Content
View differences
Updated by Pavel Balashou over 2 years ago
**As** a developer of a third party software building an integration to OpenProject
**I want to** reuse a work package creation form by loading it in a iFrame
**so that** that I do not need to re-implement the whole complex work package creation form again in my UI as this would take me weeks. Using an iFrame takes just takes me days.
**Acceptance criteria**
* [ ] Reduce the layout of the work package form to not show anything else (no header, no sidebar, ...) that distracts from the creation.
* [ ] Check that there are no other links in the form that needs to be hidden.
* [ ] We reuse the GET parameter `layout` with a new value `iframe` to hide decorations, such as the header and sidebar (Explanation: Given the current code base, having that parameter will add the 'in\_modal' CSS class to the HTML tag.)
* [ ] OpenProject Angular work package creation form knows that the page is loaded in an iFrame to activate special logic in the UI components.
* [ ] The setup works in a cross domain scenario.
* [ ] [https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors) is configured to include active nextcloud storages hosts scenario
* [ ] The work package creation form communicates the ID of the just created work package to the parent/hosting page so that a further processing is possible, e.g. for further linking.
* [ ] Return the work package ID
* [ ] Nice to have: Return the work package URL
* [ ] Canceling the work package creation will send a message to the parent/hosting page that the creation was cancelled. The parent page needs to react to that event, e.g. by removing the iFrame.
**Out of scope**
* Ensuring that the current OpenProject browser session belongs to the same OpenProject user that was mapped via OAuth.
* we might be able to handle it in Nextcloud, when after work package creation the linking to work package fails. Then we could give hints to the user why that could happen.
* Preventing that an extra Login step is needed. Already having an OAuth access token does not auto-login into OpenProject in the iFrame.
* Pre-population of work package attributes, such as project, type, status, etc.
**I want to** reuse a work package creation form by loading it in a iFrame
**so that** that I do not need to re-implement the whole complex work package creation form again in my UI as this would take me weeks. Using an iFrame takes just takes me days.
**Acceptance criteria**
* [ ] Reduce the layout of the work package form to not show anything else (no header, no sidebar, ...) that distracts from the creation.
* [ ] Check that there are no other links in the form that needs to be hidden.
* [ ] We reuse the GET parameter `layout` with a new value `iframe` to hide decorations, such as the header and sidebar (Explanation: Given the current code base, having that parameter will add the 'in\_modal' CSS class to the HTML tag.)
* [ ] OpenProject Angular work package creation form knows that the page is loaded in an iFrame to activate special logic in the UI components.
* [ ] The setup works in a cross domain scenario.
* [ ] [https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors) is configured to include active nextcloud storages hosts
* [ ] The work package creation form communicates the ID of the just created work package to the parent/hosting page so that a further processing is possible, e.g. for further linking.
* [ ] Return the work package ID
* [ ] Nice to have: Return the work package URL
* [ ] Canceling the work package creation will send a message to the parent/hosting page that the creation was cancelled. The parent page needs to react to that event, e.g. by removing the iFrame.
**Out of scope**
* Ensuring that the current OpenProject browser session belongs to the same OpenProject user that was mapped via OAuth.
* we might be able to handle it in Nextcloud, when after work package creation the linking to work package fails. Then we could give hints to the user why that could happen.
* Preventing that an extra Login step is needed. Already having an OAuth access token does not auto-login into OpenProject in the iFrame.
* Pre-population of work package attributes, such as project, type, status, etc.