++--
 4 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index e0f6057a..afe82bd9 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,4 +1,4 @@
-# Upcoming Wekan release
+# v2.75 2019-05-22 Wekan release
 
 This release adds the following new features:
 
@@ -9,7 +9,7 @@ and fixes the following bugs:
 
 - [Fix](https://github.com/wekan/wekan/commit/634df8f6f26a7a7a2df6f87a705d322d88638425):
   [OAuth2 Requested Scopes are wrong / cannot be configured](https://github.com/wekan/wekan/issues/2412).
-  Thanks to DominikPf and xet7.
+  Thanks to DominikPf and xet7. Please test.
 
 Thanks to above GitHub users for their contributions and translators for their translations.
 
diff --git a/Stackerfile.yml b/Stackerfile.yml
index 40f01671..52e44f51 100644
--- a/Stackerfile.yml
+++ b/Stackerfile.yml
@@ -1,5 +1,5 @@
 appId: wekan-public/apps/77b94f60-dec9-0136-304e-16ff53095928
-appVersion: "v2.74.0"
+appVersion: "v2.75.0"
 files:
   userUploads:
     - README.md
diff --git a/package.json b/package.json
index fc790af0..c8123b5f 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "wekan",
-  "version": "v2.74.0",
+  "version": "v2.75.0",
   "description": "Open-Source kanban",
   "private": true,
   "scripts": {
diff --git a/sandstorm-pkgdef.capnp b/sandstorm-pkgdef.capnp
index 63c7fec3..db8718c8 100644
--- a/sandstorm-pkgdef.capnp
+++ b/sandstorm-pkgdef.capnp
@@ -22,10 +22,10 @@ const pkgdef :Spk.PackageDefinition = (
     appTitle = (defaultText = "Wekan"),
     # The name of the app as it is displayed to the user.
 
-    appVersion = 276,
+    appVersion = 277,
     # Increment this for every release.
 
-    appMarketingVersion = (defaultText = "2.74.0~2019-05-14"),
+    appMarketingVersion = (defaultText = "2.75.0~2019-05-22"),
     # Human-readable presentation of the app version.
 
     minUpgradableAppVersion = 0,
-- 
cgit v1.2.3-1-g7c22