From e809807b6fd16f1eb1c28c7a62d9d7683fa81cc1 Mon Sep 17 00:00:00 2001
From: Mikko Nieminen <mikko.nieminen@bih-charite.de>
Date: Mon, 30 Sep 2024 10:41:49 +0200
Subject: [PATCH 01/14] fix SODAR_API setting requirement in tests (#1495)

---
 CHANGELOG.rst                        | 10 ++++++++++
 config/settings/base.py              |  6 +++---
 docs/source/conf.py                  |  2 +-
 docs/source/major_changes.rst        |  9 +++++++++
 projectroles/tests/test_views_api.py |  8 ++++++--
 5 files changed, 29 insertions(+), 6 deletions(-)

diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index 9424f223..6e4eb85d 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -5,6 +5,16 @@ Changelog for the **SODAR Core** Django app package. Loosely follows the
 `Keep a Changelog <http://keepachangelog.com/en/1.0.0/>`_ guidelines.
 
 
+Unreleased
+==========
+
+Fixed
+-----
+
+- **Projectroles**
+    - Deprecated ``SODAR_API_*`` settings required in tests (#1495)
+
+
 v1.0.2 (2024-09-09)
 ===================
 
diff --git a/config/settings/base.py b/config/settings/base.py
index fb26cf2f..d7eb37e3 100644
--- a/config/settings/base.py
+++ b/config/settings/base.py
@@ -559,9 +559,9 @@ def set_logging(level=None):
 
 # SODAR API settings
 # DEPRECATED: To be removed in SODAR Core v1.1 (see #1401)
-SODAR_API_DEFAULT_VERSION = '0.1'
-SODAR_API_ALLOWED_VERSIONS = [SODAR_API_DEFAULT_VERSION]
-SODAR_API_MEDIA_TYPE = 'application/your.application+json'
+# SODAR_API_DEFAULT_VERSION = '0.1'
+# SODAR_API_ALLOWED_VERSIONS = [SODAR_API_DEFAULT_VERSION]
+# SODAR_API_MEDIA_TYPE = 'application/your.application+json'
 # SODAR API host URL
 SODAR_API_DEFAULT_HOST = env.url(
     'SODAR_API_DEFAULT_HOST', 'http://0.0.0.0:8000'
diff --git a/docs/source/conf.py b/docs/source/conf.py
index 88fae263..c8445fbe 100644
--- a/docs/source/conf.py
+++ b/docs/source/conf.py
@@ -29,7 +29,7 @@
 # The short X.Y version
 version = '1.0'
 # The full version, including alpha/beta/rc tags
-release = '1.0.2'
+release = '1.0.3-WIP'
 
 
 # -- General configuration ---------------------------------------------------
diff --git a/docs/source/major_changes.rst b/docs/source/major_changes.rst
index 8c14a719..5d632771 100644
--- a/docs/source/major_changes.rst
+++ b/docs/source/major_changes.rst
@@ -10,6 +10,15 @@ older SODAR Core version. For a complete list of changes in current and previous
 releases, see the :ref:`full changelog<changelog>`.
 
 
+v1.0.3 (WIP)
+************
+
+Release Highlights
+==================
+
+- Fix requiring deprecated SODAR API settings in tests
+
+
 v1.0.2 (2024-09-09)
 *******************
 
diff --git a/projectroles/tests/test_views_api.py b/projectroles/tests/test_views_api.py
index 99ab2114..6de10970 100644
--- a/projectroles/tests/test_views_api.py
+++ b/projectroles/tests/test_views_api.py
@@ -50,6 +50,10 @@
     REMOTE_SITE_SECRET,
 )
 from projectroles.utils import build_secret
+from projectroles.views_api import (
+    SODAR_API_MEDIA_TYPE,  # TODO: Remove in v1.1 (see #1401)
+    SODAR_API_DEFAULT_VERSION,  # TODO: Remove in v1.1 (see #1401)
+)
 
 
 app_settings = AppSettingAPI()
@@ -129,8 +133,8 @@ class SODARAPIViewTestMixin(SerializedObjectMixin):
     # Default API header parameters are for external SODAR site APIs
     # DEPRECATED: To be removed in SODAR Core v1.1 (see #1401)
     # Instead, provide a media type and version specific to your app
-    media_type = settings.SODAR_API_MEDIA_TYPE
-    api_version = settings.SODAR_API_DEFAULT_VERSION
+    media_type = SODAR_API_MEDIA_TYPE
+    api_version = SODAR_API_DEFAULT_VERSION
 
     # Copied from Knox tests
     @classmethod

From bc219942ec54eec1f660f810a8b1ca8294c3ce95 Mon Sep 17 00:00:00 2001
From: Mikko Nieminen <mikko.nieminen@bih-charite.de>
Date: Thu, 10 Oct 2024 10:10:13 +0200
Subject: [PATCH 02/14] add auth type in userprofile (#1500)

---
 CHANGELOG.rst                                 | 6 ++++++
 docs/source/major_changes.rst                 | 1 +
 userprofile/templates/userprofile/detail.html | 2 ++
 3 files changed, 9 insertions(+)

diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index 6e4eb85d..0e74af84 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -8,6 +8,12 @@ Changelog for the **SODAR Core** Django app package. Loosely follows the
 Unreleased
 ==========
 
+Added
+-----
+
+- **Userprofile**
+    - Authentication type in user details (#1500)
+
 Fixed
 -----
 
diff --git a/docs/source/major_changes.rst b/docs/source/major_changes.rst
index 5d632771..868a7b06 100644
--- a/docs/source/major_changes.rst
+++ b/docs/source/major_changes.rst
@@ -16,6 +16,7 @@ v1.0.3 (WIP)
 Release Highlights
 ==================
 
+- Add auth type in user profile details card
 - Fix requiring deprecated SODAR API settings in tests
 
 
diff --git a/userprofile/templates/userprofile/detail.html b/userprofile/templates/userprofile/detail.html
index 7a7cd70f..dd8f0020 100644
--- a/userprofile/templates/userprofile/detail.html
+++ b/userprofile/templates/userprofile/detail.html
@@ -73,6 +73,8 @@ <h4>
         <dd class="col-md-10"><code>{{ request.user.sodar_uuid }}</code></dd>
         <dt class="col-md-2">Date Joined</dt>
         <dd class="col-md-10">{{ request.user.date_joined | date:'Y-m-d H:i' }}</dd>
+        <dt class="col-md-2">Authentication</dt>
+        <dd class="col-md-10">{{ request.user.get_auth_type }}</dd>
       </dl>
     </div>
   </div>

From 4bce71e511f32c01d854dc103263fe34f8bea6fa Mon Sep 17 00:00:00 2001
From: Mikko Nieminen <mikko.nieminen@bih-charite.de>
Date: Thu, 10 Oct 2024 13:41:24 +0200
Subject: [PATCH 03/14] update default oidc login template (#1503)

---
 CHANGELOG.rst                                        | 6 ++++++
 example_site/templates/include/_login_oidc.html      | 2 +-
 projectroles/templates/projectroles/_login_oidc.html | 2 +-
 3 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index 0e74af84..06eebd92 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -14,6 +14,12 @@ Added
 - **Userprofile**
     - Authentication type in user details (#1500)
 
+Changed
+-------
+
+- **Projectroles**
+    - Update default OIDC login button template (#1503)
+
 Fixed
 -----
 
diff --git a/example_site/templates/include/_login_oidc.html b/example_site/templates/include/_login_oidc.html
index e2bb3b2c..ca8eaec8 100644
--- a/example_site/templates/include/_login_oidc.html
+++ b/example_site/templates/include/_login_oidc.html
@@ -3,5 +3,5 @@
 <a role="button" class="btn btn-md btn-success btn-block"
    id="sodar-login-oidc-link"
    href="{% url 'social:begin' 'oidc' %}?next={{ oidc_redirect_url|default:'/' }}">
-  <i class="iconify" data-icon="mdi:login-variant"></i> OpenID Connect Login
+  <i class="iconify" data-icon="mdi:login-variant"></i> Single Sign-On Login
 </a>
diff --git a/projectroles/templates/projectroles/_login_oidc.html b/projectroles/templates/projectroles/_login_oidc.html
index 2c31f8da..c6e7b19e 100644
--- a/projectroles/templates/projectroles/_login_oidc.html
+++ b/projectroles/templates/projectroles/_login_oidc.html
@@ -9,6 +9,6 @@
   <a role="button" class="btn btn-md btn-info btn-block"
      id="sodar-login-oidc-link"
      href="{% url 'social:begin' 'oidc' %}?next={{ oidc_redirect_url|default:'/' }}">
-    <i class="iconify" data-icon="mdi:login-variant"></i> OpenID Connect Login
+    <i class="iconify" data-icon="mdi:login-variant"></i> Single Sign-On Login
   </a>
 {% endif %}

From f5be1ccb68b8ecaa38e46d84501ca0a58570deda Mon Sep 17 00:00:00 2001
From: Mikko Nieminen <mikko.nieminen@bih-charite.de>
Date: Mon, 21 Oct 2024 12:22:42 +0200
Subject: [PATCH 04/14] add timeline user count stats (#1504), add plugin tests
 (#1506)

---
 CHANGELOG.rst                  |   3 +
 docs/source/major_changes.rst  |   1 +
 timeline/plugins.py            |  44 +++--
 timeline/tests/test_plugins.py | 316 +++++++++++++++++++++++++++++++++
 4 files changed, 347 insertions(+), 17 deletions(-)
 create mode 100644 timeline/tests/test_plugins.py

diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index 06eebd92..617c4104 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -11,6 +11,9 @@ Unreleased
 Added
 -----
 
+- **Timeline**
+    - User count in siteinfo stats (#1504)
+    - Plugin tests (#1506)
 - **Userprofile**
     - Authentication type in user details (#1500)
 
diff --git a/docs/source/major_changes.rst b/docs/source/major_changes.rst
index 868a7b06..97fdbd6e 100644
--- a/docs/source/major_changes.rst
+++ b/docs/source/major_changes.rst
@@ -17,6 +17,7 @@ Release Highlights
 ==================
 
 - Add auth type in user profile details card
+- Add user count in timeline siteinfo statistics
 - Fix requiring deprecated SODAR API settings in tests
 
 
diff --git a/timeline/plugins.py b/timeline/plugins.py
index 643e070c..472e5527 100644
--- a/timeline/plugins.py
+++ b/timeline/plugins.py
@@ -15,6 +15,10 @@
 from timeline.urls import urls_ui_project, urls_ui_site, urls_ui_admin
 
 
+# Local constants
+STATS_DESC_USER_COUNT = 'Amount of users who have initiated events'
+
+
 class ProjectAppPlugin(ProjectAppPluginPoint):
     """Plugin for registering app with Projectroles"""
 
@@ -69,29 +73,35 @@ class ProjectAppPlugin(ProjectAppPluginPoint):
     #: Names of plugin specific Django settings to display in siteinfo
     info_settings = ['TIMELINE_PAGINATION', 'TIMELINE_SEARCH_LIMIT']
 
+    @classmethod
+    def _check_permission(cls, user, event):
+        """Check if user has permission to view event"""
+        if event.project and event.classified:
+            return user.has_perm(
+                'timeline.view_classified_event', event.project
+            )
+        elif event.project:
+            return user.has_perm('timeline.view_timeline', event.project)
+        elif event.classified:
+            return user.has_perm('timeline.view_classified_site_event')
+        return user.has_perm('timeline.view_site_timeline')
+
     def get_statistics(self):
         return {
             'event_count': {
                 'label': 'Events',
                 'value': TimelineEvent.objects.all().count(),
-            }
+            },
+            'user_count': {
+                'label': 'Users',
+                'description': STATS_DESC_USER_COUNT,
+                'value': TimelineEvent.objects.exclude(user__isnull=True)
+                .values('user')
+                .distinct()
+                .count(),
+            },
         }
 
-    def check_permission(self, user, event):
-        """Check if user has permission to view event"""
-        if event.project is not None:
-            if event.classified:
-                return user.has_perm(
-                    'timeline.view_classified_event', event.project
-                )
-            else:
-                return user.has_perm('timeline.view_timeline', event.project)
-        else:
-            if event.classified:
-                return user.has_perm('timeline.view_classified_site_event')
-            else:
-                return user.has_perm('timeline.view_site_timeline')
-
     def search(self, search_terms, user, search_type=None, keywords=None):
         """
         Return app items based on one or more search terms, user, optional type
@@ -107,7 +117,7 @@ def search(self, search_terms, user, search_type=None, keywords=None):
         items = []
         if not search_type or search_type == 'timeline':
             events = list(TimelineEvent.objects.find(search_terms, keywords))
-            items = [e for e in events if self.check_permission(user, e)]
+            items = [e for e in events if self._check_permission(user, e)]
         ret = PluginSearchResult(
             category='all',
             title='Timeline Events',
diff --git a/timeline/tests/test_plugins.py b/timeline/tests/test_plugins.py
new file mode 100644
index 00000000..b606c52f
--- /dev/null
+++ b/timeline/tests/test_plugins.py
@@ -0,0 +1,316 @@
+"""Plugin tests for the timeline app"""
+
+from test_plus.test import TestCase
+
+# Projectroles dependency
+from projectroles.models import SODAR_CONSTANTS
+from projectroles.plugins import (
+    get_backend_api,
+    ProjectAppPluginPoint,
+    BackendPluginPoint,
+    SiteAppPluginPoint,
+    PluginSearchResult,
+)
+from projectroles.tests.test_models import (
+    ProjectMixin,
+    RoleMixin,
+    RoleAssignmentMixin,
+)
+
+from timeline.api import TimelineAPI
+from timeline.plugins import STATS_DESC_USER_COUNT
+
+# from timeline.tests.test_models import TimelineEventMixin
+from timeline.urls import urls_ui_project, urls_ui_site, urls_ui_admin
+
+
+# SODAR constants
+PROJECT_ROLE_OWNER = SODAR_CONSTANTS['PROJECT_ROLE_OWNER']
+PROJECT_ROLE_DELEGATE = SODAR_CONSTANTS['PROJECT_ROLE_DELEGATE']
+PROJECT_ROLE_CONTRIBUTOR = SODAR_CONSTANTS['PROJECT_ROLE_CONTRIBUTOR']
+PROJECT_ROLE_GUEST = SODAR_CONSTANTS['PROJECT_ROLE_GUEST']
+PROJECT_TYPE_CATEGORY = SODAR_CONSTANTS['PROJECT_TYPE_CATEGORY']
+PROJECT_TYPE_PROJECT = SODAR_CONSTANTS['PROJECT_TYPE_PROJECT']
+
+# Local constants
+PROJECT_PLUGIN_NAME = 'timeline'
+PROJECT_PLUGIN_TITLE = 'Timeline'
+BACKEND_PLUGIN_NAME = 'timeline_backend'
+BACKEND_PLUGIN_TITLE = 'Timeline Backend'
+SITE_PLUGIN_NAME = 'timeline_site'
+SITE_PLUGIN_TITLE = 'Site-Wide Events'
+ADMIN_PLUGIN_NAME = 'timeline_site_admin'
+ADMIN_PLUGIN_TITLE = 'All Timeline Events'
+SEARCH_TERMS = ['test']
+SEARCH_RET_CAT = 'all'
+SEARCH_RET_TITLE = 'Timeline Events'
+SEARCH_RET_TYPES = ['timeline']
+
+
+class TimelinePluginTestBase(
+    ProjectMixin,
+    RoleMixin,
+    RoleAssignmentMixin,
+    TestCase,
+):
+    """Base class for timeline plugin tests"""
+
+    def setUp(self):
+        # Init users
+        self.user = self.make_user('superuser')
+        self.user.is_staff = True
+        self.user.is_superuser = True
+        self.user.save()
+        self.user_owner = self.make_user('user_owner')
+        # Init roles
+        self.init_roles()
+        # Init category, project and roles
+        self.category = self.make_project(
+            'TestCategory', PROJECT_TYPE_CATEGORY, None
+        )
+        self.owner_as = self.make_assignment(
+            self.category, self.user_owner, self.role_owner
+        )
+        self.project = self.make_project(
+            'TestProject', PROJECT_TYPE_PROJECT, self.category
+        )
+        self.owner_as = self.make_assignment(
+            self.project, self.user_owner, self.role_owner
+        )
+
+
+class TestProjectAppPlugin(TimelinePluginTestBase):
+    """Tests for timeline ProjectAppPlugin"""
+
+    def setUp(self):
+        super().setUp()
+        self.plugin = ProjectAppPluginPoint.get_plugin(PROJECT_PLUGIN_NAME)
+        self.event_kw = {
+            'project': self.project,
+            'app_name': 'projectroles',
+            'user': self.user,
+            'event_name': 'test_event',
+            'description': 'description',
+        }
+        self.timeline = get_backend_api('timeline_backend')
+
+    def test_plugin_retrieval(self):
+        """Test retrieving ProjectAppPlugin"""
+        self.assertIsNotNone(self.plugin)
+        self.assertEqual(self.plugin.get_model().name, PROJECT_PLUGIN_NAME)
+        self.assertEqual(self.plugin.name, PROJECT_PLUGIN_NAME)
+        self.assertEqual(self.plugin.get_model().title, PROJECT_PLUGIN_TITLE)
+        self.assertEqual(self.plugin.urls, urls_ui_project)
+
+    def test_get_statistics(self):
+        """Test get_statistics() with no events"""
+        expected = {
+            'event_count': {
+                'label': 'Events',
+                'value': 0,
+            },
+            'user_count': {
+                'label': 'Users',
+                'description': STATS_DESC_USER_COUNT,
+                'value': 0,
+            },
+        }
+        self.assertEqual(self.plugin.get_statistics(), expected)
+
+    def test_get_statistics_events(self):
+        """Test get_statistics() with existing events"""
+        self.timeline.add_event(**self.event_kw)
+        self.event_kw['user'] = self.user_owner
+        self.timeline.add_event(**self.event_kw)
+        ret = self.plugin.get_statistics()
+        self.assertEqual(ret['event_count']['value'], 2)
+        self.assertEqual(ret['user_count']['value'], 2)
+
+    def test_get_statistics_same_user(self):
+        """Test get_statistics() with existing events by same user"""
+        self.timeline.add_event(**self.event_kw)
+        self.timeline.add_event(**self.event_kw)
+        ret = self.plugin.get_statistics()
+        self.assertEqual(ret['event_count']['value'], 2)
+        self.assertEqual(ret['user_count']['value'], 1)
+
+    def test_get_statistics_no_user(self):
+        """Test get_statistics() with existing events including no user"""
+        self.timeline.add_event(**self.event_kw)
+        self.event_kw['user'] = None
+        self.timeline.add_event(**self.event_kw)
+        ret = self.plugin.get_statistics()
+        self.assertEqual(ret['event_count']['value'], 2)
+        self.assertEqual(ret['user_count']['value'], 1)
+
+    def test_search(self):
+        """Test search() with no events"""
+        ret = self.plugin.search(SEARCH_TERMS, self.user)
+        self.assertEqual(len(ret), 1)
+        self.assertIsInstance(ret[0], PluginSearchResult)
+        self.assertEqual(ret[0].category, SEARCH_RET_CAT)
+        self.assertEqual(ret[0].title, SEARCH_RET_TITLE)
+        self.assertEqual(ret[0].search_types, SEARCH_RET_TYPES)
+        self.assertEqual(ret[0].items, [])
+
+    def test_search_events(self):
+        """Test search() with events"""
+        event = self.timeline.add_event(**self.event_kw)
+        self.event_kw['user'] = self.user_owner
+        event2 = self.timeline.add_event(**self.event_kw)
+        ret = self.plugin.search(SEARCH_TERMS, self.user)
+        self.assertEqual(len(ret), 1)
+        self.assertIsInstance(ret[0].items, list)
+        self.assertEqual(len(ret[0].items), 2)
+        self.assertEqual(ret[0].items[0], event2)
+        self.assertEqual(ret[0].items[1], event)
+
+    def test_search_invalid_terms(self):
+        """Test search() with invalid terms"""
+        self.timeline.add_event(**self.event_kw)
+        ret = self.plugin.search(['yuyaeQu7ma6aeFi2'], self.user)
+        self.assertEqual(len(ret[0].items), 0)
+
+    def test_search_mixed_terms(self):
+        """Test search() with valid and invalid terms"""
+        self.timeline.add_event(**self.event_kw)
+        ret = self.plugin.search(SEARCH_TERMS + ['yuyaeQu7ma6aeFi2'], self.user)
+        self.assertEqual(len(ret[0].items), 1)
+
+    def test_search_no_perms(self):
+        """Test search() as user with no permissions"""
+        # Create user with no permissions to self.project
+        user_no_perms = self.make_user('user_no_perms')
+        self.timeline.add_event(**self.event_kw)
+        ret = self.plugin.search(SEARCH_TERMS, user_no_perms)
+        self.assertEqual(len(ret[0].items), 0)
+
+    def test_search_mixed_perms(self):
+        """Test search() as user with mixed permissions"""
+        user_new = self.make_user('user_new')
+        project_new = self.make_project(
+            'TestProject2', PROJECT_TYPE_PROJECT, self.category
+        )
+        self.make_assignment(project_new, self.user_owner, self.role_owner)
+        self.make_assignment(project_new, user_new, self.role_contributor)
+        self.timeline.add_event(**self.event_kw)
+        self.event_kw['project'] = project_new
+        project_event_new = self.timeline.add_event(**self.event_kw)
+        ret = self.plugin.search(SEARCH_TERMS, user_new)
+        self.assertEqual(len(ret[0].items), 1)
+        self.assertEqual(ret[0].items[0], project_event_new)
+        ret = self.plugin.search(SEARCH_TERMS, self.user_owner)
+        self.assertEqual(len(ret[0].items), 2)
+
+    def test_search_project_classified_owner(self):
+        """Test search() with classified project event as owner"""
+        self.event_kw['classified'] = True
+        self.timeline.add_event(**self.event_kw)
+        ret = self.plugin.search(SEARCH_TERMS, self.user_owner)
+        self.assertEqual(len(ret[0].items), 1)
+
+    def test_search_project_classified_contributor(self):
+        """Test search() with classified project event as contributor"""
+        user_contrib = self.make_user('user_contrib')
+        self.make_assignment(self.project, user_contrib, self.role_contributor)
+        self.event_kw['classified'] = True
+        self.timeline.add_event(**self.event_kw)
+        ret = self.plugin.search(SEARCH_TERMS, user_contrib)
+        self.assertEqual(len(ret[0].items), 0)
+
+    def test_search_site_superuser(self):
+        """Test search() with site event as superuser"""
+        self.event_kw['project'] = None
+        self.timeline.add_event(**self.event_kw)
+        ret = self.plugin.search(SEARCH_TERMS, self.user)
+        self.assertEqual(len(ret[0].items), 1)
+
+    def test_search_site_regular_user(self):
+        """Test search() with site event as regular user"""
+        self.event_kw['project'] = None
+        self.timeline.add_event(**self.event_kw)
+        ret = self.plugin.search(SEARCH_TERMS, self.user_owner)
+        self.assertEqual(len(ret[0].items), 1)
+
+    def test_search_site_classified_superuser(self):
+        """Test search() with classified site event as superuser"""
+        self.event_kw['project'] = None
+        self.event_kw['classified'] = True
+        self.timeline.add_event(**self.event_kw)
+        ret = self.plugin.search(SEARCH_TERMS, self.user)
+        self.assertEqual(len(ret[0].items), 1)
+
+    def test_search_site_classified_regular_user(self):
+        """Test search() with classified site event as regular user"""
+        self.event_kw['project'] = None
+        self.event_kw['classified'] = True
+        self.timeline.add_event(**self.event_kw)
+        ret = self.plugin.search(SEARCH_TERMS, self.user_owner)
+        self.assertEqual(len(ret[0].items), 0)
+
+    def test_search_type(self):
+        """Test search() with defined search type"""
+        self.timeline.add_event(**self.event_kw)
+        ret = self.plugin.search(
+            SEARCH_TERMS, self.user, search_type='timeline'
+        )
+        self.assertEqual(len(ret[0].items), 1)
+
+    def test_search_type_invalid(self):
+        """Test search() with invalid search type"""
+        self.timeline.add_event(**self.event_kw)
+        ret = self.plugin.search(
+            SEARCH_TERMS, self.user, search_type='raTho0Oo'
+        )
+        self.assertEqual(len(ret[0].items), 0)
+
+
+class TestBackendPlugin(TimelinePluginTestBase):
+    """Tests for timeline BackendPlugin"""
+
+    def setUp(self):
+        super().setUp()
+        self.plugin = BackendPluginPoint.get_plugin(BACKEND_PLUGIN_NAME)
+
+    def test_plugin_retrieval(self):
+        """Test retrieving BackendPlugin"""
+        self.assertIsNotNone(self.plugin)
+        self.assertEqual(self.plugin.get_model().name, BACKEND_PLUGIN_NAME)
+        self.assertEqual(self.plugin.name, BACKEND_PLUGIN_NAME)
+        self.assertEqual(self.plugin.get_model().title, BACKEND_PLUGIN_TITLE)
+
+    def test_get_api(self):
+        """Test get_api()"""
+        self.assertIsInstance(self.plugin.get_api(), TimelineAPI)
+
+
+class TestSiteAppPlugin(TimelinePluginTestBase):
+    """Tests for timeline SiteAppPlugin"""
+
+    def setUp(self):
+        super().setUp()
+        self.plugin = SiteAppPluginPoint.get_plugin(SITE_PLUGIN_NAME)
+
+    def test_plugin_retrieval(self):
+        """Test retrieving SiteAppPlugin"""
+        self.assertIsNotNone(self.plugin)
+        self.assertEqual(self.plugin.get_model().name, SITE_PLUGIN_NAME)
+        self.assertEqual(self.plugin.name, SITE_PLUGIN_NAME)
+        self.assertEqual(self.plugin.get_model().title, SITE_PLUGIN_TITLE)
+        self.assertEqual(self.plugin.urls, urls_ui_site)
+
+
+class TestAdminSiteAppPlugin(TimelinePluginTestBase):
+    """Tests for timeline AdminSiteAppPlugin"""
+
+    def setUp(self):
+        super().setUp()
+        self.plugin = SiteAppPluginPoint.get_plugin(ADMIN_PLUGIN_NAME)
+
+    def test_plugin_retrieval(self):
+        """Test retrieving AdminSiteAppPlugin"""
+        self.assertIsNotNone(self.plugin)
+        self.assertEqual(self.plugin.get_model().name, ADMIN_PLUGIN_NAME)
+        self.assertEqual(self.plugin.name, ADMIN_PLUGIN_NAME)
+        self.assertEqual(self.plugin.get_model().title, ADMIN_PLUGIN_TITLE)
+        self.assertEqual(self.plugin.urls, urls_ui_admin)

From 472277ced846c705504e019f8b212ed5934cecdf Mon Sep 17 00:00:00 2001
From: Mikko Nieminen <mikko.nieminen@bih-charite.de>
Date: Mon, 4 Nov 2024 12:09:19 +0100
Subject: [PATCH 05/14] fix ProjectInviteCreateView redirect in category
 (#1510)

---
 CHANGELOG.rst                    |  1 +
 docs/source/major_changes.rst    |  1 +
 projectroles/tests/test_views.py | 24 ++++++++++++++++++++++--
 projectroles/urls.py             |  6 ++++++
 4 files changed, 30 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index 617c4104..15086a41 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -28,6 +28,7 @@ Fixed
 
 - **Projectroles**
     - Deprecated ``SODAR_API_*`` settings required in tests (#1495)
+    - Add workaround to ``ProjectInviteCreateView`` returning 404 with category and query string (#1510)
 
 
 v1.0.2 (2024-09-09)
diff --git a/docs/source/major_changes.rst b/docs/source/major_changes.rst
index 97fdbd6e..79d57b12 100644
--- a/docs/source/major_changes.rst
+++ b/docs/source/major_changes.rst
@@ -18,6 +18,7 @@ Release Highlights
 
 - Add auth type in user profile details card
 - Add user count in timeline siteinfo statistics
+- Fix invite create view redirect failing in categories
 - Fix requiring deprecated SODAR API settings in tests
 
 
diff --git a/projectroles/tests/test_views.py b/projectroles/tests/test_views.py
index 5a94f0ea..da5d87de 100644
--- a/projectroles/tests/test_views.py
+++ b/projectroles/tests/test_views.py
@@ -4118,8 +4118,8 @@ def test_get(self):
             form.fields['role'].choices,
         )
 
-    def test_get_from_roleassignment(self):
-        """Test GET with forwarded values from RoleAssignment Form"""
+    def test_get_query_string(self):
+        """Test GET with query string from RoleAssignment form"""
         data = {
             'e': 'test@example.com',
             'r': self.role_contributor.pk,
@@ -4140,6 +4140,26 @@ def test_get_from_roleassignment(self):
         )
         self.assertEqual(form.fields['email'].initial, 'test@example.com')
 
+    def test_get_query_string_category(self):
+        """Test GET with query string in category"""
+        category = self.make_project(
+            'TestCategory', PROJECT_TYPE_CATEGORY, None
+        )
+        self.make_assignment(category, self.user, self.role_owner)
+        data = {
+            'e': 'test@example.com',
+            'r': self.role_contributor.pk,
+        }
+        with self.login(self.user):
+            response = self.client.get(
+                reverse(
+                    'projectroles:invite_create',
+                    kwargs={'project': category.sodar_uuid},
+                ),
+                data,
+            )
+        self.assertEqual(response.status_code, 200)
+
     def test_get_not_found(self):
         """Test GET with invalid project UUID"""
         with self.login(self.user):
diff --git a/projectroles/urls.py b/projectroles/urls.py
index 407f109d..18d27dc1 100644
--- a/projectroles/urls.py
+++ b/projectroles/urls.py
@@ -89,6 +89,12 @@
         view=views.ProjectInviteCreateView.as_view(),
         name='invite_create',
     ),
+    # Workaround for issue #1510
+    path(
+        route='invites/create/<uuid:project>?e=<str:email>&r=<int:role>',
+        view=views.ProjectInviteCreateView.as_view(),
+        name='invite_create',
+    ),
     path(
         route='invites/accept/<str:secret>',
         view=views.ProjectInviteAcceptView.as_view(),

From 5865aea7f70ed6894b7c28fc4b28d93fe924e7b7 Mon Sep 17 00:00:00 2001
From: Mikko Nieminen <mikko.nieminen@bih-charite.de>
Date: Tue, 12 Nov 2024 14:31:23 +0100
Subject: [PATCH 06/14] add member list finder role info link (#1511)

---
 CHANGELOG.rst                                          | 2 ++
 docs/source/major_changes.rst                          | 2 ++
 projectroles/templates/projectroles/project_roles.html | 4 ++++
 projectroles/tests/test_views.py                       | 7 +++++++
 projectroles/views.py                                  | 8 ++++++++
 5 files changed, 23 insertions(+)

diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index 15086a41..ae5c8158 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -11,6 +11,8 @@ Unreleased
 Added
 -----
 
+- **Projectroles**
+    - Info link for finder role in ``ProjectRoleView`` (#1511)
 - **Timeline**
     - User count in siteinfo stats (#1504)
     - Plugin tests (#1506)
diff --git a/docs/source/major_changes.rst b/docs/source/major_changes.rst
index 79d57b12..b8023a3d 100644
--- a/docs/source/major_changes.rst
+++ b/docs/source/major_changes.rst
@@ -18,8 +18,10 @@ Release Highlights
 
 - Add auth type in user profile details card
 - Add user count in timeline siteinfo statistics
+- Add finder role info link in member list
 - Fix invite create view redirect failing in categories
 - Fix requiring deprecated SODAR API settings in tests
+- General bug fixes and minor updates
 
 
 v1.0.2 (2024-09-09)
diff --git a/projectroles/templates/projectroles/project_roles.html b/projectroles/templates/projectroles/project_roles.html
index d91d7557..6b824cdc 100644
--- a/projectroles/templates/projectroles/project_roles.html
+++ b/projectroles/templates/projectroles/project_roles.html
@@ -32,6 +32,7 @@
 {% block projectroles_extend %}
 
 {% get_role_perms project request.user as role_perms %}
+{% get_info_link finder_info as finder_info_link %}
 
 <div class="row sodar-subtitle-container bg-white sticky-top">
   <h3>
@@ -87,6 +88,9 @@ <h3>
                 {% else %}
                   <i class="iconify" data-icon="{% get_role_icon role_as.role %}"></i>
                   {{ role_display }}
+                  {% if role_as.role.name == 'project finder' %}
+                    {{ finder_info_link | safe }}
+                  {% endif %}
                 {% endif %}
               </td>
               <td>
diff --git a/projectroles/tests/test_views.py b/projectroles/tests/test_views.py
index da5d87de..24b677ad 100644
--- a/projectroles/tests/test_views.py
+++ b/projectroles/tests/test_views.py
@@ -71,6 +71,7 @@
     FORM_INVALID_MSG,
     PROJECT_WELCOME_MSG,
     USER_PROFILE_LDAP_MSG,
+    ROLE_FINDER_INFO,
     INVITE_LDAP_LOCAL_VIEW_MSG,
     INVITE_LOCAL_NOT_ALLOWED_MSG,
     INVITE_LOGGED_IN_ACCEPT_MSG,
@@ -2617,6 +2618,12 @@ def test_get(self):
             [model_to_dict(m) for m in response.context['roles']], expected
         )
         self.assertNotIn('remote_role_url', response.context)
+        self.assertEqual(
+            response.context['finder_info'],
+            ROLE_FINDER_INFO.format(
+                categories='categories', projects='projects'
+            ),
+        )
 
     def test_get_not_found(self):
         """Test GET view with invalid project UUID"""
diff --git a/projectroles/views.py b/projectroles/views.py
index a1ece660..f979949a 100644
--- a/projectroles/views.py
+++ b/projectroles/views.py
@@ -122,6 +122,10 @@
 )
 ROLE_CREATE_MSG = 'Membership granted with the role of "{role}".'
 ROLE_UPDATE_MSG = 'Member role changed to "{role}".'
+ROLE_FINDER_INFO = (
+    'User can see nested {categories} and {projects}, but can not access them '
+    'without having a role explicitly assigned.'
+)
 SEARCH_DICT_DEPRECATE_MSG = (
     'Results from search() as a dict have been deprecated and support will be '
     'removed in v1.1. Provide results as a list of PluginSearchResult objects '
@@ -1719,6 +1723,10 @@ def get_context_data(self, *args, **kwargs):
             ] = project.get_source_site().url + reverse(
                 'projectroles:roles', kwargs={'project': project.sodar_uuid}
             )
+        context['finder_info'] = ROLE_FINDER_INFO.format(
+            categories=get_display_name(PROJECT_TYPE_CATEGORY, plural=True),
+            projects=get_display_name(PROJECT_TYPE_PROJECT, plural=True),
+        )
         return context
 
 

From 56b4bbb1b158b8bc3445da892db6a4a625701652 Mon Sep 17 00:00:00 2001
From: Mikko Nieminen <mikko.nieminen@bih-charite.de>
Date: Tue, 12 Nov 2024 14:43:23 +0100
Subject: [PATCH 07/14] fix ProjectRoleView tour help attachments (#1512)

---
 CHANGELOG.rst                                        |  1 +
 .../projectroles/_project_role_dropdown.html         |  3 ++-
 .../projectroles/_project_role_dropdown_owner.html   |  3 ++-
 .../templates/projectroles/_project_role_ops.html    |  2 +-
 .../templates/projectroles/project_roles.html        | 12 ++++++------
 5 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index ae5c8158..b5fa5f97 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -31,6 +31,7 @@ Fixed
 - **Projectroles**
     - Deprecated ``SODAR_API_*`` settings required in tests (#1495)
     - Add workaround to ``ProjectInviteCreateView`` returning 404 with category and query string (#1510)
+    - Broken tour help attachments in ``ProjectRoleView`` (#1512)
 
 
 v1.0.2 (2024-09-09)
diff --git a/projectroles/templates/projectroles/_project_role_dropdown.html b/projectroles/templates/projectroles/_project_role_dropdown.html
index 2b7914eb..c2b811e4 100644
--- a/projectroles/templates/projectroles/_project_role_dropdown.html
+++ b/projectroles/templates/projectroles/_project_role_dropdown.html
@@ -2,7 +2,8 @@
 {% load projectroles_common_tags %}
 {% load projectroles_role_tags %}
 
-<button class="btn btn-secondary dropdown-toggle sodar-list-dropdown"
+<button class="btn btn-secondary dropdown-toggle sodar-list-dropdown
+               sodar-pr-role-btn"
         type="button" data-toggle="dropdown"
         aria-haspopup="true" aria-expanded="false">
   <i class="iconify" data-icon="mdi:gear"></i>
diff --git a/projectroles/templates/projectroles/_project_role_dropdown_owner.html b/projectroles/templates/projectroles/_project_role_dropdown_owner.html
index 5b91dba5..0cbe6860 100644
--- a/projectroles/templates/projectroles/_project_role_dropdown_owner.html
+++ b/projectroles/templates/projectroles/_project_role_dropdown_owner.html
@@ -1,7 +1,8 @@
 {% load rules %}
 {% load projectroles_common_tags %}
 
-<button class="btn btn-secondary dropdown-toggle sodar-list-dropdown"
+<button class="btn btn-secondary dropdown-toggle sodar-list-dropdown
+               sodar-pr-role-btn-owner"
         type="button" data-toggle="dropdown"
         aria-haspopup="true" aria-expanded="false">
   <i class="iconify" data-icon="mdi:gear"></i>
diff --git a/projectroles/templates/projectroles/_project_role_ops.html b/projectroles/templates/projectroles/_project_role_ops.html
index c4e51d4c..128f1bc0 100644
--- a/projectroles/templates/projectroles/_project_role_ops.html
+++ b/projectroles/templates/projectroles/_project_role_ops.html
@@ -1,5 +1,5 @@
 <div class="ml-auto">
-  <button class="btn btn-primary dropdown-toggle"
+  <button class="btn btn-primary dropdown-toggle sodar-pr-role-ops-btn"
           id="sodar-pr-role-ops-btn"
           type="button" data-toggle="dropdown"
           aria-haspopup="true" aria-expanded="false"
diff --git a/projectroles/templates/projectroles/project_roles.html b/projectroles/templates/projectroles/project_roles.html
index 6b824cdc..5acd09ba 100644
--- a/projectroles/templates/projectroles/project_roles.html
+++ b/projectroles/templates/projectroles/project_roles.html
@@ -141,17 +141,17 @@ <h3>
             showCancelLink: true
         });
     }
-    if ($('.sodar-pr-role-dropdown-owner').length) {
+    if ($('.sodar-pr-role-btn-owner').length) {
         tour.addStep('role_dropdown_owner', {
             title: 'Owner Dropdown',
             text: 'Ownership can be transferred to another user from this ' +
                   'dropdown.',
-            attachTo: '.sodar-pr-role-dropdown-owner left',
+            attachTo: '.sodar-pr-role-btn-owner left',
             advanceOn: '.docs-link click',
             showCancelLink: true,
         });
     }
-    if ($('.sodar-pr-role-dropdown').length) {
+    if ($('.sodar-pr-role-btn').length) {
         tour.addStep('role_dropdown', {
             title: 'Member Dropdown',
             text: 'For a non-owner member, you can update or remove the ' +
@@ -160,18 +160,18 @@ <h3>
                   'allowed. To remove such a role, navigate to the parent ' +
                   '{% get_display_name 'CATEGORY' %} and remove the ' +
                   'membership there.',
-            attachTo: '.sodar-pr-role-dropdown left',
+            attachTo: '.sodar-pr-role-btn left',
             advanceOn: '.docs-link click',
             showCancelLink: true,
         });
     }
-    if ($('#sodar-pr-role-ops-dropdown').length) {
+    if ($('#sodar-pr-role-ops-btn').length) {
         tour.addStep('role_ops', {
             title: 'Member Operations Dropdown',
             text: 'From this dropdown you can access operations for adding ' +
                   'new members to the {% get_display_name 'PROJECT' %} and ' +
                   'inviting users not yet on the site.',
-            attachTo: '#sodar-pr-role-ops-dropdown left',
+            attachTo: '#sodar-pr-role-ops-btn left',
             advanceOn: '.docs-link click',
             showCancelLink: true
         });

From 85e0ff32791a28f61fc77c5791e9450204a72a46 Mon Sep 17 00:00:00 2001
From: Mikko Nieminen <mikko.nieminen@bih-charite.de>
Date: Wed, 20 Nov 2024 13:55:30 +0100
Subject: [PATCH 08/14] fix role promoting crash with delegate limit reached
 (#1515)

---
 CHANGELOG.rst                    |  1 +
 docs/source/major_changes.rst    |  1 +
 projectroles/forms.py            |  2 +-
 projectroles/tests/test_views.py | 38 ++++++++++++++++++++++++++++++++
 projectroles/views.py            | 31 +++++++++++++++++++++-----
 5 files changed, 66 insertions(+), 7 deletions(-)

diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index b5fa5f97..51ecf0dd 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -32,6 +32,7 @@ Fixed
     - Deprecated ``SODAR_API_*`` settings required in tests (#1495)
     - Add workaround to ``ProjectInviteCreateView`` returning 404 with category and query string (#1510)
     - Broken tour help attachments in ``ProjectRoleView`` (#1512)
+    - ``RoleAssignmentCreateView`` crash as delegate with promoting and delegate limit reached (#1515)
 
 
 v1.0.2 (2024-09-09)
diff --git a/docs/source/major_changes.rst b/docs/source/major_changes.rst
index b8023a3d..a1c8ce14 100644
--- a/docs/source/major_changes.rst
+++ b/docs/source/major_changes.rst
@@ -20,6 +20,7 @@ Release Highlights
 - Add user count in timeline siteinfo statistics
 - Add finder role info link in member list
 - Fix invite create view redirect failing in categories
+- Fix role promoting crash as delegate with delegate limit reached
 - Fix requiring deprecated SODAR API settings in tests
 - General bug fixes and minor updates
 
diff --git a/projectroles/forms.py b/projectroles/forms.py
index e734076e..f40adce4 100644
--- a/projectroles/forms.py
+++ b/projectroles/forms.py
@@ -899,7 +899,7 @@ def __init__(
                 self.fields['role'].initial = max(
                     [c[0] for c in self.fields['role'].choices]
                 )
-            if not promote_as:
+            else:
                 self.fields['role'].initial = Role.objects.get(
                     name=PROJECT_ROLE_GUEST
                 ).pk
diff --git a/projectroles/tests/test_views.py b/projectroles/tests/test_views.py
index 24b677ad..d6b4360b 100644
--- a/projectroles/tests/test_views.py
+++ b/projectroles/tests/test_views.py
@@ -2887,6 +2887,44 @@ def test_get_promote_owner(self):
             )
         self.assertEqual(response.status_code, 302)
 
+    def test_get_promote_delegate_limit_reached(self):
+        """Test GET with inherited contributor and delegate limit reached"""
+        user_delegate = self.make_user('user_delegate')
+        self.make_assignment(self.project, user_delegate, self.role_delegate)
+        contrib_as_cat = self.make_assignment(
+            self.category, self.user_new, self.role_contributor
+        )
+        with self.login(user_delegate):
+            response = self.client.get(
+                reverse(
+                    'projectroles:role_create_promote',
+                    kwargs={
+                        'project': self.project.sodar_uuid,
+                        'promote_as': contrib_as_cat.sodar_uuid,
+                    },
+                )
+            )
+        self.assertEqual(response.status_code, 302)
+
+    def test_get_promote_delegate_limit_reached_superuser(self):
+        """Test GET with inherited contributor and delegate limit reached as superuser"""
+        user_delegate = self.make_user('user_delegate')
+        self.make_assignment(self.project, user_delegate, self.role_delegate)
+        contrib_as_cat = self.make_assignment(
+            self.category, self.user_new, self.role_contributor
+        )
+        with self.login(self.user):
+            response = self.client.get(
+                reverse(
+                    'projectroles:role_create_promote',
+                    kwargs={
+                        'project': self.project.sodar_uuid,
+                        'promote_as': contrib_as_cat.sodar_uuid,
+                    },
+                )
+            )
+        self.assertEqual(response.status_code, 302)
+
     def test_post(self):
         """Test RoleAssignmentCreateView POST"""
         self.assertEqual(RoleAssignment.objects.all().count(), 2)
diff --git a/projectroles/views.py b/projectroles/views.py
index f979949a..61bb0dfd 100644
--- a/projectroles/views.py
+++ b/projectroles/views.py
@@ -71,6 +71,7 @@
 PROJECT_TYPE_CATEGORY = SODAR_CONSTANTS['PROJECT_TYPE_CATEGORY']
 PROJECT_ROLE_OWNER = SODAR_CONSTANTS['PROJECT_ROLE_OWNER']
 PROJECT_ROLE_DELEGATE = SODAR_CONSTANTS['PROJECT_ROLE_DELEGATE']
+PROJECT_ROLE_CONTRIBUTOR = SODAR_CONSTANTS['PROJECT_ROLE_CONTRIBUTOR']
 PROJECT_ROLE_GUEST = SODAR_CONSTANTS['PROJECT_ROLE_GUEST']
 PROJECT_ROLE_FINDER = SODAR_CONSTANTS['PROJECT_ROLE_FINDER']
 SITE_MODE_TARGET = SODAR_CONSTANTS['SITE_MODE_TARGET']
@@ -2022,9 +2023,32 @@ def get(self, request, *args, **kwargs):
         # Validate inherited role promotion if set
         if self.kwargs.get('promote_as'):
             project = self.get_project()
+            redirect_url = reverse(
+                'projectroles:roles', kwargs={'project': project.sodar_uuid}
+            )
             self.promote_as = RoleAssignment.objects.filter(
                 sodar_uuid=self.kwargs['promote_as']
             ).first()
+
+            # Check for reached delegate limit
+            del_count = RoleAssignment.objects.filter(
+                project=project, role__name=PROJECT_ROLE_DELEGATE
+            ).count()
+            del_limit = settings.PROJECTROLES_DELEGATE_LIMIT
+            if (
+                self.promote_as
+                and self.promote_as.role.rank
+                >= ROLE_RANKING[PROJECT_ROLE_CONTRIBUTOR]
+                and del_count >= del_limit
+            ):
+                messages.warning(
+                    request,
+                    'Local delegate limit ({}) reached, no available roles for '
+                    'promotion.'.format(del_limit),
+                )
+                return redirect(redirect_url)
+
+            # Check for invalid roles
             if (
                 not self.promote_as
                 or self.promote_as.role.rank
@@ -2035,12 +2059,7 @@ def get(self, request, *args, **kwargs):
                 messages.error(
                     request, 'Invalid role assignment for promotion.'
                 )
-                return redirect(
-                    reverse(
-                        'projectroles:roles',
-                        kwargs={'project': project.sodar_uuid},
-                    )
-                )
+                return redirect(redirect_url)
         return super().get(request, *args, **kwargs)
 
 

From ff86ef0c43051144bac746e93b4873b8f4613f18 Mon Sep 17 00:00:00 2001
From: Mikko Nieminen <mikko.nieminen@bih-charite.de>
Date: Wed, 20 Nov 2024 14:21:59 +0100
Subject: [PATCH 09/14] update owner transfer timeline event data (#1514)

---
 CHANGELOG.rst         |  1 +
 projectroles/views.py | 15 ++++++++++-----
 2 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index 51ecf0dd..01ec8189 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -24,6 +24,7 @@ Changed
 
 - **Projectroles**
     - Update default OIDC login button template (#1503)
+    - Update ownership transfer timeline event data (#1514)
 
 Fixed
 -----
diff --git a/projectroles/views.py b/projectroles/views.py
index 61bb0dfd..4b7086aa 100644
--- a/projectroles/views.py
+++ b/projectroles/views.py
@@ -2180,14 +2180,16 @@ def _get_timeline_failed_status(self):
         else:
             return timeline.TL_STATUS_FAILED
 
-    def _create_timeline_event(self, old_owner, new_owner, project):
+    def _create_timeline_event(
+        self, old_owner, new_owner, old_owner_role, project
+    ):
         timeline = get_backend_api('timeline_backend')
         # Init Timeline event
         if not timeline:
             return None
-        tl_desc = 'transfer ownership from {{{}}} to {{{}}}'.format(
-            'prev_owner', 'new_owner'
-        )
+        tl_desc = (
+            'transfer ownership from {{{}}} to {{{}}}, set old owner as "{}"'
+        ).format('prev_owner', 'new_owner', old_owner_role.name)
         tl_event = timeline.add_event(
             project=project,
             app_name=APP_NAME,
@@ -2197,6 +2199,7 @@ def _create_timeline_event(self, old_owner, new_owner, project):
             extra_data={
                 'prev_owner': old_owner.username,
                 'new_owner': new_owner.username,
+                'old_owner_role': old_owner_role.name,
             },
         )
         tl_event.add_object(old_owner, 'prev_owner', old_owner.username)
@@ -2277,7 +2280,9 @@ def transfer_owner(self, project, new_owner, old_owner_as, old_owner_role):
         new_inh_owner = (
             True if new_inh_as and new_inh_as.role == self.role_owner else False
         )
-        tl_event = self._create_timeline_event(old_owner, new_owner, project)
+        tl_event = self._create_timeline_event(
+            old_owner, new_owner, old_owner_role, project
+        )
 
         try:
             self._handle_transfer(

From 6163f31ac1a892da882d78aae28862074768ee5e Mon Sep 17 00:00:00 2001
From: Mikko Nieminen <mikko.nieminen@bih-charite.de>
Date: Thu, 28 Nov 2024 11:24:07 +0100
Subject: [PATCH 10/14] add markdown table and strikethrough support (#1272),
 improve css

---
 CHANGELOG.rst                                 |   1 +
 .../templates/adminalerts/alert_detail.html   |   7 +-
 docs/source/major_changes.rst                 |   1 +
 .../static/projectroles/css/pagedown.css      | 164 ++++++++----------
 .../static/projectroles/css/projectroles.css  |  22 ++-
 .../projectroles/project_detail.html          |   7 +-
 .../templatetags/projectroles_common_tags.py  |   2 +-
 7 files changed, 101 insertions(+), 103 deletions(-)

diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index 01ec8189..6b9319b1 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -13,6 +13,7 @@ Added
 
 - **Projectroles**
     - Info link for finder role in ``ProjectRoleView`` (#1511)
+    - Table and strikethrough support in ``render_markdown()`` (#1272)
 - **Timeline**
     - User count in siteinfo stats (#1504)
     - Plugin tests (#1506)
diff --git a/adminalerts/templates/adminalerts/alert_detail.html b/adminalerts/templates/adminalerts/alert_detail.html
index 6fb8c1cf..3c425d1b 100644
--- a/adminalerts/templates/adminalerts/alert_detail.html
+++ b/adminalerts/templates/adminalerts/alert_detail.html
@@ -37,10 +37,9 @@ <h2><i class="iconify" data-icon="mdi:alert"></i> Admin Alert</h2>
           <dd class="col-md-12 px-0 mx-0">
             <hr />
           </dd>
-          <dd class="col-md-12 my-0">
-            {% autoescape off %}
-              {% render_markdown object.description.raw %}
-            {% endautoescape %}
+          <dd class="col-md-12 my-0 sodar-markdown-content">
+            {% render_markdown object.description.raw as desc %}
+            {{ desc | safe }}
           </dd>
         {% endif %}
       </dl>
diff --git a/docs/source/major_changes.rst b/docs/source/major_changes.rst
index a1c8ce14..9750b5ab 100644
--- a/docs/source/major_changes.rst
+++ b/docs/source/major_changes.rst
@@ -19,6 +19,7 @@ Release Highlights
 - Add auth type in user profile details card
 - Add user count in timeline siteinfo statistics
 - Add finder role info link in member list
+- Add table and strikethrough support for markdown content
 - Fix invite create view redirect failing in categories
 - Fix role promoting crash as delegate with delegate limit reached
 - Fix requiring deprecated SODAR API settings in tests
diff --git a/projectroles/static/projectroles/css/pagedown.css b/projectroles/static/projectroles/css/pagedown.css
index 22fe5d6b..cbc54835 100644
--- a/projectroles/static/projectroles/css/pagedown.css
+++ b/projectroles/static/projectroles/css/pagedown.css
@@ -1,131 +1,121 @@
 body {
-	/* HACK for non-working CSS override in django-pagedown */
-	font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto,
-	             "Helvetica Neue", Arial, "Noto Sans", sans-serif,
-	             "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol",
-	             "Noto Color Emoji";
+  /* HACK for non-working CSS override in django-pagedown */
+  font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto,
+               "Helvetica Neue", Arial, "Noto Sans", sans-serif,
+               "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol",
+               "Noto Color Emoji";
 }
 
 blockquote {
-	border-left: 2px dotted #888;
-	padding-left: 5px;
-	background: #d0f0ff;
+  border-left: 2px dotted #888;
+  padding-left: 5px;
+  background: #d0f0ff;
 }
 
-.wmd-panel
-{
+.wmd-panel {
   margin-left: 0;
   margin-right: 0;
   width: 100%;
   resize: vertical;
 }
 
-.wmd-button-bar
-{
-	width: 100%;
-	background-color: #fff;
+.wmd-button-bar  {
+  width: 100%;
+  background-color: #fff;
 }
 
 .wmd-input,
-.sodar-json-input
-{
-	height: 175px !important;
-	min-height: 175px;
-	width: 100%;
-	background-color: Gainsboro;
-	border: 1px solid DarkGray;
-	resize: vertical;
+.sodar-json-input {
+  height: 175px !important;
+  min-height: 175px;
+  width: 100%;
+  background-color: Gainsboro;
+  border: 1px solid DarkGray;
+  resize: vertical;
 }
 
-.wmd-preview
-{
-	background-color: #c0e0ff;
+.wmd-preview {
+  padding: 12px;
+  background-color: #c0e0ff;
 }
 
-.wmd-button-row
-{
-	position: relative;
-	margin-left: 5px;
-	margin-right: 5px;
-	margin-bottom: 5px;
-	margin-top: 10px;
-	padding: 0px;
-	height: 20px;
+.wmd-button-row {
+  position: relative;
+  margin: 10px 5px 5px;
+  padding: 0;
+  height: 20px;
 }
 
-.wmd-spacer
-{
-	width: 1px;
-	height: 20px;
-	margin-left: 14px;
-
-	position: absolute;
-	background-color: Silver;
-	display: inline-block;
-	list-style: none;
+.wmd-spacer {
+  width: 1px;
+  height: 20px;
+  margin-left: 14px;
+  position: absolute;
+  background-color: Silver;
+  display: inline-block;
+  list-style: none;
 }
 
 .wmd-button {
-    width: 20px;
-    height: 20px;
-    padding-left: 2px;
-    padding-right: 3px;
-    position: absolute;
-    display: inline-block;
-    list-style: none;
-    cursor: pointer;
+  width: 20px;
+  height: 20px;
+  padding-left: 2px;
+  padding-right: 3px;
+  position: absolute;
+  display: inline-block;
+  list-style: none;
+  cursor: pointer;
 }
 
 .wmd-button > span {
-    background-image: url(../images/wmd-buttons.png);
-    background-repeat: no-repeat;
-    background-position: 0px 0px;
-    width: 20px;
-    height: 20px;
-    display: inline-block;
+  background-image: url(../images/wmd-buttons.png);
+  background-repeat: no-repeat;
+  background-position: 0px 0px;
+  width: 20px;
+  height: 20px;
+  display: inline-block;
 }
 
-.wmd-spacer1
-{
-    left: 50px;
+.wmd-spacer1 {
+  left: 50px;
 }
-.wmd-spacer2
-{
-    left: 175px;
+.wmd-spacer2 {
+  left: 175px;
 }
-.wmd-spacer3
-{
-    left: 300px;
+.wmd-spacer3 {
+  left: 300px;
 }
 
-
-
-
-.wmd-prompt-background
-{
-	background-color: Black;
+.wmd-prompt-background {
+  background-color: Black;
 }
 
-.wmd-prompt-dialog
-{
-	border: 1px solid #999999;
-	background-color: #F5F5F5;
+.wmd-prompt-dialog {
+  border: 1px solid #999999;
+  background-color: #F5F5F5;
 }
 
 .wmd-prompt-dialog > div {
-	font-size: 0.8em;
-	font-family: arial, helvetica, sans-serif;
+  font-size: 0.8em;
+  font-family: arial, helvetica, sans-serif;
 }
 
-
 .wmd-prompt-dialog > form > input[type="text"] {
-	border: 1px solid #999999;
-	color: black;
+  border: 1px solid #999999;
+  color: black;
+}
+
+.wmd-prompt-dialog > form > input[type="button"] {
+  border: 1px solid #888888;
+  font-family: trebuchet MS, helvetica, sans-serif;
+  font-size: 0.8em;
+  font-weight: bold;
 }
 
-.wmd-prompt-dialog > form > input[type="button"]{
-	border: 1px solid #888888;
-	font-family: trebuchet MS, helvetica, sans-serif;
-	font-size: 0.8em;
-	font-weight: bold;
+.wmd-preview table,
+.wmd-preview table thead th,
+.wmd-preview table tbody td {
+  border: 1px solid #000000;
+  padding-left: 5px;
+  padding-right: 5px;
 }
diff --git a/projectroles/static/projectroles/css/projectroles.css b/projectroles/static/projectroles/css/projectroles.css
index 5d14e241..79bc65cc 100644
--- a/projectroles/static/projectroles/css/projectroles.css
+++ b/projectroles/static/projectroles/css/projectroles.css
@@ -765,29 +765,37 @@ pre#sodar-email-body {
   }
 }
 
+/* Tables within markdown elements */
 
-/* Responsive modifications ------------------------------------------------- */
+.sodar-markdown-content table {
+  margin-bottom: 12px !important;
+}
 
+.sodar-markdown-content table,
+.sodar-markdown-content table thead th,
+.sodar-markdown-content table tbody td {
+  border: 1px solid #ced4da;
+  padding-left: 5px;
+  padding-right: 5px;
+}
 
-/*
- Used to hide/show extra content based on browser window width.
- */
+/* Responsive modifications ------------------------------------------------- */
 
+/* Used to hide/show extra content based on browser window width. */
 
 .sodar-navbar-alt-item {
   display: none;
 }
 
-/* Navbar (width)*/
+/* Navbar (width) */
+
 @media screen and (max-width: 990px) {
   .sodar-navbar-user-dropdown {
     display: none;
   }
-
   .sodar-navbar-alt-item {
     display: inherit;
   }
-
   .sodar-navbar-search {
     width: 250px;
     padding-top: 10px;
diff --git a/projectroles/templates/projectroles/project_detail.html b/projectroles/templates/projectroles/project_detail.html
index feac3c16..56e41cc5 100644
--- a/projectroles/templates/projectroles/project_detail.html
+++ b/projectroles/templates/projectroles/project_detail.html
@@ -56,11 +56,10 @@ <h4>
     <div class="card-header">
       <h4><i class="iconify" data-icon="mdi:book-open-page-variant"></i> ReadMe</h4>
     </div>
-    <div class="card-body">
+    <div class="card-body sodar-markdown-content">
       {% if object.readme.rendered|length > 0 %}
-        {% autoescape off %}
-          {% render_markdown object.readme.raw %}
-        {% endautoescape %}
+        {% render_markdown object.readme.raw as readme %}
+        {{ readme | safe }}
       {% else %}
         <p>
           No ReadMe is currently set for this {% get_display_name object.type title=False %}.
diff --git a/projectroles/templatetags/projectroles_common_tags.py b/projectroles/templatetags/projectroles_common_tags.py
index 98b01642..d76ad8ac 100644
--- a/projectroles/templatetags/projectroles_common_tags.py
+++ b/projectroles/templatetags/projectroles_common_tags.py
@@ -295,7 +295,7 @@ def get_remote_icon(project, request):
 @register.simple_tag
 def render_markdown(raw_markdown):
     """Markdown field rendering helper"""
-    return mistune.markdown(raw_markdown)
+    return mistune.html(raw_markdown)
 
 
 @register.filter

From 076fc1b83332d8e57aab18e447ea13aedb201423 Mon Sep 17 00:00:00 2001
From: Mikko Nieminen <mikko.nieminen@bih-charite.de>
Date: Thu, 28 Nov 2024 12:44:40 +0100
Subject: [PATCH 11/14] update dependency pinning (#1509)

---
 CHANGELOG.rst         | 2 ++
 requirements/base.txt | 6 +++---
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index 6b9319b1..cd2ca8d9 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -23,6 +23,8 @@ Added
 Changed
 -------
 
+- **General**
+    - Update dependency pinning (#1509)
 - **Projectroles**
     - Update default OIDC login button template (#1503)
     - Update ownership transfer timeline event data (#1514)
diff --git a/requirements/base.txt b/requirements/base.txt
index 73f714f3..8fac9be5 100644
--- a/requirements/base.txt
+++ b/requirements/base.txt
@@ -52,7 +52,7 @@ versioneer==0.29
 ######################
 
 # Django-plugins (with Django v4.2 support)
-django-plugins-bihealth==0.5.2
+django-plugins-bihealth>=0.5.2, <0.6
 
 # Rules for permissions
 rules>=3.3, <3.4
@@ -61,7 +61,7 @@ rules>=3.3, <3.4
 djangorestframework>=3.15.2, <3.16
 
 # Keyed list addon for DRF
-drf-keyed-list-bihealth==0.2.1
+drf-keyed-list-bihealth>=0.2.1, <0.3
 
 # Token authentication
 django-rest-knox>=4.2.0, <4.3
@@ -82,4 +82,4 @@ redis>=5.0.2
 celery>=5.3.6, <5.4
 
 # Django autocomplete light (DAL)
-django-autocomplete-light==3.11.0  # See issue #1224
+django-autocomplete-light==3.11.0

From eb240091589595eca8b4b26536970adec08f1d09 Mon Sep 17 00:00:00 2001
From: Mikko Nieminen <mikko.nieminen@bih-charite.de>
Date: Mon, 9 Dec 2024 09:06:58 +0100
Subject: [PATCH 12/14] upgrade to django v4.2.17 (#1516)

---
 CHANGELOG.rst                 | 1 +
 docs/source/major_changes.rst | 8 ++++++++
 requirements/base.txt         | 2 +-
 3 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index cd2ca8d9..fb3da42b 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -24,6 +24,7 @@ Changed
 -------
 
 - **General**
+    - Upgrade minimum Django version to v4.2.17 (#1516)
     - Update dependency pinning (#1509)
 - **Projectroles**
     - Update default OIDC login button template (#1503)
diff --git a/docs/source/major_changes.rst b/docs/source/major_changes.rst
index 9750b5ab..bda57c32 100644
--- a/docs/source/major_changes.rst
+++ b/docs/source/major_changes.rst
@@ -25,6 +25,14 @@ Release Highlights
 - Fix requiring deprecated SODAR API settings in tests
 - General bug fixes and minor updates
 
+Breaking Changes
+================
+
+System Prerequisites
+--------------------
+
+The minimum Django version has been bumped to v4.2.17.
+
 
 v1.0.2 (2024-09-09)
 *******************
diff --git a/requirements/base.txt b/requirements/base.txt
index 8fac9be5..c97c2ca7 100644
--- a/requirements/base.txt
+++ b/requirements/base.txt
@@ -8,7 +8,7 @@ setuptools>=70.0.0, <70.1
 packaging>=23.2, <24.0
 
 # Django
-django>=4.2.16, <5.0
+django>=4.2.17, <5.0
 
 # Configuration
 django-environ>=0.11.2, <0.12

From a61cf6ce597e9bd605783e5dbeba5f506a1329fc Mon Sep 17 00:00:00 2001
From: Mikko Nieminen <mikko.nieminen@bih-charite.de>
Date: Mon, 9 Dec 2024 12:35:38 +0100
Subject: [PATCH 13/14] fix and refactor syncremote command (#1517, #1518)

---
 CHANGELOG.rst                                 |  2 +
 docs/source/major_changes.rst                 |  1 +
 .../management/commands/syncremote.py         | 51 ++++---------------
 3 files changed, 14 insertions(+), 40 deletions(-)

diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index fb3da42b..f1f066e9 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -29,6 +29,7 @@ Changed
 - **Projectroles**
     - Update default OIDC login button template (#1503)
     - Update ownership transfer timeline event data (#1514)
+    - Refactor ``syncremote`` management command (#1518)
 
 Fixed
 -----
@@ -38,6 +39,7 @@ Fixed
     - Add workaround to ``ProjectInviteCreateView`` returning 404 with category and query string (#1510)
     - Broken tour help attachments in ``ProjectRoleView`` (#1512)
     - ``RoleAssignmentCreateView`` crash as delegate with promoting and delegate limit reached (#1515)
+    - ``syncremote`` command crash from legacy API media type and version (#1517)
 
 
 v1.0.2 (2024-09-09)
diff --git a/docs/source/major_changes.rst b/docs/source/major_changes.rst
index bda57c32..0435b921 100644
--- a/docs/source/major_changes.rst
+++ b/docs/source/major_changes.rst
@@ -23,6 +23,7 @@ Release Highlights
 - Fix invite create view redirect failing in categories
 - Fix role promoting crash as delegate with delegate limit reached
 - Fix requiring deprecated SODAR API settings in tests
+- Fix syncremote management command crash
 - General bug fixes and minor updates
 
 Breaking Changes
diff --git a/projectroles/management/commands/syncremote.py b/projectroles/management/commands/syncremote.py
index a051acf6..b9c58f77 100644
--- a/projectroles/management/commands/syncremote.py
+++ b/projectroles/management/commands/syncremote.py
@@ -1,18 +1,13 @@
 """Syncremote management command for synchronizing remote projects"""
 
-import json
-import ssl
 import sys
-import urllib.request
 
 from django.conf import settings
 from django.core.management.base import BaseCommand
-from django.urls import reverse
 
 from projectroles.management.logging import ManagementCommandLogger
 from projectroles.models import RemoteSite, SODAR_CONSTANTS
 from projectroles.remote_projects import RemoteProjectAPI
-from projectroles.views_api import CORE_API_MEDIA_TYPE, CORE_API_DEFAULT_VERSION
 
 
 logger = ManagementCommandLogger(__name__)
@@ -24,12 +19,13 @@
 
 
 class Command(BaseCommand):
-    help = 'Synchronizes user and project data from a remote site'
+    help = 'Synchronizes user and project data from the source site'
 
     def add_arguments(self, parser):
         pass
 
     def handle(self, *args, **options):
+        remote_api = RemoteProjectAPI()
         if getattr(settings, 'PROJECTROLES_DISABLE_CATEGORIES', False):
             logger.info(
                 'Project categories and nesting disabled, '
@@ -39,11 +35,10 @@ def handle(self, *args, **options):
         if settings.PROJECTROLES_SITE_MODE != SITE_MODE_TARGET:
             logger.error('Site not in TARGET mode, unable to sync')
             sys.exit(1)
-
         try:
-            site = RemoteSite.objects.get(mode=SITE_MODE_SOURCE)
+            source_site = RemoteSite.objects.get(mode=SITE_MODE_SOURCE)
         except RemoteSite.DoesNotExist:
-            logger.error('No source site defined, unable to sync')
+            logger.error('No source site set, unable to sync')
             sys.exit(1)
 
         if getattr(settings, 'PROJECTROLES_ALLOW_LOCAL_USERS', False):
@@ -52,46 +47,22 @@ def handle(self, *args, **options):
                 'roles for existing local users'
             )
         logger.info(
-            'Retrieving data from remote site "{}" ({})..'.format(
-                site.name, site.get_url()
+            'Retrieving data from source site "{}" ({})..'.format(
+                source_site.name, source_site.get_url()
             )
         )
-        api_url = site.get_url() + reverse(
-            'projectroles:api_remote_get', kwargs={'secret': site.secret}
-        )
-
         try:
-            api_req = urllib.request.Request(api_url)
-            api_req.add_header(
-                'accept',
-                '{}; version={}'.format(
-                    CORE_API_MEDIA_TYPE, CORE_API_DEFAULT_VERSION
-                ),
-            )
-            response = urllib.request.urlopen(api_req)
-            remote_data = json.loads(response.read())
-
+            remote_data = remote_api.get_remote_data(source_site)
         except Exception as ex:
-            helper_text = ''
-            if (
-                isinstance(ex, urllib.error.URLError)
-                and isinstance(ex.reason, ssl.SSLError)
-                and ex.reason.reason == 'WRONG_VERSION_NUMBER'
-            ):
-                helper_text = (
-                    ' (most likely the server cannot handle HTTPS requests)'
-                )
             logger.error(
-                'Unable to retrieve data from remote site: {}{}'.format(
-                    ex, helper_text
-                )
+                'Failed to retrieve data from source site: {}'.format(ex)
             )
             sys.exit(1)
 
-        remote_api = RemoteProjectAPI()
+        logger.info('Synchronizing remote data from source site..')
         try:
-            remote_api.sync_remote_data(site, remote_data)
+            remote_api.sync_remote_data(source_site, remote_data)
         except Exception as ex:
-            logger.error('Remote sync cancelled with exception: {}'.format(ex))
+            logger.error('Remote sync failed with exception: {}'.format(ex))
             sys.exit(1)
         logger.info('Syncremote command OK')

From e99483db2e17aa272f7633d6396f1169ac140570 Mon Sep 17 00:00:00 2001
From: Mikko Nieminen <mikko.nieminen@bih-charite.de>
Date: Thu, 12 Dec 2024 09:51:15 +0100
Subject: [PATCH 14/14] cleanup and prepare v1.0.3 release (#1496)

---
 CHANGELOG.rst                 |  5 +++--
 README.rst                    |  2 +-
 codemeta.json                 |  8 ++++----
 docs/source/conf.py           |  2 +-
 docs/source/dev_resource.rst  |  8 +++++++-
 docs/source/major_changes.rst |  4 ++--
 projectroles/plugins.py       |  2 +-
 projectroles/views_ajax.py    | 37 ++++++++++++-----------------------
 8 files changed, 32 insertions(+), 36 deletions(-)

diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index f1f066e9..2698f9ff 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -5,8 +5,8 @@ Changelog for the **SODAR Core** Django app package. Loosely follows the
 `Keep a Changelog <http://keepachangelog.com/en/1.0.0/>`_ guidelines.
 
 
-Unreleased
-==========
+v1.0.3 (2024-12-12)
+===================
 
 Added
 -----
@@ -14,6 +14,7 @@ Added
 - **Projectroles**
     - Info link for finder role in ``ProjectRoleView`` (#1511)
     - Table and strikethrough support in ``render_markdown()`` (#1272)
+    - ``sodar-markdown-content`` CSS class (#1272)
 - **Timeline**
     - User count in siteinfo stats (#1504)
     - Plugin tests (#1506)
diff --git a/README.rst b/README.rst
index 66591ecb..1bf62659 100644
--- a/README.rst
+++ b/README.rst
@@ -117,7 +117,7 @@ and breaking changes are possible.
 
 .. code-block:: console
 
-    pip install django-sodar-core==1.0.2
+    pip install django-sodar-core==1.0.3
 
 For installing a development version you can point your dependency to a specific
 commit ID in GitHub. Note that these versions may not be stable.
diff --git a/codemeta.json b/codemeta.json
index 2ee7f48b..335a5b29 100644
--- a/codemeta.json
+++ b/codemeta.json
@@ -40,12 +40,12 @@
   ],
   "identifier": "https://doi.org/10.5281/zenodo.4269346",
   "codeRepository": "https://github.com/bihealth/sodar-core",
-  "datePublished": "2023-12-06",
-  "dateModified": "2023-12-06",
-  "dateCreated": "2024-09-09",
+  "datePublished": "2024-12-12",
+  "dateModified": "2024-12-12",
+  "dateCreated": "2019-06-26",
   "description": "SODAR Core: A Django-based framework for scientific data management and analysis web apps",
   "keywords": "Python, Django, scientific data managmenent, software library",
   "license": "MIT",
   "title": "SODAR Core",
-  "version": "v1.0.2"
+  "version": "v1.0.3"
 }
diff --git a/docs/source/conf.py b/docs/source/conf.py
index c8445fbe..ce675957 100644
--- a/docs/source/conf.py
+++ b/docs/source/conf.py
@@ -29,7 +29,7 @@
 # The short X.Y version
 version = '1.0'
 # The full version, including alpha/beta/rc tags
-release = '1.0.3-WIP'
+release = '1.0.3'
 
 
 # -- General configuration ---------------------------------------------------
diff --git a/docs/source/dev_resource.rst b/docs/source/dev_resource.rst
index ca91a530..09dcbc07 100644
--- a/docs/source/dev_resource.rst
+++ b/docs/source/dev_resource.rst
@@ -145,9 +145,15 @@ documentation for more information on how to customize your widget.
 Markdown
 --------
 
-For fields supporting markdown, it is recommended to use the
+For fields supporting Markdown, it is recommended to use the
 ``SODARPagedownWidget`` found in ``projectroles.models``.
 
+.. hint::
+
+    When rendering Markdown fields in templates, add the
+    ``sodar-markdown-content`` CSS class to the field's parent container for
+    improved Markdown styling.
+
 Submit Multi-Click Protection
 -----------------------------
 
diff --git a/docs/source/major_changes.rst b/docs/source/major_changes.rst
index 0435b921..91500d96 100644
--- a/docs/source/major_changes.rst
+++ b/docs/source/major_changes.rst
@@ -10,8 +10,8 @@ older SODAR Core version. For a complete list of changes in current and previous
 releases, see the :ref:`full changelog<changelog>`.
 
 
-v1.0.3 (WIP)
-************
+v1.0.3 (2024-12-12)
+*******************
 
 Release Highlights
 ==================
diff --git a/projectroles/plugins.py b/projectroles/plugins.py
index c1dba387..9c450250 100644
--- a/projectroles/plugins.py
+++ b/projectroles/plugins.py
@@ -772,7 +772,7 @@ def get_app_plugin(plugin_name, plugin_type=None):
 
     :param plugin_name: Plugin name (string)
     :param plugin_type: Plugin type (string or None for all types)
-    :return: Plugin object or None if not found
+    :return: Plugin object or None if not found or inactive
     """
     if plugin_type:
         plugin_types = [PLUGIN_TYPES[plugin_type]]
diff --git a/projectroles/views_ajax.py b/projectroles/views_ajax.py
index 5268b393..bc50f8d5 100644
--- a/projectroles/views_ajax.py
+++ b/projectroles/views_ajax.py
@@ -546,12 +546,10 @@ def get_queryset(self):
         project_uuid = self.forwarded.get('project', None)
         exclude_uuids = self.forwarded.get('exclude', None)
         scope = self.forwarded.get('scope', 'all')
+        qs = User.objects.all()
 
         # If project UUID is given, only show users that are in the project
-        if scope in ['project', 'project_exclude'] and project_uuid not in [
-            '',
-            None,
-        ]:
+        if scope in ['project', 'project_exclude'] and project_uuid:
             project = Project.objects.filter(sodar_uuid=project_uuid).first()
             # If user has no permission for the project, return None
             if not self.request.user.has_perm(
@@ -560,12 +558,9 @@ def get_queryset(self):
                 return User.objects.none()
             project_users = [a.user.pk for a in project.get_roles()]
             if scope == 'project':  # Limit choices to current project users
-                qs = User.objects.filter(pk__in=project_users)
+                qs = qs.filter(pk__in=project_users)
             elif scope == 'project_exclude':  # Exclude project users
-                qs = User.objects.exclude(pk__in=project_users)
-        # Else include all users
-        else:
-            qs = User.objects.all()
+                qs = qs.exclude(pk__in=project_users)
 
         # Exclude users in the system group unless local users are allowed
         allow_local = getattr(settings, 'PROJECTROLES_ALLOW_LOCAL_USERS', False)
@@ -598,7 +593,6 @@ def get_result_value(self, user):
     def get(self, request, *args, **kwargs):
         if not request.user.is_authenticated:
             return HttpResponseForbidden()
-
         return super().get(request, *args, **kwargs)
 
 
@@ -610,7 +604,6 @@ class UserAutocompleteRedirectAjaxView(UserAutocompleteAjaxView):
 
     def get_create_option(self, context, q):
         """Form the correct email invite option to append to results"""
-        create_option = []
         validator = EmailValidator()
         display_create_option = False
 
@@ -632,22 +625,18 @@ def get_create_option(self, context, q):
                     display_create_option = False
 
         if display_create_option:
-            create_option = [
-                {
-                    'id': q,
-                    'text': ('Send an invite to "%(new_value)s"')
-                    % {'new_value': q},
-                    'create_id': True,
-                }
-            ]
-        return create_option
+            create_option = {
+                'id': q,
+                'text': 'Send an invite to "{}"'.format(q),
+                'create_id': True,
+            }
+            return [create_option]
+        return []
 
-    def post(self, request):
-        """Send the invite form url to which the forwarded values will be
-        send"""
+    def post(self, request, *args, **kwargs):
+        # Return JSON with redirect URL
         project_uuid = self.request.POST.get('project', None)
         project = Project.objects.filter(sodar_uuid=project_uuid).first()
-        # create JSON with address to redirect to
         redirect_url = reverse(
             'projectroles:invite_create', kwargs={'project': project.sodar_uuid}
         )