Database updated with collaborators

.gitea/workflows/build-containers-on-demand.yml

@@ -60,7 +60,7 @@ jobs:
           chmod +x /usr/local/bin/yq
           yq --version
 
-      - name: Read ${{ matrix.description }} image from deployment (old vs new)
+      - name: Read ${{ matrix.description }} image from deployment 
         id: img
         shell: bash
         run: |

Documentation/diagramm.md

@@ -540,5 +540,5 @@ digraph {
 Bei Fragen oder Problemen mit Diagrammen:
 1. Code auf https://kroki.io/ testen
 2. Syntax-Dokumentation des jeweiligen Diagrammtyps konsultieren
-3. Diagramm-Cache leeren: `python manage.py clear_diagram_cache`
+3. (Nur mit Shell-Zugriff auf Kubernetes-Pod möglich): Diagramm-Cache leeren: `python manage.py clear_diagram_cache`
 4. Bei technischen Problemen: Information Security Management BIT kontaktieren

VorgabenUI/settings.py

@@ -151,6 +151,24 @@ LOGIN_URL = 'login'
 LOGIN_REDIRECT_URL = '/'
 LOGOUT_REDIRECT_URL = 'login'
 
+AUTH_PASSWORD_VALIDATORS = [
+    {
+        "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator",
+    },
+    {
+        "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator",
+        "OPTIONS": {
+            "min_length": 12,
+        },
+    },
+    {
+        "NAME": "django.contrib.auth.password_validation.CommonPasswordValidator",
+    },
+    {
+        "NAME": "django.contrib.auth.password_validation.NumericPasswordValidator",
+    },
+]
+
 #LOGGING = {
 #    "version": 1,
 #    "handlers"  :{

argocd/deployment.yaml

@@ -18,14 +18,14 @@ spec:
         fsGroupChangePolicy: "OnRootMismatch"
       initContainers:
         - name: loader
-          image: git.baumann.gr/adebaumann/vui-data-loader:0.10
+          image: git.baumann.gr/adebaumann/vui-data-loader:0.11
           command: [ "sh","-c","cp -n preload/preload.sqlite3 /data/db.sqlite3; chown -R 999:999 /data; ls -la /data; sleep 10; exit 0" ]
           volumeMounts:
             - name: data
               mountPath: /data
       containers:
         - name: web
-          image: git.baumann.gr/adebaumann/vui:0.968
+          image: git.baumann.gr/adebaumann/vui:0.973
           imagePullPolicy: Always
           ports:
             - containerPort: 8000

dokumente/admin.py

@@ -94,9 +94,17 @@ class EinleitungInline(NestedStackedInline):
 
 class VorgabeForm(forms.ModelForm):
     referenzen = TreeNodeMultipleChoiceField(queryset=Referenz.objects.all(), required=False)
+    
     class Meta:
         model = Vorgabe
         fields = '__all__'
+    
+    def clean_thema(self):
+        """Validate that thema is provided."""
+        thema = self.cleaned_data.get('thema')
+        if not thema:
+            raise forms.ValidationError('Thema ist ein Pflichtfeld. Bitte wählen Sie ein Thema aus.')
+        return thema
 
 class VorgabeInline(SortableInlineAdminMixin, NestedStackedInline):
     model = Vorgabe

dokumente/management/commands/import-document.py

@@ -71,6 +71,7 @@ class Command(BaseCommand):
                 "name": name,
                 "gueltigkeit_von": options["gueltigkeit_von"],
                 "gueltigkeit_bis": options["gueltigkeit_bis"],
+                "aktiv":False,
             },
         )
         if created:
@@ -319,6 +320,7 @@ class Command(BaseCommand):
                     thema=thema,
                     titel=v["titel"],
                     gueltigkeit_von=timezone.now().date(),
+                    order=0,
                 )
 
                 # Stichworte

dokumente/models.py

@@ -61,8 +61,8 @@ class Dokument(models.Model):
         state-change dates from all Vorgaben in this document.
         
         These are dates where Vorgaben become active (gueltigkeit_von) or change state
-        (the day after gueltigkeit_bis). Only includes the day after gueltigkeit_bis 
-        for Vorgaben that have a defined end date (not infinite validity).
+        (the day after gueltigkeit_bis). The very last date in the list is excluded
+        as it has no relevance (nothing changes after it).
         """
         dates_set = set()
         
@@ -77,8 +77,10 @@ class Dokument(models.Model):
             if vorgabe.gueltigkeit_bis:
                 dates_set.add(vorgabe.gueltigkeit_bis + datetime.timedelta(days=1))
         
-        # Return sorted unique dates from oldest to newest
-        return sorted(list(dates_set))
+        # Return sorted unique dates from oldest to newest, excluding the last date
+        # (but only if there are multiple dates; single dates are kept)
+        sorted_dates = sorted(list(dates_set))
+        return sorted_dates[:-1] if len(sorted_dates) > 1 else sorted_dates
 
     class Meta:
         verbose_name_plural="Dokumente"
@@ -167,6 +169,12 @@ class Vorgabe(models.Model):
         """
         from django.core.exceptions import ValidationError
 
+        # Check that thema is provided
+        if not self.thema_id:
+            raise ValidationError({
+                'thema': 'Thema ist ein Pflichtfeld. Bitte wählen Sie ein Thema aus.'
+            })
+
         # Check for conflicts with existing Vorgaben
         conflicts = self.find_conflicts()
         if conflicts:

dokumente/templates/standards/standard_detail.html

@@ -16,9 +16,32 @@
 
   {% if standard.history == True %}
   <div class="alert alert-warning" role="alert">
+    {% if standard.is_future %}
+    <strong>Zukünftige Version vom {{ standard.check_date }}</strong>
+    {% else %}
     <strong>Historische Version vom {{ standard.check_date }}</strong>
+    {% endif %}
   </div>
   {% endif %}
+
+  <!-- History Dates Dropdown -->
+  {% if standard.dates %}
+  <div class="mb-3">
+    <div class="dropdown">
+      <a href="#" class="dropdown-toggle" data-toggle="dropdown" style="text-decoration: none;">
+        📅 Historische Versionen
+      </a>
+      <ul class="dropdown-menu" role="menu">
+        <li><a href="/dokumente/{{ standard.nummer }}/">Aktuelle Version</a></li>
+        <li class="divider"></li>
+        {% for date in standard.dates %}
+        <li><a href="/dokumente/{{ standard.nummer }}/history/{{ date|date:'Y-m-d' }}/">{{ date|date:'d.m.Y' }}</a></li>
+        {% endfor %}
+      </ul>
+    </div>
+  </div>
+  {% endif %}
+
   <!-- Einleitung -->
   {% if standard.einleitung_html %}
   <div class="row mb-4">

dokumente/tests.py

@@ -493,6 +493,38 @@ class ViewsTestCase(TestCase):
         url = reverse('standard_history', kwargs={'nummer': 'R01234'})
         response = self.client.get(url)
         self.assertEqual(response.status_code, 200)
+    
+    def test_standard_history_past_date_shows_historische(self):
+        """Test that past dates show 'Historische Version'"""
+        past_date = (date.today() - timedelta(days=30)).strftime('%Y-%m-%d')
+        url = f'/dokumente/R01234/history/{past_date}/'
+        response = self.client.get(url)
+        self.assertEqual(response.status_code, 200)
+        self.assertContains(response, 'Historische Version vom')
+        self.assertNotContains(response, 'Zukünftige Version vom')
+        # Verify is_future flag is False
+        self.assertFalse(response.context['standard'].is_future)
+    
+    def test_standard_history_future_date_shows_zukuenftige(self):
+        """Test that future dates show 'Zukünftige Version'"""
+        future_date = (date.today() + timedelta(days=30)).strftime('%Y-%m-%d')
+        url = f'/dokumente/R01234/history/{future_date}/'
+        response = self.client.get(url)
+        self.assertEqual(response.status_code, 200)
+        self.assertContains(response, 'Zukünftige Version vom')
+        self.assertNotContains(response, 'Historische Version vom')
+        # Verify is_future flag is True
+        self.assertTrue(response.context['standard'].is_future)
+    
+    def test_standard_detail_current_has_no_version_label(self):
+        """Test that current view (no history) has no version label"""
+        url = reverse('standard_detail', kwargs={'nummer': 'R01234'})
+        response = self.client.get(url)
+        self.assertEqual(response.status_code, 200)
+        self.assertNotContains(response, 'Historische Version vom')
+        self.assertNotContains(response, 'Zukünftige Version vom')
+        # Verify history flag is False
+        self.assertFalse(response.context['standard'].history)
 
 
 class URLPatternsTest(TestCase):
@@ -761,6 +793,134 @@ class VorgabeSanityCheckTest(TestCase):
         self.assertIn("intersecting validity periods", report)
 
 
+class VorgabeThemaValidationTest(TestCase):
+    """Test cases for Vorgabe Thema validation"""
+    
+    def setUp(self):
+        """Set up test data for Thema validation tests"""
+        self.dokumententyp = Dokumententyp.objects.create(
+            name="Standard IT-Sicherheit",
+            verantwortliche_ve="SR-SUR-SEC"
+        )
+        self.dokument = Dokument.objects.create(
+            nummer="R0066",
+            dokumententyp=self.dokumententyp,
+            name="IT Security Standard",
+            aktiv=True
+        )
+        self.thema = Thema.objects.create(name="Organisation")
+    
+    def test_vorgabe_with_thema_passes_validation(self):
+        """Test that Vorgabe with a valid Thema passes clean() validation"""
+        vorgabe = Vorgabe(
+            order=1,
+            nummer=1,
+            dokument=self.dokument,
+            thema=self.thema,
+            titel="Test Vorgabe",
+            gueltigkeit_von=date.today()
+        )
+        # Should not raise any exception
+        try:
+            vorgabe.clean()
+        except Exception as e:
+            self.fail(f"clean() raised {e} unexpectedly!")
+    
+    def test_vorgabe_without_thema_fails_validation(self):
+        """Test that Vorgabe without Thema fails clean() validation"""
+        from django.core.exceptions import ValidationError
+        
+        vorgabe = Vorgabe(
+            order=1,
+            nummer=1,
+            dokument=self.dokument,
+            thema=None,  # No Thema
+            titel="Test Vorgabe",
+            gueltigkeit_von=date.today()
+        )
+        
+        with self.assertRaises(ValidationError) as context:
+            vorgabe.clean()
+        
+        # Check that the error message is about thema
+        self.assertIn('thema', context.exception.message_dict)
+        self.assertIn('Thema ist ein Pflichtfeld', str(context.exception))
+    
+    def test_vorgabe_form_with_thema_is_valid(self):
+        """Test that VorgabeForm with Thema is valid"""
+        from dokumente.admin import VorgabeForm
+        
+        form_data = {
+            'order': 1,
+            'nummer': 1,
+            'dokument': self.dokument.pk,
+            'thema': self.thema.pk,
+            'titel': 'Test Vorgabe',
+            'gueltigkeit_von': date.today(),
+        }
+        form = VorgabeForm(data=form_data)
+        self.assertTrue(form.is_valid(), f"Form errors: {form.errors}")
+    
+    def test_vorgabe_form_without_thema_is_invalid(self):
+        """Test that VorgabeForm without Thema is invalid"""
+        from dokumente.admin import VorgabeForm
+        
+        form_data = {
+            'order': 1,
+            'nummer': 1,
+            'dokument': self.dokument.pk,
+            'thema': '',  # Empty/missing Thema
+            'titel': 'Test Vorgabe',
+            'gueltigkeit_von': date.today(),
+        }
+        form = VorgabeForm(data=form_data)
+        self.assertFalse(form.is_valid())
+        self.assertIn('thema', form.errors)
+    
+    def test_vorgabe_form_thema_error_message_is_german(self):
+        """Test that VorgabeForm shows German error message for missing Thema"""
+        from dokumente.admin import VorgabeForm
+        
+        form_data = {
+            'order': 1,
+            'nummer': 1,
+            'dokument': self.dokument.pk,
+            'thema': '',  # Empty/missing Thema
+            'titel': 'Test Vorgabe',
+            'gueltigkeit_von': date.today(),
+        }
+        form = VorgabeForm(data=form_data)
+        form.is_valid()
+        
+        # Check that the error message is in German
+        thema_errors = form.errors.get('thema', [])
+        error_messages = ' '.join(thema_errors)
+        self.assertTrue(
+            'Pflichtfeld' in error_messages or 'pflichtfeld' in error_messages.lower(),
+            f"Expected German error message about Pflichtfeld, got: {thema_errors}"
+        )
+    
+    def test_vorgabe_model_clean_error_message_is_german(self):
+        """Test that Vorgabe.clean() shows German error message for missing Thema"""
+        from django.core.exceptions import ValidationError
+        
+        vorgabe = Vorgabe(
+            order=1,
+            nummer=1,
+            dokument=self.dokument,
+            thema=None,
+            titel="Test Vorgabe",
+            gueltigkeit_von=date.today()
+        )
+        
+        with self.assertRaises(ValidationError) as context:
+            vorgabe.clean()
+        
+        # Check error message is in German
+        error_str = str(context.exception)
+        self.assertIn('Thema ist ein Pflichtfeld', error_str)
+
+
 class SanityCheckManagementCommandTest(TestCase):
     """Test cases for sanity_check_vorgaben management command"""
     
@@ -1842,10 +2002,9 @@ class DokumentDatesPropertyTest(TestCase):
         )
         
         dates = self.dokument.dates
-        self.assertEqual(len(dates), 2)
+        # gueltigkeit_bis would add 2026-01-02, but that's the last date so it's excluded
+        self.assertEqual(len(dates), 1)
         self.assertEqual(dates[0], date(2025, 1, 1))
-        # gueltigkeit_bis is 2026-01-01, so state change happens on 2026-01-02
-        self.assertEqual(dates[1], date(2026, 1, 2))
     
     def test_dates_property_multiple_vorgaben_different_dates(self):
         """Test dates property with multiple vorgaben with different dates"""
@@ -1870,11 +2029,10 @@ class DokumentDatesPropertyTest(TestCase):
         )
         
         dates = self.dokument.dates
-        # 3 unique dates: 2025-01-01, 2025-07-01 (deduplicated: end of v1+1 == start of v2), 2026-01-02
-        self.assertEqual(len(dates), 3)
+        # Dates: 2025-01-01, 2025-07-01, 2026-01-02 (but last one excluded)
+        self.assertEqual(len(dates), 2)
         self.assertIn(date(2025, 1, 1), dates)  # Start of vorgabe1
         self.assertIn(date(2025, 7, 1), dates)  # End of vorgabe1 + 1 day = Start of vorgabe2 (deduplicated)
-        self.assertIn(date(2026, 1, 2), dates)  # End of vorgabe2 + 1 day
     
     def test_dates_property_ensures_uniqueness(self):
         """Test dates property returns unique dates only"""
@@ -1900,10 +2058,9 @@ class DokumentDatesPropertyTest(TestCase):
         )
         
         dates = self.dokument.dates
-        # Should have only 2 unique dates, not 4
-        self.assertEqual(len(dates), 2)
+        # Both vorgaben have same dates, and the last date (2026-01-02) is excluded
+        self.assertEqual(len(dates), 1)
         self.assertEqual(dates[0], date(2025, 1, 1))
-        self.assertEqual(dates[1], date(2026, 1, 2))  # gueltigkeit_bis + 1 day
     
     def test_dates_property_sorted_chronologically(self):
         """Test dates property returns dates sorted from oldest to newest"""
@@ -1936,10 +2093,10 @@ class DokumentDatesPropertyTest(TestCase):
         )
         
         dates = self.dokument.dates
-        # Should be sorted from oldest to newest
+        # Dates are [2024-01-01, 2025-01-01, 2026-01-01] but the last one is excluded
+        self.assertEqual(len(dates), 2)
         self.assertEqual(dates[0], date(2024, 1, 1))
         self.assertEqual(dates[1], date(2025, 1, 1))
-        self.assertEqual(dates[2], date(2026, 1, 1))
     
     def test_dates_property_ignores_none_dates(self):
         """Test dates property ignores None date values"""
@@ -1964,10 +2121,9 @@ class DokumentDatesPropertyTest(TestCase):
         )
         
         dates = self.dokument.dates
-        # Should only include gueltigkeit_von dates (gueltigkeit_bis is None for vorgabe2)
-        self.assertEqual(len(dates), 2)
-        self.assertIn(date(2025, 1, 1), dates)
-        self.assertIn(date(2026, 1, 1), dates)
+        # Dates are 2025-01-01 and 2026-01-01, but the last date (2026-01-01) is excluded
+        self.assertEqual(len(dates), 1)
+        self.assertEqual(dates[0], date(2025, 1, 1))
     
     def test_dates_property_complex_scenario(self):
         """Test dates property with complex real-world scenario
@@ -2010,12 +2166,13 @@ class DokumentDatesPropertyTest(TestCase):
         )
         
         dates = self.dokument.dates
+        # All dates: 2025-01-01, 2025-06-01, 2026-01-01, 2026-01-02, 2026-02-01
+        # Last date (2026-02-01) is excluded
         expected = [
             date(2025, 1, 1),   # Start of A
             date(2025, 6, 1),   # Start of B
             date(2026, 1, 1),   # End of A + 1 day
-            date(2026, 1, 2),   # End of B + 1 day
-            date(2026, 2, 1)    # Start of C
+            date(2026, 1, 2)    # End of B + 1 day
         ]
         
         self.assertEqual(dates, expected)
@@ -2048,22 +2205,24 @@ class DokumentDatesPropertyTest(TestCase):
         
         # Get dates before adding new vorgabe
         dates_before = self.dokument.dates
-        self.assertEqual(len(dates_before), 2)  # gueltigkeit_von and gueltigkeit_bis+1
+        self.assertEqual(len(dates_before), 1)  # 2025-01-01 (2026-01-02 is last, so excluded)
         
-        # Add new vorgabe (should add a unique date)
+        # Add new vorgabe
         vorgabe2 = Vorgabe.objects.create(
             order=2,
             nummer=2,
             dokument=self.dokument,
             thema=self.thema,
             titel="Test Vorgabe 2",
-            gueltigkeit_von=date(2026, 2, 1)  # Different from existing dates
+            gueltigkeit_von=date(2026, 2, 1)
         )
         
-        # Get dates after - should include new vorgabe's date
+        # Get dates after - new dates are 2025-01-01, 2026-01-02, 2026-02-01
+        # Last date (2026-02-01) is excluded, so we get [2025-01-01, 2026-01-01]
         dates_after = self.dokument.dates
-        self.assertEqual(len(dates_after), 3)
-        self.assertIn(date(2026, 2, 1), dates_after)
+        self.assertEqual(len(dates_after), 2)
+        self.assertEqual(dates_after[0], date(2025, 1, 1))
+        self.assertEqual(dates_after[1], date(2026, 1, 1))
 
 
 class AddVorgabeCommentViewTest(TestCase):

dokumente/views.py

@@ -29,9 +29,11 @@ def standard_detail(request, nummer,check_date=""):
     if check_date:
         check_date = calendar.parseDT(check_date)[0].date()
         standard.history = True
+        standard.is_future = check_date > date.today()
     else:
         check_date = date.today()
         standard.history = False
+        standard.is_future = False
     standard.check_date=check_date
     vorgaben = list(standard.vorgaben.order_by("thema","nummer").select_related("thema","dokument"))  # convert queryset to list so we can attach attributes
 

pages/templates/base.html

@@ -219,7 +219,7 @@
           </p>
         </div>
         <div class="col-sm-6 text-right">
-           <p class="text-muted">Version {{ version|default:"0.968" }}</p>
+           <p class="text-muted">Version {{ version|default:"0.973" }}</p>
          </div>
       </div>
     </div>

requirements.txt

@@ -5,7 +5,7 @@ certifi==2025.8.3
 charset-normalizer==3.4.3
 curtsies==0.4.3
 cwcwidth==0.1.10
-Django==5.2.8
+Django==5.2.9
 django-admin-sortable2==2.2.8
 django-js-asset==3.1.2
 django-mptt==0.17.0
@@ -30,7 +30,7 @@ pyxdg==0.28
 requests==2.32.5
 six==1.17.0
 sqlparse==0.5.3
-urllib3==2.5.0
+urllib3==2.6.0
 wcwidth==0.2.13
 bleach==6.1.0
 coverage==7.6.1