CenterForOpenScience
diff --git a/‎CHANGELOG‎
Lines changed: 51 additions & 0 deletions b/‎CHANGELOG‎
Lines changed: 51 additions & 0 deletions
diff --git a/‎admin/brands/forms.py‎
Lines changed: 1 addition & 0 deletions b/‎admin/brands/forms.py‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎admin/brands/views.py‎
Lines changed: 16 additions & 0 deletions b/‎admin/brands/views.py‎
Lines changed: 16 additions & 0 deletions
diff --git a/‎admin/static/js/banners/banners.js‎
Lines changed: 4 additions & 1 deletion b/‎admin/static/js/banners/banners.js‎
Lines changed: 4 additions & 1 deletion
diff --git a/‎admin/static/js/brands/brands.js‎
Lines changed: 4 additions & 1 deletion b/‎admin/static/js/brands/brands.js‎
Lines changed: 4 additions & 1 deletion
diff --git a/‎admin/users/views.py‎
Lines changed: 5 additions & 13 deletions b/‎admin/users/views.py‎
Lines changed: 5 additions & 13 deletions
diff --git a/‎api/base/serializers.py‎
Lines changed: 7 additions & 0 deletions b/‎api/base/serializers.py‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎api/brands/serializers.py‎
Lines changed: 1 addition & 0 deletions b/‎api/brands/serializers.py‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎api/collections/serializers.py‎
Lines changed: 2 additions & 0 deletions b/‎api/collections/serializers.py‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎api/collections/views.py‎
Lines changed: 6 additions & 2 deletions b/‎api/collections/views.py‎
Lines changed: 6 additions & 2 deletions
@@ -2,6 +2,57 @@
 
 We follow the CalVer (https://calver.org/) versioning scheme: YY.MINOR.MICRO.
 
+25.17.6 (2025-10-11)
+====================
+
+- Fix sitemap for preprint files download
+
+25.17.5 (2025-10-11)
+====================
+
+- Fix sitemap for nodes and registrations overview
+- Make is_public and bookmarks field filterable for collections
+
+25.17.4 (2025-10-10)
+====================
+
+- Misc. fixes for Angular migration
+
+25.17.3 (2025-10-10)
+====================
+
+- Misc. fixes for Angular migration
+
+25.17.2 (2025-10-09)
+====================
+
+- Misc. fixes for Angular migration
+
+25.17.1 (2025-10-09)
+====================
+
+- Misc. fixes for Angular migration
+
+25.17.0 (2025-10-03)
+====================
+
+- Misc. fixes for Angular migration
+
+25.16.0 (2025-09-17)
+====================
+
+- Misc. fixes for Angular migration
+
+25.15.2 (2025-09-10)
+====================
+
+- Handle duplicate SSO emails during institution SSO
+
+25.15.1 (2025-09-04)
+====================
+
+- Notification refactor project phase 1 migration fix
+
 25.15.0 (2025-08-29)
 ====================
 
 
@@ -11,6 +11,7 @@ class Meta:
         widgets = {
             'primary_color': TextInput(attrs={'class': 'colorpicker'}),
             'secondary_color': TextInput(attrs={'class': 'colorpicker'}),
+            'background_color': TextInput(attrs={'class': 'colorpicker'}),
             'topnav_logo_image': TextInput(attrs={'placeholder': 'Logo should be max height of 40px', 'size': 200}),
             'hero_logo_image': TextInput(
                 attrs={'placeholder': 'Logo image should be max height of 100px', 'size': 200}
 
@@ -60,6 +60,14 @@ class BrandChangeForm(PermissionRequiredMixin, UpdateView):
     raise_exception = True
     model = Brand
     form_class = BrandForm
+    template_name = 'brands/detail.html'
+
+    def get_context_data(self, **kwargs):
+        context = super().get_context_data(**kwargs)
+        context['change_form'] = context.get('form')
+        brand_obj = self.get_object()
+        context['brand'] = model_to_dict(brand_obj)
+        return context
 
     def get_object(self, queryset=None):
         brand_id = self.kwargs.get('brand_id')
@@ -81,13 +89,17 @@ def post(self, request, *args, **kwargs):
         view = BrandChangeForm.as_view()
         primary_color = request.POST.get('primary_color')
         secondary_color = request.POST.get('secondary_color')
+        background_color = request.POST.get('background_color')
 
         if not is_a11y(primary_color):
             messages.warning(request, """The selected primary color is not a11y compliant.
                 For more information, visit https://color.a11y.com/""")
         if not is_a11y(secondary_color):
             messages.warning(request, """The selected secondary color is not a11y compliant.
                 For more information, visit https://color.a11y.com/""")
+        if background_color and not is_a11y(background_color):
+            messages.warning(request, """The selected background color is not a11y compliant.
+                For more information, visit https://color.a11y.com/""")
         return view(request, *args, **kwargs)
 
 
@@ -109,11 +121,15 @@ def get_context_data(self, *args, **kwargs):
     def post(self, request, *args, **kwargs):
         primary_color = request.POST.get('primary_color')
         secondary_color = request.POST.get('secondary_color')
+        background_color = request.POST.get('background_color')
 
         if not is_a11y(primary_color):
             messages.warning(request, """The selected primary color is not a11y compliant.
                 For more information, visit https://color.a11y.com/""")
         if not is_a11y(secondary_color):
             messages.warning(request, """The selected secondary color is not a11y compliant.
                 For more information, visit https://color.a11y.com/""")
+        if background_color and not is_a11y(background_color):
+            messages.warning(request, """The selected background color is not a11y compliant.
+                For more information, visit https://color.a11y.com/""")
         return super().post(request, *args, **kwargs)
@@ -26,6 +26,9 @@ $(document).ready(function() {
         }
     });
 
-    $(".colorpicker").colorpicker();
+    $(".colorpicker").colorpicker({
+        format: 'hex',
+        useAlpha: false
+    });
 
 });
@@ -5,6 +5,9 @@ require('bootstrap-colorpicker/dist/css/bootstrap-colorpicker.min.css');
 
 $(document).ready(function() {
 
-    $(".colorpicker").colorpicker();
+    $(".colorpicker").colorpicker({
+        format: 'hex',
+        useAlpha: false
+    });
 
 });
@@ -12,7 +12,6 @@
 from django.contrib.auth.mixins import PermissionRequiredMixin
 from django.urls import reverse
 from django.core.exceptions import PermissionDenied
-from django.core.mail import send_mail
 from django.shortcuts import redirect
 from django.core.paginator import Paginator
 from django.core.exceptions import ValidationError
@@ -47,7 +46,8 @@
     AddSystemTagForm
 )
 from admin.base.views import GuidView
-from website.settings import DOMAIN, OSF_SUPPORT_EMAIL
+from api.users.services import send_password_reset_email
+from website.settings import DOMAIN
 from django.urls import reverse_lazy
 
 
@@ -503,7 +503,7 @@ def get_claim_links(self, user):
 
         for guid, value in user.unclaimed_records.items():
             obj = Guid.load(guid)
-            url = f'{DOMAIN}user/{user._id}/{guid}/claim/?token={value["token"]}'
+            url = f'{DOMAIN}legacy/user/{user._id}/{guid}/claim/?token={value["token"]}'
             links.append(f'Claim URL for {obj.content_type.model} {obj._id}: {url}')
 
         return links or ['User currently has no active unclaimed records for any nodes.']
@@ -523,17 +523,9 @@ class ResetPasswordView(UserMixin, View):
     def post(self, request, *args, **kwargs):
         email = self.request.POST['emails']
         user = get_user(email)
-        url = furl(DOMAIN)
 
-        user.verification_key_v2 = generate_verification_key(verification_type='password_admin')
-        user.save()
-        url.add(path=f'resetpassword/{user._id}/{user.verification_key_v2["token"]}')
-        send_mail(
-            subject='Reset OSF Password',
-            message=f'Follow this link to reset your password: {url.url}\n Note: this link will expire in 12 hours',
-            from_email=OSF_SUPPORT_EMAIL,
-            recipient_list=[email]
-        )
+        send_password_reset_email(user, email, institutional=False, verification_type='password_admin')
+
         update_admin_log(
             user_id=self.request.user.id,
             object_id=user.pk,
 
@@ -1183,6 +1183,13 @@ def to_representation(self, obj):
             if hasattr(obj, 'get_absolute_info_url'):
                 ret['info'] = self._extend_url_with_vol_key(obj.get_absolute_info_url())
 
+        request = self.context['request']
+        referer = request.headers.get('Referer', '')
+        if 'html' in ret and 'legacy' in referer:
+            parsed_html_url = urlparse(ret['html'])
+            legacy_url = urlparse(referer)
+            ret['html'] = parsed_html_url._replace(scheme=legacy_url.scheme, netloc=legacy_url.netloc).geturl()
+
         return ret
 
 
 
@@ -15,6 +15,7 @@ class BrandSerializer(JSONAPISerializer):
 
     primary_color = ser.CharField(read_only=True, max_length=7)
     secondary_color = ser.CharField(read_only=True, max_length=7)
+    background_color = ser.CharField(read_only=True, allow_null=True, max_length=7)
 
     links = LinksField({
         'self': 'get_absolute_url',
 
@@ -29,6 +29,8 @@ class CollectionSerializer(JSONAPISerializer):
         'title',
         'date_created',
         'date_modified',
+        'is_public',
+        'bookmarks',
     ])
 
     id = IDField(source='_id', read_only=True)
 
@@ -36,6 +36,7 @@
     CollectedRegistrationsRelationshipSerializer,
 )
 from api.nodes.serializers import NodeSerializer
+from api.nodes.filters import NodesFilterMixin
 from api.preprints.serializers import PreprintSerializer
 from api.subjects.views import SubjectRelationshipBaseView, BaseResourceSubjectsList
 from api.registrations.serializers import RegistrationSerializer
@@ -506,7 +507,7 @@ def get_resource(self, check_object_permissions=True):
         return self.get_collection_submission(check_object_permissions)
 
 
-class LinkedNodesList(JSONAPIBaseView, generics.ListAPIView, CollectionMixin, NodeOptimizationMixin):
+class LinkedNodesList(JSONAPIBaseView, generics.ListAPIView, CollectionMixin, NodeOptimizationMixin, NodesFilterMixin):
     """List of nodes linked to this node. *Read-only*.
 
     Linked nodes are the project/component nodes pointed to by node links. This view will probably replace node_links in the near future.
@@ -569,12 +570,15 @@ class LinkedNodesList(JSONAPIBaseView, generics.ListAPIView, CollectionMixin, No
 
     ordering = ('-modified',)
 
-    def get_queryset(self):
+    def get_default_queryset(self):
         auth = get_user_auth(self.request)
         node_ids = self.get_collection().active_guids.filter(content_type_id=ContentType.objects.get_for_model(Node).id).values_list('object_id', flat=True)
         nodes = Node.objects.filter(id__in=node_ids, is_deleted=False).can_view(user=auth.user, private_link=auth.private_link).order_by('-modified')
         return self.optimize_node_queryset(nodes)
 
+    def get_queryset(self):
+        return self.get_queryset_from_request()
+
     # overrides APIView
     def get_parser_context(self, http_request):
         """
Original file line number	Diff line number	Diff line change
`@@ -26,6 +26,9 @@ $(document).ready(function() {`
`26`	`26`	`}`
`27`	`27`	`});`
`28`	`28`
`29`		`- $(".colorpicker").colorpicker();`
	`29`	`+ $(".colorpicker").colorpicker({`
	`30`	`+ format: 'hex',`
	`31`	`+ useAlpha: false`
	`32`	`+ });`
`30`	`33`
`31`	`34`	`});`