fix(deps): update module github.com/wneessen/go-mail to v0.3.0 (#1278)

Reviewed-on: https://kolaente.dev/vikunja/api/pulls/1278
Co-authored-by: renovate <renovatebot@kolaente.de>
Co-committed-by: renovate <renovatebot@kolaente.de>

.drone.yml

@@ -132,14 +132,15 @@ steps:
       event: [ push, tag, pull_request ]
 
   - name: lint
-    image: golang:1.17-alpine
+    image: golang:1.19-alpine
     pull: true
     environment:
       GOPROXY: 'https://goproxy.kolaente.de'
     depends_on: [ build ]
     commands:
+      - export "GOROOT=$(go env GOROOT)"
       - apk --no-cache add build-base git
-      - wget -O - -q https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.47.3
+      - wget -O - -q https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.49.0
       - ./mage-static check:all
     when:
       event: [ push, tag, pull_request ]
@@ -502,7 +503,7 @@ steps:
     depends_on: [ sign-release ]
 
   # Build os packages and push it to our bucket
-  - name: build-os-packages
+  - name: build-os-packages-unstable
     image: goreleaser/nfpm
     pull: true
     commands:
@@ -511,6 +512,25 @@ steps:
       - mv dist/os-packages/vikunja*.x86_64.rpm dist/os-packages/vikunja-unstable-x86_64.rpm
       - mv dist/os-packages/vikunja*_amd64.deb dist/os-packages/vikunja-unstable-amd64.deb
       - mv dist/os-packages/vikunja*_x86_64.apk dist/os-packages/vikunja-unstable-x86_64.apk
+    when:
+      branch:
+        - main
+      event:
+        - push
+    depends_on: [ static-build-linux ]
+
+  - name: build-os-packages-version
+    image: goreleaser/nfpm
+    pull: true
+    commands:
+      - apk add git go
+      - ./mage-static release:packages
+      - mv dist/os-packages/vikunja*.x86_64.rpm dist/os-packages/vikunja-${DRONE_TAG##v}-x86_64.rpm
+      - mv dist/os-packages/vikunja*_amd64.deb dist/os-packages/vikunja-${DRONE_TAG##v}-amd64.deb
+      - mv dist/os-packages/vikunja*_x86_64.apk dist/os-packages/vikunja-${DRONE_TAG##v}-x86_64.apk
+    when:
+      event:
+        - tag
     depends_on: [ static-build-linux ]
 
   # Push the os releases to our pseudo-s3-bucket
@@ -534,7 +554,7 @@ steps:
         - main
       event:
         - push
-    depends_on: [ build-os-packages ]
+    depends_on: [ build-os-packages-unstable ]
 
   - name: release-os-version
     image: plugins/s3
@@ -554,44 +574,7 @@ steps:
     when:
       event:
         - tag
-    depends_on: [ build-os-packages ]
-
-  ### Broken, disabled until we figure out how to fix it
-  #  - name: deb-structure
-  #    image: kolaente/reprepro
-  #    pull: true
-  #    environment:
-  #      GPG_PRIVATE_KEY:
-  #        from_secret: gpg_privatekey
-  #    commands:
-  #      - export GPG_TTY=$(tty)
-  #      - gpg -qk
-  #      - echo "use-agent" >>  ~/.gnupg/gpg.conf
-  #      - gpgconf --kill gpg-agent
-  #      - echo $GPG_PRIVATE_KEY > ~/frederik.gpg
-  #      - gpg --import ~/frederik.gpg
-  #      - mkdir debian/conf -p
-  #      - cp build/reprepro-dist-conf debian/conf/distributions
-  #      - ./mage-static release:reprepro
-  #    depends_on: [ build-os-packages ]
-
-  # Push the releases to our pseudo-s3-bucket
-  - name: release-deb
-    image: plugins/s3
-    pull: true
-    settings:
-      bucket: vikunja-releases
-      access_key:
-        from_secret: aws_access_key_id
-      secret_key:
-        from_secret: aws_secret_access_key
-      endpoint: https://s3.fr-par.scw.cloud
-      region: fr-par
-      path_style: true
-      strip_prefix: debian
-      source: debian/*/*/*/*/*
-      target: /deb/
-#    depends_on: [ deb-structure ]
+    depends_on: [ build-os-packages-version ]
 
 ---
 kind: pipeline
@@ -622,7 +605,7 @@ steps:
       - tar -xzf vikunja-theme.tar.gz
 
   - name: build
-    image: klakegg/hugo:0.93.3
+    image: klakegg/hugo:0.104.2
     pull: true
     commands:
       - cd docs
@@ -664,6 +647,39 @@ steps:
     commands:
       - git fetch --tags
 
+  - name: docker-arm-unstable
+    image: plugins/docker:linux-arm
+    pull: true
+    settings:
+      username:
+        from_secret: docker_username
+      password:
+        from_secret: docker_password
+      repo: vikunja/api
+      tags: unstable-linux-arm
+      dockerfile: Dockerfile.arm32
+    depends_on: [ fetch-tags ]
+    when:
+      ref:
+        - refs/heads/main
+
+  - name: docker-arm
+    image: plugins/docker:linux-arm
+    pull: true
+    settings:
+      username:
+        from_secret: docker_username
+      password:
+        from_secret: docker_password
+      repo: vikunja/api
+      auto_tag: true
+      auto_tag_suffix: linux-arm
+      dockerfile: Dockerfile.arm32
+    depends_on: [ fetch-tags ]
+    when:
+      ref:
+        - "refs/tags/**"
+
   - name: docker-arm64-unstable
     image: plugins/docker:linux-arm64
     pull: true
@@ -845,6 +861,6 @@ steps:
         - failure
 ---
 kind: signature
-hmac: 59e619a19be0bda1935ff2b49ac7b56a0511ac8ecfd2a05a6460bf5840876ba5
+hmac: 5500acb776acae4975592637767035c45af277f1f56c8d10ffd99f38761cd5c8
 
 ...

.gitea/issue_template.md

@@ -1,44 +0,0 @@
-<!--
-
-Please fill out this issue template to report a bug.
-If you want to propose a new feature, please open a discussion thread in the forum: https://community.vikunja.io
-
--->
-
-**Version information:**
-
-Frontend Version:
-API Version: 
-Browser and OS Version:
-
-**Steps to reproduce:**
-
-<!--
-Add clear steps to reproduce the bug. Provide screenshots where applicable.
--->
-
-1. 
-2.
-...
-
-**Expected behavior:**
-
-<!--
-Describe what happened.
--->
-
-
-
-**Actual behavior:**
-
-<!--
-Describe what happened instead.
--->
-
-
-
-**Checklist:**
-
-* [ ] I have provided all required information
-* [ ] I am using the latest release or the latest unstable build
-* [ ] I was able to reproduce the bug on [try](https://try.vikunja.io)

.gitea/issue_template/bug-report.yml

@@ -0,0 +1,58 @@
+name: Bug Report
+description: Found something you weren't expecting? Report it here!
+labels: kind/bug
+body:
+  - type: markdown
+    attributes:
+      value: |
+        NOTE: If your issue is a security concern, please send an email to security@vikunja.io instead of opening a public issue.
+  - type: markdown
+    attributes:
+      value: |
+        Please fill out this issue template to report a bug.
+        
+        1. If you want to propose a new feature, please open a discussion thread in the forum: https://community.vikunja.io
+        2. Please ask questions or configuration/deploy problems on our [Matrix Room](https://matrix.to/#/#vikunja:matrix.org) or forum (https://community.vikunja.io).
+        3. Make sure you are using the latest release and
+           take a moment to check that your issue hasn't been reported before.
+        4. Please give all relevant information below for bug reports, because
+           incomplete details will be handled as an invalid report and closed.
+  - type: textarea
+    id: description
+    attributes:
+      label: Description
+      description: |
+        Please provide a description of your issue here, with a URL if you were able to reproduce the issue (see below).
+  - type: input
+    id: frontend-version
+    attributes:
+      label: Vikunja Frontend Version
+      description: Vikunja frontend version (or commit reference) of your instance
+    validations:
+      required: true
+  - type: input
+    id: api-version
+    attributes:
+      label: Vikunja API Version
+      description: Vikunja API version (or commit reference) of your instance
+    validations:
+      required: true
+  - type: input
+    id: browser-version
+    attributes:
+      label: Browser and version
+      description: If your issue is related to a frontend problem, please provide the browser and version you used to reproduce it.
+  - type: dropdown
+    id: can-reproduce
+    attributes:
+      label: Can you reproduce the bug on the Vikunja demo site?
+      options:
+        - "Yes"
+        - "No"
+    validations:
+      required: true
+  - type: textarea
+    id: screenshots
+    attributes:
+      label: Screenshots
+      description: If this issue involves the Web Interface, please provide one or more screenshots

.gitea/pull_request_template.md

@@ -1,11 +0,0 @@
-# Description
-
-
-
-# Checklist
-
-* [ ] I added or improved tests
-* [ ] I added or improved docs for my feature
-  * [ ] Swagger (including `mage do-the-swag`)
-  * [ ] Error codes
-  * [ ] New config options (including adding them to `config.yml.saml` and running `mage generate-docs`)

.github/ISSUE_TEMPLATE/bug-report.yml

@@ -0,0 +1,58 @@
+name: Bug Report
+description: Found something you weren't expecting? Report it here!
+labels: kind/bug
+body:
+  - type: markdown
+    attributes:
+      value: |
+        NOTE: If your issue is a security concern, please send an email to security@vikunja.io instead of opening a public issue.
+  - type: markdown
+    attributes:
+      value: |
+        Please fill out this issue template to report a bug.
+        
+        1. If you want to propose a new feature, please open a discussion thread in the forum: https://community.vikunja.io
+        2. Please ask questions or configuration/deploy problems on our [Matrix Room](https://matrix.to/#/#vikunja:matrix.org) or forum (https://community.vikunja.io).
+        3. Make sure you are using the latest release and
+           take a moment to check that your issue hasn't been reported before.
+        4. Please give all relevant information below for bug reports, because
+           incomplete details will be handled as an invalid report and closed.
+  - type: textarea
+    id: description
+    attributes:
+      label: Description
+      description: |
+        Please provide a description of your issue here, with a URL if you were able to reproduce the issue (see below).
+  - type: input
+    id: frontend-version
+    attributes:
+      label: Vikunja Frontend Version
+      description: Vikunja frontend version (or commit reference) of your instance
+    validations:
+      required: true
+  - type: input
+    id: api-version
+    attributes:
+      label: Vikunja API Version
+      description: Vikunja API version (or commit reference) of your instance
+    validations:
+      required: true
+  - type: input
+    id: browser-version
+    attributes:
+      label: Browser and version
+      description: If your issue is related to a frontend problem, please provide the browser and version you used to reproduce it.
+  - type: dropdown
+    id: can-reproduce
+    attributes:
+      label: Can you reproduce the bug on the Vikunja demo site?
+      options:
+        - "Yes"
+        - "No"
+    validations:
+      required: true
+  - type: textarea
+    id: screenshots
+    attributes:
+      label: Screenshots
+      description: If this issue involves the Web Interface, please provide one or more screenshots

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,17 @@
+blank_issues_enabled: false
+contact_links:
+  - name: Frontend issues
+    url: https://code.vikunja.io/frontend/issues
+    about: This is the API repo. Please open frontend-related bug reports and discussions in the frontend repo. Not sure if you issue is frontend or api? Ask in Matrix or the forum first.
+  - name: Forum
+    url: https://community.vikunja.io/
+    about: Feature Requests, Questions, configuration or deployment problems should be discussed in the forum.
+  - name: Security-related issues
+    url: https://vikunja.io/contact/#security
+    about: For security concerns, please send a mail to security@vikunja.io instead of opening a public issue.
+  - name: Chat on Matrix
+    url: https://matrix.to/#/#vikunja:matrix.org
+    about: Please ask any quick questions here.
+  - name: Translations
+    url: https://crowdin.com/project/vikunja
+    about: Any problems or requests for new languages about translations should be handled in crowdin.

.gitignore

@@ -4,6 +4,8 @@
 config.yml
 config.yaml
 !docs/config.yml
+!.github/ISSUE_TEMPLATE/config.yml
+!.gitea/ISSUE_TEMPLATE/config.yml
 docs/themes/
 *.db
 Run

CHANGELOG.md

@@ -7,6 +7,46 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 All releases can be found on https://code.vikunja.io/api/releases.
 
+## [0.19.2] - 2022-08-17
+
+### Bug Fixes
+
+* Don't fail a migration if there is no filter saved ([10ded56](10ded56f6697ef47910ec68d37f26ed47cbe9180))
+* Don't override saved filters ([beb4d07](beb4d07cf95fc25f7cc5f7471b46bdab49f95fe0))
+
+## [0.19.1] - 2022-08-17
+
+### Bug Fixes
+
+* Prevent moving a list into a pseudo namespace ([3ccc636](3ccc6365a6892f37ee54b0750a34a61e52f6dba1))
+* Make sure generating blur hashes for bmp, tiff and webp images works ([8bf0f8b](8bf0f8bb571ddff69a7142be1acaa2e4e0c38e3b))
+* Add debian-based docker image for arm 32 builds ([c9e044b](c9e044b3ad60d25e9641d22d84571a7db83a26ac))
+* Only list all users when allowed ([9ddd7f4](9ddd7f48895f508539d591aeebde450a86987024))
+* Lint ([0c8bed4](0c8bed4054649de8510e5a636d1a14b65d52c402))
+
+### Dependencies
+
+* *(deps)* Update golang.org/x/sys digest to 6e608f9 (#1229)
+* *(deps)* Update golang.org/x/sync digest to 886fb93 (#1221)
+* *(deps)* Update golang.org/x/sys digest to 8e32c04 (#1230)
+* *(deps)* Update golang.org/x/term digest to a9ba230 (#1222)
+* *(deps)* Update module github.com/prometheus/client_golang to v1.13.0
+* *(deps)* Update module github.com/prometheus/client_golang to v1.13.0 (#1231)
+* *(deps)* Update golang.org/x/sys digest to 1c4a2a7
+* *(deps)* Update golang.org/x/oauth2 digest to 128564f (#1220)
+* *(deps)* Update golang.org/x/image digest to 062f8c9 (#1219)
+* *(deps)* Update golang.org/x/crypto digest to 630584e (#1218)
+* *(deps)* Update module github.com/labstack/echo/v4 to v4.8.0 (#1233)
+* *(deps)* Update golang.org/x/sys digest to fbc7d0a (#1234)
+* *(deps)* Update module github.com/wneessen/go-mail to v0.2.6 (#1235)
+* *(deps)* Update module github.com/mattn/go-sqlite3 to v1.14.15 (#1238)
+
+### Features
+
+* *(docs)* Add k8s docs* Add openid examples ([dbb0f54](dbb0f5473269fb29c4a484cd233a5b76484c4ca7))
+* Search by assignee username instead of id ([7f28865](7f28865903740d6dde15ee005323fbdee3072166))
+* Add migration to change user ids to usernames in saved filters ([3047ccf](3047ccfd4af8fee55d9ebff49138911ab80cb3d2))
+
 ## [0.19.0] - 2022-08-03
 
 ### Bug Fixes

Dockerfile

@@ -1,7 +1,7 @@
 
 ##############
 # Build stage
-FROM golang:1.18-alpine AS build-env
+FROM golang:1.19-alpine AS build-env
 
 RUN apk --no-cache add build-base git && \
   go install github.com/magefile/mage@latest && \

Dockerfile.arm32

@@ -0,0 +1,48 @@
+
+##############
+# Build stage
+FROM golang:1.19-buster AS build-env
+
+RUN go install github.com/magefile/mage@latest && \
+  mv /go/bin/mage /usr/local/go/bin
+
+ARG VIKUNJA_VERSION
+
+# Setup repo
+COPY . /go/src/code.vikunja.io/api
+WORKDIR /go/src/code.vikunja.io/api
+
+# Checkout version if set
+RUN if [ -n "${VIKUNJA_VERSION}" ]; then git checkout "${VIKUNJA_VERSION}"; fi \
+ && mage build:clean build
+
+###################
+# The actual image
+# Note: I wanted to use the scratch image here, but unfortunatly the go-sqlite bindings require cgo and
+# because of this, the container would not start when I compiled the image without cgo.
+# We're using debian as a base image here because the latest alpine image does not work with arm.
+FROM debian:buster-slim
+LABEL maintainer="maintainers@vikunja.io"
+
+WORKDIR /app/vikunja/
+COPY --from=build-env /go/src/code.vikunja.io/api/vikunja .
+ENV VIKUNJA_SERVICE_ROOTPATH=/app/vikunja/
+
+# Dynamic permission changing stuff
+ENV PUID 1000
+ENV PGID 1000
+RUN addgroup --gid ${PGID} vikunja && \
+  chown ${PUID} -R /app/vikunja && \
+  useradd --shell /bin/sh --gid vikunja --uid ${PUID} --home-dir /app/vikunja vikunja
+COPY run.sh /run.sh
+
+# Fix time zone settings not working
+RUN apt-get update && apt-get install -y tzdata && apt-get clean
+
+# Files permissions
+RUN mkdir /app/vikunja/files && \
+  chown -R vikunja /app/vikunja/files
+VOLUME /app/vikunja/files
+
+CMD ["/run.sh"]
+EXPOSE 3456

README.md

@@ -2,7 +2,7 @@
 
 [![Build Status](https://drone.kolaente.de/api/badges/vikunja/api/status.svg)](https://drone.kolaente.de/vikunja/api)
 [![License: AGPL v3](https://img.shields.io/badge/License-AGPL%20v3-blue.svg)](LICENSE)
-[![Download](https://img.shields.io/badge/download-v0.19.0-brightgreen.svg)](https://dl.vikunja.io)
+[![Download](https://img.shields.io/badge/download-v0.19.2-brightgreen.svg)](https://dl.vikunja.io)
 [![Docker Pulls](https://img.shields.io/docker/pulls/vikunja/api.svg)](https://hub.docker.com/r/vikunja/api/)
 [![Swagger Docs](https://img.shields.io/badge/swagger-docs-brightgreen.svg)](https://try.vikunja.io/api/v1/docs)
 [![Go Report Card](https://goreportcard.com/badge/kolaente.dev/vikunja/api)](https://goreportcard.com/report/kolaente.dev/vikunja/api)
@@ -56,6 +56,10 @@ See [the roadmap](https://my.vikunja.cloud/share/QFyzYEmEYfSyQfTOmIRSwLUpkFjboaB
 
 Fork -> Push -> Pull-Request. Also see the [dev docs](https://vikunja.io/docs/development/) for more info.
 
+## Sponsors
+
+[![Relm](https://vikunja.io/images/sponsors/relm.png)](https://relm.us)
+
 ## License
 
 This project is licensed under the AGPLv3 License. See the [LICENSE](LICENSE) file for the full license text.

config.yml.sample

@@ -127,7 +127,8 @@ mailer:
   enabled: false
   # SMTP Host
   host: ""
-  # SMTP Host port
+  # SMTP Host port.
+  # **NOTE:** If you're unable to send mail and the only error you see in the logs is an `EOF`, try setting the port to `25`.
   port: 587
   # SMTP Auth Type. Can be either `plain`, `login` or `cram-md5`.
   authtype: "plain"
@@ -301,6 +302,8 @@ auth:
     enabled: false
     # The url to redirect clients to. Defaults to the configured frontend url. If you're using Vikunja with the official
     # frontend, you don't need to change this value.
+    # **Note:** The redirect url must exactly match the configured redirect url with the third party provider.
+    # This includes all slashes at the end or protocols.
     redirecturl: <frontend url>
     # A list of enabled providers
     providers:
@@ -321,3 +324,28 @@ metrics:
   username:
   # If set to a non-empty value the /metrics endpoint will require this as a password via basic auth in combination with the username below.
   password:
+
+# Provide default settings for new users. When a new user is created, these settings will automatically be set for the user. If you change them in the config file afterwards they will not be changed back for existing users.
+defaultsettings:
+  # The avatar source for the user. Can be `gravatar`, `initials`, `upload` or `marble`. If you set this to `upload` you'll also need to specify `defaultsettings.avatar_file_id`.
+  avatar_provider: initials
+  # The id of the file used as avatar.
+  avatar_file_id: 0
+  # If set to true users will get task reminders via email.
+  email_reminders_enabled: false
+  # If set to true will allow other users to find this user when searching for parts of their name.
+  discoverable_by_name: false
+  # If set to true will allow other users to find this user when searching for their exact email.
+  discoverable_by_email: false
+  # If set to true will send an email every day with all overdue tasks at a configured time.
+  overdue_tasks_reminders_enabled: true
+  # When to send the overdue task reminder email.
+  overdue_tasks_reminders_time: 9:00
+  # The id of the default list. Make sure users actually have access to this list when setting this value.
+  default_list_id: 0
+  # Start of the week for the user. `0` is sunday, `1` is monday and so on.
+  week_start: 0
+  # The language of the user interface. Must be an ISO 639-1 language code. Will default to the browser language the user uses when signing up.
+  language: <unset>
+  # The time zone of each individual user. This will affect when users get reminders and overdue task emails.
+  timezone: <time zone set at service.timezone>

docker-manifest-unstable.tmpl

@@ -10,3 +10,8 @@ manifests:
     platform:
       architecture: arm64
       os: linux
+  -
+    image: vikunja/api:unstable-linux-arm
+    platform:
+      architecture: arm
+      os: linux

docker-manifest.tmpl

@@ -16,3 +16,8 @@ manifests:
     platform:
       architecture: arm64
       os: linux
+  -
+    image: vikunja/api:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm
+    platform:
+      architecture: arm
+      os: linux

docs/content/doc/development/development.md

@@ -1,5 +1,5 @@
 ---
-date: "2019-02-12:00:00+02:00"
+date: "2022-09-21:00:00+02:00"
 title: "Development"
 toc: true
 draft: false
@@ -36,13 +36,13 @@ Make sure to check the other doc articles for specific development tasks like [t
 ## Frontend requirements
 
 The code for the frontend is located at [code.vikunja.io/frontend](https://code.vikunja.io/frontend).
+More instructions can be found in the repo's README.
 
-You need to have yarn v1 and nodejs in version 16 installed.
+You need to have [pnpm](https://pnpm.io/) and nodejs in version 16 or 18 installed.
 
 ## Git flow
 
-The `main` branch is the latest and bleeding edge branch with all changes. Unstable releases are automatically 
-created from this branch.
+The `main` branch is the latest and bleeding edge branch with all changes. Unstable releases are automatically created from this branch.
 
 A release gets tagged from the main branch with the version name as tag name.
 
@@ -50,7 +50,6 @@ Backports and point-releases should go to a `release/version` branch, based on t
 
 ## Conventional commits
 
-We're using [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/) because they greatly simplify 
-generating release notes.
+We're using [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/) because they greatly simplify generating release notes.
 
 It is not required to use them when creating a PR, but appreciated.

docs/content/doc/development/test.md

@@ -98,12 +98,12 @@ Check out the docs [in the frontend repo](https://kolaente.dev/vikunja/frontend/
 To run the frontend unit tests, run
 
 {{< highlight bash >}}
-yarn test:unit
+pnpm run test:unit
 {{< /highlight >}}
 
 The frontend also has a watcher available that re-runs all unit tests every time you change something.
 To use it, simply run
 
 {{< highlight bash >}}
-yarn test:unit-watch
+pnpm run test:unit-watch
 {{< /highlight >}}

docs/content/doc/setup/build-from-source.md

@@ -1,5 +1,5 @@
 ---
-date: "2019-02-12:00:00+02:00"
+date: "2022-09-21:00:00+02:00"
 title: "Build from sources"
 draft: false
 type: "doc"
@@ -16,13 +16,13 @@ To completely build Vikunja from source, you need to build the api and frontend.
 
 ## API
 
-The Vikunja API has no other dependencies than go itself. 
+The Vikunja API has no other dependencies than go itself.
 That means compiling it boils down to these steps:
 
 1. Make sure [Go](https://golang.org/doc/install) is properly installed on your system. You'll need at least Go `1.17`.
 2. Make sure [Mage](https://magefile.org) is properly installed on your system.
 3. Clone the repo with `git clone https://code.vikunja.io/api` and switch into the directory.
-3. Run `mage build:build` in the source of this repo. This will build a binary in the root of the repo which will be able to run on your system.
+4. Run `mage build:build` in the source of this repo. This will build a binary in the root of the repo which will be able to run on your system.
 
 *Note:* Static ressources such as email templates are built into the binary.
 For these to work, you may need to run `mage build:generate` before building the vikunja binary.
@@ -38,9 +38,7 @@ More options are available, please refer to the [magefile docs]({{< ref "../deve
 
 The code for the frontend is located at [code.vikunja.io/frontend](https://code.vikunja.io/frontend).
 
-You need to have yarn v1 and nodejs in version 16 installed.
-
-1. Make sure [yarn v1](https://yarnpkg.com/getting-started/install) is properly installed on your system.
-3. Clone the repo with `git clone https://code.vikunja.io/frontend` and switch into the directory.
-3. Install all dependencies with `yarn install`
-4. Build the frontend with `yarn build`. This will result in a js bundle in the `dist/` folder which you can deploy.
+1. Make sure you have [pnpm](https://pnpm.io/installation) properly installed on your system.
+2. Clone the repo with `git clone https://code.vikunja.io/frontend` and switch into the directory.
+3. Install all dependencies with `pnpm install`
+4. Build the frontend with `pnpm run build`. This will result in a static js bundle in the `dist/` folder which you can deploy.

docs/content/doc/setup/config.md

@@ -657,7 +657,8 @@ Environment path: `VIKUNJA_MAILER_HOST`
 
 ### port
 
-SMTP Host port
+SMTP Host port.
+**NOTE:** If you're unable to send mail and the only error you see in the logs is an `EOF`, try setting the port to `25`.
 
 Default: `587`
 
@@ -1173,3 +1174,132 @@ Full path: `metrics.password`
 Environment path: `VIKUNJA_METRICS_PASSWORD`
 
 
+---
+
+## defaultsettings
+
+Provide default settings for new users. When a new user is created, these settings will automatically be set for the user. If you change them in the config file afterwards they will not be changed back for existing users.
+
+
+
+### avatar_provider
+
+The avatar source for the user. Can be `gravatar`, `initials`, `upload` or `marble`. If you set this to `upload` you'll also need to specify `defaultsettings.avatar_file_id`.
+
+Default: `initials`
+
+Full path: `defaultsettings.avatar_provider`
+
+Environment path: `VIKUNJA_DEFAULTSETTINGS_AVATAR_PROVIDER`
+
+
+### avatar_file_id
+
+The id of the file used as avatar.
+
+Default: `0`
+
+Full path: `defaultsettings.avatar_file_id`
+
+Environment path: `VIKUNJA_DEFAULTSETTINGS_AVATAR_FILE_ID`
+
+
+### email_reminders_enabled
+
+If set to true users will get task reminders via email.
+
+Default: `false`
+
+Full path: `defaultsettings.email_reminders_enabled`
+
+Environment path: `VIKUNJA_DEFAULTSETTINGS_EMAIL_REMINDERS_ENABLED`
+
+
+### discoverable_by_name
+
+If set to true will allow other users to find this user when searching for parts of their name.
+
+Default: `false`
+
+Full path: `defaultsettings.discoverable_by_name`
+
+Environment path: `VIKUNJA_DEFAULTSETTINGS_DISCOVERABLE_BY_NAME`
+
+
+### discoverable_by_email
+
+If set to true will allow other users to find this user when searching for their exact email.
+
+Default: `false`
+
+Full path: `defaultsettings.discoverable_by_email`
+
+Environment path: `VIKUNJA_DEFAULTSETTINGS_DISCOVERABLE_BY_EMAIL`
+
+
+### overdue_tasks_reminders_enabled
+
+If set to true will send an email every day with all overdue tasks at a configured time.
+
+Default: `true`
+
+Full path: `defaultsettings.overdue_tasks_reminders_enabled`
+
+Environment path: `VIKUNJA_DEFAULTSETTINGS_OVERDUE_TASKS_REMINDERS_ENABLED`
+
+
+### overdue_tasks_reminders_time
+
+When to send the overdue task reminder email.
+
+Default: `9:00`
+
+Full path: `defaultsettings.overdue_tasks_reminders_time`
+
+Environment path: `VIKUNJA_DEFAULTSETTINGS_OVERDUE_TASKS_REMINDERS_TIME`
+
+
+### default_list_id
+
+The id of the default list. Make sure users actually have access to this list when setting this value.
+
+Default: `0`
+
+Full path: `defaultsettings.default_list_id`
+
+Environment path: `VIKUNJA_DEFAULTSETTINGS_DEFAULT_LIST_ID`
+
+
+### week_start
+
+Start of the week for the user. `0` is sunday, `1` is monday and so on.
+
+Default: `0`
+
+Full path: `defaultsettings.week_start`
+
+Environment path: `VIKUNJA_DEFAULTSETTINGS_WEEK_START`
+
+
+### language
+
+The language of the user interface. Must be an ISO 639-1 language code. Will default to the browser language the user uses when signing up.
+
+Default: `<unset>`
+
+Full path: `defaultsettings.language`
+
+Environment path: `VIKUNJA_DEFAULTSETTINGS_LANGUAGE`
+
+
+### timezone
+
+The time zone of each individual user. This will affect when users get reminders and overdue task emails.
+
+Default: `<time zone set at service.timezone>`
+
+Full path: `defaultsettings.timezone`
+
+Environment path: `VIKUNJA_DEFAULTSETTINGS_TIMEZONE`
+
+

docs/content/doc/setup/k8s.md

@@ -0,0 +1,15 @@
+---
+title: "Hosting Vikunja with k8s"
+date: 2022-08-12T13:41:48+02:00
+draft: false
+type: "doc"
+menu:
+  sidebar:
+    parent: "setup"
+---
+
+There are two third-party Helm-Charts which can be used to host Vikunja with k8s:
+
+* [Truecharts](https://truecharts.org/docs/charts/stable/vikunja/)
+* [k8s at Home](https://github.com/k8s-at-home/charts)
+

docs/content/doc/setup/openid-examples.md

@@ -0,0 +1,45 @@
+---
+date: "2022-08-09:00:00+02:00"
+title: "OpenID example configurations"
+draft: false
+type: "doc"
+menu:
+  sidebar:
+    parent: "setup"
+---
+
+# OpenID example configurations
+
+On this page you will find examples about how to set up Vikunja with a third-party OpenID provider.
+To add another example, please [edit this document](https://kolaente.dev/vikunja/api/src/branch/main/docs/content/doc/setup/openid-examples.md) and send a PR.
+
+{{< table_of_contents >}}
+
+## Authelia
+
+Vikunja Config:
+
+```yaml
+openid:
+    enabled: true
+    redirecturl: https://vikunja.mydomain.com/auth/openid/  <---- slash at the end is important
+    providers:
+      - name: Authelia
+        authurl: https://login.mydomain.com
+        clientid: <vikunja-id>
+        clientsecret: <vikunja secret>
+```
+
+Authelia config:
+
+```yaml
+- id: <vikunja-id>
+description: Vikunja
+secret: <vikunja secret>
+redirect_uris:
+  - https://vikunja.mydomain.com/auth/openid/authelia
+scopes:
+  - openid
+  - email
+  - profile
+```

docs/content/doc/setup/subdirectory.md

@@ -0,0 +1,39 @@
+---
+title: "Running Vikunja in a subdirectory"
+date: 2022-09-23T12:15:04+02:00
+draft: false
+menu:
+  sidebar:
+    parent: "setup"
+---
+
+# Running Vikunja in a subdirectory
+
+Running Vikunja in a subdirectory is not supported out of the box.
+However, you can still run it in a subdirectory but need to build the frontend yourself.
+
+## Frontend
+
+First, make sure you're able to build the frontend from source.
+Check [the guide about building from source]({{< ref "build-from-source.md">}}#frontend) about that.
+
+Then, run 
+
+```
+pnpm vite build --base=/SUBPATH
+pnpm workbox copyLibraries dist/
+```
+
+Where `SUBPATH` is the subdirectory you want to run Vikunja on.
+
+Once you have the build files you can deploy them as usual.
+Note that when deploying in docker you'll need to put the files in a web container yourself, you 
+can't use the `Dockerfile` in the repo without modifications.
+
+## API
+
+If you're not using a reverse proxy you're good to go.
+Simply configure the api url in the frontend as you normally would.
+
+If you're using a reverse proxy you'll need to adjust the paths so that the api is available at `/SUBPATH/api/v1`.
+You can check if everything is working correctly by opening `/SUBPATH/api/v1/info` in a browser.

docs/content/doc/usage/errors.md

@@ -4,8 +4,8 @@ title: "Errors"
 draft: false
 type: "doc"
 menu:
-  sidebar:
-    parent: "usage"
+sidebar:
+parent: "usage"
 ---
 
 # Errors
@@ -52,14 +52,16 @@ This document describes the different errors Vikunja can return.
 
 ## List
 
-| ErrorCode | HTTP Status Code | Description |
-|-----------|------------------|-------------|
-| 3001 | 404 | The list does not exist. |
-| 3004 | 403 | The user needs to have read permissions on that list to perform that action. |
-| 3005 | 400 | The list title cannot be empty. |
-| 3006 | 404 | The list share does not exist. |
-| 3007 | 400 | A list with this identifier already exists. |
-| 3008 | 412 | The list is archived and can therefore only be accessed read only. This is also true for all tasks associated with this list. |
+| ErrorCode | HTTP Status Code | Description                                                                                                                   |
+|-----------|------------------|-------------------------------------------------------------------------------------------------------------------------------|
+| 3001      | 404 | The list does not exist.                                                                                                      |
+| 3004      | 403 | The user needs to have read permissions on that list to perform that action.                                                  |
+| 3005      | 400 | The list title cannot be empty.                                                                                               |
+| 3006      | 404 | The list share does not exist.                                                                                                |
+| 3007      | 400 | A list with this identifier already exists.                                                                                   |
+| 3008      | 412 | The list is archived and can therefore only be accessed read only. This is also true for all tasks associated with this list. |
+| 3009      | 412 | The list cannot belong to a dynamically generated namespace like "Favorites".                                                 |
+| 3010      | 412 | The list must belong to a namespace.                                                                                          |
 
 ## Task
 
@@ -80,10 +82,12 @@ This document describes the different errors Vikunja can return.
 | 4013 | 400 | The task sort param is invalid. |
 | 4014 | 400 | The task sort order is invalid. |
 | 4015 | 404 | The task comment does not exist. |
-| 4016 | 403 | Invalid task field. |
-| 4017 | 403 | Invalid task filter comparator. |
-| 4018 | 403 | Invalid task filter concatinator. |
-| 4019 | 403 | Invalid task filter value. |
+| 4016 | 400 | Invalid task field. |
+| 4017 | 400 | Invalid task filter comparator. |
+| 4018 | 400 | Invalid task filter concatinator. |
+| 4019 | 400 | Invalid task filter value. |
+| 4020 | 400 | The provided attachment does not belong to that task. |
+| 4021 | 400 | This user is already assigned to that task. |
 
 ## Namespace
 

go.mod

@@ -25,13 +25,13 @@ require (
 	github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef
 	github.com/bbrks/go-blurhash v1.1.1
 	github.com/c2h5oh/datasize v0.0.0-20220606134207-859f65c6625b
-	github.com/coreos/go-oidc/v3 v3.2.0
+	github.com/coreos/go-oidc/v3 v3.4.0
 	github.com/cweill/gotests v1.6.0
 	github.com/d4l3k/messagediff v1.2.1
 	github.com/disintegration/imaging v1.6.2
 	github.com/dustinkirkland/golang-petname v0.0.0-20191129215211-8e5a1ed0cff0
 	github.com/gabriel-vasile/mimetype v1.4.1
-	github.com/getsentry/sentry-go v0.13.0
+	github.com/getsentry/sentry-go v0.14.0
 	github.com/go-redis/redis/v8 v8.11.5
 	github.com/go-sql-driver/mysql v1.6.0
 	github.com/go-testfixtures/testfixtures/v3 v3.8.1
@@ -41,40 +41,39 @@ require (
 	github.com/iancoleman/strcase v0.2.0
 	github.com/imdario/mergo v0.3.13
 	github.com/jinzhu/copier v0.3.5
-	github.com/labstack/echo/v4 v4.7.2
-	github.com/labstack/gommon v0.3.1
-	github.com/lib/pq v1.10.6
-	github.com/magefile/mage v1.13.0
-	github.com/mattn/go-sqlite3 v1.14.14
+	github.com/labstack/echo/v4 v4.9.0
+	github.com/labstack/gommon v0.4.0
+	github.com/lib/pq v1.10.7
+	github.com/magefile/mage v1.14.0
+	github.com/mattn/go-sqlite3 v1.14.15
 	github.com/olekukonko/tablewriter v0.0.5
 	github.com/op/go-logging v0.0.0-20160315200505-970db520ece7
 	github.com/pquerna/otp v1.3.0
-	github.com/prometheus/client_golang v1.12.2
+	github.com/prometheus/client_golang v1.13.0
 	github.com/robfig/cron/v3 v3.0.1
 	github.com/samedi/caldav-go v3.0.0+incompatible
 	github.com/spf13/afero v1.9.2
-	github.com/spf13/cobra v1.5.0
-	github.com/spf13/viper v1.12.0
+	github.com/spf13/cobra v1.6.0
+	github.com/spf13/viper v1.13.0
 	github.com/stretchr/testify v1.8.0
-	github.com/swaggo/swag v1.8.4
+	github.com/swaggo/swag v1.8.6
 	github.com/tkuchiki/go-timezone v0.2.2
 	github.com/ulule/limiter/v3 v3.10.0
 	github.com/vectordotdev/go-datemath v0.1.1-0.20211214182920-0a4ac8742b93
-	github.com/wneessen/go-mail v0.2.5
-	github.com/yuin/goldmark v1.4.13
-	golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d
-	golang.org/x/image v0.0.0-20220617043117-41969df76e82
-	golang.org/x/oauth2 v0.0.0-20220718184931-c8730f7fcb92
-	golang.org/x/sync v0.0.0-20220601150217-0de741cfad7f
-	golang.org/x/sys v0.0.0-20220731174439-a90be440212d
-	golang.org/x/term v0.0.0-20220526004731-065cf7ba2467
+	github.com/wneessen/go-mail v0.3.0
+	github.com/yuin/goldmark v1.5.2
+	golang.org/x/crypto v0.0.0-20221010152910-d6f0a8c073c2
+	golang.org/x/image v0.0.0-20220902085622-e7cb96979f69
+	golang.org/x/oauth2 v0.0.0-20221006150949-b44042a4b9c1
+	golang.org/x/sync v0.0.0-20220929204114-8fcdb60fdcc0
+	golang.org/x/sys v0.0.0-20221010170243-090e33056c14
+	golang.org/x/term v0.0.0-20220919170432-7a66f970e087
 	gopkg.in/d4l3k/messagediff.v1 v1.2.1
 	gopkg.in/yaml.v3 v3.0.1
-	src.techknowlogick.com/xgo v1.4.1-0.20210311222705-d25c33fcd864
-	src.techknowlogick.com/xormigrate v1.4.0
-	xorm.io/builder v0.3.9
-	xorm.io/core v0.7.3
-	xorm.io/xorm v1.1.2
+	src.techknowlogick.com/xgo v1.5.1-0.20220906164532-735bfdfb90d9
+	src.techknowlogick.com/xormigrate v1.5.0
+	xorm.io/builder v0.3.12
+	xorm.io/xorm v1.3.2
 )
 
 require (
@@ -93,26 +92,27 @@ require (
 	github.com/garyburd/redigo v1.6.0 // indirect
 	github.com/ghodss/yaml v1.0.0 // indirect
 	github.com/go-chi/chi v4.0.2+incompatible // indirect
-	github.com/go-errors/errors v1.1.1 // indirect
+	github.com/go-errors/errors v1.4.2 // indirect
 	github.com/go-openapi/jsonpointer v0.19.5 // indirect
 	github.com/go-openapi/jsonreference v0.19.6 // indirect
 	github.com/go-openapi/spec v0.20.4 // indirect
 	github.com/go-openapi/swag v0.19.15 // indirect
+	github.com/goccy/go-json v0.9.11 // indirect
 	github.com/golang-jwt/jwt v3.2.2+incompatible // indirect
 	github.com/golang/protobuf v1.5.2 // indirect
 	github.com/golang/snappy v0.0.4 // indirect
 	github.com/hashicorp/errwrap v1.0.0 // indirect
 	github.com/hashicorp/go-multierror v1.1.0 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect
-	github.com/inconshreveable/mousetrap v1.0.0 // indirect
+	github.com/inconshreveable/mousetrap v1.0.1 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/laurent22/ical-go v0.1.1-0.20181107184520-7e5d6ade8eef // indirect
 	github.com/lithammer/shortuuid/v3 v3.0.4 // indirect
 	github.com/magiconair/properties v1.8.6 // indirect
-	github.com/mailru/easyjson v0.7.6 // indirect
-	github.com/mattn/go-colorable v0.1.12 // indirect
-	github.com/mattn/go-isatty v0.0.14 // indirect
+	github.com/mailru/easyjson v0.7.7 // indirect
+	github.com/mattn/go-colorable v0.1.13 // indirect
+	github.com/mattn/go-isatty v0.0.16 // indirect
 	github.com/mattn/go-runewidth v0.0.9 // indirect
 	github.com/matttproud/golang_protobuf_extensions v1.0.1 // indirect
 	github.com/mitchellh/mapstructure v1.5.0 // indirect
@@ -120,31 +120,31 @@ require (
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/oklog/ulid v1.3.1 // indirect
 	github.com/pelletier/go-toml v1.9.5 // indirect
-	github.com/pelletier/go-toml/v2 v2.0.1 // indirect
+	github.com/pelletier/go-toml/v2 v2.0.5 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/prometheus/client_model v0.2.0 // indirect
-	github.com/prometheus/common v0.32.1 // indirect
-	github.com/prometheus/procfs v0.7.3 // indirect
+	github.com/prometheus/common v0.37.0 // indirect
+	github.com/prometheus/procfs v0.8.0 // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
 	github.com/spf13/cast v1.5.0 // indirect
 	github.com/spf13/jwalterweatherman v1.1.0 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
-	github.com/subosito/gotenv v1.3.0 // indirect
+	github.com/subosito/gotenv v1.4.1 // indirect
 	github.com/syndtr/goleveldb v1.0.0 // indirect
 	github.com/urfave/cli/v2 v2.3.0 // indirect
 	github.com/valyala/bytebufferpool v1.0.0 // indirect
 	github.com/valyala/fasttemplate v1.2.1 // indirect
 	golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3 // indirect
-	golang.org/x/net v0.0.0-20220624214902-1bab6f366d9e // indirect
+	golang.org/x/net v0.0.0-20221002022538-bcab6841153b // indirect
 	golang.org/x/text v0.3.7 // indirect
-	golang.org/x/time v0.0.0-20220609170525-579cf78fd858 // indirect
+	golang.org/x/time v0.0.0-20220922220347-f3bd1da661af // indirect
 	golang.org/x/tools v0.1.10 // indirect
-	golang.org/x/xerrors v0.0.0-20220517211312-f3a8303e98df // indirect
+	golang.org/x/xerrors v0.0.0-20220609144429-65e65417b02f // indirect
 	google.golang.org/appengine v1.6.7 // indirect
-	google.golang.org/protobuf v1.28.0 // indirect
-	gopkg.in/ini.v1 v1.66.4 // indirect
-	gopkg.in/square/go-jose.v2 v2.5.1 // indirect
+	google.golang.org/protobuf v1.28.1 // indirect
+	gopkg.in/ini.v1 v1.67.0 // indirect
+	gopkg.in/square/go-jose.v2 v2.6.0 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 )
 

magefile.go

@@ -27,7 +27,6 @@ import (
 	"fmt"
 	"github.com/iancoleman/strcase"
 	"io"
-	"io/ioutil"
 	"os"
 	"os/exec"
 	"path/filepath"
@@ -559,7 +558,9 @@ func (Release) Compress(ctx context.Context) error {
 			return nil
 		}
 		// No mips or s390x for you today
-		if strings.Contains(info.Name(), "mips") || strings.Contains(info.Name(), "s390x") {
+		if strings.Contains(info.Name(), "mips") ||
+			strings.Contains(info.Name(), "s390x") ||
+			strings.Contains(info.Name(), "riscv64") { // not supported by upx
 			return nil
 		}
 
@@ -663,7 +664,7 @@ func (Release) Zip() error {
 
 		fmt.Printf("Zipping %s...\n", info.Name())
 
-		c := exec.Command("zip", "-r", RootPath+"/"+DIST+"/zip/"+info.Name(), ".", "-i", "*")
+		c := exec.Command("zip", "-r", RootPath+"/"+DIST+"/zip/"+info.Name()+".zip", ".", "-i", "*")
 		c.Dir = path
 		out, err := c.Output()
 		fmt.Print(string(out))
@@ -699,14 +700,14 @@ func (Release) Packages() error {
 
 	// Because nfpm does not  support templating, we replace the values in the config file and restore it after running
 	nfpmConfigPath := RootPath + "/nfpm.yaml"
-	nfpmconfig, err := ioutil.ReadFile(nfpmConfigPath)
+	nfpmconfig, err := os.ReadFile(nfpmConfigPath)
 	if err != nil {
 		return err
 	}
 
 	fixedConfig := strings.ReplaceAll(string(nfpmconfig), "<version>", VersionNumber)
 	fixedConfig = strings.ReplaceAll(fixedConfig, "<binlocation>", BinLocation)
-	if err := ioutil.WriteFile(nfpmConfigPath, []byte(fixedConfig), 0); err != nil {
+	if err := os.WriteFile(nfpmConfigPath, []byte(fixedConfig), 0); err != nil {
 		return err
 	}
 
@@ -719,7 +720,7 @@ func (Release) Packages() error {
 	runAndStreamOutput(binpath, "pkg", "--packager", "rpm", "--target", releasePath)
 	runAndStreamOutput(binpath, "pkg", "--packager", "apk", "--target", releasePath)
 
-	return ioutil.WriteFile(nfpmConfigPath, nfpmconfig, 0)
+	return os.WriteFile(nfpmConfigPath, nfpmconfig, 0)
 }
 
 type Dev mg.Namespace
@@ -883,7 +884,7 @@ func (s *` + name + `) Handle(msg *message.Message) (err error) {
 	if _, err := f.Seek(idx, 0); err != nil {
 		return err
 	}
-	remainder, err := ioutil.ReadAll(f)
+	remainder, err := io.ReadAll(f)
 	if err != nil {
 		return err
 	}
@@ -1072,7 +1073,7 @@ const (
 // Generates the config docs from a commented config.yml.sample file in the repo root.
 func GenerateDocs() error {
 
-	config, err := ioutil.ReadFile("config.yml.sample")
+	config, err := os.ReadFile("config.yml.sample")
 	if err != nil {
 		return err
 	}
@@ -1122,7 +1123,7 @@ func GenerateDocs() error {
 
 	// We write the full file to prevent old content leftovers at the end
 	// I know, there are probably better ways to do this.
-	if err := ioutil.WriteFile(configDocPath, []byte(fullConfig), 0); err != nil {
+	if err := os.WriteFile(configDocPath, []byte(fullConfig), 0); err != nil {
 		return err
 	}
 

pkg/caldav/caldav.go

@@ -181,6 +181,10 @@ SUMMARY:` + t.Summary + getCaldavColor(t.Color)
 		if t.Start.Unix() > 0 {
 			caldavtodos += `
 DTSTART:` + makeCalDavTimeFromTimeStamp(t.Start)
+			if t.Duration != 0 && t.DueDate.Unix() == 0 {
+				caldavtodos += `
+DURATION:PT` + formatDuration(t.Duration)
+			}
 		}
 		if t.End.Unix() > 0 {
 			caldavtodos += `
@@ -217,11 +221,6 @@ DUE:` + makeCalDavTimeFromTimeStamp(t.DueDate)
 CREATED:` + makeCalDavTimeFromTimeStamp(t.Created)
 		}
 
-		if t.Duration != 0 {
-			caldavtodos += `
-DURATION:PT` + formatDuration(t.Duration)
-		}
-
 		if t.Priority != 0 {
 			caldavtodos += `
 PRIORITY:` + strconv.Itoa(mapPriorityToCaldav(t.Priority))

pkg/config/config.go

@@ -161,6 +161,18 @@ const (
 	MetricsEnabled  Key = `metrics.enabled`
 	MetricsUsername Key = `metrics.username`
 	MetricsPassword Key = `metrics.password`
+
+	DefaultSettingsAvatarProvider              Key = `defaultsettings.avatar_provider`
+	DefaultSettingsAvatarFileID                Key = `defaultsettings.avatar_file_id`
+	DefaultSettingsEmailRemindersEnabled       Key = `defaultsettings.email_reminders_enabled`
+	DefaultSettingsDiscoverableByName          Key = `defaultsettings.discoverable_by_name`
+	DefaultSettingsDiscoverableByEmail         Key = `defaultsettings.discoverable_by_email`
+	DefaultSettingsOverdueTaskRemindersEnabled Key = `defaultsettings.overdue_tasks_reminders_enabled`
+	DefaultSettingsDefaultListID               Key = `defaultsettings.default_list_id`
+	DefaultSettingsWeekStart                   Key = `defaultsettings.week_start`
+	DefaultSettingsLanguage                    Key = `defaultsettings.language`
+	DefaultSettingsTimezone                    Key = `defaultsettings.timezone`
+	DefaultSettingsOverdueTaskRemindersTime    Key = `defaultsettings.overdue_tasks_reminders_time`
 )
 
 // GetString returns a string config value
@@ -371,6 +383,10 @@ func InitDefaultConfig() {
 	KeyvalueType.setDefault("memory")
 	// Metrics
 	MetricsEnabled.setDefault(false)
+	// Settings
+	DefaultSettingsAvatarProvider.setDefault("initials")
+	DefaultSettingsOverdueTaskRemindersEnabled.setDefault(true)
+	DefaultSettingsOverdueTaskRemindersTime.setDefault("9:00")
 }
 
 // InitConfig initializes the config, sets defaults etc.
@@ -438,6 +454,10 @@ func InitConfig() {
 		MigrationMicrosoftTodoRedirectURL.Set(ServiceFrontendurl.GetString() + "migrate/microsoft-todo")
 	}
 
+	if DefaultSettingsTimezone.GetString() == "" {
+		DefaultSettingsTimezone.Set(ServiceTimeZone.GetString())
+	}
+
 	if ServiceEnableMetrics.GetBool() {
 		log.Println("WARNING: service.enablemetrics is deprecated and will be removed in a future release. Please use metrics.enable.")
 		MetricsEnabled.Set(true)

pkg/db/db.go

@@ -27,9 +27,9 @@ import (
 	"code.vikunja.io/api/pkg/config"
 	"code.vikunja.io/api/pkg/log"
 	xrc "gitea.com/xorm/xorm-redis-cache"
-	"xorm.io/core"
 	"xorm.io/xorm"
 	"xorm.io/xorm/caches"
+	"xorm.io/xorm/names"
 	"xorm.io/xorm/schemas"
 
 	_ "github.com/go-sql-driver/mysql" // Because.
@@ -80,7 +80,7 @@ func CreateDBEngine() (engine *xorm.Engine, err error) {
 		log.Fatalf("Error parsing time zone: %s", err)
 	}
 	engine.SetTZDatabase(loc)
-	engine.SetMapper(core.GonicMapper{})
+	engine.SetMapper(names.GonicMapper{})
 	logger := log.NewXormLogger("")
 	engine.SetLogger(logger)
 
@@ -149,11 +149,12 @@ func parsePostgreSQLHostPort(info string) (string, string) {
 
 func initPostgresEngine() (engine *xorm.Engine, err error) {
 	host, port := parsePostgreSQLHostPort(config.DatabaseHost.GetString())
-	connStr := fmt.Sprintf("host=%s port=%s user=%s password=%s dbname=%s sslmode=%s sslcert=%s sslkey=%s sslrootcert=%s",
-		host,
-		port,
+	// postgresql://username:password@host:port/dbname[?paramspec]
+	connStr := fmt.Sprintf("postgres://%s:%s@%s:%s/%s?sslmode=%s&sslcert=%s&sslkey=%s&sslrootcert=%s",
 		config.DatabaseUser.GetString(),
 		config.DatabasePassword.GetString(),
+		host,
+		port,
 		config.DatabaseDatabase.GetString(),
 		config.DatabaseSslMode.GetString(),
 		config.DatabaseSslCert.GetString(),

pkg/db/test.go

@@ -23,9 +23,10 @@ import (
 
 	"code.vikunja.io/api/pkg/config"
 	"code.vikunja.io/api/pkg/log"
+
 	"github.com/stretchr/testify/assert"
-	"xorm.io/core"
 	"xorm.io/xorm"
+	"xorm.io/xorm/names"
 )
 
 // CreateTestEngine creates an instance of the db engine which lives in memory
@@ -48,7 +49,7 @@ func CreateTestEngine() (engine *xorm.Engine, err error) {
 		}
 	}
 
-	engine.SetMapper(core.GonicMapper{})
+	engine.SetMapper(names.GonicMapper{})
 	logger := log.NewXormLogger("DEBUG")
 	logger.ShowSQL(os.Getenv("UNIT_TESTS_VERBOSE") == "1")
 	engine.SetLogger(logger)

pkg/integrations/archived_test.go

@@ -227,7 +227,7 @@ func TestArchived(t *testing.T) {
 				assertHandlerErrorCode(t, err, models.ErrCodeListIsArchived)
 			})
 			t.Run("unarchivable", func(t *testing.T) {
-				rec, err := testListHandler.testUpdateWithUser(nil, map[string]string{"list": "22"}, `{"title":"LoremIpsum","is_archived":false}`)
+				rec, err := testListHandler.testUpdateWithUser(nil, map[string]string{"list": "22"}, `{"title":"LoremIpsum","is_archived":false,"namespace_id":1}`)
 				assert.NoError(t, err)
 				assert.Contains(t, rec.Body.String(), `"is_archived":false`)
 			})

pkg/integrations/link_sharing_test.go

@@ -232,12 +232,12 @@ func TestLinkSharing(t *testing.T) {
 					assert.Contains(t, err.(*echo.HTTPError).Message, `Forbidden`)
 				})
 				t.Run("Shared write", func(t *testing.T) {
-					rec, err := testHandlerListWrite.testUpdateWithLinkShare(nil, map[string]string{"list": "2"}, `{"title":"TestLoremIpsum"}`)
+					rec, err := testHandlerListWrite.testUpdateWithLinkShare(nil, map[string]string{"list": "2"}, `{"title":"TestLoremIpsum","namespace_id":1}`)
 					assert.NoError(t, err)
 					assert.Contains(t, rec.Body.String(), `"title":"TestLoremIpsum"`)
 				})
 				t.Run("Shared admin", func(t *testing.T) {
-					rec, err := testHandlerListAdmin.testUpdateWithLinkShare(nil, map[string]string{"list": "3"}, `{"title":"TestLoremIpsum"}`)
+					rec, err := testHandlerListAdmin.testUpdateWithLinkShare(nil, map[string]string{"list": "3"}, `{"title":"TestLoremIpsum","namespace_id":2}`)
 					assert.NoError(t, err)
 					assert.Contains(t, rec.Body.String(), `"title":"TestLoremIpsum"`)
 				})

pkg/integrations/list_test.go

@@ -171,7 +171,7 @@ func TestList(t *testing.T) {
 	t.Run("Update", func(t *testing.T) {
 		t.Run("Normal", func(t *testing.T) {
 			// Check the list was loaded successfully afterwards, see testReadOneWithUser
-			rec, err := testHandler.testUpdateWithUser(nil, map[string]string{"list": "1"}, `{"title":"TestLoremIpsum"}`)
+			rec, err := testHandler.testUpdateWithUser(nil, map[string]string{"list": "1"}, `{"title":"TestLoremIpsum","namespace_id":1}`)
 			assert.NoError(t, err)
 			assert.Contains(t, rec.Body.String(), `"title":"TestLoremIpsum"`)
 			// The description should not be updated but returned correctly
@@ -183,7 +183,7 @@ func TestList(t *testing.T) {
 			assertHandlerErrorCode(t, err, models.ErrCodeListDoesNotExist)
 		})
 		t.Run("Normal with updating the description", func(t *testing.T) {
-			rec, err := testHandler.testUpdateWithUser(nil, map[string]string{"list": "1"}, `{"title":"TestLoremIpsum","description":"Lorem Ipsum dolor sit amet"}`)
+			rec, err := testHandler.testUpdateWithUser(nil, map[string]string{"list": "1"}, `{"title":"TestLoremIpsum","description":"Lorem Ipsum dolor sit amet","namespace_id":1}`)
 			assert.NoError(t, err)
 			assert.Contains(t, rec.Body.String(), `"title":"TestLoremIpsum"`)
 			assert.Contains(t, rec.Body.String(), `"description":"Lorem Ipsum dolor sit amet`)
@@ -211,12 +211,12 @@ func TestList(t *testing.T) {
 				assert.Contains(t, err.(*echo.HTTPError).Message, `Forbidden`)
 			})
 			t.Run("Shared Via Team write", func(t *testing.T) {
-				rec, err := testHandler.testUpdateWithUser(nil, map[string]string{"list": "7"}, `{"title":"TestLoremIpsum"}`)
+				rec, err := testHandler.testUpdateWithUser(nil, map[string]string{"list": "7"}, `{"title":"TestLoremIpsum","namespace_id":6}`)
 				assert.NoError(t, err)
 				assert.Contains(t, rec.Body.String(), `"title":"TestLoremIpsum"`)
 			})
 			t.Run("Shared Via Team admin", func(t *testing.T) {
-				rec, err := testHandler.testUpdateWithUser(nil, map[string]string{"list": "8"}, `{"title":"TestLoremIpsum"}`)
+				rec, err := testHandler.testUpdateWithUser(nil, map[string]string{"list": "8"}, `{"title":"TestLoremIpsum","namespace_id":6}`)
 				assert.NoError(t, err)
 				assert.Contains(t, rec.Body.String(), `"title":"TestLoremIpsum"`)
 			})
@@ -227,12 +227,12 @@ func TestList(t *testing.T) {
 				assert.Contains(t, err.(*echo.HTTPError).Message, `Forbidden`)
 			})
 			t.Run("Shared Via User write", func(t *testing.T) {
-				rec, err := testHandler.testUpdateWithUser(nil, map[string]string{"list": "10"}, `{"title":"TestLoremIpsum"}`)
+				rec, err := testHandler.testUpdateWithUser(nil, map[string]string{"list": "10"}, `{"title":"TestLoremIpsum","namespace_id":6}`)
 				assert.NoError(t, err)
 				assert.Contains(t, rec.Body.String(), `"title":"TestLoremIpsum"`)
 			})
 			t.Run("Shared Via User admin", func(t *testing.T) {
-				rec, err := testHandler.testUpdateWithUser(nil, map[string]string{"list": "11"}, `{"title":"TestLoremIpsum"}`)
+				rec, err := testHandler.testUpdateWithUser(nil, map[string]string{"list": "11"}, `{"title":"TestLoremIpsum","namespace_id":6}`)
 				assert.NoError(t, err)
 				assert.Contains(t, rec.Body.String(), `"title":"TestLoremIpsum"`)
 			})
@@ -243,12 +243,12 @@ func TestList(t *testing.T) {
 				assert.Contains(t, err.(*echo.HTTPError).Message, `Forbidden`)
 			})
 			t.Run("Shared Via NamespaceTeam write", func(t *testing.T) {
-				rec, err := testHandler.testUpdateWithUser(nil, map[string]string{"list": "13"}, `{"title":"TestLoremIpsum"}`)
+				rec, err := testHandler.testUpdateWithUser(nil, map[string]string{"list": "13"}, `{"title":"TestLoremIpsum","namespace_id":8}`)
 				assert.NoError(t, err)
 				assert.Contains(t, rec.Body.String(), `"title":"TestLoremIpsum"`)
 			})
 			t.Run("Shared Via NamespaceTeam admin", func(t *testing.T) {
-				rec, err := testHandler.testUpdateWithUser(nil, map[string]string{"list": "14"}, `{"title":"TestLoremIpsum"}`)
+				rec, err := testHandler.testUpdateWithUser(nil, map[string]string{"list": "14"}, `{"title":"TestLoremIpsum","namespace_id":9}`)
 				assert.NoError(t, err)
 				assert.Contains(t, rec.Body.String(), `"title":"TestLoremIpsum"`)
 			})
@@ -259,12 +259,12 @@ func TestList(t *testing.T) {
 				assert.Contains(t, err.(*echo.HTTPError).Message, `Forbidden`)
 			})
 			t.Run("Shared Via NamespaceUser write", func(t *testing.T) {
-				rec, err := testHandler.testUpdateWithUser(nil, map[string]string{"list": "16"}, `{"title":"TestLoremIpsum"}`)
+				rec, err := testHandler.testUpdateWithUser(nil, map[string]string{"list": "16"}, `{"title":"TestLoremIpsum","namespace_id":11}`)
 				assert.NoError(t, err)
 				assert.Contains(t, rec.Body.String(), `"title":"TestLoremIpsum"`)
 			})
 			t.Run("Shared Via NamespaceUser admin", func(t *testing.T) {
-				rec, err := testHandler.testUpdateWithUser(nil, map[string]string{"list": "17"}, `{"title":"TestLoremIpsum"}`)
+				rec, err := testHandler.testUpdateWithUser(nil, map[string]string{"list": "17"}, `{"title":"TestLoremIpsum","namespace_id":12}`)
 				assert.NoError(t, err)
 				assert.Contains(t, rec.Body.String(), `"title":"TestLoremIpsum"`)
 			})

pkg/integrations/task_collection_test.go

@@ -113,49 +113,49 @@ func TestTaskCollection(t *testing.T) {
 			t.Run("by priority", func(t *testing.T) {
 				rec, err := testHandler.testReadAllWithUser(url.Values{"sort_by": []string{"priority"}}, urlParams)
 				assert.NoError(t, err)
-				assert.Contains(t, rec.Body.String(), `{"id":33,"title":"task #33 with percent done","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"0001-01-01T00:00:00Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":0,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0.5,"identifier":"test1-17","index":17,"related_tasks":{},"attachments":null,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":1,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}}]`)
+				assert.Contains(t, rec.Body.String(), `{"id":33,"title":"task #33 with percent done","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"0001-01-01T00:00:00Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":0,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0.5,"identifier":"test1-17","index":17,"related_tasks":{},"attachments":null,"cover_image_attachment_id":0,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":1,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}}]`)
 			})
 			t.Run("by priority desc", func(t *testing.T) {
 				rec, err := testHandler.testReadAllWithUser(url.Values{"sort_by": []string{"priority"}, "order_by": []string{"desc"}}, urlParams)
 				assert.NoError(t, err)
-				assert.Contains(t, rec.Body.String(), `[{"id":3,"title":"task #3 high prio","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"0001-01-01T00:00:00Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":100,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0,"identifier":"test1-3","index":3,"related_tasks":{},"attachments":null,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":2,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}},{"id":4,"title":"task #4 low prio","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"0001-01-01T00:00:00Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":1`)
+				assert.Contains(t, rec.Body.String(), `[{"id":3,"title":"task #3 high prio","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"0001-01-01T00:00:00Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":100,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0,"identifier":"test1-3","index":3,"related_tasks":{},"attachments":null,"cover_image_attachment_id":0,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":2,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}},{"id":4,"title":"task #4 low prio","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"0001-01-01T00:00:00Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":1`)
 			})
 			t.Run("by priority asc", func(t *testing.T) {
 				rec, err := testHandler.testReadAllWithUser(url.Values{"sort_by": []string{"priority"}, "order_by": []string{"asc"}}, urlParams)
 				assert.NoError(t, err)
-				assert.Contains(t, rec.Body.String(), `{"id":33,"title":"task #33 with percent done","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"0001-01-01T00:00:00Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":0,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0.5,"identifier":"test1-17","index":17,"related_tasks":{},"attachments":null,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":1,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}}]`)
+				assert.Contains(t, rec.Body.String(), `{"id":33,"title":"task #33 with percent done","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"0001-01-01T00:00:00Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":0,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0.5,"identifier":"test1-17","index":17,"related_tasks":{},"attachments":null,"cover_image_attachment_id":0,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":1,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}}]`)
 			})
 			// should equal duedate asc
 			t.Run("by due_date", func(t *testing.T) {
 				rec, err := testHandler.testReadAllWithUser(url.Values{"sort_by": []string{"due_date"}}, urlParams)
 				assert.NoError(t, err)
-				assert.Contains(t, rec.Body.String(), `[{"id":6,"title":"task #6 lower due date","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"2018-11-30T22:25:24Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":0,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0,"identifier":"test1-6","index":6,"related_tasks":{},"attachments":null,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":3,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}}`)
+				assert.Contains(t, rec.Body.String(), `[{"id":6,"title":"task #6 lower due date","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"2018-11-30T22:25:24Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":0,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0,"identifier":"test1-6","index":6,"related_tasks":{},"attachments":null,"cover_image_attachment_id":0,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":3,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}}`)
 			})
 			t.Run("by duedate desc", func(t *testing.T) {
 				rec, err := testHandler.testReadAllWithUser(url.Values{"sort_by": []string{"due_date"}, "order_by": []string{"desc"}}, urlParams)
 				assert.NoError(t, err)
-				assert.Contains(t, rec.Body.String(), `[{"id":5,"title":"task #5 higher due date","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"2018-12-01T03:58:44Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":0,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0,"identifier":"test1-5","index":5,"related_tasks":{},"attachments":null,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":2,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}},{"id":6,"title":"task #6 lower due date`)
+				assert.Contains(t, rec.Body.String(), `[{"id":5,"title":"task #5 higher due date","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"2018-12-01T03:58:44Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":0,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0,"identifier":"test1-5","index":5,"related_tasks":{},"attachments":null,"cover_image_attachment_id":0,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":2,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}},{"id":6,"title":"task #6 lower due date`)
 			})
 			// Due date without unix suffix
 			t.Run("by duedate asc without  suffix", func(t *testing.T) {
 				rec, err := testHandler.testReadAllWithUser(url.Values{"sort_by": []string{"due_date"}, "order_by": []string{"asc"}}, urlParams)
 				assert.NoError(t, err)
-				assert.Contains(t, rec.Body.String(), `[{"id":6,"title":"task #6 lower due date","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"2018-11-30T22:25:24Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":0,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0,"identifier":"test1-6","index":6,"related_tasks":{},"attachments":null,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":3,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}}`)
+				assert.Contains(t, rec.Body.String(), `[{"id":6,"title":"task #6 lower due date","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"2018-11-30T22:25:24Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":0,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0,"identifier":"test1-6","index":6,"related_tasks":{},"attachments":null,"cover_image_attachment_id":0,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":3,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}}`)
 			})
 			t.Run("by due_date without suffix", func(t *testing.T) {
 				rec, err := testHandler.testReadAllWithUser(url.Values{"sort_by": []string{"due_date"}}, urlParams)
 				assert.NoError(t, err)
-				assert.Contains(t, rec.Body.String(), `[{"id":6,"title":"task #6 lower due date","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"2018-11-30T22:25:24Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":0,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0,"identifier":"test1-6","index":6,"related_tasks":{},"attachments":null,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":3,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}}`)
+				assert.Contains(t, rec.Body.String(), `[{"id":6,"title":"task #6 lower due date","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"2018-11-30T22:25:24Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":0,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0,"identifier":"test1-6","index":6,"related_tasks":{},"attachments":null,"cover_image_attachment_id":0,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":3,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}}`)
 			})
 			t.Run("by duedate desc without  suffix", func(t *testing.T) {
 				rec, err := testHandler.testReadAllWithUser(url.Values{"sort_by": []string{"due_date"}, "order_by": []string{"desc"}}, urlParams)
 				assert.NoError(t, err)
-				assert.Contains(t, rec.Body.String(), `[{"id":5,"title":"task #5 higher due date","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"2018-12-01T03:58:44Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":0,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0,"identifier":"test1-5","index":5,"related_tasks":{},"attachments":null,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":2,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}},{"id":6,"title":"task #6 lower due date`)
+				assert.Contains(t, rec.Body.String(), `[{"id":5,"title":"task #5 higher due date","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"2018-12-01T03:58:44Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":0,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0,"identifier":"test1-5","index":5,"related_tasks":{},"attachments":null,"cover_image_attachment_id":0,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":2,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}},{"id":6,"title":"task #6 lower due date`)
 			})
 			t.Run("by duedate asc", func(t *testing.T) {
 				rec, err := testHandler.testReadAllWithUser(url.Values{"sort_by": []string{"due_date"}, "order_by": []string{"asc"}}, urlParams)
 				assert.NoError(t, err)
-				assert.Contains(t, rec.Body.String(), `[{"id":6,"title":"task #6 lower due date","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"2018-11-30T22:25:24Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":0,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0,"identifier":"test1-6","index":6,"related_tasks":{},"attachments":null,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":3,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}}`)
+				assert.Contains(t, rec.Body.String(), `[{"id":6,"title":"task #6 lower due date","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"2018-11-30T22:25:24Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":0,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0,"identifier":"test1-6","index":6,"related_tasks":{},"attachments":null,"cover_image_attachment_id":0,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":3,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}}`)
 			})
 			t.Run("invalid sort parameter", func(t *testing.T) {
 				_, err := testHandler.testReadAllWithUser(url.Values{"sort_by": []string{"loremipsum"}}, urlParams)
@@ -366,33 +366,33 @@ func TestTaskCollection(t *testing.T) {
 			t.Run("by priority", func(t *testing.T) {
 				rec, err := testHandler.testReadAllWithUser(url.Values{"sort_by": []string{"priority"}}, nil)
 				assert.NoError(t, err)
-				assert.Contains(t, rec.Body.String(), `{"id":33,"title":"task #33 with percent done","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"0001-01-01T00:00:00Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":0,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0.5,"identifier":"test1-17","index":17,"related_tasks":{},"attachments":null,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":1,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}}]`)
+				assert.Contains(t, rec.Body.String(), `{"id":33,"title":"task #33 with percent done","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"0001-01-01T00:00:00Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":0,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0.5,"identifier":"test1-17","index":17,"related_tasks":{},"attachments":null,"cover_image_attachment_id":0,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":1,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}}]`)
 			})
 			t.Run("by priority desc", func(t *testing.T) {
 				rec, err := testHandler.testReadAllWithUser(url.Values{"sort_by": []string{"priority"}, "order_by": []string{"desc"}}, nil)
 				assert.NoError(t, err)
-				assert.Contains(t, rec.Body.String(), `[{"id":3,"title":"task #3 high prio","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"0001-01-01T00:00:00Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":100,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0,"identifier":"test1-3","index":3,"related_tasks":{},"attachments":null,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":2,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}},{"id":4,"title":"task #4 low prio","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"0001-01-01T00:00:00Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":1`)
+				assert.Contains(t, rec.Body.String(), `[{"id":3,"title":"task #3 high prio","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"0001-01-01T00:00:00Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":100,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0,"identifier":"test1-3","index":3,"related_tasks":{},"attachments":null,"cover_image_attachment_id":0,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":2,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}},{"id":4,"title":"task #4 low prio","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"0001-01-01T00:00:00Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":1`)
 			})
 			t.Run("by priority asc", func(t *testing.T) {
 				rec, err := testHandler.testReadAllWithUser(url.Values{"sort_by": []string{"priority"}, "order_by": []string{"asc"}}, nil)
 				assert.NoError(t, err)
-				assert.Contains(t, rec.Body.String(), `{"id":33,"title":"task #33 with percent done","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"0001-01-01T00:00:00Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":0,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0.5,"identifier":"test1-17","index":17,"related_tasks":{},"attachments":null,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":1,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}}]`)
+				assert.Contains(t, rec.Body.String(), `{"id":33,"title":"task #33 with percent done","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"0001-01-01T00:00:00Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":0,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0.5,"identifier":"test1-17","index":17,"related_tasks":{},"attachments":null,"cover_image_attachment_id":0,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":1,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}}]`)
 			})
 			// should equal duedate asc
 			t.Run("by due_date", func(t *testing.T) {
 				rec, err := testHandler.testReadAllWithUser(url.Values{"sort_by": []string{"due_date"}}, nil)
 				assert.NoError(t, err)
-				assert.Contains(t, rec.Body.String(), `[{"id":6,"title":"task #6 lower due date","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"2018-11-30T22:25:24Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":0,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0,"identifier":"test1-6","index":6,"related_tasks":{},"attachments":null,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":3,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}},{"id":5,"title":"task #5 higher due date","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"2018-12-01T03:58:44Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":0,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0,"identifier":"test1-5","index":5,"related_tasks":{},"attachments":null,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":2,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}}`)
+				assert.Contains(t, rec.Body.String(), `[{"id":6,"title":"task #6 lower due date","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"2018-11-30T22:25:24Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":0,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0,"identifier":"test1-6","index":6,"related_tasks":{},"attachments":null,"cover_image_attachment_id":0,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":3,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}},{"id":5,"title":"task #5 higher due date","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"2018-12-01T03:58:44Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":0,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0,"identifier":"test1-5","index":5,"related_tasks":{},"attachments":null,"cover_image_attachment_id":0,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":2,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}}`)
 			})
 			t.Run("by duedate desc", func(t *testing.T) {
 				rec, err := testHandler.testReadAllWithUser(url.Values{"sort_by": []string{"due_date"}, "order_by": []string{"desc"}}, nil)
 				assert.NoError(t, err)
-				assert.Contains(t, rec.Body.String(), `[{"id":5,"title":"task #5 higher due date","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"2018-12-01T03:58:44Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":0,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0,"identifier":"test1-5","index":5,"related_tasks":{},"attachments":null,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":2,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}},{"id":6,"title":"task #6 lower due date`)
+				assert.Contains(t, rec.Body.String(), `[{"id":5,"title":"task #5 higher due date","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"2018-12-01T03:58:44Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":0,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0,"identifier":"test1-5","index":5,"related_tasks":{},"attachments":null,"cover_image_attachment_id":0,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":2,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}},{"id":6,"title":"task #6 lower due date`)
 			})
 			t.Run("by duedate asc", func(t *testing.T) {
 				rec, err := testHandler.testReadAllWithUser(url.Values{"sort_by": []string{"due_date"}, "order_by": []string{"asc"}}, nil)
 				assert.NoError(t, err)
-				assert.Contains(t, rec.Body.String(), `[{"id":6,"title":"task #6 lower due date","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"2018-11-30T22:25:24Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":0,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0,"identifier":"test1-6","index":6,"related_tasks":{},"attachments":null,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":3,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}},{"id":5,"title":"task #5 higher due date","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"2018-12-01T03:58:44Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":0,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0,"identifier":"test1-5","index":5,"related_tasks":{},"attachments":null,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":2,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}}`)
+				assert.Contains(t, rec.Body.String(), `[{"id":6,"title":"task #6 lower due date","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"2018-11-30T22:25:24Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":0,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0,"identifier":"test1-6","index":6,"related_tasks":{},"attachments":null,"cover_image_attachment_id":0,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":3,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}},{"id":5,"title":"task #5 higher due date","description":"","done":false,"done_at":"0001-01-01T00:00:00Z","due_date":"2018-12-01T03:58:44Z","reminder_dates":null,"list_id":1,"repeat_after":0,"repeat_mode":0,"priority":0,"start_date":"0001-01-01T00:00:00Z","end_date":"0001-01-01T00:00:00Z","assignees":null,"labels":null,"hex_color":"","percent_done":0,"identifier":"test1-5","index":5,"related_tasks":{},"attachments":null,"cover_image_attachment_id":0,"is_favorite":false,"created":"2018-12-01T01:12:04Z","updated":"2018-12-01T01:12:04Z","bucket_id":2,"position":0,"kanban_position":0,"created_by":{"id":1,"name":"","username":"user1","created":"2018-12-01T15:13:12Z","updated":"2018-12-02T15:13:12Z"}}`)
 			})
 			t.Run("invalid parameter", func(t *testing.T) {
 				// Invalid parameter should not sort at all

pkg/mail/mail.go

@@ -55,6 +55,7 @@ func getClient() (*mail.Client, error) {
 			InsecureSkipVerify: config.MailerSkipTLSVerify.GetBool(),
 			ServerName:         config.MailerHost.GetString(),
 		}),
+		mail.WithTimeout((config.MailerQueueTimeout.GetDuration() + 3) * time.Second), // 3s more for us to close before mail server timeout
 	}
 
 	if config.MailerUsername.GetString() != "" && config.MailerPassword.GetString() != "" {
@@ -105,14 +106,14 @@ func StartMailDaemon() {
 				if !open {
 					err = c.DialWithContext(context.Background())
 					if err != nil {
-						log.Error("Error during connect to smtp server: %s", err)
+						log.Errorf("Error during connect to smtp server: %s", err)
 						break
 					}
 					open = true
 				}
 				err = c.Send(m)
 				if err != nil {
-					log.Error("Error when sending mail: %s", err)
+					log.Errorf("Error when sending mail: %s", err)
 					break
 				}
 				// Close the connection to the SMTP server if no email was sent in
@@ -122,10 +123,10 @@ func StartMailDaemon() {
 					open = false
 					err = c.Close()
 					if err != nil {
-						log.Error("Error closing the mail server connection: %s\n", err)
+						log.Errorf("Error closing the mail server connection: %s\n", err)
 						break
 					}
-					log.Infof("Closed connection to mail server")
+					log.Info("Closed connection to mail server")
 				}
 			}
 		}

pkg/migration/20211212210054.go

@@ -17,6 +17,7 @@
 package migration
 
 import (
+	"errors"
 	"image"
 
 	"code.vikunja.io/api/pkg/files"
@@ -64,9 +65,12 @@ func init() {
 				}
 
 				src, _, err := image.Decode(bgFile.File)
-				if err != nil {
+				if err != nil && !errors.Is(err, image.ErrFormat) {
 					return err
 				}
+				if err != nil && errors.Is(err, image.ErrFormat) {
+					log.Warningf("Could not generate a blur hash of list %d's background image: %s", l.ID, err)
+				}
 
 				dst := image.NewRGBA(image.Rect(0, 0, 32, 32))
 				draw.NearestNeighbor.Scale(dst, dst.Rect, src, src.Bounds(), draw.Over, nil)

pkg/migration/20220815200851.go

@@ -0,0 +1,108 @@
+// Vikunja is a to-do list application to facilitate your life.
+// Copyright 2018-2021 Vikunja and contributors. All rights reserved.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public Licensee as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public Licensee for more details.
+//
+// You should have received a copy of the GNU Affero General Public Licensee
+// along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+package migration
+
+import (
+	"encoding/json"
+	"strconv"
+	"strings"
+
+	"src.techknowlogick.com/xormigrate"
+	"xorm.io/xorm"
+)
+
+func init() {
+	migrations = append(migrations, &xormigrate.Migration{
+		ID:          "20220815200851",
+		Description: "Migrate saved assignee filter to usernames instead of IDs",
+		Migrate: func(tx *xorm.Engine) error {
+			filters := []map[string]interface{}{} // not using the type here so that the migration does not depend on it
+			err := tx.Select("*").
+				Table("saved_filters").
+				Find(&filters)
+			if err != nil {
+				return err
+			}
+
+			for _, f := range filters {
+				filter := map[string]interface{}{}
+				filterJSON, is := f["filters"].(string)
+				if !is {
+					continue
+				}
+				err = json.Unmarshal([]byte(filterJSON), &filter)
+				if err != nil {
+					return err
+				}
+				filterBy := filter["filter_by"].([]interface{})
+				filterValue := filter["filter_value"].([]interface{})
+				for p, fb := range filterBy {
+					if fb == "assignees" || fb == "user_id" {
+						userIDs := []int64{}
+						for _, sid := range strings.Split(filterValue[p].(string), ",") {
+							id, err := strconv.ParseInt(sid, 10, 64)
+							if err != nil {
+								return err
+							}
+							userIDs = append(userIDs, id)
+						}
+
+						usernames := []string{}
+						err := tx.Select("username").
+							Table("users").
+							In("id", userIDs).
+							Find(&usernames)
+						if err != nil {
+							return err
+						}
+
+						userfilter := ""
+						for i, username := range usernames {
+							if i > 0 {
+								userfilter += ","
+							}
+							userfilter += username
+						}
+						filterValue[p] = userfilter
+					}
+				}
+
+				filter["filter_value"] = filterValue
+				filtersJSON, err := json.Marshal(filter)
+				if err != nil {
+					return err
+				}
+
+				f["filters"] = string(filtersJSON)
+
+				_, err = tx.Where("id = ?", f["id"]).
+					Cols("filters").
+					NoAutoCondition().
+					Table("saved_filters").
+					Update(f)
+				if err != nil {
+					return err
+				}
+			}
+
+			return nil
+		},
+		Rollback: func(tx *xorm.Engine) error {
+			return nil
+		},
+	})
+}

pkg/migration/20221002120521.go

@@ -0,0 +1,43 @@
+// Vikunja is a to-do list application to facilitate your life.
+// Copyright 2018-2021 Vikunja and contributors. All rights reserved.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public Licensee as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public Licensee for more details.
+//
+// You should have received a copy of the GNU Affero General Public Licensee
+// along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+package migration
+
+import (
+	"src.techknowlogick.com/xormigrate"
+	"xorm.io/xorm"
+)
+
+type tasks20221002120521 struct {
+	CoverImageAttachmentID int64 `xorm:"bigint default 0" json:"cover_image_attachment_id"`
+}
+
+func (tasks20221002120521) TableName() string {
+	return "tasks"
+}
+
+func init() {
+	migrations = append(migrations, &xormigrate.Migration{
+		ID:          "20221002120521",
+		Description: "Add cover image attachment id",
+		Migrate: func(tx *xorm.Engine) error {
+			return tx.Sync2(tasks20221002120521{})
+		},
+		Rollback: func(tx *xorm.Engine) error {
+			return nil
+		},
+	})
+}

pkg/models/error.go

@@ -237,7 +237,7 @@ type ErrListIsArchived struct {
 	ListID int64
 }
 
-// IsErrListIsArchived checks if an error is a .
+// IsErrListIsArchived checks if an error is a list is archived error.
 func IsErrListIsArchived(err error) bool {
 	_, ok := err.(ErrListIsArchived)
 	return ok
@@ -255,6 +255,62 @@ func (err ErrListIsArchived) HTTPError() web.HTTPError {
 	return web.HTTPError{HTTPCode: http.StatusPreconditionFailed, Code: ErrCodeListIsArchived, Message: "This list is archived. Editing or creating new tasks is not possible."}
 }
 
+// ErrListCannotBelongToAPseudoNamespace represents an error where a list cannot belong to a pseudo namespace
+type ErrListCannotBelongToAPseudoNamespace struct {
+	ListID      int64
+	NamespaceID int64
+}
+
+// IsErrListCannotBelongToAPseudoNamespace checks if an error is a list is archived error.
+func IsErrListCannotBelongToAPseudoNamespace(err error) bool {
+	_, ok := err.(*ErrListCannotBelongToAPseudoNamespace)
+	return ok
+}
+
+func (err *ErrListCannotBelongToAPseudoNamespace) Error() string {
+	return fmt.Sprintf("List cannot belong to a pseudo namespace [ListID: %d, NamespaceID: %d]", err.ListID, err.NamespaceID)
+}
+
+// ErrCodeListCannotBelongToAPseudoNamespace holds the unique world-error code of this error
+const ErrCodeListCannotBelongToAPseudoNamespace = 3009
+
+// HTTPError holds the http error description
+func (err *ErrListCannotBelongToAPseudoNamespace) HTTPError() web.HTTPError {
+	return web.HTTPError{
+		HTTPCode: http.StatusPreconditionFailed,
+		Code:     ErrCodeListCannotBelongToAPseudoNamespace,
+		Message:  "This list cannot belong a dynamically generated namespace.",
+	}
+}
+
+// ErrListMustBelongToANamespace represents an error where a list must belong to a namespace
+type ErrListMustBelongToANamespace struct {
+	ListID      int64
+	NamespaceID int64
+}
+
+// IsErrListMustBelongToANamespace checks if an error is a list must belong to a namespace error.
+func IsErrListMustBelongToANamespace(err error) bool {
+	_, ok := err.(*ErrListMustBelongToANamespace)
+	return ok
+}
+
+func (err *ErrListMustBelongToANamespace) Error() string {
+	return fmt.Sprintf("List must belong to a namespace [ListID: %d, NamespaceID: %d]", err.ListID, err.NamespaceID)
+}
+
+// ErrCodeListMustBelongToANamespace holds the unique world-error code of this error
+const ErrCodeListMustBelongToANamespace = 3010
+
+// HTTPError holds the http error description
+func (err *ErrListMustBelongToANamespace) HTTPError() web.HTTPError {
+	return web.HTTPError{
+		HTTPCode: http.StatusPreconditionFailed,
+		Code:     ErrCodeListMustBelongToANamespace,
+		Message:  "This list must belong to a namespace.",
+	}
+}
+
 // ================
 // List task errors
 // ================
@@ -763,6 +819,62 @@ func (err ErrInvalidTaskFilterValue) HTTPError() web.HTTPError {
 	}
 }
 
+// ErrAttachmentDoesNotBelongToTask represents an error where the provided task cover attachment does not belong to the same task
+type ErrAttachmentDoesNotBelongToTask struct {
+	TaskID       int64
+	AttachmentID int64
+}
+
+// IsErrAttachmentAndCoverMustBelongToTheSameTask checks if an error is ErrAttachmentDoesNotBelongToTask.
+func IsErrAttachmentAndCoverMustBelongToTheSameTask(err error) bool {
+	_, ok := err.(ErrAttachmentDoesNotBelongToTask)
+	return ok
+}
+
+func (err ErrAttachmentDoesNotBelongToTask) Error() string {
+	return fmt.Sprintf("Task attachment and cover image do not belong to the same task [TaskID: %d, AttachmentID: %d]", err.TaskID, err.AttachmentID)
+}
+
+// ErrCodeAttachmentDoesNotBelongToTask holds the unique world-error code of this error
+const ErrCodeAttachmentDoesNotBelongToTask = 4020
+
+// HTTPError holds the http error description
+func (err ErrAttachmentDoesNotBelongToTask) HTTPError() web.HTTPError {
+	return web.HTTPError{
+		HTTPCode: http.StatusBadRequest,
+		Code:     ErrCodeAttachmentDoesNotBelongToTask,
+		Message:  "This attachment does not belong to that task.",
+	}
+}
+
+// ErrUserAlreadyAssigned represents an error where the user is already assigned to this task
+type ErrUserAlreadyAssigned struct {
+	TaskID int64
+	UserID int64
+}
+
+// IsErrUserAlreadyAssigned checks if an error is ErrUserAlreadyAssigned.
+func IsErrUserAlreadyAssigned(err error) bool {
+	_, ok := err.(ErrUserAlreadyAssigned)
+	return ok
+}
+
+func (err ErrUserAlreadyAssigned) Error() string {
+	return fmt.Sprintf("User is already assigned to task [TaskID: %d, UserID: %d]", err.TaskID, err.UserID)
+}
+
+// ErrCodeUserAlreadyAssigned holds the unique world-error code of this error
+const ErrCodeUserAlreadyAssigned = 4021
+
+// HTTPError holds the http error description
+func (err ErrUserAlreadyAssigned) HTTPError() web.HTTPError {
+	return web.HTTPError{
+		HTTPCode: http.StatusBadRequest,
+		Code:     ErrCodeUserAlreadyAssigned,
+		Message:  "This user is already assigned to that task.",
+	}
+}
+
 // =================
 // Namespace errors
 // =================

pkg/models/list.go

@@ -476,12 +476,22 @@ func addListDetails(s *xorm.Session, lists []*List, a web.Auth) (err error) {
 		return err
 	}
 
+	subscriptions, err := GetSubscriptions(s, SubscriptionEntityList, listIDs, a)
+	if err != nil {
+		log.Errorf("An error occurred while getting list subscriptions for a namespace item: %s", err.Error())
+		subscriptions = make(map[int64]*Subscription)
+	}
+
 	for _, list := range lists {
 		// Don't override the favorite state if it was already set from before (favorite saved filters do this)
 		if list.IsFavorite {
 			continue
 		}
 		list.IsFavorite = favs[list.ID]
+
+		if subscription, exists := subscriptions[list.ID]; exists {
+			list.Subscription = subscription
+		}
 	}
 
 	if len(fileIDs) == 0 {
@@ -543,6 +553,10 @@ func (l *List) CheckIsArchived(s *xorm.Session) (err error) {
 }
 
 func checkListBeforeUpdateOrDelete(s *xorm.Session, list *List) error {
+	if list.NamespaceID < 0 {
+		return &ErrListCannotBelongToAPseudoNamespace{ListID: list.ID, NamespaceID: list.NamespaceID}
+	}
+
 	// Check if the namespace exists
 	if list.NamespaceID > 0 {
 		_, err := GetNamespaceByID(s, list.NamespaceID)
@@ -626,6 +640,13 @@ func UpdateList(s *xorm.Session, list *List, auth web.Auth, updateListBackground
 		return
 	}
 
+	if list.NamespaceID == 0 {
+		return &ErrListMustBelongToANamespace{
+			ListID:      list.ID,
+			NamespaceID: list.NamespaceID,
+		}
+	}
+
 	// We need to specify the cols we want to update here to be able to un-archive lists
 	colsToUpdate := []string{
 		"title",

pkg/models/list_duplicate.go

@@ -66,6 +66,7 @@ func (ld *ListDuplicate) CanCreate(s *xorm.Session, a web.Auth) (canCreate bool,
 // @Failure 403 {object} web.HTTPError "The user does not have access to the list or namespace"
 // @Failure 500 {object} models.Message "Internal error"
 // @Router /lists/{listID}/duplicate [put]
+//
 //nolint:gocyclo
 func (ld *ListDuplicate) Create(s *xorm.Session, doer web.Auth) (err error) {
 

pkg/models/list_test.go

@@ -140,8 +140,9 @@ func TestList_CreateOrUpdate(t *testing.T) {
 			db.LoadAndAssertFixtures(t)
 			s := db.NewSession()
 			list := List{
-				ID:    99999999,
-				Title: "test",
+				ID:          99999999,
+				Title:       "test",
+				NamespaceID: 1,
 			}
 			err := list.Update(s, usr)
 			assert.Error(t, err)
@@ -221,6 +222,25 @@ func TestList_CreateOrUpdate(t *testing.T) {
 				assert.False(t, can) // namespace is not writeable by us
 				_ = s.Close()
 			})
+			t.Run("pseudo namespace", func(t *testing.T) {
+				usr := &user.User{
+					ID:       6,
+					Username: "user6",
+					Email:    "user6@example.com",
+				}
+
+				db.LoadAndAssertFixtures(t)
+				s := db.NewSession()
+				list := List{
+					ID:          6,
+					Title:       "Test6",
+					Description: "Lorem Ipsum",
+					NamespaceID: -1,
+				}
+				err := list.Update(s, usr)
+				assert.Error(t, err)
+				assert.True(t, IsErrListCannotBelongToAPseudoNamespace(err))
+			})
 		})
 	})
 }

pkg/models/namespace.go

@@ -198,6 +198,11 @@ func makeNamespaceSlice(namespaces map[int64]*NamespaceWithLists, userMap map[in
 		n.Owner = userMap[n.OwnerID]
 		n.Subscription = subscriptions[n.ID]
 		all = append(all, n)
+		for _, l := range n.Lists {
+			if n.Subscription != nil && l.Subscription == nil {
+				l.Subscription = n.Subscription
+			}
+		}
 	}
 	sort.Slice(all, func(i, j int) bool {
 		return all[i].ID < all[j].ID
@@ -335,7 +340,7 @@ func getListsForNamespaces(s *xorm.Session, namespaceIDs []int64, archived bool)
 func getSharedListsInNamespace(s *xorm.Session, archived bool, doer *user.User) (sharedListsNamespace *NamespaceWithLists, err error) {
 	// Create our pseudo namespace to hold the shared lists
 	sharedListsPseudonamespace := SharedListsPseudoNamespace
-	sharedListsPseudonamespace.Owner = doer
+	sharedListsPseudonamespace.OwnerID = doer.ID
 	sharedListsNamespace = &NamespaceWithLists{
 		sharedListsPseudonamespace,
 		[]*List{},
@@ -385,12 +390,13 @@ func getSharedListsInNamespace(s *xorm.Session, archived bool, doer *user.User)
 func getFavoriteLists(s *xorm.Session, lists []*List, namespaceIDs []int64, doer *user.User) (favoriteNamespace *NamespaceWithLists, err error) {
 	// Create our pseudo namespace with favorite lists
 	pseudoFavoriteNamespace := FavoritesPseudoNamespace
-	pseudoFavoriteNamespace.Owner = doer
+	pseudoFavoriteNamespace.OwnerID = doer.ID
 	favoriteNamespace = &NamespaceWithLists{
 		Namespace: pseudoFavoriteNamespace,
 		Lists:     []*List{{}},
 	}
 	*favoriteNamespace.Lists[0] = FavoritesPseudoList // Copying the list to be able to modify it later
+	favoriteNamespace.Lists[0].Owner = doer
 
 	for _, list := range lists {
 		if !list.IsFavorite {
@@ -448,7 +454,7 @@ func getSavedFilters(s *xorm.Session, doer *user.User) (savedFiltersNamespace *N
 	}
 
 	savedFiltersPseudoNamespace := SavedFiltersPseudoNamespace
-	savedFiltersPseudoNamespace.Owner = doer
+	savedFiltersPseudoNamespace.OwnerID = doer.ID
 	savedFiltersNamespace = &NamespaceWithLists{
 		Namespace: savedFiltersPseudoNamespace,
 		Lists:     make([]*List, 0, len(savedFilters)),
@@ -479,6 +485,7 @@ func getSavedFilters(s *xorm.Session, doer *user.User) (savedFiltersNamespace *N
 // @Success 200 {array} models.NamespaceWithLists "The Namespaces."
 // @Failure 500 {object} models.Message "Internal error"
 // @Router /namespaces [get]
+//
 //nolint:gocyclo
 func (n *Namespace) ReadAll(s *xorm.Session, a web.Auth, search string, page int, perPage int) (result interface{}, resultCount int, numberOfTotalItems int64, err error) {
 	if _, is := a.(*LinkSharing); is {
@@ -517,6 +524,7 @@ func (n *Namespace) ReadAll(s *xorm.Session, a web.Auth, search string, page int
 	if err != nil {
 		return nil, 0, 0, err
 	}
+	ownerMap[doer.ID] = doer
 
 	if n.NamespacesOnly {
 		all := makeNamespaceSlice(namespaces, ownerMap, subscriptionsMap)

pkg/models/notifications.go

@@ -18,6 +18,7 @@ package models
 
 import (
 	"bufio"
+	"sort"
 	"strconv"
 	"strings"
 	"time"
@@ -230,14 +231,23 @@ func (n *UndoneTaskOverdueNotification) Name() string {
 // UndoneTasksOverdueNotification represents a UndoneTasksOverdueNotification notification
 type UndoneTasksOverdueNotification struct {
 	User  *user.User
-	Tasks []*Task
+	Tasks map[int64]*Task
 }
 
 // ToMail returns the mail notification for UndoneTasksOverdueNotification
 func (n *UndoneTasksOverdueNotification) ToMail() *notifications.Mail {
 
-	overdueLine := ""
+	sortedTasks := make([]*Task, 0, len(n.Tasks))
 	for _, task := range n.Tasks {
+		sortedTasks = append(sortedTasks, task)
+	}
+
+	sort.Slice(sortedTasks, func(i, j int) bool {
+		return sortedTasks[i].DueDate.Before(sortedTasks[j].DueDate)
+	})
+
+	overdueLine := ""
+	for _, task := range sortedTasks {
 		until := time.Until(task.DueDate).Round(1*time.Hour) * -1
 		overdueLine += `* [` + task.Title + `](` + config.ServiceFrontendurl.GetString() + "tasks/" + strconv.FormatInt(task.ID, 10) + `), overdue since ` + utils.HumanizeDuration(until) + "\n"
 	}

pkg/models/subscription.go

@@ -228,28 +228,53 @@ func getSubscriberCondForEntity(entityType SubscriptionEntityType, entityID int6
 // that task, if there is none it will look for a subscription on the list the task belongs to and if that also
 // doesn't exist it will check for a subscription for the namespace the list is belonging to.
 func GetSubscription(s *xorm.Session, entityType SubscriptionEntityType, entityID int64, a web.Auth) (subscription *Subscription, err error) {
+	subs, err := GetSubscriptions(s, entityType, []int64{entityID}, a)
+	if err != nil || len(subs) == 0 {
+		return nil, err
+	}
+	if sub, exists := subs[entityID]; exists {
+		return sub, nil // Take exact match first, if available
+	}
+	for _, sub := range subs {
+		return sub, nil // For parents, take next available
+	}
+	return nil, nil
+}
+
+// GetSubscriptions returns a map of subscriptions to a set of given entity IDs
+func GetSubscriptions(s *xorm.Session, entityType SubscriptionEntityType, entityIDs []int64, a web.Auth) (listsToSubscriptions map[int64]*Subscription, err error) {
 	u, is := a.(*user.User)
 	if !is {
 		return
 	}
-
 	if err := entityType.validate(); err != nil {
 		return nil, err
 	}
 
-	subscription = &Subscription{}
-	cond := getSubscriberCondForEntity(entityType, entityID)
-	exists, err := s.
+	var entitiesFilter builder.Cond
+	for _, eID := range entityIDs {
+		if entitiesFilter == nil {
+			entitiesFilter = getSubscriberCondForEntity(entityType, eID)
+			continue
+		}
+		entitiesFilter = entitiesFilter.Or(getSubscriberCondForEntity(entityType, eID))
+	}
+
+	var subscriptions []*Subscription
+	err = s.
 		Where("user_id = ?", u.ID).
-		And(cond).
-		Get(subscription)
-	if !exists {
+		And(entitiesFilter).
+		Find(&subscriptions)
+	if err != nil {
 		return nil, err
 	}
 
-	subscription.Entity = subscription.EntityType.String()
-
-	return subscription, err
+	listsToSubscriptions = make(map[int64]*Subscription)
+	for _, sub := range subscriptions {
+		sub.Entity = sub.EntityType.String()
+		listsToSubscriptions[sub.EntityID] = sub
+	}
+	return listsToSubscriptions, nil
 }
 
 func getSubscribersForEntity(s *xorm.Session, entityType SubscriptionEntityType, entityID int64) (subscriptions []*Subscription, err error) {

pkg/models/task_assignees.go

@@ -221,6 +221,19 @@ func (t *Task) addNewAssigneeByID(s *xorm.Session, newAssigneeID int64, list *Li
 		return ErrUserDoesNotHaveAccessToList{list.ID, newAssigneeID}
 	}
 
+	exist, err := s.
+		Where("task_id = ? AND user_id = ?", t.ID, newAssigneeID).
+		Exist(&TaskAssginee{})
+	if err != nil {
+		return err
+	}
+	if exist {
+		return &ErrUserAlreadyAssigned{
+			UserID: newAssigneeID,
+			TaskID: t.ID,
+		}
+	}
+
 	_, err = s.Insert(TaskAssginee{
 		TaskID: t.ID,
 		UserID: newAssigneeID,

pkg/models/task_collection_filter.go

@@ -214,6 +214,12 @@ func getNativeValueForTaskField(fieldName string, comparator taskFilterComparato
 		return
 	}
 
+	if realFieldName == "Assignees" {
+		vals := strings.Split(value, ",")
+		valueSlice := append([]string{}, vals...)
+		return valueSlice, nil
+	}
+
 	field, ok := reflect.TypeOf(&Task{}).Elem().FieldByName(realFieldName)
 	if !ok {
 		return nil, ErrInvalidTaskField{TaskField: fieldName}

pkg/models/task_collection_test.go

@@ -934,10 +934,10 @@ func TestTaskCollection_ReadAll(t *testing.T) {
 			wantErr: false,
 		},
 		{
-			name: "filter assignees",
+			name: "filter assignees by username",
 			fields: fields{
 				FilterBy:         []string{"assignees"},
-				FilterValue:      []string{"1"},
+				FilterValue:      []string{"user1"},
 				FilterComparator: []string{"equals"},
 			},
 			args: defaultArgs,
@@ -947,12 +947,80 @@ func TestTaskCollection_ReadAll(t *testing.T) {
 			wantErr: false,
 		},
 		{
-			name: "filter assignees in",
+			name: "filter assignees by username with users field name",
+			fields: fields{
+				FilterBy:         []string{"users"},
+				FilterValue:      []string{"user1"},
+				FilterComparator: []string{"equals"},
+			},
+			args:    defaultArgs,
+			want:    nil,
+			wantErr: true,
+		},
+		{
+			name: "filter assignees by username with user_id field name",
+			fields: fields{
+				FilterBy:         []string{"user_id"},
+				FilterValue:      []string{"user1"},
+				FilterComparator: []string{"equals"},
+			},
+			args:    defaultArgs,
+			want:    nil,
+			wantErr: true,
+		},
+		{
+			name: "filter assignees by multiple username",
+			fields: fields{
+				FilterBy:         []string{"assignees", "assignees"},
+				FilterValue:      []string{"user1", "user2"},
+				FilterComparator: []string{"equals", "equals"},
+			},
+			args: defaultArgs,
+			want: []*Task{
+				task30,
+			},
+			wantErr: false,
+		},
+		{
+			name: "filter assignees by numbers",
+			fields: fields{
+				FilterBy:         []string{"assignees"},
+				FilterValue:      []string{"1"},
+				FilterComparator: []string{"equals"},
+			},
+			args:    defaultArgs,
+			want:    []*Task{},
+			wantErr: false,
+		},
+		{
+			name: "filter assignees by name with like",
+			fields: fields{
+				FilterBy:         []string{"assignees"},
+				FilterValue:      []string{"user"},
+				FilterComparator: []string{"like"},
+			},
+			args:    defaultArgs,
+			want:    []*Task{},
+			wantErr: true,
+		},
+		{
+			name: "filter assignees in by id",
 			fields: fields{
 				FilterBy:         []string{"assignees"},
 				FilterValue:      []string{"1,2"},
 				FilterComparator: []string{"in"},
 			},
+			args:    defaultArgs,
+			want:    []*Task{},
+			wantErr: false,
+		},
+		{
+			name: "filter assignees in by username",
+			fields: fields{
+				FilterBy:         []string{"assignees"},
+				FilterValue:      []string{"user1,user2"},
+				FilterComparator: []string{"in"},
+			},
 			args: defaultArgs,
 			want: []*Task{
 				task30,

pkg/models/task_overdue_reminder.go

@@ -92,10 +92,10 @@ func getUndoneOverdueTasks(s *xorm.Session, now time.Time) (usersWithTasks map[i
 			if !exists {
 				uts[t.User.ID] = &userWithTasks{
 					user:  t.User,
-					tasks: []*Task{},
+					tasks: make(map[int64]*Task),
 				}
 			}
-			uts[t.User.ID].tasks = append(uts[t.User.ID].tasks, t.Task)
+			uts[t.User.ID].tasks[t.Task.ID] = t.Task
 		}
 	}
 
@@ -104,7 +104,7 @@ func getUndoneOverdueTasks(s *xorm.Session, now time.Time) (usersWithTasks map[i
 
 type userWithTasks struct {
 	user  *user.User
-	tasks []*Task
+	tasks map[int64]*Task
 }
 
 // RegisterOverdueReminderCron registers a function which checks once a day for tasks that are overdue and not done.

pkg/models/tasks.go

@@ -98,6 +98,9 @@ type Task struct {
 	// All attachments this task has
 	Attachments []*TaskAttachment `xorm:"-" json:"attachments"`
 
+	// If this task has a cover image, the field will return the id of the attachment that is the cover image.
+	CoverImageAttachmentID int64 `xorm:"bigint default 0" json:"cover_image_attachment_id"`
+
 	// True if a task is a favorite task. Favorite tasks show up in a separate "Important" list. This value depends on the user making the call to the api.
 	IsFavorite bool `xorm:"-" json:"is_favorite"`
 
@@ -338,8 +341,11 @@ func getRawTasksForLists(s *xorm.Session, lists []*List, a web.Auth, opts *taskO
 			continue
 		}
 
-		if f.field == "assignees" || f.field == "user_id" {
-			f.field = "user_id"
+		if f.field == "assignees" {
+			if f.comparator == taskFilterComparatorLike {
+				return nil, 0, 0, ErrInvalidTaskFilterValue{Field: f.field, Value: f.value}
+			}
+			f.field = "username"
 			filter, err := getFilterCond(f, opts.filterIncludeNulls)
 			if err != nil {
 				return nil, 0, 0, err
@@ -430,7 +436,13 @@ func getRawTasksForLists(s *xorm.Session, lists []*List, a web.Auth, opts *taskO
 	}
 
 	if len(assigneeFilters) > 0 {
-		filters = append(filters, getFilterCondForSeparateTable("task_assignees", opts.filterConcat, assigneeFilters))
+		assigneeFilter := []builder.Cond{
+			builder.In("user_id",
+				builder.Select("id").
+					From("users").
+					Where(builder.Or(assigneeFilters...)),
+			)}
+		filters = append(filters, getFilterCondForSeparateTable("task_assignees", opts.filterConcat, assigneeFilter))
 	}
 
 	if len(labelFilters) > 0 {
@@ -970,6 +982,7 @@ func createTask(s *xorm.Session, t *Task, a web.Auth, updateAssignees bool) (err
 // @Failure 403 {object} web.HTTPError "The user does not have access to the task (aka its list)"
 // @Failure 500 {object} models.Message "Internal error"
 // @Router /tasks/{id} [post]
+//
 //nolint:gocyclo
 func (t *Task) Update(s *xorm.Session, a web.Auth) (err error) {
 
@@ -1029,6 +1042,7 @@ func (t *Task) Update(s *xorm.Session, a web.Auth) (err error) {
 		"position",
 		"repeat_mode",
 		"kanban_position",
+		"cover_image_attachment_id",
 	}
 
 	// If the task is being moved between lists, make sure to move the bucket + index as well
@@ -1043,6 +1057,23 @@ func (t *Task) Update(s *xorm.Session, a web.Auth) (err error) {
 		colsToUpdate = append(colsToUpdate, "index")
 	}
 
+	// If a task attachment is being set as cover image, check if the attachment actually belongs to the task
+	if t.CoverImageAttachmentID != 0 {
+		is, err := s.Exist(&TaskAttachment{
+			TaskID: t.ID,
+			ID:     t.CoverImageAttachmentID,
+		})
+		if err != nil {
+			return err
+		}
+		if !is {
+			return &ErrAttachmentDoesNotBelongToTask{
+				AttachmentID: t.CoverImageAttachmentID,
+				TaskID:       t.ID,
+			}
+		}
+	}
+
 	wasFavorite, err := isFavorite(s, t.ID, a, FavoriteKindTask)
 	if err != nil {
 		return
@@ -1138,6 +1169,10 @@ func (t *Task) Update(s *xorm.Session, a web.Auth) (err error) {
 	if !t.IsFavorite {
 		ot.IsFavorite = false
 	}
+	// Attachment cover image
+	if t.CoverImageAttachmentID == 0 {
+		ot.CoverImageAttachmentID = 0
+	}
 
 	_, err = s.ID(t.ID).
 		Cols(colsToUpdate...).
@@ -1280,18 +1315,39 @@ func setTaskDatesFromCurrentDateRepeat(oldTask, newTask *Task) {
 		}
 	}
 
-	// If a task has a start and end date, the end date should keep the difference to the start date when setting them as new
-	if !oldTask.StartDate.IsZero() && !oldTask.EndDate.IsZero() {
-		diff := oldTask.EndDate.Sub(oldTask.StartDate)
-		newTask.StartDate = now.Add(repeatDuration)
-		newTask.EndDate = now.Add(repeatDuration + diff)
-	} else {
-		if !oldTask.StartDate.IsZero() {
+	// We want to preserve intervals among the due, start and end dates.
+	// The due date is used as a reference point for all new dates, so the
+	// behaviour depends on whether the due date is set at all.
+	if oldTask.DueDate.IsZero() {
+		// If a task has no due date, but does have a start and end date, the
+		// end date should keep the difference to the start date when setting
+		// them as new
+		if !oldTask.StartDate.IsZero() && !oldTask.EndDate.IsZero() {
+			diff := oldTask.EndDate.Sub(oldTask.StartDate)
 			newTask.StartDate = now.Add(repeatDuration)
+			newTask.EndDate = now.Add(repeatDuration + diff)
+		} else {
+			if !oldTask.StartDate.IsZero() {
+				newTask.StartDate = now.Add(repeatDuration)
+			}
+
+			if !oldTask.EndDate.IsZero() {
+				newTask.EndDate = now.Add(repeatDuration)
+			}
+		}
+	} else {
+		// If the old task has a start and due date, we set the new start date
+		// to preserve the interval between them.
+		if !oldTask.StartDate.IsZero() {
+			diff := oldTask.DueDate.Sub(oldTask.StartDate)
+			newTask.StartDate = newTask.DueDate.Add(-diff)
 		}
 
+		// If the old task has an end and due date, we set the new end date
+		// to preserve the interval between them.
 		if !oldTask.EndDate.IsZero() {
-			newTask.EndDate = now.Add(repeatDuration)
+			diff := oldTask.DueDate.Sub(oldTask.EndDate)
+			newTask.EndDate = newTask.DueDate.Add(-diff)
 		}
 	}
 
@@ -1301,8 +1357,8 @@ func setTaskDatesFromCurrentDateRepeat(oldTask, newTask *Task) {
 // This helper function updates the reminders, doneAt, start and end dates of the *old* task
 // and saves the new values in the newTask object.
 // We make a few assumtions here:
-//   1. Everything in oldTask is the truth - we figure out if we update anything at all if oldTask.RepeatAfter has a value > 0
-//   2. Because of 1., this functions should not be used to update values other than Done in the same go
+//  1. Everything in oldTask is the truth - we figure out if we update anything at all if oldTask.RepeatAfter has a value > 0
+//  2. Because of 1., this functions should not be used to update values other than Done in the same go
 func updateDone(oldTask *Task, newTask *Task) {
 	if !oldTask.Done && newTask.Done {
 		switch oldTask.RepeatMode {

pkg/models/team_members.go

@@ -79,7 +79,7 @@ func (tm *TeamMember) Create(s *xorm.Session, a web.Auth) (err error) {
 
 // Delete deletes a user from a team
 // @Summary Remove a user from a team
-// @Description Remove a user from a team. This will also revoke any access this user might have via that team.
+// @Description Remove a user from a team. This will also revoke any access this user might have via that team. A user can remove themselves from the team if they are not the last user in the team.
 // @tags team
 // @Produce json
 // @Security JWTKeyAuth

pkg/models/team_members_rights.go

@@ -17,6 +17,7 @@
 package models
 
 import (
+	"code.vikunja.io/api/pkg/user"
 	"code.vikunja.io/web"
 	"xorm.io/xorm"
 )
@@ -28,6 +29,13 @@ func (tm *TeamMember) CanCreate(s *xorm.Session, a web.Auth) (bool, error) {
 
 // CanDelete checks if the user can delete a new team member
 func (tm *TeamMember) CanDelete(s *xorm.Session, a web.Auth) (bool, error) {
+	u, err := user.GetUserByUsername(s, tm.Username)
+	if err != nil {
+		return false, err
+	}
+	if u.ID == a.GetID() {
+		return true, nil
+	}
 	return tm.IsAdmin(s, a)
 }
 

pkg/models/teams.go

@@ -79,7 +79,7 @@ type TeamMember struct {
 }
 
 // TableName makes beautiful table names
-func (TeamMember) TableName() string {
+func (*TeamMember) TableName() string {
 	return "team_members"
 }
 

pkg/models/users_list_test.go

@@ -214,6 +214,13 @@ func TestListUsersFromList(t *testing.T) {
 				testuser13, // Shared Via NamespaceUser admin
 			},
 		},
+		{
+			name: "search for user1",
+			args: args{l: &List{ID: 19, OwnerID: 7}, search: "user1"},
+			wantUsers: []*user.User{
+				testuser1, // Shared Via Team readonly
+			},
+		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {

pkg/modules/avatar/gravatar/gravatar.go

@@ -18,7 +18,7 @@ package gravatar
 
 import (
 	"context"
-	"io/ioutil"
+	"io"
 	"net/http"
 	"strconv"
 	"strings"
@@ -74,7 +74,7 @@ func (g *Provider) GetAvatar(user *user.User, size int64) ([]byte, string, error
 			return nil, "", err
 		}
 		defer resp.Body.Close()
-		avatarContent, err := ioutil.ReadAll(resp.Body)
+		avatarContent, err := io.ReadAll(resp.Body)
 		if err != nil {
 			return nil, "", err
 		}

pkg/modules/avatar/upload/upload.go

@@ -20,13 +20,14 @@ import (
 	"bytes"
 	"image"
 	"image/png"
-	"io/ioutil"
+	"io"
 	"strconv"
 
 	"code.vikunja.io/api/pkg/files"
 	"code.vikunja.io/api/pkg/log"
 	"code.vikunja.io/api/pkg/modules/keyvalue"
 	"code.vikunja.io/api/pkg/user"
+
 	"github.com/disintegration/imaging"
 )
 
@@ -82,7 +83,7 @@ func (p *Provider) GetAvatar(u *user.User, size int64) (avatar []byte, mimeType
 		return nil, "", err
 	}
 
-	avatar, err = ioutil.ReadAll(buf)
+	avatar, err = io.ReadAll(buf)
 	if err != nil {
 		return nil, "", err
 	}

pkg/modules/background/handler/background.go

@@ -17,10 +17,15 @@
 package handler
 
 import (
-	"image"
 	_ "image/gif"  // To make sure the decoder used for generating blurHashes recognizes gifs
 	_ "image/jpeg" // To make sure the decoder used for generating blurHashes recognizes jpgs
 	_ "image/png"  // To make sure the decoder used for generating blurHashes recognizes pngs
+
+	_ "golang.org/x/image/bmp"  // To make sure the decoder used for generating blurHashes recognizes bmps
+	_ "golang.org/x/image/tiff" // To make sure the decoder used for generating blurHashes recognizes tiffs
+	_ "golang.org/x/image/webp" // To make sure the decoder used for generating blurHashes recognizes tiffs
+
+	"image"
 	"io"
 	"net/http"
 	"strconv"

pkg/modules/migration/create_from_structure.go

@@ -18,15 +18,14 @@ package migration
 
 import (
 	"bytes"
-	"io/ioutil"
-
-	"code.vikunja.io/api/pkg/modules/background/handler"
+	"io"
 
 	"xorm.io/xorm"
 
 	"code.vikunja.io/api/pkg/db"
 	"code.vikunja.io/api/pkg/log"
 	"code.vikunja.io/api/pkg/models"
+	"code.vikunja.io/api/pkg/modules/background/handler"
 	"code.vikunja.io/api/pkg/user"
 )
 
@@ -212,7 +211,7 @@ func insertFromStructure(s *xorm.Session, str []*models.NamespaceWithListsAndTas
 					// Check if we have a file to create
 					if len(a.File.FileContent) > 0 {
 						a.TaskID = t.ID
-						fr := ioutil.NopCloser(bytes.NewReader(a.File.FileContent))
+						fr := io.NopCloser(bytes.NewReader(a.File.FileContent))
 						err = a.NewAttachment(s, fr, a.File.Name, a.File.Size, user)
 						if err != nil {
 							return

pkg/modules/migration/ticktick/ticktick.go

@@ -0,0 +1,265 @@
+// Vikunja is a to-do list application to facilitate your life.
+// Copyright 2018-2021 Vikunja and contributors. All rights reserved.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public Licensee as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public Licensee for more details.
+//
+// You should have received a copy of the GNU Affero General Public Licensee
+// along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+package ticktick
+
+import (
+	"encoding/csv"
+	"errors"
+	"io"
+	"regexp"
+	"sort"
+	"strconv"
+	"strings"
+	"time"
+
+	"code.vikunja.io/api/pkg/log"
+
+	"code.vikunja.io/api/pkg/models"
+	"code.vikunja.io/api/pkg/modules/migration"
+	"code.vikunja.io/api/pkg/user"
+)
+
+const timeISO = "2006-01-02T15:04:05-0700"
+
+type Migrator struct {
+}
+
+type tickTickTask struct {
+	FolderName    string
+	ListName      string
+	Title         string
+	Tags          []string
+	Content       string
+	IsChecklist   bool
+	StartDate     time.Time
+	DueDate       time.Time
+	Reminder      time.Duration
+	Repeat        string
+	Priority      int
+	Status        string
+	CreatedTime   time.Time
+	CompletedTime time.Time
+	Order         float64
+	TaskID        int64
+	ParentID      int64
+}
+
+// Copied from https://stackoverflow.com/a/57617885
+var durationRegex = regexp.MustCompile(`P([\d\.]+Y)?([\d\.]+M)?([\d\.]+D)?T?([\d\.]+H)?([\d\.]+M)?([\d\.]+?S)?`)
+
+// ParseDuration converts a ISO8601 duration into a time.Duration
+func parseDuration(str string) time.Duration {
+	matches := durationRegex.FindStringSubmatch(str)
+
+	if len(matches) == 0 {
+		return 0
+	}
+
+	years := parseDurationPart(matches[1], time.Hour*24*365)
+	months := parseDurationPart(matches[2], time.Hour*24*30)
+	days := parseDurationPart(matches[3], time.Hour*24)
+	hours := parseDurationPart(matches[4], time.Hour)
+	minutes := parseDurationPart(matches[5], time.Second*60)
+	seconds := parseDurationPart(matches[6], time.Second)
+
+	return years + months + days + hours + minutes + seconds
+}
+
+func parseDurationPart(value string, unit time.Duration) time.Duration {
+	if len(value) != 0 {
+		if parsed, err := strconv.ParseFloat(value[:len(value)-1], 64); err == nil {
+			return time.Duration(float64(unit) * parsed)
+		}
+	}
+	return 0
+}
+
+func convertTickTickToVikunja(tasks []*tickTickTask) (result []*models.NamespaceWithListsAndTasks) {
+	namespace := &models.NamespaceWithListsAndTasks{
+		Namespace: models.Namespace{
+			Title: "Migrated from TickTick",
+		},
+		Lists: []*models.ListWithTasksAndBuckets{},
+	}
+
+	lists := make(map[string]*models.ListWithTasksAndBuckets)
+	for _, t := range tasks {
+		_, has := lists[t.ListName]
+		if !has {
+			lists[t.ListName] = &models.ListWithTasksAndBuckets{
+				List: models.List{
+					Title: t.ListName,
+				},
+			}
+		}
+
+		labels := make([]*models.Label, 0, len(t.Tags))
+		for _, tag := range t.Tags {
+			labels = append(labels, &models.Label{
+				Title: tag,
+			})
+		}
+
+		task := &models.TaskWithComments{
+			Task: models.Task{
+				ID:          t.TaskID,
+				Title:       t.Title,
+				Description: t.Content,
+				StartDate:   t.StartDate,
+				EndDate:     t.DueDate,
+				DueDate:     t.DueDate,
+				Reminders: []time.Time{
+					t.DueDate.Add(t.Reminder * -1),
+				},
+				Done:     t.Status == "1",
+				DoneAt:   t.CompletedTime,
+				Position: t.Order,
+				Labels:   labels,
+			},
+		}
+
+		if t.ParentID != 0 {
+			task.RelatedTasks = map[models.RelationKind][]*models.Task{
+				models.RelationKindParenttask: {{ID: t.ParentID}},
+			}
+		}
+
+		lists[t.ListName].Tasks = append(lists[t.ListName].Tasks, task)
+	}
+
+	for _, l := range lists {
+		namespace.Lists = append(namespace.Lists, l)
+	}
+
+	sort.Slice(namespace.Lists, func(i, j int) bool {
+		return namespace.Lists[i].Title < namespace.Lists[j].Title
+	})
+
+	return []*models.NamespaceWithListsAndTasks{namespace}
+}
+
+// Name is used to get the name of the ticktick migration - we're using the docs here to annotate the status route.
+// @Summary Get migration status
+// @Description Returns if the current user already did the migation or not. This is useful to show a confirmation message in the frontend if the user is trying to do the same migration again.
+// @tags migration
+// @Produce json
+// @Security JWTKeyAuth
+// @Success 200 {object} migration.Status "The migration status"
+// @Failure 500 {object} models.Message "Internal server error"
+// @Router /migration/ticktick/status [get]
+func (m *Migrator) Name() string {
+	return "ticktick"
+}
+
+// Migrate takes a ticktick export, parses it and imports everything in it into Vikunja.
+// @Summary Import all lists, tasks etc. from a TickTick backup export
+// @Description Imports all projects, tasks, notes, reminders, subtasks and files from a TickTick backup export into Vikunja.
+// @tags migration
+// @Accept json
+// @Produce json
+// @Security JWTKeyAuth
+// @Param import formData string true "The TickTick backup csv file."
+// @Success 200 {object} models.Message "A message telling you everything was migrated successfully."
+// @Failure 500 {object} models.Message "Internal server error"
+// @Router /migration/ticktick/migrate [post]
+func (m *Migrator) Migrate(user *user.User, file io.ReaderAt, size int64) error {
+	fr := io.NewSectionReader(file, 0, size)
+	r := csv.NewReader(fr)
+
+	allTasks := []*tickTickTask{}
+	line := 0
+	for {
+
+		record, err := r.Read()
+		if err != nil {
+			if errors.Is(err, io.EOF) {
+				break
+			}
+			log.Debugf("[TickTick Migration] CSV parse error: %s", err)
+		}
+
+		line++
+		if line <= 4 {
+			continue
+		}
+
+		priority, err := strconv.Atoi(record[10])
+		if err != nil {
+			return err
+		}
+		order, err := strconv.ParseFloat(record[14], 64)
+		if err != nil {
+			return err
+		}
+		taskID, err := strconv.ParseInt(record[21], 10, 64)
+		if err != nil {
+			return err
+		}
+		parentID, err := strconv.ParseInt(record[21], 10, 64)
+		if err != nil {
+			return err
+		}
+
+		reminder := parseDuration(record[8])
+
+		t := &tickTickTask{
+			ListName:    record[1],
+			Title:       record[2],
+			Tags:        strings.Split(record[3], ", "),
+			Content:     record[4],
+			IsChecklist: record[5] == "Y",
+			Reminder:    reminder,
+			Repeat:      record[9],
+			Priority:    priority,
+			Status:      record[11],
+			Order:       order,
+			TaskID:      taskID,
+			ParentID:    parentID,
+		}
+
+		if record[6] != "" {
+			t.StartDate, err = time.Parse(timeISO, record[6])
+			if err != nil {
+				return err
+			}
+		}
+		if record[7] != "" {
+			t.DueDate, err = time.Parse(timeISO, record[7])
+			if err != nil {
+				return err
+			}
+		}
+		if record[12] != "" {
+			t.StartDate, err = time.Parse(timeISO, record[12])
+			if err != nil {
+				return err
+			}
+		}
+		if record[13] != "" {
+			t.CompletedTime, err = time.Parse(timeISO, record[13])
+			if err != nil {
+				return err
+			}
+		}
+
+		allTasks = append(allTasks, t)
+	}
+
+	vikunjaTasks := convertTickTickToVikunja(allTasks)
+
+	return migration.InsertFromStructure(vikunjaTasks, user)
+}

pkg/modules/migration/ticktick/ticktick_test.go

@@ -0,0 +1,136 @@
+// Vikunja is a to-do list application to facilitate your life.
+// Copyright 2018-2021 Vikunja and contributors. All rights reserved.
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public Licensee as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public Licensee for more details.
+//
+// You should have received a copy of the GNU Affero General Public Licensee
+// along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+package ticktick
+
+import (
+	"testing"
+	"time"
+
+	"code.vikunja.io/api/pkg/models"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+func TestConvertTicktickTasksToVikunja(t *testing.T) {
+	time1, err := time.Parse(time.RFC3339Nano, "2022-11-18T03:00:00.4770000Z")
+	require.NoError(t, err)
+	time2, err := time.Parse(time.RFC3339Nano, "2022-12-18T03:00:00.4770000Z")
+	require.NoError(t, err)
+	time3, err := time.Parse(time.RFC3339Nano, "2022-12-10T03:00:00.4770000Z")
+	require.NoError(t, err)
+	duration, err := time.ParseDuration("24h")
+	require.NoError(t, err)
+
+	tickTickTasks := []*tickTickTask{
+		{
+			TaskID:    1,
+			ParentID:  0,
+			ListName:  "List 1",
+			Title:     "Test task 1",
+			Tags:      []string{"label1", "label2"},
+			Content:   "Lorem Ipsum Dolor sit amet",
+			StartDate: time1,
+			DueDate:   time2,
+			Reminder:  duration,
+			Repeat:    "FREQ=WEEKLY;INTERVAL=1;UNTIL=20190117T210000Z",
+			Status:    "0",
+			Order:     -1099511627776,
+		},
+		{
+			TaskID:        2,
+			ParentID:      1,
+			ListName:      "List 1",
+			Title:         "Test task 2",
+			Status:        "1",
+			CompletedTime: time3,
+			Order:         -1099511626,
+		},
+		{
+			TaskID:    3,
+			ParentID:  0,
+			ListName:  "List 1",
+			Title:     "Test task 3",
+			Tags:      []string{"label1", "label2", "other label"},
+			StartDate: time1,
+			DueDate:   time2,
+			Reminder:  duration,
+			Status:    "0",
+			Order:     -109951627776,
+		},
+		{
+			TaskID:   4,
+			ParentID: 0,
+			ListName: "List 2",
+			Title:    "Test task 4",
+			Status:   "0",
+			Order:    -109951627777,
+		},
+	}
+
+	vikunjaTasks := convertTickTickToVikunja(tickTickTasks)
+
+	assert.Len(t, vikunjaTasks, 1)
+	assert.Len(t, vikunjaTasks[0].Lists, 2)
+
+	assert.Len(t, vikunjaTasks[0].Lists[0].Tasks, 3)
+	assert.Equal(t, vikunjaTasks[0].Lists[0].Title, tickTickTasks[0].ListName)
+
+	assert.Equal(t, vikunjaTasks[0].Lists[0].Tasks[0].Title, tickTickTasks[0].Title)
+	assert.Equal(t, vikunjaTasks[0].Lists[0].Tasks[0].Description, tickTickTasks[0].Content)
+	assert.Equal(t, vikunjaTasks[0].Lists[0].Tasks[0].StartDate, tickTickTasks[0].StartDate)
+	assert.Equal(t, vikunjaTasks[0].Lists[0].Tasks[0].EndDate, tickTickTasks[0].DueDate)
+	assert.Equal(t, vikunjaTasks[0].Lists[0].Tasks[0].DueDate, tickTickTasks[0].DueDate)
+	assert.Equal(t, vikunjaTasks[0].Lists[0].Tasks[0].Labels, []*models.Label{
+		{Title: "label1"},
+		{Title: "label2"},
+	})
+	//assert.Equal(t, vikunjaTasks[0].Lists[0].Tasks[0].Reminders, tickTickTasks[0].) // TODO
+	assert.Equal(t, vikunjaTasks[0].Lists[0].Tasks[0].Position, tickTickTasks[0].Order)
+	assert.Equal(t, vikunjaTasks[0].Lists[0].Tasks[0].Done, false)
+
+	assert.Equal(t, vikunjaTasks[0].Lists[0].Tasks[1].Title, tickTickTasks[1].Title)
+	assert.Equal(t, vikunjaTasks[0].Lists[0].Tasks[1].Position, tickTickTasks[1].Order)
+	assert.Equal(t, vikunjaTasks[0].Lists[0].Tasks[1].Done, true)
+	assert.Equal(t, vikunjaTasks[0].Lists[0].Tasks[1].DoneAt, tickTickTasks[1].CompletedTime)
+	assert.Equal(t, vikunjaTasks[0].Lists[0].Tasks[1].RelatedTasks, models.RelatedTaskMap{
+		models.RelationKindParenttask: []*models.Task{
+			{
+				ID: tickTickTasks[1].ParentID,
+			},
+		},
+	})
+
+	assert.Equal(t, vikunjaTasks[0].Lists[0].Tasks[2].Title, tickTickTasks[2].Title)
+	assert.Equal(t, vikunjaTasks[0].Lists[0].Tasks[2].Description, tickTickTasks[2].Content)
+	assert.Equal(t, vikunjaTasks[0].Lists[0].Tasks[2].StartDate, tickTickTasks[2].StartDate)
+	assert.Equal(t, vikunjaTasks[0].Lists[0].Tasks[2].EndDate, tickTickTasks[2].DueDate)
+	assert.Equal(t, vikunjaTasks[0].Lists[0].Tasks[2].DueDate, tickTickTasks[2].DueDate)
+	assert.Equal(t, vikunjaTasks[0].Lists[0].Tasks[2].Labels, []*models.Label{
+		{Title: "label1"},
+		{Title: "label2"},
+		{Title: "other label"},
+	})
+	//assert.Equal(t, vikunjaTasks[0].Lists[0].Tasks[0].Reminders, tickTickTasks[0].) // TODO
+	assert.Equal(t, vikunjaTasks[0].Lists[0].Tasks[2].Position, tickTickTasks[2].Order)
+	assert.Equal(t, vikunjaTasks[0].Lists[0].Tasks[2].Done, false)
+
+	assert.Len(t, vikunjaTasks[0].Lists[1].Tasks, 1)
+	assert.Equal(t, vikunjaTasks[0].Lists[1].Title, tickTickTasks[3].ListName)
+
+	assert.Equal(t, vikunjaTasks[0].Lists[1].Tasks[0].Title, tickTickTasks[3].Title)
+	assert.Equal(t, vikunjaTasks[0].Lists[1].Tasks[0].Position, tickTickTasks[3].Order)
+}

pkg/modules/migration/todoist/todoist.go

@@ -105,6 +105,10 @@ type item struct {
 	DateCompleted   time.Time   `json:"date_completed"`
 }
 
+type itemWrapper struct {
+	Item *item `json:"item"`
+}
+
 type doneItem struct {
 	CompletedDate time.Time `json:"completed_date"`
 	Content       string    `json:"content"`
@@ -115,7 +119,8 @@ type doneItem struct {
 }
 
 type doneItemSync struct {
-	Items []*doneItem `json:"items"`
+	Items    []*doneItem         `json:"items"`
+	Projects map[string]*project `json:"projects"`
 }
 
 type fileAttachment struct {
@@ -358,6 +363,11 @@ func convertTodoistToVikunja(sync *sync, doneItems map[int64]*doneItem) (fullVik
 
 		tasks[i.ID] = task
 
+		if _, exists := lists[i.ProjectID]; !exists {
+			log.Debugf("[Todoist Migration] Tried to put item %d in project %d but the project does not exist", i.ID, i.ProjectID)
+			continue
+		}
+
 		lists[i.ProjectID].Tasks = append(lists[i.ProjectID].Tasks, task)
 	}
 
@@ -540,33 +550,62 @@ func (m *Migration) Migrate(u *user.User) (err error) {
 	}
 
 	log.Debugf("[Todoist Migration] Getting done items for user %d", u.ID)
-	// Get all done tasks
-	resp, err = migration.DoPost("https://api.todoist.com/sync/v8/completed/get_all", form)
-	if err != nil {
-		return
-	}
-	defer resp.Body.Close()
 
-	completedSyncResponse := &doneItemSync{}
-	err = json.NewDecoder(resp.Body).Decode(completedSyncResponse)
-	if err != nil {
-		return
-	}
+	// Get all done tasks and projects
+	offset := 0
+	doneItems := make(map[int64]*doneItem)
 
-	sort.Slice(completedSyncResponse.Items, func(i, j int) bool {
-		return completedSyncResponse.Items[i].CompletedDate.After(completedSyncResponse.Items[j].CompletedDate)
-	})
-
-	doneItems := make(map[int64]*doneItem, len(completedSyncResponse.Items))
-	for _, i := range completedSyncResponse.Items {
-		if _, has := doneItems[i.TaskID]; has {
-			// Only set the newest completion date
-			continue
+	for {
+		resp, err = migration.DoPost("https://api.todoist.com/sync/v8/completed/get_all?limit=200&offset="+strconv.Itoa(offset), form)
+		if err != nil {
+			return
 		}
-		doneItems[i.TaskID] = i
+		defer resp.Body.Close()
+
+		completedSyncResponse := &doneItemSync{}
+		err = json.NewDecoder(resp.Body).Decode(completedSyncResponse)
+		if err != nil {
+			return
+		}
+
+		sort.Slice(completedSyncResponse.Items, func(i, j int) bool {
+			return completedSyncResponse.Items[i].CompletedDate.After(completedSyncResponse.Items[j].CompletedDate)
+		})
+
+		for _, i := range completedSyncResponse.Items {
+			if _, has := doneItems[i.TaskID]; has {
+				// Only set the newest completion date
+				continue
+			}
+			doneItems[i.TaskID] = i
+
+			// need to get done item data
+			resp, err = migration.DoPost("https://api.todoist.com/sync/v8/items/get", url.Values{
+				"token":   []string{token},
+				"item_id": []string{strconv.FormatInt(i.TaskID, 10)},
+			})
+			if err != nil {
+				return
+			}
+			defer resp.Body.Close()
+
+			doneI := &itemWrapper{}
+			err = json.NewDecoder(resp.Body).Decode(doneI)
+			if err != nil {
+				return
+			}
+			log.Debugf("[Todoist Migration] Retrieved full task data for done task %d", i.TaskID)
+			syncResponse.Items = append(syncResponse.Items, doneI.Item)
+		}
+
+		if len(completedSyncResponse.Items) < 200 {
+			break
+		}
+		offset++
+		log.Debugf("[Todoist Migration] User %d has more than 200 done tasks or projects, looping to get more; iteration %d", u.ID, offset)
 	}
 
-	log.Debugf("[Todoist Migration] Got %d done items for user %d", len(completedSyncResponse.Items), u.ID)
+	log.Debugf("[Todoist Migration] Got %d done items for user %d", len(doneItems), u.ID)
 	log.Debugf("[Todoist Migration] Getting archived projects for user %d", u.ID)
 
 	// Get all archived projects

pkg/modules/migration/todoist/todoist_test.go

@@ -17,7 +17,7 @@
 package todoist
 
 import (
-	"io/ioutil"
+	"os"
 	"strconv"
 	"testing"
 	"time"
@@ -47,7 +47,7 @@ func TestConvertTodoistToVikunja(t *testing.T) {
 	dueTimeWithTime = dueTimeWithTime.In(config.GetTimeZone())
 	nilTime, err := time.Parse(time.RFC3339Nano, "0001-01-01T00:00:00Z")
 	assert.NoError(t, err)
-	exampleFile, err := ioutil.ReadFile(config.ServiceRootpath.GetString() + "/pkg/modules/migration/wunderlist/testimage.jpg")
+	exampleFile, err := os.ReadFile(config.ServiceRootpath.GetString() + "/pkg/modules/migration/wunderlist/testimage.jpg")
 	assert.NoError(t, err)
 
 	makeTestItem := func(id, projectId int64, hasDueDate, hasLabels, done bool) *item {

pkg/modules/migration/trello/trello_test.go

@@ -18,7 +18,7 @@ package trello
 
 import (
 	"bytes"
-	"io/ioutil"
+	"os"
 	"testing"
 	"time"
 
@@ -36,7 +36,7 @@ func TestConvertTrelloToVikunja(t *testing.T) {
 
 	time1, err := time.Parse(time.RFC3339Nano, "2014-09-26T08:25:05Z")
 	assert.NoError(t, err)
-	exampleFile, err := ioutil.ReadFile(config.ServiceRootpath.GetString() + "/pkg/modules/migration/wunderlist/testimage.jpg")
+	exampleFile, err := os.ReadFile(config.ServiceRootpath.GetString() + "/pkg/modules/migration/wunderlist/testimage.jpg")
 	assert.NoError(t, err)
 
 	trelloData := []*trello.Board{

pkg/modules/migration/wunderlist/wunderlist_test.go

@@ -17,7 +17,7 @@
 package wunderlist
 
 import (
-	"io/ioutil"
+	"os"
 	"strconv"
 	"testing"
 	"time"
@@ -46,7 +46,7 @@ func TestWunderlistParsing(t *testing.T) {
 	assert.NoError(t, err)
 	time4 = time4.In(config.GetTimeZone())
 
-	exampleFile, err := ioutil.ReadFile(config.ServiceRootpath.GetString() + "/pkg/modules/migration/wunderlist/testimage.jpg")
+	exampleFile, err := os.ReadFile(config.ServiceRootpath.GetString() + "/pkg/modules/migration/wunderlist/testimage.jpg")
 	assert.NoError(t, err)
 
 	createTestTask := func(id, listID int, done bool) *task {

pkg/routes/api/v1/info.go

@@ -19,19 +19,17 @@ package v1
 import (
 	"net/http"
 
-	vikunja_file "code.vikunja.io/api/pkg/modules/migration/vikunja-file"
-
-	microsofttodo "code.vikunja.io/api/pkg/modules/migration/microsoft-todo"
-
-	"code.vikunja.io/api/pkg/modules/migration/trello"
-
-	"code.vikunja.io/api/pkg/log"
-
 	"code.vikunja.io/api/pkg/config"
+	"code.vikunja.io/api/pkg/log"
 	"code.vikunja.io/api/pkg/modules/auth/openid"
+	microsofttodo "code.vikunja.io/api/pkg/modules/migration/microsoft-todo"
+	"code.vikunja.io/api/pkg/modules/migration/ticktick"
 	"code.vikunja.io/api/pkg/modules/migration/todoist"
+	"code.vikunja.io/api/pkg/modules/migration/trello"
+	vikunja_file "code.vikunja.io/api/pkg/modules/migration/vikunja-file"
 	"code.vikunja.io/api/pkg/modules/migration/wunderlist"
 	"code.vikunja.io/api/pkg/version"
+
 	"github.com/labstack/echo/v4"
 )
 
@@ -97,6 +95,7 @@ func Info(c echo.Context) error {
 		TaskCommentsEnabled:    config.ServiceEnableTaskComments.GetBool(),
 		AvailableMigrators: []string{
 			(&vikunja_file.FileMigrator{}).Name(),
+			(&ticktick.Migrator{}).Name(),
 		},
 		Legal: legalInfo{
 			ImprintURL:       config.LegalImprintURL.GetString(),

pkg/routes/caldav/auth.go

@@ -22,6 +22,7 @@ import (
 	"code.vikunja.io/api/pkg/db"
 	"code.vikunja.io/api/pkg/log"
 	"code.vikunja.io/api/pkg/user"
+	"xorm.io/xorm"
 
 	"github.com/labstack/echo/v4"
 	"golang.org/x/crypto/bcrypt"
@@ -35,37 +36,47 @@ func BasicAuth(username, password string, c echo.Context) (bool, error) {
 		Username: username,
 		Password: password,
 	}
-	u, err := user.CheckUserCredentials(s, credentials)
-	if err != nil && !user.IsErrWrongUsernameOrPassword(err) && !user.IsErrAccountIsNotLocal(err) {
-		log.Errorf("Error during basic auth for caldav: %v", err)
+	var err error
+	u, err := checkUserCaldavTokens(s, credentials)
+	if user.IsErrUserDoesNotExist(err) {
 		return false, nil
 	}
-
-	if err == nil {
+	if u == nil {
+		u, err = user.CheckUserCredentials(s, credentials)
+		if err != nil {
+			log.Errorf("Error during basic auth for caldav: %v", err)
+			return false, nil
+		}
+	}
+	if u != nil && err == nil {
 		c.Set("userBasicAuth", u)
 		return true, nil
 	}
+	return false, nil
+}
 
-	tokens, err := user.GetCaldavTokens(u)
+func checkUserCaldavTokens(s *xorm.Session, login *user.Login) (*user.User, error) {
+	usr, err := user.GetUserByUsername(s, login.Username)
+	if err != nil || usr == nil {
+		log.Warningf("Error while retrieving users from database: %v", err)
+		return nil, err
+	}
+	tokens, err := user.GetCaldavTokens(usr)
 	if err != nil {
 		log.Errorf("Error while getting tokens for caldav auth: %v", err)
-		return false, nil
+		return nil, err
 	}
-
 	// Looping over all tokens until we find one that matches
 	for _, token := range tokens {
-		err = bcrypt.CompareHashAndPassword([]byte(token.Token), []byte(password))
+		err = bcrypt.CompareHashAndPassword([]byte(token.Token), []byte(login.Password))
 		if err != nil {
 			if errors.Is(err, bcrypt.ErrMismatchedHashAndPassword) {
 				continue
 			}
 			log.Errorf("Error while verifying tokens for caldav auth: %v", err)
-			return false, nil
+			return nil, nil
 		}
-
-		c.Set("userBasicAuth", u)
-		return true, nil
+		return usr, nil
 	}
-
-	return false, nil
+	return nil, nil
 }

pkg/routes/caldav/handler.go

@@ -19,7 +19,7 @@ package caldav
 import (
 	"bytes"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"reflect"
 	"strconv"
 	"strings"
@@ -61,9 +61,9 @@ func ListHandler(c echo.Context) error {
 	}
 
 	// Try to parse a task from the request payload
-	body, _ := ioutil.ReadAll(c.Request().Body)
+	body, _ := io.ReadAll(c.Request().Body)
 	// Restore the io.ReadCloser to its original state
-	c.Request().Body = ioutil.NopCloser(bytes.NewBuffer(body))
+	c.Request().Body = io.NopCloser(bytes.NewBuffer(body))
 	// Parse it
 	vtodo := string(body)
 	if vtodo != "" && strings.HasPrefix(vtodo, `BEGIN:VCALENDAR`) {
@@ -127,9 +127,9 @@ func PrincipalHandler(c echo.Context) error {
 	}
 
 	// Try to parse a task from the request payload
-	body, _ := ioutil.ReadAll(c.Request().Body)
+	body, _ := io.ReadAll(c.Request().Body)
 	// Restore the io.ReadCloser to its original state
-	c.Request().Body = ioutil.NopCloser(bytes.NewBuffer(body))
+	c.Request().Body = io.NopCloser(bytes.NewBuffer(body))
 
 	log.Debugf("[CALDAV] Request Body: %v\n", string(body))
 	log.Debugf("[CALDAV] Request Headers: %v\n", c.Request().Header)
@@ -157,9 +157,9 @@ func EntryHandler(c echo.Context) error {
 	}
 
 	// Try to parse a task from the request payload
-	body, _ := ioutil.ReadAll(c.Request().Body)
+	body, _ := io.ReadAll(c.Request().Body)
 	// Restore the io.ReadCloser to its original state
-	c.Request().Body = ioutil.NopCloser(bytes.NewBuffer(body))
+	c.Request().Body = io.NopCloser(bytes.NewBuffer(body))
 
 	log.Debugf("[CALDAV] Request Body: %v\n", string(body))
 	log.Debugf("[CALDAV] Request Headers: %v\n", c.Request().Header)

pkg/routes/routes.go

@@ -53,10 +53,6 @@ import (
 	"strings"
 	"time"
 
-	"github.com/ulule/limiter/v3"
-
-	vikunja_file "code.vikunja.io/api/pkg/modules/migration/vikunja-file"
-
 	"code.vikunja.io/api/pkg/config"
 	"code.vikunja.io/api/pkg/db"
 	"code.vikunja.io/api/pkg/log"
@@ -70,8 +66,10 @@ import (
 	"code.vikunja.io/api/pkg/modules/migration"
 	migrationHandler "code.vikunja.io/api/pkg/modules/migration/handler"
 	microsofttodo "code.vikunja.io/api/pkg/modules/migration/microsoft-todo"
+	"code.vikunja.io/api/pkg/modules/migration/ticktick"
 	"code.vikunja.io/api/pkg/modules/migration/todoist"
 	"code.vikunja.io/api/pkg/modules/migration/trello"
+	vikunja_file "code.vikunja.io/api/pkg/modules/migration/vikunja-file"
 	"code.vikunja.io/api/pkg/modules/migration/wunderlist"
 	apiv1 "code.vikunja.io/api/pkg/routes/api/v1"
 	"code.vikunja.io/api/pkg/routes/caldav"
@@ -86,6 +84,7 @@ import (
 	"github.com/labstack/echo/v4"
 	"github.com/labstack/echo/v4/middleware"
 	elog "github.com/labstack/gommon/log"
+	"github.com/ulule/limiter/v3"
 )
 
 // NewEcho registers a new Echo instance
@@ -653,12 +652,21 @@ func registerMigrations(m *echo.Group) {
 		microsoftTodoMigrationHandler.RegisterRoutes(m)
 	}
 
+	// Vikunja File Migrator
 	vikunjaFileMigrationHandler := &migrationHandler.FileMigratorWeb{
 		MigrationStruct: func() migration.FileMigrator {
 			return &vikunja_file.FileMigrator{}
 		},
 	}
 	vikunjaFileMigrationHandler.RegisterRoutes(m)
+
+	// TickTick File Migrator
+	tickTickFileMigrator := migrationHandler.FileMigratorWeb{
+		MigrationStruct: func() migration.FileMigrator {
+			return &ticktick.Migrator{}
+		},
+	}
+	tickTickFileMigrator.RegisterRoutes(m)
 }
 
 func registerCalDavRoutes(c *echo.Group) {

pkg/swagger/docs.go

@@ -2699,6 +2699,80 @@ const docTemplate = `{
                 }
             }
         },
+        "/migration/ticktick/migrate": {
+            "post": {
+                "security": [
+                    {
+                        "JWTKeyAuth": []
+                    }
+                ],
+                "description": "Imports all projects, tasks, notes, reminders, subtasks and files from a TickTick backup export into Vikunja.",
+                "consumes": [
+                    "application/json"
+                ],
+                "produces": [
+                    "application/json"
+                ],
+                "tags": [
+                    "migration"
+                ],
+                "summary": "Import all lists, tasks etc. from a TickTick backup export",
+                "parameters": [
+                    {
+                        "type": "string",
+                        "description": "The TickTick backup csv file.",
+                        "name": "import",
+                        "in": "formData",
+                        "required": true
+                    }
+                ],
+                "responses": {
+                    "200": {
+                        "description": "A message telling you everything was migrated successfully.",
+                        "schema": {
+                            "$ref": "#/definitions/models.Message"
+                        }
+                    },
+                    "500": {
+                        "description": "Internal server error",
+                        "schema": {
+                            "$ref": "#/definitions/models.Message"
+                        }
+                    }
+                }
+            }
+        },
+        "/migration/ticktick/status": {
+            "get": {
+                "security": [
+                    {
+                        "JWTKeyAuth": []
+                    }
+                ],
+                "description": "Returns if the current user already did the migation or not. This is useful to show a confirmation message in the frontend if the user is trying to do the same migration again.",
+                "produces": [
+                    "application/json"
+                ],
+                "tags": [
+                    "migration"
+                ],
+                "summary": "Get migration status",
+                "responses": {
+                    "200": {
+                        "description": "The migration status",
+                        "schema": {
+                            "$ref": "#/definitions/migration.Status"
+                        }
+                    },
+                    "500": {
+                        "description": "Internal server error",
+                        "schema": {
+                            "$ref": "#/definitions/models.Message"
+                        }
+                    }
+                }
+            }
+        },
         "/migration/todoist/auth": {
             "get": {
                 "security": [
@@ -6167,7 +6241,7 @@ const docTemplate = `{
                         "JWTKeyAuth": []
                     }
                 ],
-                "description": "Remove a user from a team. This will also revoke any access this user might have via that team.",
+                "description": "Remove a user from a team. This will also revoke any access this user might have via that team. A user can remove themselves from the team if they are not the last user in the team.",
                 "produces": [
                     "application/json"
                 ],
@@ -7774,6 +7848,10 @@ const docTemplate = `{
                     "description": "BucketID is the ID of the kanban bucket this task belongs to.",
                     "type": "integer"
                 },
+                "cover_image_attachment_id": {
+                    "description": "If this task has a cover image, the field will return the id of the attachment that is the cover image.",
+                    "type": "integer"
+                },
                 "created": {
                     "description": "A timestamp when this task was created. You cannot change this value.",
                     "type": "string"
@@ -8388,6 +8466,10 @@ const docTemplate = `{
                     "description": "BucketID is the ID of the kanban bucket this task belongs to.",
                     "type": "integer"
                 },
+                "cover_image_attachment_id": {
+                    "description": "If this task has a cover image, the field will return the id of the attachment that is the cover image.",
+                    "type": "integer"
+                },
                 "created": {
                     "description": "A timestamp when this task was created. You cannot change this value.",
                     "type": "string"

pkg/swagger/swagger.json

@@ -2690,6 +2690,80 @@
                 }
             }
         },
+        "/migration/ticktick/migrate": {
+            "post": {
+                "security": [
+                    {
+                        "JWTKeyAuth": []
+                    }
+                ],
+                "description": "Imports all projects, tasks, notes, reminders, subtasks and files from a TickTick backup export into Vikunja.",
+                "consumes": [
+                    "application/json"
+                ],
+                "produces": [
+                    "application/json"
+                ],
+                "tags": [
+                    "migration"
+                ],
+                "summary": "Import all lists, tasks etc. from a TickTick backup export",
+                "parameters": [
+                    {
+                        "type": "string",
+                        "description": "The TickTick backup csv file.",
+                        "name": "import",
+                        "in": "formData",
+                        "required": true
+                    }
+                ],
+                "responses": {
+                    "200": {
+                        "description": "A message telling you everything was migrated successfully.",
+                        "schema": {
+                            "$ref": "#/definitions/models.Message"
+                        }
+                    },
+                    "500": {
+                        "description": "Internal server error",
+                        "schema": {
+                            "$ref": "#/definitions/models.Message"
+                        }
+                    }
+                }
+            }
+        },
+        "/migration/ticktick/status": {
+            "get": {
+                "security": [
+                    {
+                        "JWTKeyAuth": []
+                    }
+                ],
+                "description": "Returns if the current user already did the migation or not. This is useful to show a confirmation message in the frontend if the user is trying to do the same migration again.",
+                "produces": [
+                    "application/json"
+                ],
+                "tags": [
+                    "migration"
+                ],
+                "summary": "Get migration status",
+                "responses": {
+                    "200": {
+                        "description": "The migration status",
+                        "schema": {
+                            "$ref": "#/definitions/migration.Status"
+                        }
+                    },
+                    "500": {
+                        "description": "Internal server error",
+                        "schema": {
+                            "$ref": "#/definitions/models.Message"
+                        }
+                    }
+                }
+            }
+        },
         "/migration/todoist/auth": {
             "get": {
                 "security": [
@@ -6158,7 +6232,7 @@
                         "JWTKeyAuth": []
                     }
                 ],
-                "description": "Remove a user from a team. This will also revoke any access this user might have via that team.",
+                "description": "Remove a user from a team. This will also revoke any access this user might have via that team. A user can remove themselves from the team if they are not the last user in the team.",
                 "produces": [
                     "application/json"
                 ],
@@ -7765,6 +7839,10 @@
                     "description": "BucketID is the ID of the kanban bucket this task belongs to.",
                     "type": "integer"
                 },
+                "cover_image_attachment_id": {
+                    "description": "If this task has a cover image, the field will return the id of the attachment that is the cover image.",
+                    "type": "integer"
+                },
                 "created": {
                     "description": "A timestamp when this task was created. You cannot change this value.",
                     "type": "string"
@@ -8379,6 +8457,10 @@
                     "description": "BucketID is the ID of the kanban bucket this task belongs to.",
                     "type": "integer"
                 },
+                "cover_image_attachment_id": {
+                    "description": "If this task has a cover image, the field will return the id of the attachment that is the cover image.",
+                    "type": "integer"
+                },
                 "created": {
                     "description": "A timestamp when this task was created. You cannot change this value.",
                     "type": "string"

pkg/swagger/swagger.yaml

@@ -154,6 +154,10 @@ definitions:
       bucket_id:
         description: BucketID is the ID of the kanban bucket this task belongs to.
         type: integer
+      cover_image_attachment_id:
+        description: If this task has a cover image, the field will return the id
+          of the attachment that is the cover image.
+        type: integer
       created:
         description: A timestamp when this task was created. You cannot change this
           value.
@@ -676,6 +680,10 @@ definitions:
       bucket_id:
         description: BucketID is the ID of the kanban bucket this task belongs to.
         type: integer
+      cover_image_attachment_id:
+        description: If this task has a cover image, the field will return the id
+          of the attachment that is the cover image.
+        type: integer
       created:
         description: A timestamp when this task was created. You cannot change this
           value.
@@ -3242,6 +3250,55 @@ paths:
       summary: Get migration status
       tags:
       - migration
+  /migration/ticktick/migrate:
+    post:
+      consumes:
+      - application/json
+      description: Imports all projects, tasks, notes, reminders, subtasks and files
+        from a TickTick backup export into Vikunja.
+      parameters:
+      - description: The TickTick backup csv file.
+        in: formData
+        name: import
+        required: true
+        type: string
+      produces:
+      - application/json
+      responses:
+        "200":
+          description: A message telling you everything was migrated successfully.
+          schema:
+            $ref: '#/definitions/models.Message'
+        "500":
+          description: Internal server error
+          schema:
+            $ref: '#/definitions/models.Message'
+      security:
+      - JWTKeyAuth: []
+      summary: Import all lists, tasks etc. from a TickTick backup export
+      tags:
+      - migration
+  /migration/ticktick/status:
+    get:
+      description: Returns if the current user already did the migation or not. This
+        is useful to show a confirmation message in the frontend if the user is trying
+        to do the same migration again.
+      produces:
+      - application/json
+      responses:
+        "200":
+          description: The migration status
+          schema:
+            $ref: '#/definitions/migration.Status'
+        "500":
+          description: Internal server error
+          schema:
+            $ref: '#/definitions/models.Message'
+      security:
+      - JWTKeyAuth: []
+      summary: Get migration status
+      tags:
+      - migration
   /migration/todoist/auth:
     get:
       description: Returns the auth url where the user needs to get its auth code.
@@ -5546,7 +5603,8 @@ paths:
   /teams/{id}/members/{userID}:
     delete:
       description: Remove a user from a team. This will also revoke any access this
-        user might have via that team.
+        user might have via that team. A user can remove themselves from the team
+        if they are not the last user in the team.
       parameters:
       - description: Team ID
         in: path

pkg/user/user_create.go

@@ -54,7 +54,17 @@ func CreateUser(s *xorm.Session, user *User) (newUser *User, err error) {
 	}
 
 	user.Status = StatusActive
-	user.AvatarProvider = "initials"
+	user.AvatarProvider = config.DefaultSettingsAvatarProvider.GetString()
+	user.AvatarFileID = config.DefaultSettingsAvatarFileID.GetInt64()
+	user.EmailRemindersEnabled = config.DefaultSettingsEmailRemindersEnabled.GetBool()
+	user.DiscoverableByName = config.DefaultSettingsDiscoverableByName.GetBool()
+	user.DiscoverableByEmail = config.DefaultSettingsDiscoverableByEmail.GetBool()
+	user.OverdueTasksRemindersEnabled = config.DefaultSettingsOverdueTaskRemindersEnabled.GetBool()
+	user.OverdueTasksRemindersTime = config.DefaultSettingsOverdueTaskRemindersTime.GetString()
+	user.DefaultListID = config.DefaultSettingsDefaultListID.GetInt64()
+	user.WeekStart = config.DefaultSettingsWeekStart.GetInt()
+	user.Language = config.DefaultSettingsLanguage.GetString()
+	user.Timezone = config.DefaultSettingsTimezone.GetString()
 
 	// Insert it
 	_, err = s.Insert(user)

pkg/user/user_test.go

@@ -369,6 +369,16 @@ func TestListUsers(t *testing.T) {
 		assert.True(t, len(all) > 0)
 		assert.Equal(t, all[0].Username, "user1")
 	})
+	t.Run("case insensitive", func(t *testing.T) {
+		db.LoadAndAssertFixtures(t)
+		s := db.NewSession()
+		defer s.Close()
+
+		all, err := ListUsers(s, "uSEr1", nil)
+		assert.NoError(t, err)
+		assert.True(t, len(all) > 0)
+		assert.Equal(t, all[0].Username, "user1")
+	})
 	t.Run("all users", func(t *testing.T) {
 		db.LoadAndAssertFixtures(t)
 		s := db.NewSession()
@@ -455,6 +465,31 @@ func TestListUsers(t *testing.T) {
 			"discoverable_by_email": true,
 		}, false)
 	})
+	t.Run("discoverable by exact username", func(t *testing.T) {
+		db.LoadAndAssertFixtures(t)
+		s := db.NewSession()
+		defer s.Close()
+
+		all, err := ListUsers(s, "user7", nil)
+		assert.NoError(t, err)
+		assert.Len(t, all, 1)
+		assert.Equal(t, int64(7), all[0].ID)
+		db.AssertExists(t, "users", map[string]interface{}{
+			"username": "user7",
+		}, false)
+	})
+	t.Run("not discoverable by partial username", func(t *testing.T) {
+		db.LoadAndAssertFixtures(t)
+		s := db.NewSession()
+		defer s.Close()
+
+		all, err := ListUsers(s, "user", nil)
+		assert.NoError(t, err)
+		assert.Len(t, all, 0)
+		db.AssertExists(t, "users", map[string]interface{}{
+			"username": "user7",
+		}, false)
+	})
 }
 
 func TestUserPasswordReset(t *testing.T) {

pkg/user/users_list.go

@@ -19,8 +19,11 @@ package user
 import (
 	"strings"
 
+	"code.vikunja.io/api/pkg/db"
+
 	"xorm.io/builder"
 	"xorm.io/xorm"
+	"xorm.io/xorm/schemas"
 )
 
 type ListUserOpts struct {
@@ -41,17 +44,33 @@ func ListUsers(s *xorm.Session, search string, opts *ListUserOpts) (users []*Use
 		return
 	}
 
-	cond := builder.Or(
-		builder.Like{"username", "%" + search + "%"},
-		builder.And(
-			builder.Eq{"email": search},
-			builder.Eq{"discoverable_by_email": true},
-		),
-		builder.And(
-			builder.Like{"name", "%" + search + "%"},
-			builder.Eq{"discoverable_by_name": true},
-		),
-	)
+	conds := []builder.Cond{}
+
+	if search != "" {
+		for _, queryPart := range strings.Split(search, ",") {
+			var usernameCond builder.Cond = builder.Eq{"username": queryPart}
+			if db.Type() == schemas.POSTGRES {
+				usernameCond = builder.Expr("username ILIKE ?", queryPart)
+			}
+			if db.Type() == schemas.SQLITE {
+				usernameCond = builder.Expr("username = ? COLLATE NOCASE", queryPart)
+			}
+
+			conds = append(conds,
+				usernameCond,
+				builder.And(
+					builder.Eq{"email": queryPart},
+					builder.Eq{"discoverable_by_email": true},
+				),
+				builder.And(
+					db.ILIKE("name", queryPart),
+					builder.Eq{"discoverable_by_name": true},
+				),
+			)
+		}
+	}
+
+	cond := builder.Or(conds...)
 
 	if opts.AdditionalCond != nil {
 		cond = builder.And(