Revert "style(frontend): replaced Font Awesome icons"

This reverts commit 541e7ada43.
Revert "chore(icons): adjusted icon sizes"
2024-05-06 03:55:31 +00:00 · 2024-05-06 03:54:31 +00:00 · 2024-04-29 14:30:48 +00:00 · 2024-04-29 02:49:19 +00:00 · 2024-04-25 23:01:35 +00:00 · 2024-04-18 04:17:28 +00:00
238 changed files with 6540 additions and 12092 deletions
--- a/.reuse/dep5
+++ b/.reuse/dep5
@ -0,0 +1,9 @@
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: FraDrive
+Upstream-Contact: Sarah Vaupel <sarah.vaupel@uniworx.de>
+Source: https://gitlab.uniworx.de/fradrive/fradrive
+
+Files: assets/fonts/fradrive/*
+Copyright: 2010 Google Corporation with Reserved Font Arimo, Tinos and Cousine
+Copyright: 2012 Red Hat, Inc. with Reserved Font Name Liberation
+License: OFL-1.1-RFN
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -2,342 +2,6 @@

 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.

-## [27.4.79](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.78...v27.4.79) (2024-09-10)
-
-
-### Bug Fixes
-
-* **notifications:** fix [#180](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/180) qualification expiry notification are sent only once ([74f7633](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/74f7633837870448f7cab1013719f42ab49941fe))
-* **supervision:** fix [#181](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/181) by unifying deletion of supervision ([6a070a6](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/6a070a67756bd4ef4b9b5efc176f34c7ed183f1a))
-
-## [27.4.78](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.77...v27.4.78) (2024-09-05)
-
-
-### Bug Fixes
-
-* **avs:** acs auto synch had inverted success/failure ([4f7855b](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/4f7855b9ee7133c5ee7e2ca63d63e5d9f060d62f))
-* **avs:** fix [#124](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/124) avs auto synch filter working ([2a27a1e](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/2a27a1efa673a4245a7e8667bd30c79ac1891b9c))
-* **avs:** fix [#178](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/178) by deleting old superiors for individual users ([ade27e6](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/ade27e647913ffe4432b41d585b3e00d1c68d4a0))
-* **avs:** typo in superior remark, towards [#178](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/178) ([3c5edb1](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/3c5edb1b970c8c154d9957837007815b29e23964))
-* **mail:** fix [#179](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/179) by adding download links for PDF attachments ([620e3e4](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/620e3e470080831826ccc960dd876e7bb4fcea03))
-
-## [27.4.77](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.76...v27.4.77) (2024-09-02)
-
-
-### Bug Fixes
-
-* **avs:** attempt LDAP upsert before creating avs users ([cfe2318](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/cfe2318f81c951a7f7310e8bcd9ec25d79417587))
-* **avs:** company superiors are now irregular supervisors and old ones are deleted ([7e5c256](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/7e5c256b4c15a15f7218dd7c1490d5e7add4b1c1))
-* **avs:** fix [#124](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/124) implement automatic avs driving licence synchronisation ([cc5da9a](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/cc5da9a2a9bfc8a29f6fe19260bd6dc5412ad4a1))
-* **avs:** switch company did not always increase priority ([8ec2875](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/8ec2875590718f28c3bab8c10141065e11f1405c))
-* **build:** minor linter fix ([be5e609](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/be5e609b1fe879428784d78fa62a559d0764a85a))
-* **firm:** fix [#174](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/174) by adding address search filter to all company view ([40dadd5](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/40dadd58762156005b5889b93a56ffdc044b4460))
-* **firm:** fix [#175](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/175) by separating superiors in firm tables and selections ([8397c46](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/8397c468a04af42ba3baee2f84a0051adbc74374))
-* **ldap:** no more timeout for ldap synch all button ([f946e99](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/f946e99da3bc37514a4e3621438ac133cdc16732))
-* **linter:** minor bug in exam-correct.hs ([8bc3663](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/8bc3663ee2e4ded19091ebe350de82cd693093fc))
-* **mail:** display html emails no longer distorts page ([b0972bb](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/b0972bb154f453edd545fb4f658d9f5ff79966eb)), closes [#2](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/2)
-* **model:** flip erroneous boolean SQL default for CompanyPostalAddress ([b7e5b8f](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/b7e5b8f111b5115d816d984c6ef2f12edfcef5bb))
-* **user:** fix pagination and count for supervision tables ([9c82558](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/9c82558d71a032dad27e892c489c7004d091e088))
-
-## [27.4.76](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.75...v27.4.76) (2024-08-08)
-
-
-### Bug Fixes
-
-* **ap:** disambiguate action message ([8b0466e](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/8b0466e74e36e1d0d07518fd317d46b00ab53eff))
-* **avs:** fix [#173](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/173) by not using firm superior email as display email ([43f5c5f](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/43f5c5f4854d1ab2af27b479e72a58e2818a5696))
-* **avs:** towards [#117](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/117) update if current value is Nothing even if oldval == newval ([d1fa01f](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/d1fa01fcc5125c4adee8849f9c944884926f78ad))
-* **avs:** using firm superior as UserEmail is a no-go due to uniqueness constraints ([507a7e0](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/507a7e02fc68476d01031dc9f9ee1a669a453ed1))
-* **build:** linter likes it ([f929e03](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/f929e03129378e08c8a08ed4bd6f8e8716401813))
-* **course:**  fix [#150](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/150) course edit for associated qualifications requires school admin or lecturer rights ([5b6e4e6](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/5b6e4e60e7d2957fbce93ee2e2d6d3464b4e3db7))
-* **course:** fix [#148](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/148) course qualification ordering ([cfd2534](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/cfd25348ad3b63ac6bc5031467a3c4ead2e07eed)), closes [#150](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/150)
-* **course:** fix [#149](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/149) course cloning proposes associated qualifications ([e141976](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/e1419766f3a06f702abad0ea42f6552305504ba0))
-* **course:** fix [#150](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/150) no longer allow duplicated associated qualifications and orders due to editing existing ([ec02767](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/ec027675525b30198378745ed281f60a42471807))
-* **course:** WIP course cloning should propose same associated qualifications, towards [#149](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/149) ([bc47387](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/bc47387c91dda60a2f12e52dba28ea7b079316f0))
-* **lms:** max e-learning tries default removed and info added to lms overview ([11fdcf0](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/11fdcf0d445b8cfe97c3a3c26513a9229937c536))
-* **user:** format userDisplayNames having umlaut substitutes with respect to userSurname correctly ([e35a5e9](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/e35a5e99a6cea0976fd1c28f919e7d0ac0338503))
-
-## [27.4.75](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.74...v27.4.75) (2024-07-12)
-
-
-### Bug Fixes
-
-* **build:** make linter happy again ([c17c18f](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/c17c18f9247ef322bc051602a3cb4a52cd50affa))
-* **build:** minor ([ab28c8c](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/ab28c8c2437680023d80e6ab43113d4328b3a151))
-* **firm:** fix [#157](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/157) by removing redundant duplicated code in firm user and supervision handling ([28e2739](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/28e2739e515700d15c75647c0efe2fe9a9cf15b1))
-* **job:** change some queueJob' to queueJob instead ([fa0541a](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/fa0541aa4eaf10f98535a0959593b148b8346109))
-* **lms:** allow 2nd reminders to be independent of renewal period ([d853e85](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/d853e8559b753865ee818bf24764f5c8d2e2303f))
-* **lms:** move lms reuse info from QualificationR to LmsR ([468af9d](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/468af9de9da44a8ad685ca4bb6890a3e630b58be))
-* **lms:** send second reminder indepentently from renewal period ([a97c3a5](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/a97c3a5c9d3cb9dddf90f561712f0845400893bd))
-* **nix:** workaround parsing port numbers failed in nix-shell ([b5215cc](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/b5215cc7e8df3a7ad636271c8e6950979b2b8e42))
-* **users:** nameHtml no longer complains about differing case for surname and displayname ([a1668f8](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/a1668f891a36b887439afb098f016ef22535af42))
-* **users:** remove users with company post address from list of unreachable users ([c813c66](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/c813c665ed306135b7813d91d23310341c689f41))
-
-## [27.4.74](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.73...v27.4.74) (2024-07-04)
-
-
-### Bug Fixes
-
-* **lms:** fix [#161](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/161) lms for multiple joint qualifications ([f869a82](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/f869a829d2c1a726930864b3af62d1f0fbebe955))
-
-## [27.4.73](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.72...v27.4.73) (2024-07-03)
-
-
-### Bug Fixes
-
-* **letter:** rephrase some minor letter parts ([0ac75e0](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/0ac75e0d5948cb90855d0e36ca8e99c22a0f6fcb))
-
-## [27.4.72](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.71...v27.4.72) (2024-07-02)
-
-
-### Bug Fixes
-
-* **avs:** do not associate users by AvsInfoPersonEmail ([9e2f221](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/9e2f2214ce5c7ee1e8d80e6fa75298b7a70d9043))
-* **avs:** fix superfluous quotes for matriculation numbers on newly created users ([ff9014c](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/ff9014ce05d197c1dc0fce0774a640789cb38b26))
-* **avs:** towards [#169](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/169) - superiors are elevated to max priority for that company ([5bf8539](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/5bf85394d4db6de8f10b4e318d667130d37601ac))
-* **firm:** supervisor secondary did not work as intended ([d4f3ce7](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/d4f3ce7bf3d208b16f95ab81971b47dfa752939a))
-
-## [27.4.71](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.70...v27.4.71) (2024-06-27)
-
-
-### Bug Fixes
-
-* **avs:** company superior emails become company wide supervisors ([37efc89](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/37efc89e0723452e6d271ba5b43d6bd026642190))
-* **avs:** match mobile number better between LDAP and AVS ([f108c6c](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/f108c6cfec2d94d866e7c1605b0abe5471fd0f2b))
-* **avs:** new AVS from existing LDAP user no longer misses fields ([2559346](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/2559346d963ede802321dfc8cbd2088d9a5de685))
-* **avs:** priority for picking primary email demote superior ([e4fa1dd](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/e4fa1ddd6873910bef82d569fe16aca936efc567))
-* **build:** add missing license file ([8721bdb](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/8721bdb3f349658baab144d64c19942bfd7fa49a))
-* **build:** hlint wants a newtype instead ([18cdc52](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/18cdc52df094b9dbccd4f015561367cea59e33fe))
-* **doc:**  fix erroneous unintentional haddock annotations ([3dfc7f8](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/3dfc7f8c8b12dd6ef87848a75f1669d700fffe4c))
-* **i18n:** add missing translation for new primary company ([c212f2e](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/c212f2e8d735616e59c9b8111a34118e3a48fd47))
-* **i18n:** add missing translation for new primary company ([2cc529b](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/2cc529be39655c317ca028f8f09fa80826ec668d))
-* **ldap:** match mobile number better between LDAP and AVS ([47e5628](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/47e56280fce4ad37e6bc3b9f1c61cb7867069cc5))
-* **letter:** adjust spacing, pin location and interpolation ([d4a0e1f](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/d4a0e1f201151f76e8e9afd67b456cc878d2afde))
-* **letter:** convenience links working again ([5f1af13](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/5f1af130edae7ada2f0c7f7829890bbe0d4f395a))
-* **letter:** expiry and valid dates were wrong ([f8c3663](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/f8c36636ff1f2591507e993af32ed01af94cf1fc))
-* **letter:** switch markdown for renewal letter too ([c38e87e](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/c38e87e1e0e9285a10c00521b7440cd8246af88a))
-* **print:** fix [#167](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/167) by sotring affected user in PrintJob ([73aecc2](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/73aecc2df833bdeed93a113b6c756e36b50491b7))
-
-## [27.4.70](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.69...v27.4.70) (2024-06-21)
-
-
-### Bug Fixes
-
-* **build:** hlint wants a newtype instead ([0766351](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/07663516e520814e26740d671325b7cd10855dd4))
-
-## [27.4.69](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.68...v27.4.69) (2024-06-21)
-
-
-### Bug Fixes
-
-* **avs:** fix type causing avs surname upate not working ([822c43c](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/822c43c8a7db2086954ad187502ec2c4f1811d17))
-* **avs:** keep company on unchange address/email only if either is non-empty ([766b858](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/766b8589d6945df21fc6ce90d35a004655ffa471))
-* **avs:** synch job deletes used row instead of truncation ([d7acc7a](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/d7acc7a2d0fe5fc18929a8cb2d9c9f8a259c9944))
-
-## [27.4.68](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.67...v27.4.68) (2024-06-19)
-
-
-### Bug Fixes
-
-* **letter:** minor ([2ae11dc](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/2ae11dc25c000486af9acc26439a0580f5c687f2))
-
-## [27.4.67](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.66...v27.4.67) (2024-06-17)
-
-
-### Bug Fixes
-
-* **avs:** fix rare avs update bug involving values optional in avs but compulsory in user entity ([a6d0105](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/a6d0105903caba0eb47715eeb217ea2c53d99e23))
-
-## [27.4.66](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.65...v27.4.66) (2024-06-12)
-
-
-### Bug Fixes
-
-* **avs:** fix [#164](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/164) by removing companyPersonalNumber and companyDepartment upon ldap sync expiry ([da74b95](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/da74b957295caefb010c90297af557f997b18e7c))
-* **avs:** fix [#165](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/165) by updating userCompanyDepartmen and userCompanyPersonalNumer ([76e0710](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/76e0710c7b54a40d2c236299ea4fabd009d3f35a))
-* **avs:** repeated avs sync enqueue no longe violates duplicate db uniqueness constraints ([996e6a0](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/996e6a0ce563bda96638863efd40ce38fce8ac2b))
-* **avs:** update email on manual company switch ([9fd80f2](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/9fd80f25526eefce217c659f6ea2991771c11ece)), closes [#164](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/164)
-
-## [27.4.65](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.64...v27.4.65) (2024-06-10)
-
-
-### Bug Fixes
-
-* **avs:** company update no longer fails on duplicate key ([bb101de](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/bb101dee7b40cd3d8ba10a559af642396d5b87b5))
-* **avs:** profile page correctly indicates automatic email and postal addresses ([e553ad4](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/e553ad4358a71fc96fa946533f0441d4af5202c9))
-* **avs:** steps towards [#164](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/164) ([aa1d230](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/aa1d230e497f0e59dbea9f4fd5c7da773f5a4280))
-* **lette:** adjust window for new pin letters ([6acfd84](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/6acfd849aeb473a018f7a9c34e69f61b3c22b6f8))
-
-## [27.4.64](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.63...v27.4.64) (2024-05-27)
-
-## [27.4.63](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.62...v27.4.63) (2024-05-23)
-
-
-### Bug Fixes
-
-* **avs:** company update checks uniques and ignores those updates if necessary ([9451d90](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/9451d90a9e00d08a2a7d169c4674d99ff1018ee9))
-
-## [27.4.62](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.61...v27.4.62) (2024-05-19)
-
-
-### Bug Fixes
-
-* **avs:** avs update on company shorthands working now ([ff2347b](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/ff2347b1c950c7a2bb281cdcd07a52925e23b9f0))
-* **avs:** deal gracefully with empty card status results ([ccf9340](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/ccf934044938277d821eb4b9ea08a8a134e84189))
-
-## [27.4.61](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.60...v27.4.61) (2024-05-06)
-
-
-### Bug Fixes
-
-* **avs:** fix [#76](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/76) allowing company changes and fix [#69](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/69) ([3c4a0b8](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/3c4a0b86c1e3d8a28405ab73b964ba1b988d2822))
-* **build:** add missing tex packages ([6750798](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/6750798920dc76882f4e8ef39b47018fb7b77e44))
-* **build:** workaround non modal form result handler ([2fbd281](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/2fbd28154cd7aea282eaa2604a42263ac90e3b1e))
-
-## [27.4.60](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.59...v27.4.60) (2024-04-26)
-
-
-### Bug Fixes
-
-* **avs:** disable caching by 0s no longer causes an exception ([d578e80](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/d578e80282c8bf6872fa6040514a9d2c85582707))
-* **avs:** fix [#152](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/152) by providing new online avs card filter throughout ([ad2375b](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/ad2375b338866f37c8b7825a9eab12fa6c9abccb))
-* **avs:** fix [#36](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/36) and remove dead code ([4f8850b](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/4f8850b3b4f710f9cf59163175b27599c97ac5c0))
-* **avs:** fix [#69](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/69) by redesigning live avs status page ([697979c](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/697979c277ce7198f4573d6cea30373a1fcc17da))
-* **avs:** invalidate contact cache after licence writes ([c382be9](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/c382be9325fcc92e13cb5dc2ad7c20b198db26fc))
-* **avs:** several minor bugfixes ([a52c8a6](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/a52c8a6ad709029a8822d383370b0d2bdd25e7d7)), closes [#158](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/158)
-* **build:** add import needed for production only ([724e4a0](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/724e4a0bec343ab9c6d172d8e93b8040bbe3fe7d))
-* **build:** migration needs to check for table existens first ([f439ea4](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/f439ea45af9b1c4a029fc1b9b6383f3c97194ed0))
-* **build:** minor error non-development code ([66eaa4f](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/66eaa4f7dcc124b631414d4a1adbe555a4029100))
-* **build:** missing parameters added ([83afdf7](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/83afdf760f93fc1a553de3a122b444412ed84ba4))
-* **build:** simple type error ([d56a1cd](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/d56a1cdd46259418faa737b9bb0a9d9ffba442e0))
-* **build:** type error in test db fill data ([f465cc9](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/f465cc972367233a4944dd0aeb81b223a187bb85))
-* **doc:** minor haddock problems ([d4f8a6c](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/d4f8a6c77b2a4a4540935f7f0beca0d0605508c8))
-* **firm:** supervisor filter acts weird in test environment ([b566e59](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/b566e59eb1325485fe26dc4f0b5cb63165c58f74))
-* **i18n:** fix some bad plurals ([890f8ad](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/890f8ad8b60115533faa6b99f4c4504243cbfb1d))
-* **lint:** remove minor superfluous dollar ([64a1233](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/64a123387f3539b73649d02a6ecd97de577097e6))
-* **qualification:** fix [#159](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/159) by removing an misleadingly named column for user qualification table ([fd6a538](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/fd6a5384d3517958a3c7726e32eed3bad197a591))
-
-## [27.4.59](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.58...v27.4.59) (2024-02-13)
-
-
-### Bug Fixes
-
-* **sql:** remove potential bug in relation to missing parenthesis after not_ ([42695cf](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/42695cf5ef9f21691dc027f1ec97d57eec72f03e))
-
-## [27.4.58](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.57...v27.4.58) (2024-02-08)
-
-
-### Bug Fixes
-
-* **health:** negative interface routes working as intended now ([3303c4e](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/3303c4eebf928e527d2f9c1eb6e2495c10b94b13))
-* **lms:** previouly failed notifications will be sent again ([263894b](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/263894b05899ce55635d790f5334729fbc655ecc))
-
-## [27.4.57](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.56...v27.4.57) (2024-02-06)
-
-
-### Bug Fixes
-
-* **course:** fix [#147](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/147) abort addd participant aborts now ([d332c0c](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/d332c0c11afd8b1dfe1343659f0b1626c968bbde))
-* **health:** fix [#151](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/151) by offering route /health/interface/* ([c71814d](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/c71814d1ef1efc16c278136dfd6ebd86bd1d20db))
-* **health:** fix [#153](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/153) and offer interface health route matching ([ce3852e](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/ce3852e3d365e62b32d181d58b7cbcc749e49373))
-
-## [27.4.56](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.55...v27.4.56) (2023-12-20)
-
-
-### Bug Fixes
-
-* **firm:** improve supervisor filter by caching ([88f24fe](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/88f24fe6f199290a83af2d204ba9aa2a838d11b8))
-* **firm:** improve supervisor filter yet once more ([c7b5a3c](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/c7b5a3c6cb70c314ecbfbe25969b4b6be1d43161))
-* **users:** fix [#121](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/121) by providing last login column, which was the last part missing ([decc5af](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/decc5af6829998e2d0db79382bbd9a7bad7b5b09))
-
-## [27.4.55](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.54...v27.4.55) (2023-12-14)
-
-
-### Bug Fixes
-
-* **build:** while the blank is necessary to prevent unnecessary migrations, it is not allowed either, see [#133](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/133) ([a4b2af7](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/a4b2af7f157444ead8c9df989741b266f7c2b4f2))
-* **firm:** supervisor filter performance ([db77850](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/db77850c4f4cd1d68bfd38e02e0ae24584e1e556))
-* **migration:** fix [#133](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/133) by removing old outdated migrations irrelevant to FRADrive ([d4f0d69](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/d4f0d69428a4f7fc887cb6854cb59e3dea83b9bc))
-* **migration:** ignore superfluous migration entries gracefully ([1d48b62](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/1d48b627f6b8cf1b03e2ef63850c36c429c9d3d6))
-* **school:** fix [#133](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/issues/133) by adjusting default value ([2509358](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/25093588784381a19f34e5b091677b908420ddea))
-
-## [27.4.54](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.53...v27.4.54) (2023-12-11)
-
-
-### Bug Fixes
-
-* **db:** prevent superfluous migrations ([b73557a](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/b73557a1eee4315911c6369032447f8d1836d964))
-
-## [27.4.53](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.52...v27.4.53) (2023-12-09)
-
-
-### Bug Fixes
-
-* **admin:** minor fixes and translations for admin problem page ([30fae33](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/30fae33dedb1501e570e9edca288fea3c84ac84a))
-* **avs:** background synch was only triggerd by manual synchs ([48ef25a](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/48ef25aa8ffbbd96c1578ae85b76f090d9042595))
-* **firm:** group multi select field supervisor ([fc0ca7b](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/fc0ca7b854a686cf395dadf81b7423e530fd26b8))
-* **firm:** set supervisor field not all fields required ([9878956](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/9878956716b04c7ae88989cb9b059d3edcb923dc))
-* **firm:** supervisor filter ([3acb847](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/3acb847915010d10358ea02000c231dbba7cba26))
-* **form:** multiSelectField working with grouped options ([3aa8901](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/3aa89019a8b4393da0eca715871a3793c1e3abb2))
-* **print:** keep print jobs on user merge and lms id deletion ([a15862e](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/a15862ea72bc374af870ef3a23f86ae32c2c67a9))
-
-## [27.4.52](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.51...v27.4.52) (2023-12-01)
-
-
-### Bug Fixes
-
-* **build:** redundant parenthesis ([50eda5f](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/50eda5f65f7394fe519546609fe748490cb4dd72))
-* **firm:** restrict firm access to company supervisors only ([0a06efd](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/0a06efd76c63180c996657c2c7d78efc5bddd83d))
-* **firm:** supervisor changes led to inconsistent DB ([1d3345c](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/1d3345cbba1cb65ee49c6f62e145750545439642))
-
-## [27.4.51](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.50...v27.4.51) (2023-11-24)
-
-
-### Bug Fixes
-
-* **build:** minor errors firm handler ([06bb44c](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/06bb44cf715375b5dd0141a46f8e10924ad6cd9c))
-* **cache:** remove risky caching for submissions ([4ae59fc](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/4ae59fc1fa658e1462139ddddd6dc80308d85872))
-* **firm:** show default supervisors with no employees too ([0f9a7a8](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/0f9a7a8c53d216ca7a6d0a25462b19ab1fa00bb4))
-
-## [27.4.50](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.49...v27.4.50) (2023-11-17)
-
-
-### Bug Fixes
-
-* **avs:** preserve unset pin passwords in update ([8c4f848](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/8c4f848675e1125547d1fdfa05560affe4794118))
-* **build:** fix whitespace in routes ([a24e44e](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/a24e44efc9a20d3934d96640bb9e21b3b6d55b96))
-* **build:** minor ([954a239](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/954a23936a35ea6c32247d7e191312e63888c12d))
-* **firm:** add sql indices for frequent filters to greatly enhance performance ([63e6d94](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/63e6d94df2fd1ce879cb59d14bc854f3c2556586))
-* **firm:** firm messaging now works fine ([65cdc8d](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/65cdc8ddfef19eb3a5578c536575f91ba9717a13))
-* **firm:** foreign supervisor counts correct and sortable ([601ce7a](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/601ce7abdf2a392d30f1ff799a2338968be795f1))
-* **firm:** sending messages works, but not test messages ([42ff02d](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/42ff02d27e431a8855db7bf3046a1b74d297e6da))
-* **lms:** improve sorting for firm all ([3865bda](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/3865bda64d488c161b55e1f6eb48ca1b742dff98))
-* **lms:** LMS restart failing due to old LmsUser entry ([6761767](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/6761767c6ca8cab62a22aa6f755e6231e07ab411))
-
-## [27.4.49](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.48...v27.4.49) (2023-11-09)
-
-
-### Bug Fixes
-
-* **lms:** report log did not match qualification ([390ff31](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/390ff317ea3bb4ef8918c9cda858f5f228e4a882))
-
-## [27.4.48](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.47...v27.4.48) (2023-11-07)
-
-
-### Bug Fixes
-
-* **lms:** mark as ended only if not seen for at least one day ([8165892](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/8165892b2e4f945780bb8420cfc4eed50fdd294d))
-
-## [27.4.47](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.46...v27.4.47) (2023-11-03)
-
-## [27.4.46](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.45...v27.4.46) (2023-11-03)
-
-
-### Bug Fixes
-
-* **course:** grant qualifications now issues and unblocks ([5d8d8cf](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/5d8d8cf17e634ecb950a1c329c859fb93f94ef77))
-* **users:** allow prefer postal setting for users with fraport department ([a9d56c5](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/commit/a9d56c51dcc727f8637b09a0e849372e75032f5e))
-
 ## [27.4.45](https://gitlab2.rz.ifi.lmu.de/uni2work/uni2work/compare/v27.4.44...v27.4.45) (2023-10-18)


--- a/LICENSES/OFL-1.1-RFN.txt
+++ b/LICENSES/OFL-1.1-RFN.txt
@ -0,0 +1,102 @@
+Digitized data copyright (c) 2010 Google Corporation
+	with Reserved Font Arimo, Tinos and Cousine.
+Copyright (c) 2012 Red Hat, Inc.
+	with Reserved Font Name Liberation.
+
+This Font Software is licensed under the SIL Open Font License,
+Version 1.1.
+
+This license is copied below, and is also available with a FAQ at:
+http://scripts.sil.org/OFL
+
+SIL OPEN FONT LICENSE Version 1.1 - 26 February 2007
+
+PREAMBLE The goals of the Open Font License (OFL) are to stimulate
+worldwide development of collaborative font projects, to support the font
+creation efforts of academic and linguistic communities, and to provide
+a free and open framework in which fonts may be shared and improved in
+partnership with others.
+
+The OFL allows the licensed fonts to be used, studied, modified and
+redistributed freely as long as they are not sold by themselves.
+The fonts, including any derivative works, can be bundled, embedded,
+redistributed and/or sold with any software provided that any reserved
+names are not used by derivative works.  The fonts and derivatives,
+however, cannot be released under any other type of license.  The
+requirement for fonts to remain under this license does not apply to
+any document created using the fonts or their derivatives.
+
+ 
+
+DEFINITIONS
+"Font Software" refers to the set of files released by the Copyright
+Holder(s) under this license and clearly marked as such.
+This may include source files, build scripts and documentation.
+
+"Reserved Font Name" refers to any names specified as such after the
+copyright statement(s).
+
+"Original Version" refers to the collection of Font Software components
+as distributed by the Copyright Holder(s).
+
+"Modified Version" refers to any derivative made by adding to, deleting,
+or substituting ? in part or in whole ?
+any of the components of the Original Version, by changing formats or
+by porting the Font Software to a new environment.
+
+"Author" refers to any designer, engineer, programmer, technical writer
+or other person who contributed to the Font Software.
+
+
+PERMISSION & CONDITIONS
+
+Permission is hereby granted, free of charge, to any person obtaining a
+copy of the Font Software, to use, study, copy, merge, embed, modify,
+redistribute, and sell modified and unmodified copies of the Font
+Software, subject to the following conditions:
+
+1) Neither the Font Software nor any of its individual components,in
+   Original or Modified Versions, may be sold by itself.
+
+2) Original or Modified Versions of the Font Software may be bundled,
+   redistributed and/or sold with any software, provided that each copy
+   contains the above copyright notice and this license. These can be
+   included either as stand-alone text files, human-readable headers or
+   in the appropriate machine-readable metadata fields within text or
+   binary files as long as those fields can be easily viewed by the user.
+
+3) No Modified Version of the Font Software may use the Reserved Font
+   Name(s) unless explicit written permission is granted by the
+   corresponding Copyright Holder. This restriction only applies to the
+   primary font name as presented to the users.
+
+4) The name(s) of the Copyright Holder(s) or the Author(s) of the Font
+   Software shall not be used to promote, endorse or advertise any
+   Modified Version, except to acknowledge the contribution(s) of the
+   Copyright Holder(s) and the Author(s) or with their explicit written
+   permission.
+
+5) The Font Software, modified or unmodified, in part or in whole, must
+   be distributed entirely under this license, and must not be distributed
+   under any other license. The requirement for fonts to remain under
+   this license does not apply to any document created using the Font
+   Software.
+
+
+ 
+TERMINATION
+This license becomes null and void if any of the above conditions are not met.
+
+ 
+
+DISCLAIMER
+THE FONT SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT
+OF COPYRIGHT, PATENT, TRADEMARK, OR OTHER RIGHT.  IN NO EVENT SHALL THE
+COPYRIGHT HOLDER BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+INCLUDING ANY GENERAL, SPECIAL, INDIRECT, INCIDENTAL, OR CONSEQUENTIAL
+DAMAGES, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+FROM, OUT OF THE USE OR INABILITY TO USE THE FONT SOFTWARE OR FROM OTHER
+DEALINGS IN THE FONT SOFTWARE.
+
--- a/assets/fonts/fradrive/AUTHORS
+++ b/assets/fonts/fradrive/AUTHORS
@ -0,0 +1,16 @@
+AUTHORS
+
+Current Contributors (sorted alphabetically):
+  
+  - Vishal Vijayraghavan  <vishalvvr at fedoraproject dot org>
+      Project Owner/ Maintainer (Current)
+      Red Hat, Inc.
+
+Previous Contributors
+  - Pravin Satpute  <psatpute at redhat dot com>
+      Project Owner/ Maintainer 
+      Red Hat, Inc.
+      
+  - Steve Matteson
+      Original Designer
+      Ascender, Inc.
--- a/assets/fonts/fradrive/ChangeLog
+++ b/assets/fonts/fradrive/ChangeLog
@ -0,0 +1,79 @@
+* Thu Sep 30 2021 Vishal Vijayraghavan <vishalvijayraghavan@gmail.com>
+- Releasing liberation-fonts 2.1.5 version
+- Resolves #40: More fixes to Superscript and subscript Numbers missing issues
+-- fixed inconsistent weight, missing glyphs and GSUB issues
+
+* Tue May 04 2021 Vishal Vijayraghavan <vishalvijayraghavan@gmail.com>
+- Releasing liberation-fonts 2.1.4 version
+- Resolves #40: Superscript and subscript Numbers missing 
+- Resolves #24: Gender symbol are inconsistent in Sans
+
+* Tue Feb 23 2021 Vishal Vijayraghavan <vishalvijayraghavan@gmail.com>
+- Releasing liberation-fonts 2.1.3 version
+- Resolves #37: U+2262,2669,266C too wide
+- Resolves Bugzilla #1464310: Tilded G not works with Liberation Sans and Serif
+
+* Mon Dec 21 2020 Vishal Vijayraghavan <vishalvijayraghavan@gmail.com>
+- Releasing liberation-fonts 2.1.2 version
+- Resolves #25: liberation-fonts doesn't have proper <==> symbol
+- Resolves #33: Liberation Mono: U+20BF is too wide
+- Resolves #14: Liberation mono fonts are not recognized as monospace by fontconfig and cairo
+
+* Wed Jun 03 2020 Vishal Vijayraghavan <vishalvijayraghavan@gmail.com>
+- Releasing liberation-fonts 2.1.1 version
+- Few more fixes to Bugzilla #1072095: Liberation Sans renders most Latin combining characters incorrectly
+
+* Mon Feb 10 2020 Vishal Vijayraghavan <vishalvijayraghavan@gmail.com>
+- Releasing liberation-fonts 2.1.0 version
+- Updated release versioning scheme 
+- Resolved Bugzilla #1072095: 	Liberation Sans renders most Latin combining characters incorrectly
+- Resolved Pagure issue-11: 	Combining diaerasis below does not work except U 
+- Resolved GitHub issue-19: 	Incorrect glyph name mapped to unicode
+- Resolved Pagure issue-5: 	Incorrect glyph of Cent sign (U+00A2) in Sans and Mono style  
+- Resolved Pagure issue-28 : 	U+25D2 and U+25D3 circle with lower / upper half black are backwards
+
+* Mon Mar 4 2019 Vishal Vijayraghavan <vishalvijayraghavan@gmail.com>
+- Releasing liberation-fonts 2.00.5 version
+- Resolved issue-10: Improving lowercase Cyrillic glyps localized for Macedonian and Serbian, Patch fix by Dimitrij Mijoski
+- Resolved #1014357: U+266B incorrect glyph with extra beam
+-- Added two new glyphs U+266C and U+2669
+- Resolved issue-13: COMBINING LONG SOLIDUS OVERLAY (U+0338) not centred on base character.
+- Validated Missing Points at Extrema, Non-integral coordinates, Wrong Direction issues for newly added and existing glyphs  
+
+* Mon Nov 05 2018 Vishal Vijayraghavan <vishalvijayraghavan@gmail.com>
+- Releasing liberation-fonts 2.00.4 version, it includes few bug fixes and enhancements as follows:
+-- Added Bitcoin sign #1533798 
+-- Fixed Incorrect lowercase Cyrillic BE for Macedonian language in liberation v2 (look like Greek delta), Patch fix by Dimitrij Mijoski #1574410
+-- Fixed Liberation Sans Mono Enhancement Request: Modification needed for "l" Character, Patch fix by Nikolaus Waxweiler #1574410 
+
+* Tue Sep 18 2018 Vishal Vijayraghavan <vishalvijayraghavan@gmail.com>
+- Resolved #1574410:  Incorrect lowercase Cyrillic BE for Macedonian language in liberation v2 (look like Greek delta)
+- Patch fix by Dimitrij Mijoski: https://pagure.io/liberation-fonts/pull-request/21
+- Updated LiberationMono-Bold, LiberationMono-Regular, LiberationSans-Bold, LiberationSans-Regular, LiberationSerif-Bold, LiberationSerif-Regular
+
+* Thu May 17 2018 Pravin Satpute <psatpute AT redhat DOT com> - 2.00.3
+- Releasing liberation-fonts 2.00.3 version, it includes fix for few bugs.
+- This release was pending from long time, will work on other open bugs
+  post this release.
+
+* Tue Oct 14 2014 Pravin Satpute <psatpute AT redhat DOT com>
+- Resolved #1096336:  Liberation 2.00.x missing unicode hyphen (U+2010)
+- Added U+2007 character in Liberation Mono
+- Imported missing gpos tables from Arimo #1072095
+- Missing MIDDLE DOT (u+00B7) glyph for Liberation Sans Italic #1084493
+- Rendering of Unicode tie bars could be improved #1076190
+
+* Thu Oct 04 2012 Pravin Satpute <psatpute AT redhat DOT com>
+- Resolved "Glyphs with multiple unicode encodings inhibit subsetting" #851790
+- Resolved #851791, #854601 and #851825
+- Following GASP table version as per Liberation old version. (Anti-aliasing disabled)
+- Added support for Serbian glyphs for wikipedia #657849
+- In Monospace fonts, isFixedPitch bit set via script for getting it recognized as Monospace in putty.exe
+
+* Fri Jul 06 2012 Pravin Satpute <psatpute AT redhat DOT com>
+- Initial version of Liberation fonts based on croscore fonts version 1.21.0
+- Converted TTF files into SFD files to be open source.
+- Update Copyright and License file
+- set fsType bit to 0, Installable Embedding is allowed.
+- Absolute value in HHeadAscent/Descent values for maintaining Metric compatibility.
+
--- a/assets/fonts/fradrive/FRADriveMono-Bold.ttf
+++ b/assets/fonts/fradrive/FRADriveMono-Bold.ttf
--- a/assets/fonts/fradrive/FRADriveMono-BoldItalic.ttf
+++ b/assets/fonts/fradrive/FRADriveMono-BoldItalic.ttf
--- a/assets/fonts/fradrive/FRADriveMono-Italic.ttf
+++ b/assets/fonts/fradrive/FRADriveMono-Italic.ttf
--- a/assets/fonts/fradrive/FRADriveMono-Regular.ttf
+++ b/assets/fonts/fradrive/FRADriveMono-Regular.ttf
--- a/assets/fonts/fradrive/FRADriveSans-Bold.ttf
+++ b/assets/fonts/fradrive/FRADriveSans-Bold.ttf
--- a/assets/fonts/fradrive/FRADriveSans-BoldItalic.ttf
+++ b/assets/fonts/fradrive/FRADriveSans-BoldItalic.ttf
--- a/assets/fonts/fradrive/FRADriveSans-Italic.ttf
+++ b/assets/fonts/fradrive/FRADriveSans-Italic.ttf
--- a/assets/fonts/fradrive/FRADriveSans-Regular.ttf
+++ b/assets/fonts/fradrive/FRADriveSans-Regular.ttf
--- a/assets/fonts/fradrive/README.md
+++ b/assets/fonts/fradrive/README.md
@ -0,0 +1,86 @@
+  Liberation Fonts
+  =================
+
+  The Liberation Fonts is font collection which aims to provide document 
+  layout compatibility as usage of Times New Roman, Arial, Courier New.
+
+
+  Requirements
+  =================
+
+  * [fontforge](http://fontforge.sourceforge.net)
+  * [python fonttools](https://pypi.org/project/fonttools/)
+
+
+ Install
+  ============
+
+  1. Get source
+        ```
+   	    $ git clone https://github.com/liberationfonts/liberation-fonts.git
+        ```
+    
+     - Or downloading the tar.gz file from [releases](https://github.com/fontforge/fontforge/releases).
+
+     - Extract the tar file:
+  	    ```
+	    $ tar zxvf liberation-fonts-[VERSION].tar.gz
+        ```
+  2. Build from the source
+        ```
+    	$ cd liberation-fonts    or   $ cd liberation-fonts-[VERSION]
+    	$ make
+    	```	
+     The binary font files will be available in 'liberation-fonts-ttf-[VERSION]' directory.
+
+  3. Install to system
+        
+        Fedora Users : 
+        - One can manually install the fonts by copying the TTFs to `~/.fonts` for user wide usage 
+        - and/or to `/usr/share/fonts/liberation` for system-wide availability. 
+        - Then, run `fc-cache` to let that cached.
+
+        Other distributions : 
+        please check out corresponding documentation.
+
+
+  Usage
+  ==========
+
+  Simply select preferred liberation font in applications and start using.
+
+
+   License
+  ============
+
+  This Font Software is licensed under the SIL Open Font License,
+  Version 1.1.
+
+  Please read file "LICENSE" for details.
+
+
+   For Maintainers
+  ====================
+
+  1. Before packaging a new release based on a new source tarball, you have to update the version suffix in the Makefile:
+        ```
+        VER = [NEW_VERSION]
+        ```
+  2. After updating Makefile VER attribute, update all font metadata by executing:
+        ```
+        $ make versionupdate
+        ```
+        can verfy changes using ftinfo/otfinfo or fontforge itself. 
+  3. It is highly recommended that file 'ChangeLog' is updated to reflect changes.
+
+  4. Create a tarball with the following command:
+        ```
+        $ make dist
+        ```
+        The new versioned tarball will be available in the dist/ folder as `liberation-fonts-[NEW_VERSION].tar.gz.`
+  5. Create github tag for that [NEW_VERSION] and upload dist tarball 
+
+  Credits
+ ============
+
+  Please read file "AUTHORS" for list of contributors.
--- a/assets/fonts/fradrive/TODO
+++ b/assets/fonts/fradrive/TODO
@ -0,0 +1,4 @@
+Here are todo for next release
+1) Serbian glyph for wikipedia https://bugzilla.redhat.com/show_bug.cgi?id=657849
+2) Liberation Mono not recognizing as Mono in Windows application #861003
+	- presently it is patch, we have to update zero width characters to fixed width
--- a/config/settings.yml
+++ b/config/settings.yml
@ -83,7 +83,6 @@ health-check-matching-cluster-config-timeout: "_env:HEALTHCHECK_MATCHING_CLUSTER

 synchronise-ldap-users-within: "_env:SYNCHRONISE_LDAP_WITHIN:1209600"   # 14 Tage in Sekunden
 synchronise-ldap-users-interval: "_env:SYNCHRONISE_LDAP_INTERVAL:3600"  # jede Stunde
-synchronise-ldap-users-expire: "_env:SYNCHRONISE_LDAP_EXPIRE:15897600"  # halbes Jahr in Sekunden

 synchronise-avs-users-within: "_env:SYNCHRONISE_AVS_WITHIN:5702400"     # alle 66 Tage
 synchronise-avs-users-interval: "_env:SYNCHRONISE_AVS_INTERVAL:21600"   # alle 6 Stunden
@ -91,9 +90,8 @@ synchronise-avs-users-interval: "_env:SYNCHRONISE_AVS_INTERVAL:21600"   # alle 6
 study-features-recache-relevance-within: 172800
 study-features-recache-relevance-interval: 293

-# Enqueue at specified hour, a few minutes later
-job-lms-qualifications-enqueue-hour: 16
-job-lms-qualifications-dequeue-hour: 4
+# Enqueue at specified hour, dequeue 30min later
+# qualification-check-hour: 3

 log-settings:
  detailed:      "_env:DETAILED_LOGGING:false"
@ -158,12 +156,10 @@ lms-direct:
  deletion-days:        "_env:LMSDELETIONDAYS:7"

 avs:
-  host:         "_env:AVSHOST:skytest.fra.fraport.de"
-  port:         "_env:AVSPORT:443"
-  user:         "_env:AVSUSER:fradrive"
-  pass:         "_env:AVSPASS:\"0000\""
-  timeout:      "_env:AVSTIMEOUT:42"
-  cache-expiry: "_env:AVSCACHEEXPIRY:420"
+  host:    "_env:AVSHOST:skytest.fra.fraport.de"
+  port:    "_env:AVSPORT:443"
+  user:    "_env:AVSUSER:fradrive"
+  pass:    "_env:AVSPASS:"

 lpr:
  host:    "_env:LPRHOST:fravm017173.fra.fraport.de"
@ -279,8 +275,8 @@ user-defaults:
  max-favourites:      0
  max-favourite-terms: 2
  theme:               Default
-  date-time-format:    "%d.%m.%Y %R"
-  date-format:         "%d.%m.%y"
+  date-time-format:    "%d %b %y %R"
+  date-format:         "%d %b %Y"
  time-format:         "%R"
  download-files:      false
  warning-days:        1209600
--- a/fixtest.sh
+++ b/fixtest.sh
@ -1,6 +0,0 @@
-if [[ ! -d .stack-work-test ]]; then
-    mv -vT .stack-work .stack-work-test
-    [[ -d .stack-work-build ]] && mv -vT .stack-work-build .stack-work
-else
-    echo "Directory .stack-work-test exists already."
-fi
--- a/frontend/src/_common.sass
+++ b/frontend/src/_common.sass
@ -1,4 +1,4 @@
-// SPDX-FileCopyrightText: 2022 Gregor Kleen <gregor.kleen@ifi.lmu.de>
+// SPDX-FileCopyrightText: 2022-2024 Sarah Vaupel <sarah.vaupel@uniworx.de>, Gregor Kleen <gregor.kleen@ifi.lmu.de>, David Mosbach <david.mosbach@uniworx.de>
 //
 // SPDX-License-Identifier: AGPL-3.0-or-later
 // SPDX-License-Identifier: LicenseRef-Fraport-Corporate-Design
@ -9,6 +9,46 @@

@use "~@fortawesome/fontawesome-pro/scss/solid"

-@use "~typeface-roboto" as roboto
-@use "~typeface-source-sans-pro" as source-sans-pro
-@use "~typeface-source-code-pro" as source-code-pro
+@use "icons.sass"
+
+@font-face
+  font-family: "FRADrive Sans"
+  src: url('./../../static/wp-5.73/FRADriveSans-Regular.woff2') format('woff2'), url('./../../static/wp-5.73/FRADriveSans-Regular.woff') format('woff')
+  font-weight: 100 500
+  font-style: normal
+@font-face
+  font-family: "FRADrive Sans"
+  src: url('./../../static/wp-5.73/FRADriveSans-Italic.woff2') format('woff2'), url('./../../static/wp-5.73/FRADriveSans-Italic.woff') format('woff')
+  font-weight: 100 500
+  font-style: italic
+@font-face
+  font-family: "FRADrive Sans"
+  src: url('./../../static/wp-5.73/FRADriveSans-Bold.woff2') format('woff2'), url('./../../static/wp-5.73/FRADriveSans-Bold.woff') format('woff')
+  font-weight: 600 1000
+  font-style: normal
+@font-face
+  font-family: "FRADrive Sans"
+  src: url('./../../static/wp-5.73/FRADriveSans-BoldItalic.woff2') format('woff2'), url('./../../static/wp-5.73/FRADriveSans-BoldItalic.woff') format('woff')
+  font-weight: 600 1000
+  font-style: italic
+
+@font-face
+  font-family: "FRADrive Mono"
+  src: url('./../../static/wp-5.73/FRADriveMono-Regular.woff2') format('woff2'), url('./../../static/wp-5.73/FRADriveMono-Regular.woff') format('woff')
+  font-weight: 100 500
+  font-style: normal
+@font-face
+  font-family: "FRADrive Mono"
+  src: url('./../../static/wp-5.73/FRADriveMono-Italic.woff2') format('woff2'), url('./../../static/wp-5.73/FRADriveMono-Italic.woff') format('woff')
+  font-weight: 100 500
+  font-style: italic
+@font-face
+  font-family: "FRADrive Mono"
+  src: url('./../../static/wp-5.73/FRADriveMono-Bold.woff2') format('woff2'), url('./../../static/wp-5.73/FRADriveMono-Bold.woff') format('woff')
+  font-weight: 600 1000
+  font-style: normal
+@font-face
+  font-family: "FRADrive Mono"
+  src: url('./../../static/wp-5.73/FRADriveMono-BoldItalic.woff2') format('woff2'), url('./../../static/wp-5.73/FRADriveMono-BoldItalic.woff') format('woff')
+  font-weight: 600 1000
+  font-style: italic
--- a/frontend/src/app.sass
+++ b/frontend/src/app.sass
@ -1,4 +1,4 @@
-// SPDX-FileCopyrightText: 2022 Gregor Kleen <gregor.kleen@ifi.lmu.de>,Sarah Vaupel <sarah.vaupel@ifi.lmu.de>,Sarah Vaupel <vaupel.sarah@campus.lmu.de>,Steffen Jost <jost@cip.ifi.lmu.de>,Wolfgang Witt <Wolfgang.Witt@campus.lmu.de>
+// SPDX-FileCopyrightText: 2022-2024 Sarah Vaupel <sarah.vaupel@uniworx.de>, Gregor Kleen <gregor.kleen@ifi.lmu.de>,Sarah Vaupel <sarah.vaupel@ifi.lmu.de>,Sarah Vaupel <vaupel.sarah@campus.lmu.de>,Steffen Jost <jost@cip.ifi.lmu.de>,Wolfgang Witt <Wolfgang.Witt@campus.lmu.de>,David Mosbach <david.mosbach@uniworx.de>
 //
 // SPDX-License-Identifier: AGPL-3.0-or-later
 // SPDX-License-Identifier: LicenseRef-Fraport-Corporate-Design
@ -27,9 +27,9 @@
  --color-fontsec: #5b5861

  // FONTS
-  --font-base: "Source Sans Pro", "Trebuchet MS", sans-serif
-  --font-logo: "Roboto", var(--font-base)
-  --font-monospace: "Source Code Pro", monospace
+  --font-base: 'FRADrive Sans', 'Arial', sans-serif
+  --font-logo: var(--font-base)
+  --font-monospace: 'FRADrive Mono', 'Arial Mono', monospace

  // DIMENSIONS
  --header-height: 100px
--- a/frontend/src/icons.sass
+++ b/frontend/src/icons.sass
@ -0,0 +1,31 @@
+// SPDX-FileCopyrightText: 2024 David Mosbach <david.mosbach@uniworx.de>
+//
+// SPDX-License-Identifier: AGPL-3.0-or-later
+// SPDX-License-Identifier: LicenseRef-Fraport-Corporate-Design
+
+@function icon-file($name)
+  @return url('../../assets/icons/fradrive/' + $name + '.svg')
+
+@mixin base-icon($name)
+  background-image: icon-file($name)
+  background-size: contain
+  background-repeat: no-repeat
+  background-position: center
+  height: 50px
+  width: 50px
+  aspect-ratio: 1/1
+  filter: invert(22%) sepia(84%) saturate(7448%) hue-rotate(357deg) brightness(102%) contrast(116%)
+
+.inline-icon
+  display: inline-block
+  font-size: 2em
+  width: 2em
+
+
+// Icons
+  
+.ico-check
+  @include base-icon(check)
+
+.ico-close
+  @include base-icon(close)
--- a/frontend/src/utils/exam-correct/exam-correct.js
+++ b/frontend/src/utils/exam-correct/exam-correct.js
@ -301,7 +301,7 @@ export class ExamCorrect {
      users: [user],
      status: STATUS.LOADING,
    };
-    if (results && Object.keys(results).length > 0) rowInfo.results = results;
+    if (results && results !== {}) rowInfo.results = results;
    if (result !== undefined) rowInfo.result = result;
    this._addRow(rowInfo);

--- a/messages/faq/de-de-formal.msg
+++ b/messages/faq/de-de-formal.msg
@ -1,9 +1,11 @@
-# SPDX-FileCopyrightText: 2022-24 Gregor Kleen <gregor.kleen@ifi.lmu.de>,Steffen Jost <jost@tcs.ifi.lmu.de>,Steffen Jost <s.jost@fraport.de>
+# SPDX-FileCopyrightText: 2022 Gregor Kleen <gregor.kleen@ifi.lmu.de>,Steffen Jost <jost@tcs.ifi.lmu.de>
 #
 # SPDX-License-Identifier: AGPL-3.0-or-later

-FAQLoginExpired: Mein Passwort ist abgelaufen und muss erneuert werden
 FAQNoCampusAccount: Ich habe keine Fraport AG Kennung (Büko-Login); kann ich trotzdem Zugang zum System erhalten?
 FAQForgottenPassword: Ich habe mein Passwort vergessen
 FAQCampusCantLogin: Ich kann mich mit meiner Fraport AG Kennung (Büko-Login) nicht anmelden
-FAQNotLecturerHowToCreateCourses: Wie kann ich eine neue Kursart anlegen?
+FAQCourseCorrectorsTutors: Wie kann ich Ausbilder oder Korrektoren für meine Kursart konfigurieren?
+FAQNotLecturerHowToCreateCourses: Wie kann ich eine neue Kursart anlegen?
+FAQExamPoints: Warum kann ich bei meiner Klausur keine Punkte eintragen?
+FAQInvalidCredentialsAdAccountDisabled: Ich kann mich nicht anmelden und bekomme die Meldung „Benutzereintrag gesperrt“
--- a/messages/faq/en-eu.msg
+++ b/messages/faq/en-eu.msg
@ -1,9 +1,11 @@
-# SPDX-FileCopyrightText: 2022-24 Gregor Kleen <gregor.kleen@ifi.lmu.de>,Steffen Jost <jost@tcs.ifi.lmu.de>,Steffen Jost <s.jost@fraport.de>
+# SPDX-FileCopyrightText: 2022 Gregor Kleen <gregor.kleen@ifi.lmu.de>,Steffen Jost <jost@tcs.ifi.lmu.de>
 #
 # SPDX-License-Identifier: AGPL-3.0-or-later

-FAQLoginExpired: My password expired
 FAQNoCampusAccount: I don't have Fraport AG credentials (Büko login); can I still get access?
 FAQForgottenPassword: I have forgotten my password
 FAQCampusCantLogin: I can't log in using my Fraport AG credentials (Büko login)
-FAQNotLecturerHowToCreateCourses: How can I create new courses?
+FAQCourseCorrectorsTutors: How can I add instructors or correctors to my course?
+FAQNotLecturerHowToCreateCourses: How can I create new courses?
+FAQExamPoints: Why can't I enter achievements for my exam as points?
+FAQInvalidCredentialsAdAccountDisabled: I can't log in and am instead given the message “Account disabled”
--- a/messages/uniworx/categories/admin/de-de-formal.msg
+++ b/messages/uniworx/categories/admin/de-de-formal.msg
@ -1,4 +1,4 @@
-# SPDX-FileCopyrightText: 2022-24 Gregor Kleen <gregor.kleen@ifi.lmu.de>,Winnie Ros <winnie.ros@campus.lmu.de>,Steffen Jost <s.jost@fraport.de>
+# SPDX-FileCopyrightText: 2022 Gregor Kleen <gregor.kleen@ifi.lmu.de>,Winnie Ros <winnie.ros@campus.lmu.de>
 #
 # SPDX-License-Identifier: AGPL-3.0-or-later

@ -67,7 +67,6 @@ BearerTokenExpiresTip: Wird der Ablaufzeitpunkt überschrieben und kein Ablaufze
 BearerTokenOverrideStart: Startzeitpunkt
 BearerTokenOverrideStartTip: Wird kein Startzeitpunkt angegeben, wird bei Verwendung des Tokens nur der Ablaufzeitpunkt überprüft.
 HeadingAdminTokens: Tokens ausstellen
-UserUnknown: Unbekannter Benutzer:in

 #templates adminFeautures
 StudyFeaturesDegrees: Abschlüsse
@ -102,7 +101,7 @@ ProblemsHeadingDrivers: Fahrberechtigungen
 ProblemsHeadingNotifications: Benachrichtigungen
 ProblemsHeadingMisc: Allgemein
 ProblemsAvsProblem: Synchronisation mit AVS/MoBaKo komplett fehlgeschlagen
-ProblemsDriverSynch n@Int: #{n} #{pluralDE n "Diskrepanz" "Diskrepanzen"} zwischen AVS und FRADrive
+ProblemsDriverSynch n@Int: #{tshow n} Diskrepanzen zwischen AVS und FRADrive
 ProblemsDriverSynch0: Alle Sperrungen von Vorfeld-Fahrberechtigungen 'F' sind im AVS eingetragen
 ProblemsDriverSynch1down: Alle Sperrungen von Rollfeld-Fahrberechtigungen 'R' sind im AVS eingetragen
 ProblemsDriverSynch1up: Alle gültigen Vorfeld-Fahrberechtigungen 'F' sind im AVS eingetragen
@ -110,53 +109,14 @@ ProblemsDriverSynch2: Alle gültigen Rollfeld-Fahrberechtigungen 'R' sind im AVS
 ProblemsRDriversHaveFs: Alle Inhaber einer Rollfeld-Fahrberechtigung besitzen auch eine gültige Vorfeld-Fahrberechtigung
 ProblemsDriversHaveAvsIds: Alle Inhaber einer Fahrberechtigung konnten einer AVS Identifikationsnummer zugeordnet werden
 ProblemsUsersAreReachable: Für alle Benutzer ist eine E-Mail oder postalische Adresse bekannt 
-ProblemsNoStalePrintJobs n@Integer: Alle Briefversandaufträge #{pluralDE n "des vergangenen Tages" ("der vergangenen "<> tshow n <> " Tage")} wurden von der Druckerei bestätigt
+ProblemsNoStalePrintJobs n@Integer: Alle Briefversandaufträge der vergangenen #{show n} Tage wurden von der Druckerei bestätigt
 ProblemsNoBadAPCIds: Alle kürzlich empfangenen Druckauftragsbestätigungen waren gültig
+ProblemsNoAvsSynchProblems: Synchronisation mit Ausweisverwaltungssystem (AVS) meldete keine Probleme
 ProblemsUnreachableHeading: Unerreichbare Benutzer
 ProblemsUnreachableBody: Benutzer ohne E-Mail oder Postadresse, welche z.B. bei ablaufenden Berechtigungen nicht benachrichtigt werden können:
-ProblemsUnreachableButtons: Synchronisation für Unerreichbare starten
 ProblemsRWithoutFHeading: Fahrer mit R ohne F
 ProblemsRWithoutFBody: Diese Fahrer sind wegen einer ungültigen Vorfeld-Fahrberechtigung komplett gesperrt, obwohl eine gültige Rollfeld-Fahrberechtigung besteht:
 ProblemsNoAvsIdHeading: Fahrer ohne AVS-Id
 ProblemsNoAvsIdBody: Fahrer mit gültiger Fahrberechtigung in FRADrive, welche trotzdem nicht fahren dürfen, da die Fahrberechtigung aufgrund einer unbekannten AVS Id nicht an die Ausweisstelle übermittelt werden konnte:
 ProblemsAvsSynchHeading: Synchronisation AVS Fahrberechtigungen
-ProblemsAvsErrorHeading: Fehlermeldungen
-ProblemsInterfaceSince: Berücksichtigt werden nur Erfolge und Fehler seit 
-ProblemAvsUsrHadR: Momentan gültiges R im AVS
-
-AdminProblemSolved: Erledigt
-AdminProblemSolver: Bearbeitet von
-AdminProblemCreated: Erkannt
-AdminProblemInfo: Problembeschreibung
-AdminProblemsSolved n@Int: #{pluralDEeN n "Admin Problem"} als erledigt markiert
-AdminProblemsReopened n@Int: #{pluralDEeN n "Admin Problem"} erneut eröffnet
-AdminProblemNewCompany: Neue Firma über AVS automatisch erstellt; prüfen und ggf. Standardansprechpartner eintragen
-AdminProblemSupervisorNewCompany b@Bool: Standardansprechpartner #{boolText mempty "mit Standardumleitung" b} wechselte zu neuer Firma 
-AdminProblemSupervisorLeftCompany b@Bool: Einziger Standardansprechpartner #{boolText mempty "mit Standardumleitung" b} dieses Fahrers wechselte zu neuer Firma 
-AdminProblemCompanySuperiorChange: Neuer firmenweiter Vorgesetzter.
-AdminProblemCompanySuperiorNotFound t@Text: Neuer unbekannter firmenweiter Vorgesetzter mit E-Mail #{t}, keine Ansprechpartnerbeziehungen eingerichtet.
-AdminProblemCompanySuperiorPrevious: Ehemaliger Vorgesetzter: 
-AdminProblemNewlyUnsupervised: Fahrer hat keinen Firmenansprechpartner mehr nach AVS Firmenwechsel zu Firma 
-AdminProblemUser: Betroffener
-ProblemTableMarkSolved: Als erledigt markieren
-ProblemTableMarkUnsolved: Erledigt Markierung löschen
-
-InterfacesOk: Schnittstellen sind ok.
-InterfacesFail n@Int: #{pluralDEeN n "Schnittstellenproblem"}!
-InterfaceStatus !ident-ok: Status
-InterfaceName: Schnittstelle
-InterfaceLastSynch: Zuletzt
-InterfaceSubtype: Betreffend
-InterfaceWrite: Schreibend
-InterfaceSuccess: Rückmeldung
-InterfaceInfo: Nachricht
-InterfaceFreshness: Maximale Zugriffsfrist
-InterfaceFreshnessTooltip: Zeitspanne innerhalb der ein erneuter erfolgreicher Schnittstellenzugriff erfolgen muss, ohne Warnungen auszulösen
-ConfigInterfacesHeading: Konfiguration Zugriffsfristen
-
-IWTActAdd: Hinzufügen/Ändern
-IWTActDelete: Entfernen
-InterfaceWarningAdded: Schnittstellenwarnungszeit hinzugefügt oder geändert
-InterfaceWarningDeleted n@Int: #{pluralDEeN n "Schnittstellenwarnungszeit"} gelöscht
-InterfaceWarningDisabledEntirely: Alle Fehler ignorieren
-InterfaceWarningDisabledInterval: Keine Zugriffsfrist
+ProblemsAvsErrorHeading: Fehlermeldungen
--- a/messages/uniworx/categories/admin/en-eu.msg
+++ b/messages/uniworx/categories/admin/en-eu.msg
@ -1,4 +1,4 @@
-# SPDX-FileCopyrightText: 2022-24 Sarah Vaupel <sarah.vaupel@ifi.lmu.de>,Winnie Ros <winnie.ros@campus.lmu.de>,Steffen Jost <s.jost@fraport.de>
+# SPDX-FileCopyrightText: 2022 Sarah Vaupel <sarah.vaupel@ifi.lmu.de>,Winnie Ros <winnie.ros@campus.lmu.de>
 #
 # SPDX-License-Identifier: AGPL-3.0-or-later

@ -18,10 +18,10 @@ NoNameCandidatesInferred: No new name-mappings inferred
 AllNameIncidencesDeleted: Successfully deleted all name observations
 AllParentIncidencesDeleted: Successfully deleted all parent-relation observations
 AllStandaloneIncidencesDeleted: Successfully deleted all standalone observations
-IncidencesDeleted n: Successfully deleted #{pluralENsN n "observation"}
-RedundantParentCandidatesRemoved n: Successfully removed #{n} rendundant #{pluralENs n "parent-candidate"}
-RedundantStandaloneCandidatesRemoved n: Successfully removed #{n} rendundant #{pluralENs n "standalone-candidate"}
-ParentCandidatesInferred n: Successfully inferred #{n} field #{pluralENs n "parent-relation"}
+IncidencesDeleted n: Successfully deleted #{show n} #{pluralEN n "observation" "observations"}
+RedundantParentCandidatesRemoved n: Successfully removed #{n} rendundant #{pluralEN n "parent-candidate" "parent-candidates"}
+RedundantStandaloneCandidatesRemoved n: Successfully removed #{n} rendundant #{pluralEN n "standalone-candidate" "standalone-candidates"}
+ParentCandidatesInferred n: Successfully inferred #{n} field #{pluralEN n "parent-relation" "parent-reliations"}
 NoParentCandidatesInferred: No new parent-relations inferred
 StudyDegreeChangeSuccess: Successfully updated degrees
 StudyTermsShort: Field shorthand
@ -67,7 +67,6 @@ BearerTokenExpiresTip: If no expiration time is given, the token will not expire
 BearerTokenOverrideStart: Start time
 BearerTokenOverrideStartTip: If no start time is given, only the expiration time will be checked when the token is used.
 HeadingAdminTokens: Issue tokens
-UserUnknown: User unknown

 #templates adminfeatures
 StudyFeaturesDegrees: Degrees
@ -102,7 +101,7 @@ ProblemsHeadingDrivers: Driving Licences
 ProblemsHeadingNotifications: User communication
 ProblemsHeadingMisc: Miscellaneous
 ProblemsAvsProblem: Synchronisation with AVS/MoBaKo failed entirely
-ProblemsDriverSynch n: #{tshow n} #{pluralEN n "mismatch" "mismatches"} between AVS and FRADrive
+ProblemsDriverSynch n: #{tshow n} mismatches between AVS and FRADrive
 ProblemsDriverSynch0: All revocations of apron driving licences 'F' were successfully registered with AVS
 ProblemsDriverSynch1down: All revocations of maneuvering area driving licences 'R' were successfully registered with AVS
 ProblemsDriverSynch1up: All valid apron driving licences 'F' were successfully registered with AVS
@ -110,53 +109,14 @@ ProblemsDriverSynch2: All valid maneuvering area driving licences 'R' were succe
 ProblemsRDriversHaveFs: All driving licence 'R' holders also have a valid 'F' licence
 ProblemsDriversHaveAvsIds: All driving licence holder could be matched with their AVS id
 ProblemsUsersAreReachable: Either Email or postal address is known for all users
-ProblemsNoStalePrintJobs n: All requests for letter mailing within the last #{pluralENsN n "day"} were acknowledged as printed by the airport printing center
+ProblemsNoStalePrintJobs n: All requests for letter mailing within the last #{show n} days were acknowledged as printed by the airport printing center
 ProblemsNoBadAPCIds: All recently received print job ids from Airport Print Center were legit
+ProblemsNoAvsSynchProblems: AVS synchronisation had not problems
 ProblemsUnreachableHeading: Unreachable Users
 ProblemsUnreachableBody: Users without Email nor postal address, who thus cannot be notified about expiring qualifications:
-ProblemsUnreachableButtons: Start synchronisation for unreachable users only
 ProblemsRWithoutFHeading: Drivers having 'R' but not 'F'
 ProblemsRWithoutFBody: Drivers without apron driving licence are prohibited from driving, even if they own a valid maneuvering driving licence:
 ProblemsNoAvsIdHeading: Drivers without AVS id
 ProblemsNoAvsIdBody: Drivers having a valid apron driving licence within FRADrive only, but who may not drive since a missing AVS id prevents communication of the driving licence to AVS:
 ProblemsAvsSynchHeading: Synchronisation AVS Driving Licences
-ProblemsAvsErrorHeading: Error Log
-ProblemsInterfaceSince: Only considering successes and errors since
-ProblemAvsUsrHadR: Currenlt R valid in AVS
-
-AdminProblemSolved: Done
-AdminProblemSolver: Solved by
-AdminProblemCreated: Recognized
-AdminProblemInfo: Problem
-AdminProblemsSolved n: #{pluralENsN n "admin problem"} marked as solved
-AdminProblemsReopened n: #{pluralENsN n "admin problem"} reopened
-AdminProblemNewCompany: New company from AVS; verify and add default supervisors
-AdminProblemSupervisorNewCompany b: Default company supervisor #{boolText mempty "with reroute" b} changed to new company 
-AdminProblemSupervisorLeftCompany b: Only default company supervisor #{boolText mempty "with reroute" b} for this user changed to new company 
-AdminProblemCompanySuperiorChange: New company wide superior.
-AdminProblemCompanySuperiorNotFound t: Unable to set supervision for new unknown company wide superior having Email #{t}.
-AdminProblemCompanySuperiorPrevious: Previous superior: 
-AdminProblemNewlyUnsupervised: Driver has no longer a company default supervisor after AVS update at new company
-AdminProblemUser: Affected
-ProblemTableMarkSolved: Mark done
-ProblemTableMarkUnsolved: Reopen as undone
-
-InterfacesOk: Interfaces are ok.
-InterfacesFail n: #{pluralENsN n "interface problem"}!
-InterfaceStatus: Status
-InterfaceName: Interface
-InterfaceLastSynch: Last
-InterfaceSubtype: Affecting
-InterfaceWrite: Write
-InterfaceSuccess: Returned
-InterfaceInfo: Message
-InterfaceFreshness: Maximum usage period
-InterfaceFreshnessTooltip: Time period within which the next successful interface access must occur to avoid a warning
-ConfigInterfacesHeading: Configure interface usage warnings
-
-IWTActAdd: Add/Edit
-IWTActDelete: Delete
-InterfaceWarningAdded: Interface warning time added/changed
-InterfaceWarningDeleted n: #{pluralENsN n "interface warning time"} deleted
-InterfaceWarningDisabledEntirely: Ignore all errors
-InterfaceWarningDisabledInterval: No maximum usage period
+ProblemsAvsErrorHeading: Error Log
--- a/messages/uniworx/categories/authorization/de-de-formal.msg
+++ b/messages/uniworx/categories/authorization/de-de-formal.msg
@ -20,8 +20,6 @@ UnauthorizedTokenInvalidAuthorityValue: Ihr Authorisierungs-Token basiert auf Re
 UnauthorizedTokenInvalidImpersonation: Ihr Authorisierungs-Token enthält die Anweisung sich als ein Nutzer:in auszugeben, dies ist jedoch nicht allen Benutzer:innen, auf deren Rechten ihr Authorisierungs-Token basiert, erlaubt.
 UnauthorizedToken404: Authorisierungs-Tokens können nicht auf Fehlerseiten ausgewertet werden.
 UnauthorizedSupervisor: Sie sind kein Ansprechpartner:in für diesen Benutzer:in.
-UnauthorizedAnySupervisor: Sie sind kein Ansprechpartner:in.
-UnauthorizedCompanySupervisor fsh@CompanyShorthand: Sie sind kein Standard Ansprechpartner:in für Firma #{fsh}.
 UnauthorizedSiteAdmin: Sie sind nicht System-weiter Administrator:in.
 UnauthorizedSchoolAdmin: Sie sind nicht als Administrator:in für diesen Bereich eingetragen.
 UnauthorizedAdminEscalation: Sie sind nicht Administrator:in für alle Bereiche, für die dieser Nutzer/diese Nutzerin Administrator:in oder Veranstalter:in ist.
--- a/messages/uniworx/categories/authorization/en-eu.msg
+++ b/messages/uniworx/categories/authorization/en-eu.msg
@ -20,8 +20,6 @@ UnauthorizedTokenInvalidAuthorityValue: The specification of the rights in which
 UnauthorizedTokenInvalidImpersonation: Your authorisation-token contains an instruction to impersonate an user. Not all users on whose rights your token is based however are permitted to do so.
 UnauthorizedToken404: Authorisation-tokens cannot be processed on error pages.
 UnauthorizedSupervisor: You are not a supervisor for the requested user.
-UnauthorizedAnySupervisor: You are not a supervisor.
-UnauthorizedCompanySupervisor fsh: You are not a default supervisor for company #{fsh}.
 UnauthorizedSiteAdmin: You are no system-wide administrator.
 UnauthorizedSchoolAdmin: You are no administrator for this department.
 UnauthorizedAdminEscalation: You aren't an administrator for all departments for which this user is an administrator.
--- a/messages/uniworx/categories/avs/de-de-formal.msg
+++ b/messages/uniworx/categories/avs/de-de-formal.msg
@ -2,21 +2,17 @@
 #
 # SPDX-License-Identifier: AGPL-3.0-or-later
 AvsPersonInfo: AVS Personendaten
-AvsPersonId: AVS Personen Id
+AvsPersonId: AVS Personen Id 
 AvsPersonNo: AVS Personennummer
-AvsPersonNoNotId: AVS Personennummer dient zur menschlichen Kommunikation mit der Ausweisstelle und darf nicht verwechselt werden mit der maschinell verwendeten AVS Personen Id
-AvsPersonNoMismatch: AVS Personennummer hat sich geändert und wurde in FRADrive noch nicht aktualisiert
-AvsPersonNoDiffers: Es sind derzeit zwei verschiedene AVS Personennummern zugeordnet. Bitte einen Administrator kontaktieren.
 AvsCardNo: Ausweiskartennummer 
 AvsFirstName: Vorname
 AvsLastName: Nachname
-AvsPrimaryCompany: Primäre Firma
 AvsInternalPersonalNo: Personalnummer (nur Fraport AG)
 AvsVersionNo: Versionsnummer
-AvsQueryNeeded: Benötigt Verbindung zum AVS.
 AvsQueryEmpty: Bitte mindestens ein Anfragefeld ausfüllen!
 AvsQueryStatusInvalid t@Text: Nur numerische IDs eingeben, durch Komma getrennt! Erhalten: #{show t}
 AvsLicence: Fahrberechtigung
+AvsPersonNoNotId: AVS Personennummer dient zur menschlichen Kommunikation mit der Ausweisstelle und darf nicht verwechselt werden mit der maschinell verwendeten AVS Personen Id
 AvsTitleLicenceSynch: Abgleich Fahrberechtigungen zwischen AVS und FRADrive
 BtnAvsRevokeUnknown: Fahrberechtigungen im AVS sofort entziehen
 BtnAvsImportUnknown: AVS Daten unbekannter Personen importieren
@ -31,33 +27,13 @@ RevokeFraDriveLicences alic@AvsLicence n@Int: _{alic} in FRADrive entzogen für
 RevokeUnknownLicencesOk: AVS Fahrberechtigungen unbekannter Fahrer wurden gesperrt
 RevokeUnknownLicencesFail: Nicht alle AVS Fahrberechtigungen unbekannter Fahrer konnten entzogen werden, siehe Log für Details
 AvsCommunicationError: AVS Schnittstelle lieferte einen unerwarteten Fehler.
-AvsCommunicationTimeout: AVS Schnittstelle antwortete nicht.
 LicenceTableChangeAvs: Im AVS ändern
 LicenceTableGrantFDrive: In FRADrive erteilen
 LicenceTableRevokeFDrive: In FRADrive entziehen
 TableAvsActiveCards: Gültige Ausweise
-TableAvsCardValid: Aktuell gültig
-TableAvsCardIssueDate: Ausgestellt am
-TableAvsCardValidTo: Gültig bis
-AvsCardAreas: Ausweiszusätze
-AvsCardColor: Ausweisfarbe
 AvsCardColorGreen: Grün
 AvsCardColorBlue: Blau
 AvsCardColorRed: Rot
 AvsCardColorYellow: Gelb
 LastAvsSynchronisation: Letzte AVS-Synchronisation
-LastAvsSyncedBefore: Letzte AVS-Synchronisation vor
 LastAvsSynchError: Letzte AVS-Fehlermeldung
-
-AvsInterfaceUnavailable: AVS Schnittstelle nicht richtig konfiguriert oder antwortet nicht
-AvsUserUnassociated user@UserDisplayName: AVS Id unbekannt für Nutzer #{user}
-AvsUserUnknownByAvs api@AvsPersonId: AVS kennt Id #{tshow api} nicht (mehr)
-AvsUserAmbiguous api@AvsPersonId: AVS Id #{tshow api} ist nicht eindeutig
-AvsStatusSearchEmpty: AVS lieferte keine Ausweisinformationen
-AvsPersonSearchEmpty: AVS Suche lieferte leeres Ergebnis
-AvsPersonSearchAmbiguous: AVS Suche lieferte mehrere uneindeutige Ergebnisse
-AvsSetLicencesFailed reason@Text: Setzen der Fahrlizenz im AVS fehlgeschlagen. Grund: #{reason}
-AvsIdMismatch api1@AvsPersonId api2@AvsPersonId: AVS Suche für Id #{tshow api1} lieferte stattdessen Id #{tshow api2}
-AvsUserCreationFailed api@AvsPersonId: Für AVS Id #{tshow api} konnte kein neuer Benutzer angelegt werden, da es eine gemeinsame Id (z.B. Personalnummer) mit einem existierenden, aber verschiedenen Nutzer gibt.
-AvsCardsEmpty: AVS Suche lieferte keinerlei Ausweiskarten
-AvsCurrentData: Alle angezeigte Daten wurden kürzlich direkt über die AVS Schnittstelle abgerufen.
--- a/messages/uniworx/categories/avs/en-eu.msg
+++ b/messages/uniworx/categories/avs/en-eu.msg
@ -1,23 +1,18 @@
 # SPDX-FileCopyrightText: 2022 Steffen Jost <jost@tcs.ifi.lmu.de>
 #
 # SPDX-License-Identifier: AGPL-3.0-or-later
-AvsPersonInfo: AVS person info
-AvsPersonId: AVS person id
-AvsPersonNo: AVS person number
-AvsPersonNoNotId: AVS person number is used in human communication only and must not be mistaken for the AVS personen id used in machine communications
-AvsPersonNoMismatch: AVS person number has changed and was not yet updated in FRADrive
-AvsPersonNoDiffers: There are currently two differing AVS person numbers associated with this user. Please contact an administrator to resolve this.
+AvsPersonInfo: AVS Person Info
+AvsPersonId: AVS Person Id
+AvsPersonNo: AVS Person Number
 AvsCardNo: Card number
 AvsFirstName: First name
 AvsLastName: Last name
-AvsPrimaryCompany: Primary company
 AvsInternalPersonalNo: Personnel number (Fraport AG only)
 AvsVersionNo: Version number
-AvsQueryNeeded: AVS connection required.
 AvsQueryEmpty: At least one query field must be filled!
 AvsQueryStatusInvalid t: Numeric IDs only, comma seperated! #{show t}
 AvsLicence: Driving Licence
-
+AvsPersonNoNotId: AVS person number is used in human communication only and must not be mistaken for the AVS personen id used in machine communications
 AvsTitleLicenceSynch: Synchronisation driving licences between AVS and FRADrive
 BtnAvsRevokeUnknown: Revoke AVS driving licences for unknown persons immediately
 BtnAvsImportUnknown: Import AVS data for unknown persons
@ -32,33 +27,13 @@ RevokeFraDriveLicences alic@AvsLicence n@Int: _{alic} revoked in FRADrive for #{
 RevokeUnknownLicencesOk: AVS driving licences of unknown drivers revoked
 RevokeUnknownLicencesFail: Not all AVS driving licences of unknown drivers could be revoked, see log for details
 AvsCommunicationError: AVS interface returned an unexpected error.
-AvsCommunicationTimeout: AVS interface returned no response within timeout limit.
 LicenceTableChangeAvs: Change in AVS
 LicenceTableGrantFDrive: Grant in FRADrive
 LicenceTableRevokeFDrive: Revoke in FRADrive
 TableAvsActiveCards: Valid Cards
-TableAvsCardValid: Currently valid
-TableAvsCardIssueDate: Issued
-TableAvsCardValidTo: Valid to
-AvsCardAreas: Card areas
-AvsCardColor: Color
 AvsCardColorGreen: Green
 AvsCardColorBlue: Blue
 AvsCardColorRed: Red
 AvsCardColorYellow: Yellow
 LastAvsSynchronisation: Last AVS synchronisation
-LastAvsSyncedBefore: Last AVS synchronisation before
-LastAvsSynchError: Last AVS Error
-
-AvsInterfaceUnavailable: AVS interface was not configured correctly or does not respond
-AvsUserUnassociated user: AVS id unknown for user #{user}
-AvsUserUnknownByAvs api: AVS reports id #{tshow api} as unknown (or no longer known)
-AvsUserAmbiguous api: Multiple matching users found for #{tshow api}
-AvsStatusSearchEmpty: AVS returned no card information
-AvsPersonSearchEmpty: AVS search returned empty result
-AvsPersonSearchAmbiguous: AVS search returned more than one result
-AvsSetLicencesFailed reason: Set driving licence within AVS failed. Reason: #{reason}
-AvsIdMismatch api1 api2: AVS search for id #{tshow api1} returned id #{tshow api2} instead
-AvsUserCreationFailed api@AvsPersonId: No new user could be created for AVS Id #{tshow api}, since an existing user shares at least one id presumed as unique
-AvsCardsEmpty: AVS search returned no id cards
-AvsCurrentData: All shown data has been recently received via the AVS interface.
+LastAvsSynchError: Last AVS Error
--- a/messages/uniworx/categories/courses/courses/de-de-formal.msg
+++ b/messages/uniworx/categories/courses/courses/de-de-formal.msg
@ -70,10 +70,6 @@ CourseInvalidInput: Eingaben bitte korrigieren.
 CourseEditTitle: Kursart editieren/anlegen
 CourseEditOk       tid@TermId ssh@SchoolId csh@CourseShorthand: Kursart #{tid}-#{ssh}-#{csh} wurde erfolgreich geändert.
 CourseEditDupShort tid@TermId ssh@SchoolId csh@CourseShorthand: Kursart #{tid}-#{ssh}-#{csh} konnte nicht geändert werden: Es gibt bereits einen andere Kursart mit dem selben Kürzel oder Titel in diesem Jahr und Bereich.
-CourseEditQualificationFail: Eine Qualifikation konnte uas unbekanntem Grund nicht mit diesem Kurs assoziert werden.
-CourseEditQualificationFailRights qsh@QualificationShorthand ssh@SchoolId: Qualifikation #{qsh} konnte nicht mit diesem Kurs assoziert werden, da Ihre Berechtigungen für Bereich #{ssh} dazu nicht ausreichen.
-CourseEditQualificationFailExists: Diese Qualifikation ist bereits assoziert
-CourseEditQualificationFailOrder: Diese Sortierpriorität existiert bereits
 CourseLecturer: Kursverwalter:in
 MailSubjectParticipantInvitation tid@TermId ssh@SchoolId csh@CourseShorthand: [#{tid}-#{ssh}-#{csh}] Einladung zur Kursartteilnahme
 CourseParticipantInviteHeading courseName@Text: Einladung zum Kursartteilnahmer für #{courseName}
@ -99,7 +95,7 @@ CourseParticipantsInvited n@Int: #{n} #{pluralDE n "Einladung" "Einladungen"} pe
 CourseParticipantsAlreadyRegistered n@Int: #{n} #{pluralDE n "Teinehmer:in" "Teilnehmer:innen"} #{pluralDE n "ist" "sind"} bereits zur Kursart angemeldet
 CourseParticipantsAlreadyTutorialMember n@Int: #{n} #{pluralDE n "Teinehmer:in" "Teilnehmer:innen"} #{pluralDE n "ist" "sind"} bereits in dieser Kurs angemeldet
 CourseParticipantsRegistered n@Int: #{n} #{pluralDE n "Teinehmer:in" "Teilnehmer:innen"} erfolgreich zur Kursart angemeldet
-CourseParticipantsRegisteredTutorial n@Int: #{n} #{pluralDE n "Teinehmer:in" "Teilnehmer:innen"} erfolgreich zum Kurs angemeldet
+CourseParticipantsRegisteredTutorial n@Int: #{n} #{pluralDE n "Teinehmer:in" "Teilnehmer:innen"} erfolgreich zur Kurs angemeldet
 CourseParticipantsRegisterConfirmationHeading: Teilnehmer:innen hinzufügen
 CourseParticipantsRegisterUnnecessary: Alle angeforderten Anmeldungen sind bereits vorhanden. Es wurden keine Änderungen vorgenommen.
 CourseParticipantsRegisterConfirmInvalid: Ungültiges Bestätigungsformular!
--- a/messages/uniworx/categories/courses/courses/en-eu.msg
+++ b/messages/uniworx/categories/courses/courses/en-eu.msg
@ -70,12 +70,8 @@ CourseInvalidInput: Invalid input
 CourseEditTitle: Edit/Create course
 CourseEditOk tid ssh csh: Successfully edited course type #{tid}-#{ssh}-#{csh} 
 CourseEditDupShort tid ssh csh: Could not edit course type #{tid}-#{ssh}-#{csh}. Another course type with the same shorthand or title already exists for the given year and school.
-CourseEditQualificationFail: A qualifikation could not be associated with this course for unknown reasons.
-CourseEditQualificationFailRights qsh ssh: Qualification #{qsh} could not be associated with this course, due to your insufficient rights for department #{ssh}.
-CourseEditQualificationFailExists: This qualification is already associated
-CourseEditQualificationFailOrder: This sort order priority is used already
 CourseLecturer: Course administrator
-MailSubjectParticipantInvitation tid ssh csh: [#{tid}-#{ssh}-#{csh}] Invitaion to join the course
+MailSubjectParticipantInvitation tid@TermId ssh@SchoolId csh@CourseShorthand: [#{tid}-#{ssh}-#{csh}] Invitaion to join the course
 CourseParticipantInviteHeading courseName: Invitation to enrol for #{courseName}
 CourseParticipantInviteExplanation: You were invited to be a participant of a course.
 CourseParticipantInviteField: Email addresses to invite
--- a/messages/uniworx/categories/firm/de-de-formal.msg
+++ b/messages/uniworx/categories/firm/de-de-formal.msg
@ -1,78 +0,0 @@
-# SPDX-FileCopyrightText: 2023-24 Steffen Jost <s.jost@fraport.de>
-#
-# SPDX-License-Identifier: AGPL-3.0-or-later
-
-FirmSuperDefault: Standardansprechpartner
-FirmSuperForeign: Firmenfremde Ansprechpartner
-FirmSuperIrregular: Irreguläre Ansprechpartner
-FirmAssociates: Firmenangehörige
-FirmContact: Firmenkontakt
-FirmEmail: Allgemeine Email
-FirmAddress: Postanschrift
-FirmDefaultPreferenceInfo: Diese Voreinstellungen gelten nur für neue Firmenangehörige
-FirmAction: Firmenweite Aktion
-FirmActionInfo: Betrifft alle Firmenangehörigen unter Ihrer Aufsicht.
-FirmActNotify: Mitteilung versenden
-FirmActResetSupervision: Ansprechpartner für alle Firmenangehörigen zurücksetzen
-FirmActResetSuperKeep: Bisherige Ansprechpartner der Firmenangehörigen zusätzlich beibehalten?
-FirmActRemoveSupers: Alle rein firmenbezogenen Ansprechpartnerbeziehungen für diese Personen entfernen?
-FirmActResetMutualSupervision: Ansprechpartner beaufsichtigen sich gegenseitig
-FirmActResetSupersKeepAll: Alle behalten
-FirmActResetSupersRemoveAps: Nur Standardansprechpartner entfernen
-FirmActResetSupersRemoveAll: Alle entfernen
-FirmActAddSupervisors: Ansprechpartner hinzufügen
-FirmActAddSupersEmpty: Es konnten keine Ansprechpartner hinzugefügt werden
-FirmActAddSupersSet n@Int64 postal@(Maybe Bool): #{n} Standardansprechpartner geändert #{maybeBoolMessage postal "" "und auf Briefversand geschaltet" "und Benachrichtigungen per Email gesetzt"}, aber nicht nicht aktiviert.
-RemoveSupervisors ndef@Int64: #{ndef} Standardansprechpartner entfernt. 
-FirmActChangeContactUser: Kontaktinformationen von allen Firmenangehörigen ändern
-FirmActChangeContactFirm: Kontaktinformationen der Firma ändern
-FirmActChangeContactFirmInfo: Firmenkontaktinformationen werden nur für neue Firmenangehörige verwendet, für die sonst keine Kontaktinformationen vorliegen.
-FirmActChangeContactFirmResult: Firmenkontaktinformationen geändert. Betrifft nur neue Firmenangehörige ohne eigene Kontaktinformationen
-FirmUserActNotify: Mitteilung versenden
-FirmUserActResetSupervision: Ansprechpartner auf Firmenstandard zurücksetzen
-FirmUserActSetSupervisor: Ansprechpartner ändern
-FirmUserActChangeContact: Kontaktinformationen für ausgewählte Firmenangehörige ändern
-FirmUserActChangeDetails: Firmenassoziation bearbeiten
-FirmUserActRemove: Firmenassoziation entfernen
-FirmUserActMkSuper: Zum Firmenansprechpartner ernennen
-FirmUserActChangeDetailsResult n@Int64 t@Int64: Firmenassoziation von #{n}/#{t} #{pluralDE n "Firmenangehörigen" "Firmenangehörige"} wurden aktualisiert
-FirmUserActChangeResult n@Int64 t@Int64: Benachrichtigungseinstellung für #{n}/#{t} #{pluralDE n "Firmenangehörigen" "Firmenangehörige"} wurden geändert
-FirmUserActRemoveResult uc@Int64: #{uc} #{pluralDE uc "Firmenassoziation" "Firmenassoziationen"} entfernt. 
-FirmRemoveSupervision sup@Int64 sub@Int64: #{noneMoreDE sup "" (tshow sup <> " Ansprechpartnerbeziehungen wegen entferntem Ansprechpartner gelöscht. ")} #{noneOneMoreDE sub "Keine Ansprechpartnerbeziehung" "Eine Ansprechpartnerbeziehung" (tshow sup <> " Ansprechpartnerbeziehungen")} wegen entferntem Angesprochenem gelöscht.
-FirmNewSupervisor: Neue individuelle Ansprechpartner hinzufügen
-FirmSetSupervisor: Existierende Ansprechpartner hinzufügen
-FirmSetSupersReport nusr@Int64 nspr@Int64 nrem@Int64: Für #{nusr} Firmenangehörige wurden #{nspr} individuelle Ansprechpartner eingetragen#{bool "." (" und " <> tshow nrem <> " individuelle Ansprechpartnerbeziehungen gelöscht.") (nrem >0)}
-FirmResetSupervision rem@Int64 set@Int64: #{tshow set} Ansprechpartner gesetzt#{bool mempty (", " <> tshow rem <> " zuvor gelöscht") (rem > 0)}
-FirmSuperActNotify: Mitteilung versenden
-FirmSuperActSwitchSuper: Standard Firmenansprechpartner abändern
-FirmSuperActSwitchSuperInfo: Betrifft keine firmenfremden Ansprechpartner und ändert keine aktiven individuellen Ansprechpartnerbeziehungen. Gegebenfalls im Anschluss die Funktion "Ansprechpartner auf Firmenstandard zurücksetzen" nutzen.
-FirmSuperActRMSuperDef: Firmenansprechpartner entfernen
-FirmSuperActRMSuperActive: Aktive Ansprechpartnerbeziehungen innerhalb dieser Firma beenden?
-FirmsNotification: Firmen E-Mail versenden
-FirmNotification fsh@CompanyShorthand: E-Mail an #{fsh} senden
-FirmsNotificationTitle: Firmen benachrichtigen
-FirmNotificationTitle fsh@CompanyShorthand: #{fsh} benachrichtigen
-FilterSupervisor: Hat aktiven Ansprechpartner
-FilterSupervisorCompany fsh@CompanyShorthand: Hat aktiven Ansprechpartner, #{fsh} der angehört
-FilterSupervisorForeign fsh@CompanyShorthand: Hat aktiven Ansprechpartner, der selbst nicht #{fsh} angehört
-FilterForeignSupervisor: Hat firmenfremde Ansprechpartner
-FilterIsForeignSupervisee: Ist Ansprechpartner für Firmenfremde
-FilterFirmExtern: Externe Firma
-FilterFirmExternTooltip: Hat die Firma eine Postanschrift im AVS?
-FilterFirmPrimary: Ist primäre Firma in FRADrive
-FilterHasQualification: Hat Firmenangehörige mit aktuell gültiger Qualifikation
-FirmSupervisorOf fsh@CompanyShorthand: Ansprechpartner #{fsh} angehörig
-FirmSupervisorIndependent: Ansprechpartner ohne jegliche Firmenzugehörigkeit
-FirmEmployeeOf fsh@CompanyShorthand: Firmenangehörige #{fsh}
-NoCompanySelected: Bitte wählen Sie mindestens eine Firma aus.
-TableIsDefaultSupervisor: Standardansprechpartner
-TableSuperior: Vorgesetzter
-TableIsDefaultReroute: Standardumleitung
-FormFieldPostal: Benachrichtigungseinstellung
-FormFieldPostalTip: Gilt für alle Benachrichtigungen an diese Person, nicht nur für Umleitungen an diesen Ansprechpartner
-FirmSupervisionKeyData: Kennzahlen Ansprechpartner
-CompanyUserPriority: Firmenpriorität
-CompanyUserPriorityTip: Firmenpriorität ist lediglich relativ zu anderen Firmenassoziation der Person
-CompanyUserUseCompanyAddress: Verwendet Firmenkontaktaddresse
-CompanyUserUseCompanyAddressTip: sofern im Benutzer keine Postanschrift hinterlegt ist
-CompanyUserUseCompanyPostalError: Postalische Adresse muss leer bleiben, damit die Firmenanschrift genutzt wird!
--- a/messages/uniworx/categories/firm/en-eu.msg
+++ b/messages/uniworx/categories/firm/en-eu.msg
@ -1,78 +0,0 @@
-# SPDX-FileCopyrightText: 2023-24 Steffen Jost <s.jost@fraport.de>
-#
-# SPDX-License-Identifier: AGPL-3.0-or-later
-
-FirmSuperDefault: Default supervisor
-FirmSuperForeign: External supervisor
-FirmSuperIrregular: Irregular supervisor
-FirmAssociates: Company associated users
-FirmContact: Company Contact
-FirmEmail: General company email
-FirmAddress: Postal address
-FirmDefaultPreferenceInfo: Default setting for new company associates only
-FirmAction: Companywide action
-FirmActionInfo: Affects alle company associates under your supervision.
-FirmActNotify: Send message
-FirmActResetSupervision: Reset supervisors for all company associates
-FirmActResetSuperKeep: Additionally keep existing supervisors of company associates?
-FirmActRemoveSupers: Terminate all company related supervisonships?
-FirmActResetMutualSupervision: Supervisors supervise each other
-FirmActResetSupersKeepAll: Keep all
-FirmActResetSupersRemoveAps: Remove default supervisors only
-FirmActResetSupersRemoveAll: Remove all
-FirmActAddSupervisors: Add supervisors
-FirmActAddSupersEmpty: No supervisors added
-FirmActAddSupersSet n postal: #{n} default company supervisors changed #{maybeBoolMessage postal "" "and switched to postal notifications" "and switched to email notifications"}, but not yet activated.
-RemoveSupervisors ndef: #{ndef} default supervisors removed.
-FirmActChangeContactUser: Change contact data for all company associates
-FirmActChangeContactFirm: Change company contact data
-FirmActChangeContactFirmInfo: The company contact data is only used for new company associates that would habe no contact information of their own otherwise.
-FirmActChangeContactFirmResult: Company contact data changed, affecting future company associates without contact information only
-FirmUserActNotify: Send message
-FirmUserActResetSupervision: Reset supervisors to company default
-FirmUserActSetSupervisor: Change supervision
-FirmUserActChangeContact: Change contact data for selected company associates
-FirmUserActChangeDetails: Edit company association
-FirmUserActRemove: Delete company association
-FirmUserActMkSuper: Mark as company supervisor
-FirmUserActChangeDetailsResult n t: #{n}/#{t} #{pluralENs n "company association"} updated
-FirmUserActChangeResult n t: Notification settings changed for #{n}/#{t} company #{pluralENs n "associate"}
-FirmUserActRemoveResult uc: #{pluralENsN uc "Company association"} deleted. 
-FirmRemoveSupervision sup sub: #{noneMoreEN sup "" ((pluralENsN sup "supervision") <> " removed due to eliminated supervisors.")} #{noneMoreEN sub "No supervision" (pluralENsN sub "supervision")} removed due to eliminated supervisees.
-FirmNewSupervisor: Appoint new individual supervisors
-FirmSetSupervisor: Add existing supervisors
-FirmSetSupersReport nusr nspr nrem: #{nspr} individual supervisors set for #{nusr} company associates#{bool "." (" and " <> tshow nrem <> " other individual supervisions terminated.") (nrem >0)}
-FirmResetSupervision rem set: #{tshow set} supervisors set#{bool mempty (", " <> tshow rem <> " deleted before") (rem > 0)}
-FirmSuperActNotify: Send message
-FirmSuperActSwitchSuper: Change default company supervisor
-FirmSuperActSwitchSuperInfo: Does not affect company-external supervisors and does not change any active individual supervisions. Additionally use reset action, if desired.
-FirmSuperActRMSuperDef: Remove default supervisor
-FirmSuperActRMSuperActive: Terminate active supervisions within this company?
-FirmsNotification: Send company notification e-mail
-FirmNotification fsh: Send e-mail to #{fsh}
-FirmsNotificationTitle: Company notification
-FirmNotificationTitle fsh@CompanyShorthand: #{fsh} notification
-FilterSupervisor: Has active supervisor
-FilterSupervisorCompany fsh: Has active company supervisor belonging to #{fsh}
-FilterSupervisorForeign fsh: Has active supervisor not belonging to #{fsh}
-FilterForeignSupervisor: Has company-external supervisors
-FilterIsForeignSupervisee: Supervisor for company external users
-FilterFirmExtern: External company
-FilterFirmExternTooltip: i.e. is a postal address registered within AVS?
-FilterFirmPrimary: Is primary company in FRADrive
-FilterHasQualification: Has company associates with currently valid qualification
-FirmSupervisorOf fsh@CompanyShorthand: Supervisors belonging to #{fsh}
-FirmSupervisorIndependent: Independent supervisors
-FirmEmployeeOf fsh@CompanyShorthand: #{fsh} associated users
-NoCompanySelected: Select at least one company, please.
-TableIsDefaultSupervisor: Default supervisor
-TableSuperior: Superior
-TableIsDefaultReroute: Default reroute
-FormFieldPostal: Notification type
-FormFieldPostalTip: Affects all notifications to this person, not just reroutes to this supervisor
-FirmSupervisionKeyData: Supervision key data
-CompanyUserPriority: Company priority
-CompanyUserPriorityTip: Company priority is relative to other company associations for a user
-CompanyUserUseCompanyAddress: Use company postal address
-CompanyUserUseCompanyAddressTip: if and only if the postal address of the user is empty
-CompanyUserUseCompanyPostalError: Individual postal address must left empty for the company address to be used!
--- a/messages/uniworx/categories/jobs_handler/de-de-formal.msg
+++ b/messages/uniworx/categories/jobs_handler/de-de-formal.msg
@ -15,6 +15,7 @@ ResetPassword: FRADrive-Passwort ändern bzw. setzen
 MailSubjectChangeUserDisplayEmail: E-Mail-Adresse in FRADrive verwenden
 MailIntroChangeUserDisplayEmail displayEmail@UserEmail: Der oben genannte Benutzer/Die oben genannte Benutzerin möchte „#{displayEmail}“ als E-Mail-Adresse in FRADrive verwenden. Wenn Sie diese Aktion nicht selbst ausgelöst haben, ignorieren Sie diese Mitteilung bitte!
 MailTitleChangeUserDisplayEmail displayName@Text: #{displayName} möchte diese E-Mail-Adresse in FRADrive verwenden
+CommCourseSubject: Kursartmitteilung
 InvitationAcceptDecline: Einladung annehmen/ablehnen
 InvitationFromTip displayName@Text: Sie erhalten diese Einladung, weil #{displayName} ihren Versand in FRADrive ausgelöst hat.
 InvitationFromTipAnonymous: Sie erhalten diese Einladung, weil ein nicht eingeloggter Benutzer/eine nichteingeloggte Benutzerin ihren Versand in FRADrive ausgelöst hat.
--- a/messages/uniworx/categories/jobs_handler/en-eu.msg
+++ b/messages/uniworx/categories/jobs_handler/en-eu.msg
@ -15,6 +15,7 @@ ResetPassword: Reselt FRADrive password
 MailSubjectChangeUserDisplayEmail: Set email address in FRADrive
 MailIntroChangeUserDisplayEmail displayEmail: The user mentioned above wants to set “#{displayEmail}” as their own email address. If you have not caused this email to be sent, please ignore it!
 MailTitleChangeUserDisplayEmail displayName: #{displayName} wants to set this email address as their own in FRADrive
+CommCourseSubject: Course type message
 InvitationAcceptDecline: Accept/Decline invitation
 InvitationFromTip displayName: You are receiving this invitation because #{displayName} has caused it to be sent from within FRADrive.
 InvitationFromTipAnonymous: You are receiving this invitiation because an user who didn't log in has caused it to be send from within FRADrive.
--- a/messages/uniworx/categories/print/de-de-formal.msg
+++ b/messages/uniworx/categories/print/de-de-formal.msg
@ -18,7 +18,6 @@ PrintJobAcknowledgeFailed: Keine Druckaufträge bestätigt aufgrund zwischenzeit
 PrintJobAcknowledgeQuestion n@Int d@Text: #{n} #{pluralDE n "Druckauftrag" "Druckaufräge"} vom #{d} als gedruckt und versendet bestätigen?
 PrintJobAcknowledgements: Versanddatum von Briefen an
 PrintRecipient: Empfänger
-PrintAffected: Betroffener
 PrintSender !ident-ok: Sender
 PrintCourse: Kursarten
 PrintQualification: Qualifikation
@ -26,7 +25,4 @@ PrintPDF !ident-ok: PDF
 PrintManualRenewal: Vorfeldführerschein Renewal-Brief testweise versenden
 PrintLmsUser: E‑Learning Id
 PrintJobs: Druckaufräge
-PrintLetterType: Brieftypkürzel
-
-MCActDummy: Platzhalter
-CCActDummy: Platzhalter
+PrintLetterType: Brieftypkürzel
--- a/messages/uniworx/categories/print/en-eu.msg
+++ b/messages/uniworx/categories/print/en-eu.msg
@ -18,7 +18,6 @@ PrintJobAcknowledgeFailed: No print-jobs acknowledged, due to intermediate chang
 PrintJobAcknowledgeQuestion n d: Mark #{n} #{pluralENs n "print-job"} issued on #{d} as printed and mailed already?
 PrintJobAcknowledgements: Sent-dates for Letter to
 PrintRecipient: Recipient
-PrintAffected: Affetcted
 PrintSender: Sender
 PrintCourse: Course type
 PrintQualification: Qualification
@ -26,7 +25,4 @@ PrintPDF: PDF
 PrintManualRenewal: Manual sending of an apron driver's licence renewal letter
 PrintLmsUser: E‑learning id
 PrintJobs: Print jobs
-PrintLetterType: Letter type shorthand
-
-MCActDummy: Placeholder
-CCActDummy: Placeholder
+PrintLetterType: Letter type shorthand
--- a/messages/uniworx/categories/qualification/de-de-formal.msg
+++ b/messages/uniworx/categories/qualification/de-de-formal.msg
@ -9,31 +9,23 @@ QualificationValidIndicator: Gültigkeit
 QualificationValidDuration: Gültigkeitsdauer
 QualificationAuditDuration: Aufbewahrung Audit Log
 QualificationAuditDurationTooltip n@Int: Optionaler Zeitraum zur Löschung von E‑Learning Daten. Hinweis: Der E‑Learning Server kann seine anonymisierten Daten schon früher löschen, aber spätestens #{n} Tage nach Abschluss.
-QualificationAuditDurationReuseError: Diese Qualifikation nutzt das E‑Learning einer anderen Qualifikation, für die derzeit keinen Löschzeitraum konfiguriert wurde.
 QualificationRefreshWithin: Erneurerungszeitraum
-QualificationRefreshWithinTooltip: Optionaler Zeitraum vor Ablauf für eine Benachrichtigung per Email. Bei aktiviertem automatischem E‑Learning wird dieses gestartet und die Benachrichtigung erfolgt per Brief oder Email.
-QualificationRefreshReminder: Zweite Erinnerung
-QualificationRefreshReminderTooltip: Optionaler Zeitraum vor Ablauf zur Versendung einer zweiten Erinnerung per Brief oder Email mit identischen E‑Learning Zugangsdaten, sofern die Qualifikation noch gültig und das E‑Learning noch offen ist.
+QualificationRefreshWithinTooltip: Optionaler Zeitraum vor Ablauf für automatischen Start des E‑Learnings und Versand einer Benachrichtigung per Brief oder Email.
+QualificationRefreshReminder: 2. Erinnerung
+QualificationRefreshReminderTooltip: Optionaler Zeitraum vor Ablauf zur Versendung einer zweiten Erinnerung per Brief oder Email mit identischen Zugangsdaten, sofern in diesem Zeitraum vor Ablauf noch keine Ablaufbenachrichtigung versendet wurde.
 QualificationElearningStart: Wird das E‑Learning automatisch gestartet?
-QualificationElearningRenew: Verlängert ein erfolgreiches E‑Learning die Qualifikation automatisch um die reguläre Gültigkeitsdauer?
-QualificationElearningLimit: Ist die Anzahl der E‑Learning Versuche limitiert?
-QualificationElearningLimitMax n@Int: Maximal #{n} Versuche
-QualificationElearningNoLimit: Nicht limitiert
 QualificationExpiryNotification: Ungültigkeitsbenachrichtigung?
 QualificationExpiryNotificationTooltip: Nutzer werden benachrichtigt, wenn die Qualifikation ungültig wird, sofern der jeweilige Nutzer in seinen Benutzereinstellungen diese Art Benachrichtigung aktiviert hat.
 TableQualificationCountActive: Aktive
 TableQualificationCountActiveTooltip: Anzahl Personen mit momentan gültiger Qualifikation
 TableQualificationCountTotal: Gesamt
-TableQualificationLmsReuses: LMS nutzt
-TableQualificationLmsReusesTooltip: Diese Qualifikation hat kein eigenes E‑Learning, sondern wird über das E‑Learning der angegebenen Qualifikation abgewickelt.
 TableQualificationIsAvsLicence: AVS
 TableQualificationIsAvsLicenceTooltip: Unter welchem Namen wird diese Qualifikation mit dem Ausweisverwaltungssystem (AVS) synchronisiert? Betrifft nur Benutzer mit AVS PersonenID.
 TableQualificationSapExport: SAP
 TableQualificationSapExportTooltip: Wird die Qualifikation an das SAP übermittelt? Betrifft nur Benutzer mit Fraport Personalnummer.
 LmsQualificationValidUntil: Gültig bis
 TableQualificationLastRefresh: Zuletzt erneuert
-TableQualificationLastNotified: Letzte Benachrichtigung über erfolgte Gültigkeitsänderung 
-TableQualificationLastNotifiedTooltip: Hier werden ausschließlich Benachrichtigungen berücksichtigt, die über einen bereits erfolgten Ablauf/Entzug/Wiedererteilung informieren. Dies ignoriert insbesondere reguläre Verlängerung, z.B. durch E-Learning.
+TableQualificationLastNotified: Letzte Benachrichtigung
 TableQualificationFirstHeld: Erstmalig
 TableQualificationBlockedDue: Entzug
 TableQualificationBlockedTooltip: Wann wurde die Qualifikation vorübergehend außer Kraft gesetzt und warum wurde dies veranlasst?
@ -46,7 +38,6 @@ QualificationScheduleRenewalTooltip: Wird eine Benachrichtigung versendet, falls
 QualificationUserNoRenewal: Läuft ohne Benachrichtigung aus
 QualificationUserNone: Für diese Person sind keine Qualifikationen registriert.
 QualificationGrantReason: Erteilungsbegründung
-QualificationRenewReason: Verlängerungsbegründung
 QualificationBlockReason: Entzugsbegründung
 QualificationBlockNotify: Benachrichtigung verschicken
 QualificationBlockRemoveSupervisor: Alle Ansprechpartner löschen
@ -54,13 +45,11 @@ QualificationExpired: Ungültig seit
 LmsUser: Inhaber
 LmsURL: Link E‑Learning
 TableLmsEmail: E‑Mail
-TableLmsIdent: E‑Learning Benutzer
+TableLmsIdent: E-Learning Benutzer
 TableLmsElearning: E‑Learning
-TableLmsElearningRenews: Automatische Verlängerung
-TableLmsElearningLimit: Maximale Versuche
 TableLmsPin: E‑Learning Passwort
-TableLmsResetPin: E‑Learning Passwort zurücksetzen?
-TableLmsDatePin: E‑Learning Passwort erstellt
+TableLmsResetPin: E-Learning Passwort zurücksetzen?
+TableLmsDatePin: E-Learning Passwort erstellt
 TableLmsDate: Datum
 TableLmsDelete: Löschen?
 TableLmsStaff: Interner Mitarbeiter?
@ -94,12 +83,17 @@ CsvColumnLmsDate: Datum des E‑Learning Ereignisses
 CsvColumnLmsResetTries: Anzahl der bisher verbrauchten E‑Learning Prüfungsversuche zurücksetzen
 CsvColumnLmsLock: E‑Learning Login gesperrt
 CsvColumnLmsResult !ident-ok: LMS Status
+LmsUserlistInsert: Neuer LMS User
+LmsUserlistUpdate: LMS User Aktualisierung
+LmsResultInsert: Neues LMS Ergebnis
+LmsResultUpdate: LMS Ergebnis Aktualisierung
 LmsReportInsert: Neues LMS Ereignis
 LmsReportUpdate: LMS Ereignis Aktualisierung
+LmsResultCsvExceptionDuplicatedKey: CSV-Import LmsResult fand uneindeutigen Schlüssel
+LmsUserlistCsvExceptionDuplicatedKey: CSV-Import LmsUserlist fand uneindeutigen Schlüssel
 LmsReportCsvExceptionDuplicatedKey: CSV-Import LmsReport fand uneindeutigen Schlüssel
 LmsDirectUpload: Direkter Upload für automatisierte Systeme
-LmsErrorNoRefreshElearning: Fehler: E‑Learning wird nicht automatisch gestartet, da die Zeitspanne für den Erneurerungszeitraum nicht festgelegt wurde!
-LmsErrorNoRenewElearning: Fehler: Erfoglreiches E‑Learning verlängert die Qualifikation nicht automatisch, da die Gültigkeitsdauer nicht festgelegt wurde!
+LmsErrorNoRefreshElearning: Fehler: E‑Learning wird nicht automatisch gestartet, da die Zeitspanne für den Erneurerungszeitraum nicht festgelegt wurde.
 MailSubjectQualificationRenewal qname@Text: Qualifikation #{qname} muss demnächst erneuert werden
 MailSubjectQualificationExpiry qname@Text: Qualifikation #{qname} läuft demnächst ab
 MailSubjectQualificationExpired qname@Text: Qualifikation #{qname} ist ab sofort ungültig
@ -117,13 +111,11 @@ QualificationActUnblock: Entzug aufheben
 QualificationActRenew: Qualifikation regulär verlängern
 QualificationActGrant: Qualifikation vergeben
 QualificationActGrantWarning: Diese Funktion ist nur für seltene Ausnahmefälle vorgesehen! Ein Entzug wird ggf. aufgehoben.
-QualificationActStartELearning: E‑Learning für gültige Inhaber (neu) starten
-QualificationActStartELearningStatus l@QualificationShorthand n@Int m@Int: E‑Learning #{l} für #{n}/#{m} Teilnehmer (neu) gestartet. Hinweis: Es kann länger dauern, bis das LMS tatsächlich startet.
 QualificationStatusBlock   l@QualificationShorthand n@Int m@Int: #{n}/#{m} #{l} entzogen
 QualificationStatusUnblock l@QualificationShorthand n@Int m@Int: #{n}/#{m} #{l} reaktiviert
 LmsInactive: Aktuell kein E‑Learning aktiv
 LmsRenewalInstructions: Weitere Anweisungen zur Verlängerung finden Sie im angehängten PDF. Um Missbrauch zu verhindern wurde das PDF mit dem im FRADrive hinterlegten PDF-Passwort des Prüflings verschlüsselt. Falls kein PDF-Passwort manuell hinterlegt wurde, ist das PDF-Passwort die Flughafen Ausweisnummer, inklusive Punkt und der Ziffer danach.
-LmsNoRenewal: Leider kann diese Qualifikation nicht alleine durch E‑Learning verlängert werden. Bitte setzen Sie sich mit uns in Verbindung, wenn Sie die Qualifikation verlängern möchten und noch nicht wissen, wie Sie das tun können. Ignorieren Sie diese automatisch generierte Erinnerung, falls Sie sich bereits um die Verlängerung gekümmert haben
+LmsNoRenewal: Leider kann diese Qualifikation nicht alleine durch E‑Learning verlängert werden.
 LmsRenewalReminder: Erinnerung
 LmsActNotify: Benachrichtigung E‑Learning erneut per Post oder E-Mail versenden
 LmsActRenewPin: Neues zufällige E‑Learning Passwort zuweisen
@ -132,7 +124,7 @@ LmsActReset: E‑Learning Fehlversuche zurücksetzen und entsperren
 LmsActResetInfo: E‑Learning Login, Passwort und Fortschritt bleiben unverändert, eine neue Benachrichtigung ist nicht notwendig. Nur möglich für bereits gesperrte Lerner. Es kann bis zu 2 Stunden dauern, bis das LMS die Anfrage umgesetzt hat.
 LmsActResetFeedback n@Int m@Int: Für #{n}/#{m} E‑Learning Nutzer wurden alle Fehlversuche zurückgesetzt.
 LmsActRestart: E‑Learning komplett neu starten
-LmsActRestartWarning: Das vorhandene E‑Learning wird komplett gelöscht! Für Inhaber einer gültigen Lizenz werden später Benutzer und Passwort neu vergeben und es sollte eine neue Benachrichtigung versendet werden. Hinweis: Es kann mehrere Stunden dauern, bis das LMS diese Anfrage umgesetzt hat.
+LmsActRestartWarning: Das vorhandene E‑Learning wird komplett gelöscht! Für Inhaber einer gültigen Fahrlizenz werden später Benutzer und Passwort neu vergeben und es sollte eine neue Benachrichtigung versendet werden. Hinweis: Es kann mehrere Stunden dauern, bis das LMS diese Anfrage umgesetzt hat.
 LmsActRestartFeedback n@Int m@Int: #{n}/#{m} E‑Learning Nutzer wurden komplett neu gestartet mit neuem Login und Passwort.
 LmsActRestartExtend: Gültig bis ggf. erhöhen für die nächsten # Tage
 LmsActRestartUnblock: Entzug ggf. aufheben
@ -145,5 +137,7 @@ LmsNotificationSend n@Int: E‑Learning Benachrichtigungen an #{n} #{pluralDE n
 LmsPinRenewal n@Int: E‑Learning Passwort ausgetauscht für #{n} #{pluralDE n "Prüfling" "Prüflinge"}.
 LmsActionFailed n@Int: Aktion nicht durchgeführt für #{n} #{pluralDE n "Person" "Personen"}, da diese derzeit nicht an einer Prüfung teilnehmen.
 LmsStarted: E‑Learning eröffnet
+LmsAutomaticQueuing n@Natural: Die folgenden Funktionen werden normalerweise einmal pro Tag um #{show n} Uhr ausgeführt.
+LmsManualQueuing: Die folgenden Funktionen sollten einmal pro Tag ausgeführt werden.
 BtnLmsEnqueue: Nutzer mit ablaufenden Qualifikationen zum E‑Learning anmelden und benachrichtigen
-BtnLmsDequeue: Nutzer mit beendetem E‑Learning aufräumen und ggf. benachrichtigen
+BtnLmsDequeue: Nutzer mit beendetem E‑Learning ggf. benachrichtigen und aufräumen 
--- a/messages/uniworx/categories/qualification/en-eu.msg
+++ b/messages/uniworx/categories/qualification/en-eu.msg
@ -7,33 +7,25 @@ QualificationName: Qualification
 QualificationDescription: Description
 QualificationValidIndicator: Validity
 QualificationValidDuration: Validity period
-QualificationAuditDuration: Audit log retention period
+QualificationAuditDuration: Audit log keept
 QualificationAuditDurationTooltip n@Int: Optional period for deletion of e‑learning data. Note that the e‑learning server may delete its anonymised data earlier, at most #{n} days after closing.
-QualificationAuditDurationReuseError: This qualification reuses the e‑learning from another qualification, which has no audit duration configured.
 QualificationRefreshWithin: Refresh within
-QualificationRefreshWithinTooltip: Optional period before expiry to send a notification by email. If e‑learning is set to start automatically, it will be started and e‑learning credentials are send with this notification by post or email.
-QualificationRefreshReminder: Second reminder
-QualificationRefreshReminderTooltip: Optional period before expiry to send a second notification by post or email once more, including the existing credentials, provided that the e‑learning is still undecided and the qualification has not yet expired.
+QualificationRefreshWithinTooltip: Optional period before expiry to start e‑learning and send a notification by post or email.
+QualificationRefreshReminder: 2. Reminder
+QualificationRefreshReminderTooltip: Optional period before expiry to send a second notification by post or email once more, provided that no renewal notification was sent in this period before expiry.
 QualificationElearningStart: Is e‑learning automatically started?
-QualificationElearningRenew: Does successful e‑learning automatically extend a qualification by the default validity period?
-QualificationElearningLimit: Is the number of e‑learning attempts limited?
-QualificationElearningLimitMax n: #{n} attempts maximum
-QualificationElearningNoLimit: No limit
 QualificationExpiryNotification: Invalidity notification?
 QualificationExpiryNotificationTooltip: Qualification holder are notfied upon invalidity, provided they have activated such notification in their user settings.
 TableQualificationCountActive: Active
 TableQualificationCountActiveTooltip: Number of currently valid qualification holders
 TableQualificationCountTotal: Total
-TableQualificationLmsReuses: Reuse LMS 
-TableQualificationLmsReusesTooltip: This qualification reuses the e‑learning of the given qualification, instead of having a separate e‑learning of its own.
-TableQualificationIsAvsLicence: AVS driving license
+TableQualificationIsAvsLicence: AVS Driving License
 TableQualificationIsAvsLicenceTooltip: Under which name is this qualification synchronized with AVS, if any? Only applies to qualification holders having an AVS PersonID.
 TableQualificationSapExport: Sent to SAP
 TableQualificationSapExportTooltip: Is this qualification transmitted to SAP? Only applies to qualification holder having a Fraport AG personnel number.
 LmsQualificationValidUntil: Valid until
 TableQualificationLastRefresh: Last renewed
-TableQualificationLastNotified: Last notified about validity change
-TableQualificationLastNotifiedTooltip: The date of the last notification about any already effective change in validity due to revocation or reissue. This does not entail regular validity extensions, e.g. due to e-learning.
+TableQualificationLastNotified: Last notified
 TableQualificationFirstHeld: First held
 TableQualificationBlockedDue: Revocations
 TableQualificationBlockedTooltip: Why and when was this qualification temporarily suspended?
@ -46,7 +38,6 @@ QualificationScheduleRenewalTooltip: Will there be a notification, if this quali
 QualificationUserNoRenewal: Expires without further notification
 QualificationUserNone: No registered qualifications for this person.
 QualificationGrantReason: Reason for granting
-QualificationRenewReason: Reason for renewal
 QualificationBlockReason: Reason for revoking
 QualificationBlockNotify: Send notification
 QualificationBlockRemoveSupervisor: Remove all supervisors
@ -57,8 +48,6 @@ TableLmsEmail: Email
 TableLmsIdent: E‑learning user
 TableLmsPin: E‑learning password
 TableLmsElearning: E‑learning
-TableLmsElearningRenews: Automatic renewal
-TableLmsElearningLimit: Max attempts
 TableLmsResetPin: Reset E‑learning password?
 TableLmsDatePin: E‑learning password created
 TableLmsDate: Date
@ -94,12 +83,17 @@ CsvColumnLmsResetTries: Reset number of used up e‑learning exam attempts
 CsvColumnLmsDate: Date of e‑learning event
 CsvColumnLmsResult: LMS Status
 CsvColumnLmsLock: E‑learning login is not permitted
+LmsUserlistInsert: New LMS user
+LmsUserlistUpdate: Update of LMS user
+LmsResultInsert: New LMS result
+LmsResultUpdate: Update of LMS result
 LmsReportInsert: New LMS event
 LmsReportUpdate: Update of LMS event
+LmsResultCsvExceptionDuplicatedKey: CSV import LmsResult with ambiguous key
+LmsUserlistCsvExceptionDuplicatedKey: CSV import LmsUserlist with ambiguous key
 LmsReportCsvExceptionDuplicatedKey: CSV Import LmsReport with ambiguous key
 LmsDirectUpload: Direct upload for automated systems
-LmsErrorNoRefreshElearning: Error: E‑learning will not be started automatically due to refresh-within time period not being set!
-LmsErrorNoRenewElearning: Error: E‑learning will not automatically extend validity due to validity duration not being set!
+LmsErrorNoRefreshElearning: Error: E‑learning will not be started automatically due to refresh-within time period not being set.
 MailSubjectQualificationRenewal qname: Qualification #{qname} must be renewed shortly
 MailSubjectQualificationExpiry qname: Qualification #{qname} expires soon
 MailSubjectQualificationExpired qname: Qualification #{qname} is no longer valid
@ -117,13 +111,11 @@ QualificationActUnblock: Clear revocation
 QualificationActRenew: Renew qualification
 QualificationActGrant: Grant qualification
 QualificationActGrantWarning: Use with caution in rare exceptional cases only! Any revocation will be undone.
-QualificationActStartELearning: Manually (re)start e‑learning for valid qualification holders
-QualificationActStartELearningStatus l n m: E‑learning #{l} (re)started for #{n}/#{m} users. Note: It may take a while, until the e‑learning is activated.
 QualificationStatusBlock   l n m: #{n}/#{m} #{l} revoked
 QualificationStatusUnblock l n m: #{n}/#{m} #{l} reactivated
 LmsInactive: Currently no active e‑learning
 LmsRenewalInstructions: Instruction on how to accomplish the renewal are enclosed in the attached PDF. In order to avoid misuse, the PDF is encrypted with the FRADrive PDF-password of the examinee. If no PDF-password had been chosen yet, then the password is the Fraport id card number of the examinee, including the punctuation mark and the digit thereafter.
-LmsNoRenewal: Unfortunately, this particular qualification cannot be renewed through e‑learning only. Please contact us, if you do not yet know how to renew this qualification. Ignore this automatically generated reminder email, if you have made arrangements for the renewal of this qualification already.
+LmsNoRenewal: Unfortunately, this particular qualification cannot be renewed through e‑learning only.
 LmsRenewalReminder: Reminder
 LmsActNotify: Resend e‑learning notification by post or email
 LmsActRenewPin: Randomly replace e‑learning password
@ -145,5 +137,7 @@ LmsNotificationSend n: E‑learning notifications will be sent to #{n} #{pluralE
 LmsPinRenewal n: E‑learning password replaced randomly for #{n} #{pluralENs n "examinee"}.
 LmsActionFailed n: No action for #{n} #{pluralENs n "person"}, since there was no ongoing examination.
 LmsStarted: E‑learning open since
-BtnLmsEnqueue: Enqueue users with expiring qualifications for e‑learning and notify them
-BtnLmsDequeue: Dequeue users with finished e‑learning and notify failed users
+LmsAutomaticQueuing n@Natural: The following functions are executed daily at #{show n} o'clock.
+LmsManualQueuing: The following functions should be executed daily.
+BtnLmsEnqueue: Enqueue users with expiring qualifications for e‑learning and notify them.
+BtnLmsDequeue: Dequeue users with finished e‑learning and notify, if appropriate.
--- a/messages/uniworx/categories/send/send_notifications/de-de-formal.msg
+++ b/messages/uniworx/categories/send/send_notifications/de-de-formal.msg
@ -103,4 +103,4 @@ MailSupervisorNoCopy: Warnung: Diese Nachricht wurde nicht an den eigentlichen E
 MailSupervisedNote: Hinweis
 MailSupervisedBody: Eine Kopie dieser Nachricht wurde auch an folgende in FRADrive eingetragene Ansprechpartner gesendet:
 MailSupervisorReroute: Benachrichtigungsumleitung
-MailSupervisorRerouteTooltip: Alle Benachrichtigungen werden stattdessen an diese Ansprechpartner mit Benachrichtigungsumleitung gesandt
+MailSupervisorRerouteTooltip: Alle Benachrichtigungen werden stattdessen an alle Ansprechpartner mit Benachrichtigungsumleitung gesandt
--- a/messages/uniworx/categories/send/send_notifications/en-eu.msg
+++ b/messages/uniworx/categories/send/send_notifications/en-eu.msg
@ -103,4 +103,4 @@ MailSupervisorNoCopy: Warning: This message was not sent to the original recipie
 MailSupervisedNote: Please note
 MailSupervisedBody: A copy of this message has been sent to all supervisors registered for you in FRADrive, namely:
 MailSupervisorReroute: Reroute notifications
-MailSupervisorRerouteTooltip: All notification will be rerouted to these supervisors instead
+MailSupervisorRerouteTooltip: All notification will be sent to all supervisors with notification rerouting instead
--- a/messages/uniworx/categories/settings/de-de-formal.msg
+++ b/messages/uniworx/categories/settings/de-de-formal.msg
@ -37,8 +37,7 @@ PDFPassword: Passwort zur Verschlüsselung von PDF Anhängen an Email Benachrich
 PDFPasswordTip: Achtung, dieses Passwort ist für FRADrive Administratoren einsehbar und wird unverschlüsselt gespeichert!
 PDFPasswordInvalid c@Char: Bitte ein nicht-triviales Passwort für PDF Email Anhänge eintragen! Ungültiges Zeichen: #{char2Text c}
 PDFPasswordTooShort n@Int: Bitte ein PDF Passwort mit mindestens #{show n} Zeichen wählen oder Post-Versand aktivieren
-PrefersPostal: Bevorzugte Benachrichtigung
-PrefersPostalExp: Sollen Benachrichtigung möglichst per Post versendet werden anstatt per Email?
+PrefersPostal: Sollen Benachrichtigung möglichst per Post versendet werden anstatt per Email?
 PostalTip: Postversand kann in Rechnung gestellt werden und ist derzeit nur für Benachrichtigungen über Erneuerung und Ablauf von Qualifikation, wie z.B. Führerscheine, verfügbar.
 PostAddress: Postalische Adresse
 PostAddressTip: Mindestens eine Zeile mit Straße und Hausnummer und eine Zeile mit Postleitzahl und Ort. Kein Empfängername, denn dieser wird später automatisch hinzugefügt.
--- a/messages/uniworx/categories/settings/en-eu.msg
+++ b/messages/uniworx/categories/settings/en-eu.msg
@ -37,8 +37,7 @@ PDFPassword: Password to lock PDF email attachments
 PDFPasswordTip: Please note that this password is displayed to FRADrive admins and is saved unencrypted
 PDFPasswordInvalid c: Please supply a sensible password for encrypting PDF email attachments! Invalid character #{char2Text c}
 PDFPasswordTooShort n: Please provide a password with at least #{show n} characters or choose postal mail
-PrefersPostal: Notification preference
-PrefersPostalExp: Should notifications preferably send by post instead of email?
+PrefersPostal: Should notifications preferably send by post instead of email?
 PostalTip: Mailing may incur a fee and is currently only avaulable for qualification expiry notifications, such as driving lincence renewal.
 PostAddress: Postal address
 PostAddressTip: Should contain at least one line with street and house number and another line featuring zip code and town. Omit a recipient name, since it will be added later.
--- a/messages/uniworx/categories/settings/personal_settings/de-de-formal.msg
+++ b/messages/uniworx/categories/settings/personal_settings/de-de-formal.msg
@ -25,14 +25,10 @@ PersonalInfoTutorialsWip: Die Anzeige von Kurse, zu denen Sie angemeldet sind wi
 ProfileGroupSubmissionDates: Bei Gruppenabgaben wird kein Datum angezeigt, wenn Sie die Gruppenabgabe nie selbst hochgeladen haben.
 ProfileCorrectorRemark: Die oberhalb angezeigte Tabelle zeigt nur prinzipielle Einteilungen als Korrektor zu einem Übungsblatt. Auch ohne Einteilung können Korrekturen einzeln zugewiesen werden, welche hier dann nicht aufgeführt werden.
 ProfileCorrections: Auflistung aller zugewiesenen Korrekturen
-Remarks: Hinweis:
+Remarks: Hinweise

-ProfileNoSupervisor: Keine übergeordneten Ansprechpartner vorhanden
-ProfileSupervisor n@Int m@Int: #{n} #{pluralDE n "übergeordneter" "übergeordnete"} Ansprechpartner#{noneMoreDE m "" (", davon " <> tshow m <> " mit Benachrichtigungsumleitung")}
-ProfileSupervisorRemark n@Int m@Int l@Int: #{m} von #{n} #{pluralDE m "übergeordneter" "übergeordnete"} Ansprechpartner mit Benachrichtigungsumleitung#{noneMoreDE l "" (", davon " <> tshow l <> " mit postalischer Benachrichtigung")}
-ProfileNoSupervisee: Ist kein Ansprechpartner für irgendjemand
-ProfileSupervisee n@Int m@Int: Ist Ansprechpartner für #{n} #{pluralDE n "Person" "Personen"}#{noneMoreDE m "" (", davon " <> tshow m <> " mit Benachrichtigungsumleitung")}
-ProfileSuperviseeRemark n@Int m@Int: Dieser Nutzer ist Ansprechpartner für #{n} #{pluralDE n "Person" "Personen"}#{noneMoreDE m "" (", davon " <> tshow m <> " mit Benachrichtigungsumleitung")}
+ProfileSupervisor: Übergeordnete Ansprechpartner
+ProfileSupervisee: Ist Ansprechpartner für

 UserTelephone: Telefon
 UserMobile: Mobiltelefon
--- a/messages/uniworx/categories/settings/personal_settings/en-eu.msg
+++ b/messages/uniworx/categories/settings/personal_settings/en-eu.msg
@ -25,14 +25,10 @@ PersonalInfoTutorialsWip: The feature to display courses you have registered for
 ProfileGroupSubmissionDates: No date is shown for group submissions if you have never uploaded the submission yourself.
 ProfileCorrectorRemark: The table above only shows registration as a corrector in principle. Even without registration corrections can be assigned individually and are not listed.
 ProfileCorrections: List of all assigned corrections
-Remarks: Remark:
+Remarks: Remarks

-ProfileNoSupervisor: Is not supervised by anynone
-ProfileSupervisor n m: #{pluralENsN n "supervisor"} #{noneMoreEN m "" ("with " <> tshow m <> " active notification rerouting")}
-ProfileSupervisorRemark n@Int m@Int l@Int: #{m} of #{n} #{pluralENs m "supervisor"} with active notification rerouting#{noneMoreEN l "" (", and " <> tshow l <> "of these prefer postal notifications")}
-ProfileNoSupervisee: Does not supervise anynone
-ProfileSupervisee n m: Supervises  #{pluralENsN n "person"} #{noneMoreEN m "" ("with " <> tshow m <> " active notification rerouting")}
-ProfileSuperviseeRemark n m: This person supervises #{pluralENsN n "person"}#{noneMoreEN m "" (" with " <> tshow m <> " having active notifications rerouting to this user")}
+ProfileSupervisor: Supervised by
+ProfileSupervisee: Supervises

 UserTelephone: Phone
 UserMobile: Mobile
--- a/messages/uniworx/categories/user/de-de-formal.msg
+++ b/messages/uniworx/categories/user/de-de-formal.msg
@ -22,7 +22,6 @@ AdminUserPostAddress: Postalische Anschrift
 AdminUserPrefersPostal: Briefe anstatt Email bevorzugt
 AdminUserPinPassword: Passwort zur Verschlüsselung von PDF Anhängen in Emails
 AdminUserNoPassword: Kein Passwort gesetzt
-AdminUserPinPassNotIncluded: Hinweis: Das Passwort wird hier zur Bequemlichkeit zusätzlich angezeigt und ist selbstverständlich nicht im originalem Inhalt enthalten.
 AdminUserAssimilate: Diesen Benutzer assimilieren von
 UserAdded: Benutzer erfolgreich angelegt
 UserCollision: Benutzer konnte wegen Eindeutigkeit nicht angelegt werden
@ -38,10 +37,9 @@ AuthPWHashAlreadyConfigured: Nutzer:in meldet sich bereits mit FRADrive spezifis
 AuthPWHashConfigured: Nutzer:in meldet sich nun mit FRADrive spezifischer Kennung an
 UsersCourseSchool: Bereich
 ActionNoUsersSelected: Keine Benutzer:innen ausgewählt
-SynchroniseAvsUserQueued n@Int: AVS-Synchronisation von #{n} #{pluralDE n "Benutzer:in" "Benutzer:innen"} zwingend angestoßen, die Ausführung wird mehrere Minuten benötigen!
-SynchroniseAvsAllUsersQueued n@Int64: AVS-Synchronisation von allen #{n} #{pluralDE n "Benutzer:in" "Benutzer:innen"} angestoßen, welche heute noch nicht synchronisiert wurden, die Ausführung wird eine Weile brauchen!
-SynchroniseLdapUserQueued n@Int: LDAP-Synchronisation von #{n} #{pluralDE n "Benutzer:in" "Benutzer:innen"} angestoßen, die Ausführung wird mehrere Minuten benötigen!
-SynchroniseLdapAllUsersQueued: LDAP-Synchronisation von allen Benutzer:innen angestoßen, die Ausführung kann eine Weile brauchen!
+SynchroniseAvsUserQueued n@Int: AVS-Synchronisation von #{n} #{pluralDE n "Benutzer:in" "Benutzer:innen"} angestoßen
+SynchroniseLdapUserQueued n@Int: LDAP-Synchronisation von #{n} #{pluralDE n "Benutzer:in" "Benutzer:innen"} angestoßen
+SynchroniseLdapAllUsersQueued: LDAP-Synchronisation von allen Benutzer:innen angestoßen
 UserListTitle: Komprehensive Benutzerliste
 AccessRightsSaved: Berechtigungen erfolgreich verändert
 AccessRightsNotChanged: Berechtigungen wurden nicht verändert
@ -91,19 +89,12 @@ NewPasswordLink: Neues Passwort setzen
 UserAccountDeleteWarning: Achtung, dies löscht den kompletten Benutzer/die komplette Benutzerin unwiderruflich und mit allen assoziierten Daten aus der Datenbank. Prüfungsdaten müssen jedoch langfristig gespeichert bleiben!
 UserAvsSync: AVS-Synchronisieren
 UserLdapSync: LDAP-Synchronisieren
+AllUsersLdapSync: Alle LDAP-Synchronisieren
 UserHijack: Sitzung übernehmen
 UserAddSupervisor: Ansprechpartner hinzufügen
 UserSetSupervisor: Ansprechpartner ersetzen
 UserRemoveSupervisor: Alle Ansprechpartner entfernen
-UserRemoveSubordinates: Alle Ansprechpartnerbeziehungen zu Untergebenen beenden
 UserIsSupervisor: Ist Ansprechpartner
-UserAvsSwitchCompany: Als Primärfirma verwenden
-UserAvsSwitchCompanyField: Primärfirma auswählen
-UserAvsCompanySwitched c@CompanyShorthand: Primärfirma gewechselt zu #{tshow c}
-AllUsersLdapSync: Alle LDAP-Synchronisieren
-AllUsersAvsSync: Alle AVS-Synchronisieren
-ThisUserLdapSync: LDAP Synchronisation
-ThisUserAvsSync: AVS Synchronisation
 AuthKindLDAP: Fraport AG Kennung
 AuthKindPWHash: FRADrive Kennung
 AuthKindNoLogin: Kein Login möglich
@ -111,9 +102,3 @@ Name !ident-ok: Name
 UsersChangeSupervisorsSuccess usr@Int spr@Int: #{tshow spr} Ansprechpartner für #{tshow usr} Benutzer gesetzt.
 UsersChangeSupervisorsWarning usr@Int spr@Int bad@Int: Nur _{MsgUsersChangeSupervisorsSuccess usr spr} #{tshow bad} Ansprechpartner #{pluralDE bad "wurde" "wurden"} nicht gefunden!
 UsersRemoveSupervisors usr@Int: Alle Ansprechpartner für #{tshow usr} Benutzer gelöscht.
-UsersRemoveSubordinates usr@Int: Alle Ansprechpartnerbeziehungen für #{tshow usr} #{pluralDE usr "ehemaligen" "ehemalige"} Ansprechpartner gelöscht.
-UserCompanyReason: Begründung der Firmenassoziation
-UserCompanyReasonTooltip: Optionale Notiz für besondere Fälle. Kann ggf. autmatische Entfernung bei AVS Firmenwechsel verhindern.
-UserSupervisorReason: Begründung Ansprechpartner
-UserSupervisorReasonTooltip: Optionale Notiz für besondere Fälle. Kann ggf. autmatische Entfernung bei AVS Firmenwechsel verhindern.
-AdminUserAllNotifications: Alle Benachrichtigungen and diesen Benutzer
--- a/messages/uniworx/categories/user/en-eu.msg
+++ b/messages/uniworx/categories/user/en-eu.msg
@ -22,7 +22,6 @@ AdminUserPostAddress: Postal Address
 AdminUserPrefersPostal: Prefers postal letters over email
 AdminUserPinPassword: Password used for PDF attachments to emails
 AdminUserNoPassword: No password set
-AdminUserPinPassNotIncluded: Note: the password is shown here only for convenience, but is not contained in the original content, of course.
 AdminUserAssimilate: Assimilate user by another user
 UserAdded: Successfully added user
 UserCollision: Could not create user due to uniqueness constraint
@ -38,10 +37,9 @@ AuthPWHashAlreadyConfigured: User already logs in using their FRADrive specific
 AuthPWHashConfigured: User now logs in using their FRADrive specific account
 UsersCourseSchool: Department
 ActionNoUsersSelected: No users selected
-SynchroniseAvsUserQueued n: Triggered forced AVS synchronisation of #{n} #{pluralEN n "user" "users"}, which may take several minutes to complete.
-SynchroniseAvsAllUsersQueued n: Triggered AVS synchronisation of all #{n} #{pluralEN n "user" "users"} that were not already synchronised today, which may take quite a while to complete.
-SynchroniseLdapUserQueued n: Triggered LDAP synchronisation of #{n} #{pluralEN n "user" "users"}, which may take several minutes to complete.
-SynchroniseLdapAllUsersQueued: Triggered LDAP synchronisation of all users, which may take quite a while to complete.
+SynchroniseAvsUserQueued n: Triggered AVS synchronisation of #{n} #{pluralEN n "user" "users"}.
+SynchroniseLdapUserQueued n: Triggered LDAP synchronisation of #{n} #{pluralEN n "user" "users"}.
+SynchroniseLdapAllUsersQueued: Triggered LDAP synchronisation of all users
 UserListTitle: Comprehensive list of users
 AccessRightsSaved: Successfully updated permissions
 AccessRightsNotChanged: Permissions left unchanged
@ -91,29 +89,16 @@ NewPasswordLink: Set password
 UserAccountDeleteWarning: Caution, this permanently deletes users and all of their associated data. Exam results must be stored long term!
 UserAvsSync: Synchronise with AVS
 UserLdapSync: Synchronise with LDAP
+AllUsersLdapSync: Synchronise all with LDAP
 UserHijack: Hijack session
 UserAddSupervisor: Add supervisor
 UserSetSupervisor: Replace supervisors
 UserRemoveSupervisor: Set to unsupervised
-UserRemoveSubordinates: Remove all subordinates
 UserIsSupervisor: Is supervisor
-UserAvsSwitchCompany: Use as primary company
-UserAvsSwitchCompanyField: Select primary company
-UserAvsCompanySwitched c: Primary company switched to #{tshow c}
-AllUsersLdapSync: Synchronise all with LDAP
-AllUsersAvsSync: Synchronise all with AVS
-ThisUserLdapSync: Synchronise user with LDAP
-ThisUserAvsSync: Synchronise user with AVS
 AuthKindLDAP: Fraport AG account
 AuthKindPWHash: FRADrive account
 AuthKindNoLogin: No login
 Name: Name
 UsersChangeSupervisorsSuccess usr spr: #{pluralENsN spr "supervisor"} for #{pluralENsN usr "user"} set.
 UsersChangeSupervisorsWarning usr spr bad: Only _{MsgUsersChangeSupervisorsSuccess usr spr} #{pluralENsN bad "supervisors"} could not be identified!
-UsersRemoveSupervisors usr: Removed all supervisors for #{pluralENsN usr "user"}.
-UsersRemoveSubordinates usr: Removed all subordinates for #{pluralENsN usr "previous supervisor"}.
-UserCompanyReason: Reason for company association
-UserCompanyReasonTooltip: Optional note for special cases. In some case this may prevent automatic removel upon AVS user company changes.
-UserSupervisorReason: Reason for supervision
-UserSupervisorReasonTooltip: Optional note for special cases. In some case this may prevent automatic removel upon AVS user company changes.
-AdminUserAllNotifications: All notification sent to this user
+UsersRemoveSupervisors usr: Removed all supervisors for #{pluralENsN usr "user"}.
--- a/messages/uniworx/misc/de-de-formal.msg
+++ b/messages/uniworx/misc/de-de-formal.msg
@ -4,31 +4,23 @@

 #messages or constructors that are used all over the code

-Logo !ident-ok: FRADrive
-EmailInvitationWarning: Diese Adresse konnte keinem FRADrive-Benutzer/-Benutzerin zugeordnet werden. Es wird eine Einladung per E-Mail versandt.
+Logo !ident-ok: Uni2work
+EmailInvitationWarning: Diese Adresse konnte keinem Uni2work-Benutzer/keiner Uni2work-Benutzerin zugeordnet werden. Es wird eine Einladung per E-Mail versandt.
 BoolIrrelevant !ident-ok: —
 FieldPrimary: Hauptfach
 FieldSecondary: Nebenfach
 MultiEmailFieldTip: Es sind mehrere, Komma-separierte, E-Mail-Adressen möglich
-MultiSelectTip: Mehrfachauswahl und Abwählen mit Strg-Klick
 WeekDay: Wochentag
-Hours: Stunden
 LdapIdentificationOrEmail: Fraport AG-Kennung / E-Mail-Adresse
 Months num@Int64: #{num} #{pluralDE num "Monat" "Monate"}
 Days num@Int64: #{num} #{pluralDE num "Tag" "Tage"}
-NoAutomaticUpdateTip: Dieser Wert wurde manuell editiert und wird daher nicht mehr automatisch durch as AVS aktualisiert.
-AddressIsLinkedTip: Verlinkte Postaddresse: Für diesen Benutzer ist keine individuelle Postadresse gespeichert, die Adresse wurde stattdessen aus der Firmenzugehörigkeit abgeleitet.

 ClusterVolatileQuickActionsEnabled: Schnellzugriffsmenü aktiv

 AvsNoLicence: Keine Fahrberechtigung
 AvsLicenceVorfeld: Vorfeld Fahrberechtigung
 AvsLicenceRollfeld: Rollfeld Fahrberechtigung
-AvsNoLicenceGuest: Keine Fahrberechtigung (Gast, Fahrberechtigungserwerb nicht möglich)

 PaginationSize: Einträge pro Seite
 PaginationPage: Angzeigte Seite
-PaginationError: Paginierung Parameter dürfen nicht negativ sein
-
-NullDeletes: Zum Löschen NULL eingeben.
-SortPriority: Sortierungspriorität
+PaginationError: Paginierung Parameter dürfen nicht negativ sein
--- a/messages/uniworx/misc/en-eu.msg
+++ b/messages/uniworx/misc/en-eu.msg
@ -4,31 +4,23 @@

 #messages or constructors that are used all over the Code

-Logo: FRADrive
-EmailInvitationWarning: This address could not be matched to any FRADrive user. An invitation will be sent via email.
+Logo: Uni2work
+EmailInvitationWarning: This address could not be matched to any Uni2work user. An invitation will be sent via email.
 BoolIrrelevant: —
 FieldPrimary: Major
 FieldSecondary: Minor
 MultiEmailFieldTip: Multiple emails addresses may be specified (comma-separated)
-MultiSelectTip: Multiple selection and desection via Ctrl-Click
 WeekDay: Day of the week
-Hours: Hours
 LdapIdentificationOrEmail: Fraport AG-Kennung / email address
 Months num: #{num} #{pluralEN num "Month" "Months"}
 Days num: #{num} #{pluralEN num "Day" "Days"}
-NoAutomaticUpdateTip: This particular value receives no automatic AVS updates, since it has been edited manually.
-AddressIsLinkedTip: Linked postal address: No individual postal address is stored for this user, instead a postal address was inferred from the user's company association.

 ClusterVolatileQuickActionsEnabled: Quick actions enabled

 AvsNoLicence: No driving licence
 AvsLicenceVorfeld: Apron driving licence
 AvsLicenceRollfeld: Maneuvering area driving licence
-AvsNoLicenceGuest: No driving licence (Guest account, cannot acquire a diriving licence)

 PaginationSize: Rows per Page
 PaginationPage: Page to show
-PaginationError: Pagination parameter must not be negative
-
-NullDeletes:  Enter NULL to delete.
-SortPriority: Sort order priority
+PaginationError: Pagination parameter must not be negative
--- a/messages/uniworx/utils/navigation/menu/de-de-formal.msg
+++ b/messages/uniworx/utils/navigation/menu/de-de-formal.msg
@ -23,7 +23,6 @@ MenuPayments: Zahlungsbedingungen

 MenuInstance: Instanz-Identifikation
 MenuHealth: Instanz-Zustand
-MenuHealthInterface: Schnittstellen Zustand
 MenuHelp: Hilfe
 MenuProfile: Anpassen
 MenuLogin !ident-ok: Login
@ -125,6 +124,8 @@ MenuLmsUser: Benutzerqualifikationen
 MenuLmsUserSchool: Bereichs Benutzerqualifikationen
 MenuLmsUserAll: Alle Benutzerqualifikationen
 MenuLmsUsers: Veralteter Export E‑Learning Benutzer
+MenuLmsUserlist: Veraltetes Melden E‑Learning Benutzer
+MenuLmsResult: Veralteter Melden Ergebnisse E‑Learning
 MenuLmsUpload: Hochladen
 MenuLmsDirectUpload: Direkter Upload
 MenuLmsDirectDownload: Direkter Download
@ -132,28 +133,14 @@ MenuLmsFake: Testnutzer generieren
 MenuLmsLearners: Export Benutzer E‑Learning
 MenuLmsReport: Ergebnisse E‑Learning

-MenuFirms: Firmen
-MenuFirmUsers: Angehörige
-MenuFirmSupervisors: Ansprechpartner
-MenuFirmsComm: Mitteilung
-
-MenuInterfaces: Schnittstellen
 MenuSap: SAP Schnittstelle

 MenuAvs: AVS Schnittstelle
 MenuAvsSynchError: AVS Problemübersicht
 MenuLdap: LDAP Schnittstelle
-MenuApc: Druck
+MenuApc: Druckerei
 MenuPrintSend: Manueller Briefversand
 MenuPrintDownload: Brief herunterladen
-MenuPrintLog: LPR Schnittstelle
-MenuPrintAck: Druckbestätigung
-
-MenuCommCenter: Benachrichtigungen
-MenuMailCenter: E‑Mails
-MenuMailHtml !ident-ok: Html
-MenuMailPlain !ident-ok: Text
-MenuMailAttachment: Anhang

 MenuApiDocs: API-Dokumentation (Englisch)
 MenuSwagger !ident-ok: OpenAPI 2.0 (Swagger)
--- a/messages/uniworx/utils/navigation/menu/en-eu.msg
+++ b/messages/uniworx/utils/navigation/menu/en-eu.msg
@ -23,7 +23,6 @@ MenuPayments: Payment Terms

 MenuInstance: Instance identification
 MenuHealth: Instance health
-MenuHealthInterface: Interface health
 MenuHelp: Support
 MenuProfile: Settings
 MenuLogin: Login
@ -71,6 +70,7 @@ MenuCourseDelete: Delete course
 MenuSubmissionNew: Create submission
 MenuSubmissionOwn: Submission
 MenuCorrectors: Correctors
+
 MenuSheetEdit: Edit exercise sheet
 MenuSheetDelete: Delete exercise sheet
 MenuSheetClone: Clone exercise sheet
@ -125,6 +125,8 @@ MenuLmsUser: User Qualifications
 MenuLmsUserSchool: Institute User Qualifications
 MenuLmsUserAll: All User Qualifications
 MenuLmsUsers: Legacy download e‑learning users
+MenuLmsUserlist: Legacy upload e‑learning users
+MenuLmsResult: Legacy upload r‑learning results
 MenuLmsUpload: Upload
 MenuLmsDirectUpload: Direct Upload
 MenuLmsDirectDownload: Direct Download
@ -132,28 +134,14 @@ MenuLmsFake: Generate Test Users
 MenuLmsLearners: E‑learning Users
 MenuLmsReport: E‑learning Results

-MenuFirms: Companies
-MenuFirmUsers: Associates
-MenuFirmSupervisors: Supervisors
-MenuFirmsComm: Messaging
-
-MenuInterfaces: Interfaces
 MenuSap: SAP Interface 

 MenuAvs: AVS Interface
 MenuAvsSynchError: AVS Problem Overview
 MenuLdap: LDAP Interface
-MenuApc: Print
+MenuApc: Printing
 MenuPrintSend: Send Letter
 MenuPrintDownload: Download Letter
-MenuPrintLog: LPR Interface
-MenuPrintAck: Acknowledge Printing
-
-MenuCommCenter: Notifications
-MenuMailCenter: Email
-MenuMailHtml: Html
-MenuMailPlain: Text
-MenuMailAttachment: Attachment

 MenuApiDocs: API documentation
 MenuSwagger: OpenAPI 2.0 (Swagger)
--- a/messages/uniworx/utils/table_column/de-de-formal.msg
+++ b/messages/uniworx/utils/table_column/de-de-formal.msg
@ -73,33 +73,11 @@ TableDiffDaysTooltip: Zeitspanne nach ISO 8601. Beispiel: "P2Y3M4D" ist eine Zei
 TableExamOfficeLabel: Label-Name
 TableExamOfficeLabelStatus: Label-Farbe
 TableExamOfficeLabelPriority: Label-Priorität
-TableQualification: Qualifikation
 TableQualifications: Qualifikationen
 TableCompany: Firma
-TableCompanyFilter: Firma oder Nummer
-TableCompanyShort: Firmenkürzel
 TableCompanies: Firmen
-TablePrimeCompany: Primäre Firma
-TableCompanyNo: Firmennummer
 TableCompanyNos: Firmennummern
-TableCompanyUser: Firmenangehöriger
-TableCompanyNrUsers: Firmenangehörige
-TableCompanyNrSecondaryUsers: Sekundäre Firmenangehörige
-TableCompanyReason: Notiz
-TableCompanyNrSupers: Ansprechpartner
-TableCompanyNrEmpSupervised: Firmenangehörige mit Ansprechpartner
-TableCompanyNrEmpRerouted: Firmenangehörige mit Umleitung
-TableCompanyNrEmpRerPost: Firmenangehörige mit postalischer Umleitung
-TableCompanyNrSupersActive: Mitarbeiter mit Ansprechpartner
-TableCompanyNrSupersDefault: Standard Ansprechpartner
-TableCompanyNrForeignSupers: Firmenfremde Ansprechpartner
-TableCompanyNrRerouteDefault: Standard Umleitungen
-TableCompanyNrRerouteActive: Aktive Umleitungen
-TableRerouteActive: Umleitung
-TableCompanyPostalPreference: Benachrichtigungspräferenz neue Firmenangehörige
 TableSupervisor: Ansprechpartner
-TableSupervisee: Ansprechpartner für
-TableReason: Begründung
 TableCreationTime: Erstellungszeit
 TableJob !ident-ok: Job
 TableJobContent !ident-ok: Parameter
@ -107,12 +85,6 @@ TableJobLockTime: Bearbeitung seit
 TableJobLockInstance: Bearbeiter
 TableJobCreationInstance: Ersteller
 ActJobDelete: Job entfernen
-ActJobDeleteForce n@Int: Auch vor #{pluralDEnN n "Minute"} gesperrte Jobs entfernen
 TableJobActDeleteFeedback n@Int m@Int: #{n}/#{m} Jobs entfernt
 TableFilterComma: Es können mehrere alternative Suchkriterien mit Komma getrennt angegeben werden, wovon mindestens eines erfüllt werden muss.
-TableFilterCommaPlus: Mehrere alternative Suchkriterien mit Komma trennen. Mindestens ein Suchkriterium muss erfüllt werden, zusätzlich zu allen Suchkriterien mit vorangestelltem Plus-Symbol.
-TableFilterCommaPlusShort: Unterstützt mehrere Kriterien mit Komma-Plus, siehe oben.
-TableFilterCommaName: Mehrere Namen mit Komma trennen.
-TableFilterCommaNameNr: Mehrere Namen oder Nummern mit Komma trennen. Nummern werden nur exakt gesucht.
-TableUserEdit: Benutzer bearbeiten
-TableRows: Zeilen
+TableFilterCommaPlus: Mehrere alternative Suchkriterien mit Komma trennen. Mindestens ein Suchkriterium muss erfüllt werden, zusätzlich zu allen Suchkriterien mit vorangestelltem Plus-Symbol.
--- a/messages/uniworx/utils/table_column/en-eu.msg
+++ b/messages/uniworx/utils/table_column/en-eu.msg
@ -73,33 +73,11 @@ TableDiffDaysTooltip: Duration given according to ISO 8601. Example: "P2Y3M4D" i
 TableExamOfficeLabel: Label name
 TableExamOfficeLabelStatus: Label colour
 TableExamOfficeLabelPriority: Label priority
-TableQualification: Qualification
 TableQualifications: Qualifications
 TableCompany: Company
-TableCompanyFilter: Company/Nr
-TableCompanyShort: Company shorthand
 TableCompanies: Companies
-TablePrimeCompany: Primary company
-TableCompanyNo: Company number
 TableCompanyNos: Company numbers
-TableCompanyUser: Associate
-TableCompanyNrUsers: Associates
-TableCompanyNrSecondaryUsers: Secondary Associates
-TableCompanyReason: Note
-TableCompanyNrSupers: Supervisors
-TableCompanyNrEmpSupervised: Supervised employees 
-TableCompanyNrEmpRerouted: Employees having reroute
-TableCompanyNrEmpRerPost: Employees having postal reroute
-TableCompanyNrSupersActive: Associates having supervisors
-TableCompanyNrSupersDefault: Default supervisors
-TableCompanyNrForeignSupers: External Supervisors
-TableCompanyNrRerouteDefault: Default reroutes
-TableCompanyNrRerouteActive: Active reroutes
-TableRerouteActive: Reroute
-TableCompanyPostalPreference: Default notification preference
 TableSupervisor: Supervisor
-TableSupervisee: Supervisor for
-TableReason: Reason
 TableCreationTime: Creation
 TableJob !ident-ok: Job
 TableJobContent !ident-ok: Parameters
@ -107,12 +85,6 @@ TableJobLockTime: Lock time
 TableJobLockInstance: Worker
 TableJobCreationInstance: Creator
 ActJobDelete: Delete job
-ActJobDeleteForce n: Also delete jobs locked #{pluralENsN n "minute"} ago
 TableJobActDeleteFeedback n@Int m@Int: #{n}/#{m} queued jobs deleted
 TableFilterComma: Separate multiple alternative filter criteria by comma, at least one of which must be fulfilled.
-TableFilterCommaPlus: Separate multiple alternative filter criteria by comma, at least one of which must be fulfilled in addition to all criteria preceded by a plus symbol.
-TableFilterCommaPlusShort: Support multiple criteria with comma/plus, see above.
-TableFilterCommaName: Separate names by comma.
-TableFilterCommaNameNr: Separate names and numbers by comma. Numbers have to match exact.
-TableUserEdit: Edit user
-TableRows: Rows
+TableFilterCommaPlus: Separate multiple alternative filter criteria by comma, at least one of which must be fulfilled in addition to all criteria preceded by a plus symbol.
--- a/messages/uniworx/utils/utils/de-de-formal.msg
+++ b/messages/uniworx/utils/utils/de-de-formal.msg
@ -13,19 +13,15 @@ RGCourseUnacceptedApplicants: Nicht akzeptierte Bewerber:innen
 RecipientToggleAll: Alle/Keine
 CommCourseTestSubject customSubject@Text !ident-ok: [TEST] #{customSubject}
 UtilCommCourseSubject: Kursartmitteilung
-UtilCommFirmSubject: Firmenmitteilung
 CommRecipients: Empfänger:innen
 CommRecipientsTip: Sie selbst erhalten immer eine Kopie der Nachricht
 CommRecipientsList: Die an Sie selbst verschickte Kopie der Nachricht wird, zu Archivierungszwecken, eine vollständige Liste aller Empfänger:innen enthalten. Die Empfängerliste wird im CSV-Format an die E-Mail angehängt. Andere Empfänger:innen erhalten die Liste nicht. Bitte entfernen Sie dementsprechend den Anhang bevor Sie die E-Mail weiterleiten oder anderweitig mit Dritten teilen.
 UtilEMail: E-Mail
-UtilPostal: Brief
-UtilUnchanged: Nicht verändern
 UtilMultiEmailFieldTip: Es sind mehrere, Komma-separierte, E-Mail-Adressen möglich
 RGTutorialParticipants tutn@TutorialName: Kursteilnehmer:innen (#{tutn})
 RGExamRegistered examn@ExamName: Angemeldet zur Prüfung „#{examn}“
 RGSheetSubmittor shn@SheetName: Abgebende für das Übungsblatt „#{shn}“
 CommSubject: Betreff
-CommContent: Inhalt
 CommAttachments: Anhänge
 CommAttachmentsTip: Im Allgemeinen ist es vorzuziehen Dateien, die Sie mit den Empfängern teilen möchten, als Material hochzuladen (und ggf. in der Nachricht zu verlinken). So ist die Datei für die Empfänger dauerhaft abrufbar und auch Personen, die sich z.B. erst später zur Kursart anmelden, haben Zugriff auf die Datei.
 CommSuccess n@Int: Nachricht wurde an #{n} Empfänger versandt
@ -83,7 +79,6 @@ MultiUserFieldInvitationExplanationAlways: Es wird an alle Adressen, die Sie hie
 AmbiguousEmail: E-Mail-Adresse nicht eindeutig
 InvalidEmailAddress: E-Mail-Adresse ist ungültig
 InvalidEmailAddressWith e@Text: E-Mail-Adresse #{show e} ist ungültig
-MailFileAttachment: Dateianhang
 UtilExamResultGrade: Note
 UtilExamResultPass: Bestanden/Nicht Bestanden
 UtilExamResultNoShow: Nicht erschienen
@ -98,10 +93,6 @@ RoomReferenceLinkLink !ident-ok: Link
 RoomReferenceLinkLinkPlaceholder !ident-ok: URL
 RoomReferenceLinkInstructions: Anweisungen
 RoomReferenceLinkInstructionsPlaceholder: Anweisungen
-UtilNoneSet: Keine angegeben
-UtilEmptyChoice: Auswahl war leer
-UtilEmptyNoChangeTip: Eine leere Eingabe belässt den vorherigen Wert unverändert.
-MultiNoSelection: Keine Auswahl

 #invitation.hs
 InvitationAction: Aktion
--- a/messages/uniworx/utils/utils/en-eu.msg
+++ b/messages/uniworx/utils/utils/en-eu.msg
@ -13,19 +13,15 @@ RGCourseUnacceptedApplicants: Applicants not accepted
 RecipientToggleAll: All/None
 CommCourseTestSubject customSubject: [TEST] #{customSubject}
 UtilCommCourseSubject: Course type message
-UtilCommFirmSubject: Company message 
 CommRecipients: Recipients
 CommRecipientsTip: You always receive a copy of the message
 CommRecipientsList: For archival purposes the copy of the message sent to you will contain a complete list of all recipients. The list of recipients will be attached to the email in CSV-format. Other recipients do not receive the list. Thus, please remove the attachment before you forward the email or otherwise share it with third parties.
 UtilEMail: Email
-UtilPostal: Postal
-UtilUnchanged: No change
 UtilMultiEmailFieldTip: Multiple emails addresses may be specified (comma-separated)
 RGTutorialParticipants tutn: Course participants (#{tutn})
 RGExamRegistered examn: Registered for exam “#{examn}”
 RGSheetSubmittor shn: Submitted for exercise sheet “#{shn}”
 CommSubject: Subject
-CommContent: Content
 CommAttachments: Attachments
 CommAttachmentsTip: In general it is preferable to upload files as course type material instead of sending them as attachments. You can then link to the material from the message. The file is then permanently accessable to the recipients and to persons that, for example, register for the Course type at a later date.
 CommSuccess n: Message was sent to #{n} #{pluralEN n "recipient" "recipients"}
@ -83,7 +79,6 @@ MultiUserFieldInvitationExplanationAlways: An invitation will be sent via email
 AmbiguousEmail: Email address is ambiguous
 InvalidEmailAddress: Email address is invalid
 InvalidEmailAddressWith e: Email asdress #{show e} is invalid
-MailFileAttachment: Attached file
 UtilExamResultGrade: Grade
 UtilExamResultPass: Passed/Failed
 UtilExamResultNoShow: Not present
@ -98,10 +93,6 @@ RoomReferenceLinkLink: Link
 RoomReferenceLinkLinkPlaceholder: URL
 RoomReferenceLinkInstructions: Instructions
 RoomReferenceLinkInstructionsPlaceholder: Instructions
-UtilNoneSet: None set
-UtilEmptyChoice: Empty selection
-UtilEmptyNoChangeTip: Existing values remain unchanged if this field is left empty.
-MultiNoSelection: No selection

 #invitation.hs
 InvitationAction: Action
--- a/models/audit.model
+++ b/models/audit.model
@ -1,4 +1,4 @@
-- SPDX-FileCopyrightText: 2022-24 Gregor Kleen <gregor.kleen@ifi.lmu.de>,Steffen Jost <s.jost@fraport.de>
+-- SPDX-FileCopyrightText: 2022 Gregor Kleen <gregor.kleen@ifi.lmu.de>
 --
 -- SPDX-License-Identifier: AGPL-3.0-or-later

@ -8,31 +8,5 @@ TransactionLog
  instance InstanceId
  initiator UserId Maybe -- User associated with performing this action
  remote IP Maybe -- Remote party that triggered this action via HTTP
-  info Value -- JSON-encoded `Transaction`. Value allows full backwards compatibility
-  deriving Eq Read Show Generic
-
-InterfaceLog  
-  interface Text
-  subtype   Text
-  write     Bool                  -- requestMethod /= GET, i.e. True implies a write to FRADrive
-  time      UTCTime
-  rows      Int Maybe             -- number of datasets transmitted  
-  info      Text                  -- addtional status information
-  success   Bool default=true     -- false logs a failure; but it will be overwritten by next transaction, but logged in TransactionLog
-  UniqueInterfaceSubtypeWrite interface subtype write
-  deriving Eq Read Show Generic
-
-InterfaceHealth
-  interface Text
-  subtype   Text Maybe
-  write     Bool Maybe
-  hours     Int                   -- negative number: never expires, i.e. if the last entry is a success, this remains indefinitely
-  UniqueInterfaceHealth interface subtype write !force -- Note that nullable fields must be either empty or unique
-  deriving Eq Read Show Generic
-
-ProblemLog  
-  time        UTCTime default=now()
-  info        Value                 -- generic JSON Value allows maximum backwards compatibility
-  solved      UTCTime Maybe
-  solver      UserId Maybe          -- User who marked this problem as done
+  info Value -- JSON-encoded `Transaction`
  deriving Eq Read Show Generic
--- a/models/avs.model
+++ b/models/avs.model
@ -1,4 +1,4 @@
-- SPDX-FileCopyrightText: 2022-24 Steffen Jost <jost@tcs.ifi.lmu.de>
+-- SPDX-FileCopyrightText: 2022 Steffen Jost <jost@tcs.ifi.lmu.de>
 --
 -- SPDX-License-Identifier: AGPL-3.0-or-later

@ -16,19 +16,27 @@
 UserAvs
  personId        AvsPersonId -- unique identifier for user throughout avs; newtype for Int  
  user            UserId
-  noPerson        Int         default=0 -- only needed for manual communication with personnel from Ausweisverwaltungsstelle, redundant since needed for filtering
+  noPerson        Int         default=0 -- only needed for manual communication with personnel from Ausweisverwaltungsstelle
  lastSynch       UTCTime     default=now()
  lastSynchError  Text Maybe
-  lastPersonInfo  AvsPersonInfo Maybe -- just to discern field changes
-  lastFirmInfo    AvsFirmInfo   Maybe -- just to discern field changes
-  lastCardNo      AvsFullCardNo Maybe -- just to discern changes
  UniqueUserAvsUser user
  UniqueUserAvsId   personId
  deriving Generic Show

+-- Multiple UserAvsCards per UserAvs is possible and not too uncommon.
+-- Purpose of saving cards is to detect external changes in qualifications and postal addresses
+-- TODO: This table will be deleted if AVS CR3 SCF-165 is implemented
+UserAvsCard 
+  personId        AvsPersonId    
+  cardNo          AvsFullCardNo  
+  card            AvsDataPersonCard
+  lastSynch       UTCTime
+  -- UniqueAvsCard cardNo -- Note: cardNo is not unique; invalid cardNo may be reissued to different persons
+  deriving Generic
+
 AvsSync
  user              UserId      -- Note: we need to lookup UserAvs Entity anyway, so no benefit from storing AvsPersonId here
  creationTime      UTCTime
-  pause             Day Maybe   -- Don't synch if last synch after this day, otherwise synch
+  pause             Day Maybe
  UniqueAvsSyncUser user
-  deriving Generic Show
+  deriving Generic
--- a/models/company.model
+++ b/models/company.model
@ -1,18 +1,24 @@
-- SPDX-FileCopyrightText: 2022-24 Sarah Vaupel <sarah.vaupel@ifi.lmu.de>,Steffen Jost <jost@tcs.ifi.lmu.de>
+-- SPDX-FileCopyrightText: 2022 Sarah Vaupel <sarah.vaupel@ifi.lmu.de>,Steffen Jost <jost@tcs.ifi.lmu.de>
 --
 -- SPDX-License-Identifier: AGPL-3.0-or-later

 -- Description of companies associated with users

 Company  
-  name            CompanyName             -- == (CI Text) -- NOTE: Fraport department name may carry additional information; use the Shorthand with respect to UserCompanyDepartment
-  shorthand       CompanyShorthand        -- == (CI Text) and CompanyKey :: CompanyShorthand -> CompanyId   A change to AvsId as primary key is too much work and not strictly necessary due to Uniqueness
-  avsId           Int     default=0       -- primary key from avs, use negative numbers for non-AVS companies 
-  prefersPostal   Bool    default=true    -- new company users prefers letters by post instead of email
-  postAddress     StoredMarkup Maybe      -- default company postal address, including company name 
-  email           UserEmail Maybe         -- Case-insensitive generic company eMail address  
-  -- UniqueCompanyName name               -- Should be Unique in AVS, but we do not yet need to enforce it
-  -- UniqueCompanyShorthand shorthand     -- unnecessary, since it is the primary key already
-  UniqueCompanyAvsId avsId                -- Should be the key, is not for historical reasons and for convenience in URLs and columns
-  Primary shorthand                       -- newtype Key Company = CompanyKey { unCompanyKey :: CompanyShorthand } 
+  name            CompanyName             -- == (CI Text)
+  shorthand       CompanyShorthand        -- == (CI Text) and CompanyKey :: CompanyShorthand -> CompanyId    FUTURE TODO: a shorthand will become available through the AVS interface in the future
+  avsId           Int     default=0       -- primary key from avs
+  prefersPostal   Bool    default=false   -- new company users prefers letters by post instead of email
+  postAddress     StoredMarkup Maybe      -- default company postal address  
+  UniqueCompanyName name 
+  UniqueCompanyShorthand shorthand
+  -- UniqueCompanyAvsId avsId             -- should be the case, unclear if enforcing works here, since we cannot query avs by company id
+  Primary shorthand             -- newtype Key Company = CompanyKey { unCompanyKey :: CompanyShorthand }
  deriving Ord Eq Show Generic Binary
+
+-- TODO: a way to populate this table (manually)
+CompanySynonym
+  synonym     CompanyName
+  canonical   CompanyShorthand OnDeleteCascade OnUpdateCascade
+  UniqueCompanySynonym synonym
+  deriving Ord Eq Show Generic
--- a/models/jobs.model
+++ b/models/jobs.model
@ -20,11 +20,11 @@ CronLastExec
    time                UTCTime -- When was the job executed
    instance            InstanceId -- Which uni2work-instance did the work
    UniqueCronLastExec job
-    deriving Generic Show
+    deriving Generic

 TokenBucket
    ident               TokenBucketIdent
    lastValue           Int64
    lastAccess          UTCTime
    Primary             ident
-    deriving Generic Show
+    deriving Generic
--- a/models/lms.model
+++ b/models/lms.model
@ -13,18 +13,16 @@ Qualification
  refreshWithin       CalendarDiffDays Maybe    -- notify users about renewal within this number of month/days before expiry; to be used with addGregorianDurationClip
  refreshReminder     CalendarDiffDays Maybe    -- send a second notification about renewal within this number of month/days before expiry
  elearningStart      Bool                      -- automatically schedule e-refresher
-  elearningRenews     Bool default=true         -- successful e-learing automatically increases validity automatically by validDuration
-  elearningLimit      Int Maybe                 -- limit of e-learning attempts, currently only for informative purposes, as it is enforced by LMS only
-  lmsReuses           QualificationId Maybe     -- if set, lms is also included within the given qualification's lms, but only for direct routes. AuditDuration is used from this Qualification instead.
+  -- elearningOnly       Bool                   -- successful E-learing automatically increases validity. NO!  
  expiryNotification  Bool default=true         -- should expiryNotification be generated for this qualification?
  avsLicence          AvsLicence Maybe          -- if set, valid QualificationUsers are synchronized to AVS as a driving licence
-  sapId               Text Maybe                -- if set, valid QualificationUsers with userCompanyPersonalNumber are transmitted via SAP interface under this id  
+  sapId               Text Maybe                -- if set, valid QualificationUsers with userCompanyPersonalNumber are transmitted via SAP interface under this id
  SchoolQualificationShort school shorthand            -- must be unique per school and shorthand
  SchoolQualificationName  school name                 -- must be unique per school and name
-    -- across all schools, only one qualification may be a driving licence -- NO LONGER TRUE
-    -- UniqueQualificationAvsLicence avsLicence      !force -- either empty or unique 
+  -- across all schools, only one qualification may be a driving licence:
+  UniqueQualificationAvsLicence avsLicence      !force
    -- NOTE: two NULL values are not equal for the purpose of Uniqueness constraints!
-  deriving Show Eq Generic
+  deriving Eq Generic

 -- TODOs:
 --  - Enstehen Kosten, wenn Teilnehmer für KnowHow eingereiht werden, aber nicht am Kurs teilnehmen?
@ -42,20 +40,19 @@ Qualification
 --  - PinReset==1 mit bestehendem Passwort kann problemlos erneut gesendet werden
 --  - Flag "interner Mitarbeiter" wird von Know-How ignoriert / nicht ausgewertet (legacy)

-- QualificationPrecondition                       -- NOTE: this can only be enforced through a background job adding or removing qualifications
--  qualification     QualificationId OnDeleteCascade OnUpdateCascade -- AND: not unique, ie. qualification can have multiple required preconditions
--  required          [QualificationId]           -- OR : alternatives, any one will suffice -- we don't want array, since we have recursive CTEs
--  continuous        Bool                        -- expiring precondition blocks qualification
--  deriving Generic Show
+QualificationPrecondition                       -- NOTE: this can only be enforced through a background job adding or removing qualifications
+  qualification     QualificationId OnDeleteCascade OnUpdateCascade -- AND: not unique, ie. qualification can have multiple required preconditions
+  required          [QualificationId]           -- OR : alternatives, any one will suffice
+  continuous        Bool                        -- expiring precondition blocks qualification
+  deriving Generic

 -- Maybe an alternative for online qualification validity checking, transitivity through recursive CTEs? (already available in our version)
-QualificationRequirement
- qualification     QualificationId OnDeleteCascade OnUpdateCascade
- requirement       QualificationId OnDeleteCascade OnUpdateCascade
- group             Int        -- OR: several requirements within the same group are considered equivalent; no order between groups
- note              Text       -- for humans only, no semantical effect
- UniqueQualificationRequirement qualification requirement
- deriving Generic Show
+-- QualificationRequirement
+--   qualification     QualificationId OnDeleteCascade OnUpdateCascade
+--   requirement       QualificationId OnDeleteCascade OnUpdateCascade
+--   group             Text -- OR: several requirements within the same group are considered equivalent
+--   UniqueQualificationRequirement qualification requirement
+--

 -- TODO: connect Qualification with Exams!

@ -63,7 +60,7 @@ QualificationEdit
  user            UserId
  time            UTCTime
  qualification   QualificationId OnDeleteCascade OnUpdateCascade
-  deriving Generic Show
+  deriving Generic

 QualificationUser
  user              UserId OnDeleteCascade OnUpdateCascade
@ -72,11 +69,11 @@ QualificationUser
  lastRefresh       Day                           -- lastRefresh > validUntil possible, if Qualification^elearningOnly == False
  firstHeld         Day                           -- first time the qualification was earned, should never change
  scheduleRenewal   Bool  default=true            -- if false, no automatic renewal is scheduled and the qualification expires
-  lastNotified      UTCTime default=now()         -- last notficiation about actual licence validity changes (does not entail e-learning notifications)
+  lastNotified      UTCTime default=now()         -- last notficiation about being invalid
  -- Reasons and temporary revocations are implemented through QualificationUserBlock
  -- TODO: adjust SAP interface to transmit end dates
  UniqueQualificationUser qualification user
-  deriving Generic Show
+  deriving Generic

 QualificationUserBlock
  qualificationUser QualificationUserId OnDeleteCascade OnUpdateCascade
@ -98,20 +95,25 @@ QualificationUserBlock
  --     - delete-flag: isJust LmsUserStatus
  --   Note: REST means that LmsUserResetPin and LmsUserDelete remain unchanged by this GET request!
  --
-  -- 3. REST POST Report.csv: just save as is to LmsReport for later processing
+  -- 3. REST POST Userlist.csv: just save as is to LmsUserlist
  --
-  -- 4. When received: Job LmsReport:               -- Note: containment needs at-once processing
+  -- 4. REST POST Ergebnisse.csv: just save as is to LmsResult
+  --
+  -- 5. When received: Job LmsUserlist:               -- Note: containment needs at-once processing
  --     - For all LmsUser:
  --         + if contained:
  --              set LmsUserReceived to Just now()
-  --              if Failed:  set LmsUserStatus to Just LmsBlocked now
-  --              if Success: set LmsUserStatus to Just LmsSuccess now
-  --                          and renew QualificationValidTo
+  --              if LmsUserlistFailed: set LmsUserStatus to Just LmsBlocked now
  --         + not contained, by LmsUserReceived is set: set LmsUserEnded to Just now()
  --     - move row to LmsAudit
  --
-  -- 5. Daily Job: dequeue LMS Users
-  --     - fail and mark expired LmsUser
+  -- 6. When received: Daily Job LmsResult:
+  --     - set LmsUserReceived to Just now()             -- always
+  --     - set LmsUserStatus   to Just LmsSuccess now    -- conditional
+  --     -   and renew QualificationValidTo
+  --     - move row to LmsAudit
+  --
+  -- 7. Daily Job: dequeue LMS Users
  --     - remove from LmsUser after audit Period has passed

 LmsUser
@ -133,7 +135,7 @@ LmsUser
  -- Primary ident -- newtype Key LmsUserId = LmsUserKey { unLmsUser :: Text } -- change LmsIdent -> Text. Do we want this? No.
  UniqueLmsIdent ident                            -- idents must be unique accross all qualifications, since idents are global within LMS!
  UniqueLmsQualificationUser qualification user   -- each user may be enrolled at most once per course
-  deriving Generic Show
+  deriving Generic

 -- LmsUserStatus
 --   lmsUser LmsUserId OnDeleteCascade OnUpdateCascade
@ -142,7 +144,24 @@ LmsUser
 --   UniqueLmsUserStatus lmsUser -- enforcing uniqueness prohibits history
 --   deriving Generic

-- V2 Stores LMS upload for processing in Background Job
+-- LmsUserlist stores LMS upload for later processing only
+LmsUserlist
+  qualification     QualificationId OnDeleteCascade OnUpdateCascade
+  ident             LmsIdent        
+  failed            Bool
+  timestamp         UTCTime         default=now()
+  UniqueLmsUserlist qualification ident
+  deriving Generic Show
+
+-- LmsResult stores LMS upload for later processing only
+LmsResult
+  qualification     QualificationId OnDeleteCascade OnUpdateCascade
+  ident             LmsIdent        
+  success           Day             -- BEWARE: timezone is local as submitted by LMS
+  timestamp         UTCTime         default=now()
+  UniqueLmsResult qualification ident -- required by DBTable
+  deriving Generic
+
 LmsReport
  qualification     QualificationId OnDeleteCascade OnUpdateCascade
  ident             LmsIdent
@ -151,16 +170,4 @@ LmsReport
  lock              Bool            -- (0|1)
  timestamp         UTCTime         default=now()
  UniqueLmsReport qualification ident -- required by DBTable
-  deriving Generic Show
-
-- LmsAudit removed by commit 71cde92a
-- due to frequent transmit errors, a separate lms tranmission log is necessary again
-LmsReportLog
-  qualification     QualificationId OnDeleteCascade OnUpdateCascade
-  ident             LmsIdent
-  date              UTCTime Maybe   -- BEWARE: timezone is local as submitted by LMS
-  result            LmsState        -- (0|1|2) 0=LmsFailed[too many tries], 1=LmsOpen, 2=LmsPassed[success]
-  lock              Bool            -- (0|1)
-  timestamp         UTCTime         default=now()  
-  missing           Bool            default=false
-  deriving Generic Show
+  deriving Generic
--- a/models/print.model
+++ b/models/print.model
@ -9,24 +9,23 @@ PrintJob
  file            ByteString      -- stores plain pdf; otherwise use FileContentReference Maybe
  created         UTCTime
  acknowledged    UTCTime Maybe
-  recipient       UserId Maybe          OnDeleteSetNull OnUpdateCascade   -- optional as some letters may contain just an address
-  affected        UserId Maybe          OnDeleteSetNull OnUpdateCascade   -- subject of the letter
+  recipient       UserId Maybe          OnDeleteCascade OnUpdateCascade   -- optional as some letters may contain just an address
  sender          UserId Maybe          OnDeleteSetNull OnUpdateCascade   -- senders and associations are optional
  course          CourseId Maybe        OnDeleteCascade OnUpdateCascade
  qualification   QualificationId Maybe OnDeleteCascade OnUpdateCascade
-  lmsUser         LmsIdent        Maybe OnDeleteSetNull OnUpdateCascade   -- allows tracking if recipient has been notified; must be unique  
+  lmsUser         LmsIdent        Maybe OnDeleteCascade OnUpdateCascade   -- allows tracking if recipient has been notified; must be unique  
  -- UniquePrintJobLmsUser lmsUser -- Note that in fact multiple print jobs per LMS user are possible!
  -- UniquePrintJobApcIdent apcIdent -- TODO: not yet enforced, since LmsIdent is currently used
-  deriving Generic Show
+  deriving Generic

 PrintAcknowledge -- just to store acknowledging requests to be evaluated by a background job later on
  apcIdent        Text
  timestamp       UTCTime         default=now()
  processed       Bool
-  deriving Generic Show
+  deriving Generic

 PrintAckIdAlias
  needle          Text
  replacement     Text  
  priority        Int
-  deriving Generic Show
+  deriving Generic
--- a/models/schools.model
+++ b/models/schools.model
@ -10,8 +10,8 @@ School json
    examMinimumRegisterBeforeStart NominalDiffTime Maybe
    examMinimumRegisterDuration    NominalDiffTime Maybe
    examRequireModeForRegistration Bool default=false
-    examDiscouragedModes ExamModeDNF
-    examCloseMode ExamCloseMode default='separate' 
+    examDiscouragedModes ExamModeDNF default='{"dnf-terms":[]}'  -- This comment fixes syntax highlighting error only " 
+    examCloseMode ExamCloseMode default='separate'
    sheetAuthorshipStatementMode SchoolAuthorshipStatementMode default='optional'
    sheetAuthorshipStatementDefinition AuthorshipStatementDefinitionId Maybe
    sheetAuthorshipStatementAllowOther Bool default=true
--- a/models/users.model
+++ b/models/users.model
@ -1,8 +1,8 @@
-- SPDX-FileCopyrightText: 2022-24 Gregor Kleen <gregor.kleen@ifi.lmu.de>,Sarah Vaupel <sarah.vaupel@ifi.lmu.de>,Steffen Jost <jost@tcs.ifi.lmu.de>,Steffen Jost <s.jost@fraport.de>
+-- SPDX-FileCopyrightText: 2022 Gregor Kleen <gregor.kleen@ifi.lmu.de>,Sarah Vaupel <sarah.vaupel@ifi.lmu.de>,Steffen Jost <jost@cip.ifi.lmu.de>,Steffen Jost <jost@tcs.ifi.lmu.de>
 --
 -- SPDX-License-Identifier: AGPL-3.0-or-later

-- The files in /models determine t he database scheme.
+-- The files in /models determine the database scheme.
 -- The organisational split into several files has no operational effects.
 -- White-space and case matters: Each SQL table is named in 1st column of this file
 -- Indendent lower-case lines describe the SQL-columns of the table with name, type and options
@ -14,14 +14,14 @@
 User json    -- Each Uni2work user has a corresponding row in this table; created upon first login.
    surname        UserSurname              -- Display user names always through 'nameWidget displayName surname'
    displayName    UserDisplayName
-    displayEmail   UserEmail                -- Case-insensitive eMail address, used for sending; leave empty for using auto-update CompanyEmail via UserCompany
-    email          UserEmail                -- Case-insensitive eMail address, used for identification and fallback for sending. Defaults to "AVSNO:dddddddd" if unknown
-    ident          UserIdent                -- Case-insensitive user-identifier. Defaults to "AVSID:dddddddd" if unknown
+    displayEmail   UserEmail
+    email          UserEmail                -- Case-insensitive eMail address, used for sending  TODO: make this nullable
+    ident          UserIdent                -- Case-insensitive user-identifier
    authentication AuthenticationMode       -- 'AuthLDAP' or ('AuthPWHash'+password-hash)
    lastAuthentication UTCTime Maybe        -- last login date
    created        UTCTime default=now()
    lastLdapSynchronisation UTCTime Maybe
-    ldapPrimaryKey UserEduPersonPrincipalName Maybe   -- Fraport Personnel Number or Email-Prefix for @fraport.de work here
+    ldapPrimaryKey UserEduPersonPrincipalName Maybe
    tokensIssuedAfter  UTCTime Maybe        -- do not accept bearer tokens issued before this time (accept all tokens if null)
    matrikelnummer UserMatriculation Maybe  -- usually a number; AVS Personalnummer; nicht Fraport Personalnummer!
    firstName      Text                     -- For export in tables, pre-split firstName from displayName
@ -34,7 +34,7 @@ User json    -- Each Uni2work user has a corresponding row in this table; create
    timeFormat     DateTimeFormat "default='%R'"             -- preferred Time-only display format for user; user-defined
    downloadFiles  Bool default=false           -- Should files be opened in browser or downloaded? (users often oblivious that their browser has a setting for this)
    languages      Languages Maybe          -- Preferred language; user-defined
-    notificationSettings NotificationSettings  "default='{}'::jsonb"   -- Bit-array for which events email notifications are requested by user; user-defined; missing fields in json object will be parsed to default trigger
+    notificationSettings NotificationSettings  "default='{}'::jsonb"   -- Bit-array for which events email notifications are requested by user; user-defined
    warningDays    NominalDiffTime default=1209600 -- timedistance to pending deadlines for homepage infos
    csvOptions     CsvOptions "default='{}'::jsonb"
    sex            Sex Maybe  -- currently ignored
@ -44,9 +44,9 @@ User json    -- Each Uni2work user has a corresponding row in this table; create
    mobile         Text Maybe
    companyPersonalNumber Text Maybe -- Company will become a new table, but if company=fraport, some information is received via LDAP 
    companyDepartment     Text Maybe -- thus we store such information for ease of reference directly, if available 
-    pinPassword           Text Maybe -- used to encrypt pins within emails, defaults to cardno.version
-    postAddress           StoredMarkup Maybe    -- including company name, if any, but excluding username; leave empty for using auto-update CompanyPostAddress via UserCompany
-    postLastUpdate        UTCTime Maybe         -- record postal address updates
+    pinPassword           Text Maybe -- used to encrypt pins within emails
+    postAddress           StoredMarkup Maybe 
+    postLastUpdate        UTCTime Maybe -- record postal address updates
    prefersPostal         Bool default=false    -- user prefers letters by post instead of email
    examOfficeGetSynced   Bool default=true     -- whether synced status should be displayed for exam results by default
    examOfficeGetLabels   Bool default=true     -- whether labels should be displayed for exam results by default
@ -61,47 +61,42 @@ UserFunction -- Administratively assigned functions (lecturer, admin, evaluation
    function SchoolFunction
    UniqueUserFunction user school function
    deriving Generic
-UserSystemFunction Show
+UserSystemFunction
    user     UserId
    function SystemFunction   -- Defined in Model.Types.User
    manual   Bool             -- Inserted manually by Admin or automatic from LDAP
    isOptOut Bool             -- User has currently deactivate the role for themselves
    UniqueUserSystemFunction user function
-    deriving Generic Show
+    deriving Generic
 UserExamOffice
    user      UserId
    field     StudyTermsId
    UniqueUserExamOffice user field
-    deriving Generic Show
+    deriving Generic
 UserSchool -- Managed by users themselves, encodes "schools of interest"
    user     UserId
    school   SchoolId
    isOptOut Bool     -- true if this a marker, that the user manually deleted this entry; it should not be recreated automatically 
    UniqueUserSchool user school
-    deriving Generic Show
+    deriving Generic
 UserGroupMember
    group         UserGroupName
    user          UserId
    primary       Checkmark nullable
    UniquePrimaryUserGroupMember group primary !force
    UniqueUserGroupMember group user
-    deriving Generic Show
+    deriving Generic
 UserCompany 
    user                  UserId  
    company               CompanyId  OnDeleteCascade OnUpdateCascade
    supervisor            Bool       default=false -- should this user be made supervisor for all _new_ users associated with this company?        
    supervisorReroute     Bool       default=false -- if supervisor is true, should this supervisor receive email for _new_ company users?
-    priority              Int        default=0     -- higher number, higher priority; default=1 for Haskell-Code
-    useCompanyAddress     Bool       default=true  -- if true, CompanyPostalAddress and CompanyEmail are used if UserPostalAddress/UserDisplayEmail are Nothing, respects priority
-    reason                Text Maybe -- miscellaneous note, e.g. Superior
    UniqueUserCompany user company   -- a user may belong to multiple companies, but to each one only once
-    deriving Generic Show
+    deriving Generic
 UserSupervisor
-    supervisor            UserId          -- multiple supervisor per trainee possible
+    supervisor            UserId -- multiple supervisor per trainee possible
    user                  UserId
-    rerouteNotifications  Bool            -- User can be his own supervisor to receive notifications as well
-    company               CompanyId Maybe OnDeleteCascade OnUpdateCascade -- this supervisor was company default supervisor at time of entry
-    reason                Text      Maybe -- miscellaneous reason, e.g. Winterservice supervisision
-    UniqueUserSupervisor supervisor user  -- each supervisor/user combination is unique (same supervisor can superviser the same user only once)
-    deriving Generic Show
+    rerouteNotifications  Bool   -- User can be his own supervisor to receive notifications as well
+    UniqueUserSupervisor supervisor user -- each supervisor/user combination is unique (same supervisor can superviser the same user only once)
+    deriving Generic
    
--- a/nix/docker/default.nix
+++ b/nix/docker/default.nix
@ -31,12 +31,11 @@ let
      busybox # should provide a working lpr -- to be tested
      htop
      pdftk # for encrypting pdfs
-      roboto roboto-mono
      #texlive.combined.scheme-medium # too large for container in LMU build environment.
      (texlive.combine {
          inherit (texlive) scheme-basic
            babel-german babel-english booktabs textpos
-            enumitem eurosym koma-script parskip xcolor roboto xkeyval
+            enumitem eurosym koma-script parskip xcolor dejavu
            # required fro LuaTeX
            luatexbase lualatex-math unicode-math selnolig
            ;
@ -61,9 +60,9 @@ let
      mkdir -p /var/log
      install -d -g uniworx -o uniworx -m 0755 /var/log/uniworx

-      # just to see how to create directories here
-      mkdir -p /testdir
+      mkdir -p /usr/local/share/fonts
    '';
+    # TODO copy font ttf files to /usr/local/share/fonts; they should then be accessible for LuaLaTeX

    config =
      let
--- a/nix/docker/version.json
+++ b/nix/docker/version.json
@ -1,3 +1,3 @@
 {
-  "version": "27.4.79"
+  "version": "27.4.45"
 }
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
  "name": "uni2work",
-  "version": "27.4.79",
+  "version": "27.4.45",
  "description": "",
  "keywords": [],
  "author": "",
@ -102,9 +102,7 @@
    "style-loader": "^3.3.1",
    "terser-webpack-plugin": "^5.3.3",
    "tmp": "^0.2.1",
-    "typeface-roboto": "1.1.13",
-    "typeface-source-code-pro": "^1.1.13",
-    "typeface-source-sans-pro": "1.1.13",
+    "ttf2woff": "^3.0.0",
    "webpack": "^5.73.0",
    "webpack-cli": "^4.9.2",
    "webpack-manifest-plugin": "^5.0.0"
@ -114,6 +112,8 @@
    "@juggle/resize-observer": "^3.3.1",
    "core-js": "^3.22.8",
    "css.escape": "^1.5.1",
+    "fontfacegen": "^0.5.1",
+    "fontfacegen-webpack-plugin": "^1.3.2",
    "js-cookie": "^3.0.1",
    "lodash.debounce": "^4.0.8",
    "lodash.defer": "^4.1.0",
--- a/package.yaml
+++ b/package.yaml
@ -1,5 +1,9 @@
+# SPDX-FileCopyrightText: 2023 Sarah Vaupel <sarah.vaupel@uniworx.de>
+#
+# SPDX-License-Identifier: AGPL-3.0-or-later
+
 name: uniworx
-version: 27.4.79
+version: 27.4.45
 dependencies:
  - base
  - yesod
@ -259,7 +263,6 @@ ghc-options:
  - -j
  - -freduction-depth=0
  - -fprof-auto-calls
-  - -g
 when:
  - condition: flag(pedantic)
    ghc-options:
--- a/73
+++ b/73
@ -1,4 +1,4 @@
-- SPDX-FileCopyrightText: 2022-24 Gregor Kleen <gregor.kleen@ifi.lmu.de>,Sarah Vaupel <sarah.vaupel@ifi.lmu.de>,Steffen Jost <jost@tcs.ifi.lmu.de>,Wolfgang Witt <Wolfgang.Witt@campus.lmu.de>,Steffen Jost <s.jost@fraport.de>
+-- SPDX-FileCopyrightText: 2022 Gregor Kleen <gregor.kleen@ifi.lmu.de>,Sarah Vaupel <sarah.vaupel@ifi.lmu.de>,Steffen Jost <jost@tcs.ifi.lmu.de>,Wolfgang Witt <Wolfgang.Witt@campus.lmu.de>
 --
 -- SPDX-License-Identifier: AGPL-3.0-or-later

@ -52,9 +52,9 @@

 /                             NewsR            GET            !free
 /users                        UsersR           GET POST       -- no tags, i.e. admins only
-/users/#CryptoUUIDUser                AdminUserR       GET POST
-/users/#CryptoUUIDUser/delete         AdminUserDeleteR     POST
-/users/#CryptoUUIDUser/hijack         AdminHijackUserR GET POST       !adminANDno-escalation
+/users/#CryptoUUIDUser        AdminUserR       GET POST
+/users/#CryptoUUIDUser/delete AdminUserDeleteR     POST
+/users/#CryptoUUIDUser/hijack AdminHijackUserR GET POST       !adminANDno-escalation
 /users/#CryptoUUIDUser/notifications  UserNotificationR           GET POST   !self
 /users/#CryptoUUIDUser/password       UserPasswordR               GET POST   !selfANDis-pw-hash
 !/users/functionary-invite/new        AdminNewFunctionaryInviteR  GET POST
@ -68,44 +68,35 @@
 /admin/crontab                AdminCrontabR    GET
 /admin/crontab/jobs           AdminJobsR       GET POST
 /admin/avs                    AdminAvsR        GET POST
-/admin/avs/#CryptoUUIDUser    AdminAvsUserR    GET POST
+/admin/avs/#CryptoUUIDUser    AdminAvsUserR    GET
 /admin/ldap                   AdminLdapR       GET POST
-/admin/problems               AdminProblemsR			 GET POST 
-/admin/problems/no-contact    ProblemUnreachableR  GET POST
+/admin/problems               AdminProblemsR			 GET
+/admin/problems/no-contact    ProblemUnreachableR  GET
 /admin/problems/no-avs-id     ProblemWithoutAvsId  GET
 /admin/problems/r-without-f   ProblemFbutNoR       GET
 /admin/problems/avs  					ProblemAvsSynchR 		 GET POST
 /admin/problems/avs/errors		ProblemAvsErrorR 		 GET
-/admin/config/interfaces      ConfigInterfacesR		 GET POST 
-
-/comm                                 CommCenterR     GET 
-/comm/email                           MailCenterR     GET POST
-/comm/email/html/#CryptoUUIDSentMail  MailHtmlR       GET
-/comm/email/plain/#CryptoUUIDSentMail MailPlainR      GET
-/comm/email/attachment/#CryptoUUIDSentMail/#Text MailAttachmentR GET

 /print                                PrintCenterR    GET POST  !system-printer
 /print/acknowledge/#Day/#Int/#Int     PrintAckR       GET POST  !system-printer
-/print/acknowledge/direct             PrintAckDirectR GET POST  !system-printer
+/print/acknowledge/direct             PrintAckDirectR     POST  !system-printer
 /print/send                           PrintSendR      GET POST
 /print/download/#CryptoUUIDPrintJob   PrintDownloadR  GET       !system-printer
-/print/log                            PrintLogR       GET       !system-printer

-/health                       HealthR           GET             !free
-/health/interface/+Texts      HealthInterfaceR  GET             !free
-/instance                     InstanceR         GET             !free
-/info                         InfoR             GET             !free
-/info/lecturer                InfoLecturerR     GET             !free
-/info/supervisor              InfoSupervisorR   GET             !free
-/info/legal                   LegalR            GET             !free
-/info/glossary                GlossaryR         GET             !free
-/info/faq                     FaqR              GET             !free
-/info/terms-of-use            TermsOfUseR       GET             !free
-/info/payments                PaymentsR         GET             !free
-/imprint                      ImprintR          GET             !free
-/data-protection              DataProtectionR   GET             !free
-/version                      VersionR          GET             !free
-/status                       StatusR           GET             !free
+/health                       HealthR          GET              !free
+/instance                     InstanceR        GET              !free
+/info                         InfoR            GET              !free
+/info/lecturer                InfoLecturerR    GET              !free
+/info/supervisor              InfoSupervisorR  GET              !free
+/info/legal                   LegalR           GET              !free
+/info/glossary                GlossaryR        GET              !free
+/info/faq                     FaqR             GET              !free
+/info/terms-of-use            TermsOfUseR      GET              !free
+/info/payments                PaymentsR        GET              !free
+/imprint                      ImprintR         GET              !free
+/data-protection              DataProtectionR  GET              !free
+/version                      VersionR         GET              !free
+/status                       StatusR          GET              !free

 /help                         HelpR            GET POST         !free

@ -122,11 +113,6 @@
 /for/#CryptoUUIDUser/user         ForProfileR       GET POST    !supervisor !self
 /for/#CryptoUUIDUser/user/profile ForProfileDataR   GET         !supervisor !self

-/firms                          FirmAllR            GET POST		-- not yet !supervisor
-/firms/comm/+Companies          FirmsCommR          GET POST
-/firm/#CompanyShorthand/comm    FirmCommR						GET POST
-/firm/#CompanyShorthand         FirmUsersR          GET POST    -- not yet !supervisor
-/firm/#CompanyShorthand/supers  FirmSupersR         GET POST    -- not yet !supervisor

 /exam-office               ExamOfficeR                         !exam-office:
  /                        EOExamsR            GET POST        !system-exam-office
@ -288,13 +274,22 @@
 /lms/#SchoolId                                              LmsSchoolR              GET
 /lms/#SchoolId/#QualificationShorthand                      LmsR  				          GET POST
 /lms/#SchoolId/#QualificationShorthand/edit                 LmsEditR			          GET POST
+-- old V1 LMS Interface
+/lms/#SchoolId/#QualificationShorthand/users                LmsUsersR	              GET
+/lms/#SchoolId/#QualificationShorthand/users/direct         LmsUsersDirectR	        GET       !token -- LMS 
+/lms/#SchoolId/#QualificationShorthand/userlist             LmsUserlistR	          GET POST
+/lms/#SchoolId/#QualificationShorthand/userlist/upload      LmsUserlistUploadR	    GET POST  !development
+/lms/#SchoolId/#QualificationShorthand/userlist/direct      LmsUserlistDirectR	        POST  !token -- LMS, also remove JobLmsUserlist constructor
+/lms/#SchoolId/#QualificationShorthand/result               LmsResultR              GET POST
+/lms/#SchoolId/#QualificationShorthand/result/upload        LmsResultUploadR        GET POST  !development
+/lms/#SchoolId/#QualificationShorthand/result/direct        LmsResultDirectR            POST  !token -- LMS, also remove JobLmsResults constructor
 -- new V2 LMS Interface
 /lms/#SchoolId/#QualificationShorthand/learners             LmsLearnersR	          GET
-/lms/#SchoolId/#QualificationShorthand/learners/direct      LmsLearnersDirectR	    GET       !token -- LMS
+/lms/#SchoolId/#QualificationShorthand/learners/direct      LmsLearnersDirectR	    GET       !token -- LMS 
 /lms/#SchoolId/#QualificationShorthand/report               LmsReportR              GET POST
-/lms/#SchoolId/#QualificationShorthand/report/upload        LmsReportUploadR        GET POST
+/lms/#SchoolId/#QualificationShorthand/report/upload        LmsReportUploadR        GET POST  !development
 /lms/#SchoolId/#QualificationShorthand/report/direct        LmsReportDirectR            POST  !token -- LMS
-- other lms routes
+-- other lms routes 
 /lms/#SchoolId/#QualificationShorthand/ident/#LmsIdent      LmsIdentR               GET       -- redirect to LmsR with filter-parameter
 /lms/#SchoolId/#QualificationShorthand/user/#CryptoUUIDUser LmsUserR                GET
 /lmsuser/#CryptoUUIDUser                                    LmsUserAllR             GET
--- a/shell.nix
+++ b/shell.nix
@ -197,9 +197,9 @@ let
    UPLOAD_S3_KEY_ID=''${MINIO_ACCESS_KEY}
    UPLOAD_S3_KEY=''${MINIO_SECRET_KEY}

-    # SMTPHOST=''${SMTPHOST}
-    # SMTPPORT=''${SMTPPORT}
-    # SMTPSSL=''${SMTPSSL}
+    SMTPHOST=''${SMTPHOST}
+    SMTPPORT=''${SMTPPORT}
+    SMTPSSL=''${SMTPSSL}
    EOF

    set +xe
@ -223,7 +223,7 @@ let
    fi
  '';

-  killallUni2work = pkgs.writeScriptBin "killuni2work" ''
+  killallUni2work = pkgs.writeScriptBin "killall-uni2work" ''
    #!${pkgs.zsh}/bin/zsh

    set -o pipefail
@ -279,17 +279,17 @@ in pkgs.mkShell {
      # busybox # for print services, but interferes with build commands in develop-shell
      htop
      pdftk # pdftk just for testing pdf-passwords
-      roboto roboto-mono
      # texlive.combined.scheme-full # works
      # texlive.combined.scheme-medium
      # texlive.combined.scheme-small
      (texlive.combine {
        inherit (texlive) scheme-basic
        babel-german babel-english booktabs textpos
-        enumitem eurosym koma-script parskip xcolor roboto xkeyval
+        enumitem eurosym koma-script parskip xcolor dejavu
        luatexbase lualatex-math unicode-math selnolig # required for LuaTeX
        ;
      })
+      fontforge
    ]
  ) ++ (with pkgs.haskellPackages; [ yesod-bin hlint cabal-install weeder ]);
 }
--- a/src/Application.hs
+++ b/src/Application.hs
@ -124,7 +124,7 @@ import Handler.Utils.Memcached (manageMemcachedLocalInvalidations)

 import qualified System.Clock as Clock

-import Utils.Avs (mkAvsQuery)
+import Utils.Avs

 -- Import all relevant handler modules here.
 -- (HPack takes care to add new modules to our cabal file nowadays.)
@ -145,7 +145,6 @@ import Handler.Material
 import Handler.CryptoIDDispatch
 import Handler.SystemMessage
 import Handler.Health
-import Handler.Health.Interface
 import Handler.Exam
 import Handler.ExamOffice
 import Handler.Metrics
@ -157,12 +156,9 @@ import Handler.Upload
 import Handler.Qualification
 import Handler.LMS
 import Handler.SAP
-import Handler.CommCenter
-import Handler.MailCenter
 import Handler.PrintCenter
 import Handler.ApiDocs
 import Handler.Swagger
-import Handler.Firm

 import ServantApi () -- YesodSubDispatch instances
 import Servant.API
@ -354,15 +350,15 @@ makeFoundation appSettings''@AppSettings{..} = do
          handleIf isBucketExists (const $ return ()) $ Minio.makeBucket appUploadTmpBucket Nothing
        return conn

-      appAvsQuery <- case appAvsConf of
+      appAvsQuery <- case appAvsConf of 
        Nothing -> do
          $logErrorS "avsPrepare" "appAvsConfig is empty, i.e. invalid AVS configuration settings."
          return Nothing
-          -- error "AvsConfig is empty, i.e. invalid AVS configuration settings."
-
-        Just avsConf -> do
+          -- error "AvsConfig is empty, i.e. invalid AVS configuration settings."          
+          
+        Just avsConf -> do          
          manager <- newManagerSettings $ mkManagerSettings (def { settingDisableCertificateValidation = True }) Nothing
-          let avsServer = BaseUrl
+          let avsServer = BaseUrl 
                            { baseUrlScheme = Https
                            , baseUrlHost = avsHost avsConf
                            , baseUrlPort = avsPort avsConf
@ -659,7 +655,7 @@ appMain = runResourceT $ do
                   notifyWatchdog = forever' Nothing $ \pResults -> do
                     let delay = floor $ wInterval % 4
                     d <- liftIO $ newDelay delay
-
+ 
                     $logDebugS "Notify" $ "Waiting up to " <> tshow delay <> "µs..."
                     mResults <- atomically $ asum
                       [ pResults <$ waitDelay d
@ -748,8 +744,8 @@ shutdownApp app = do

 -- | Run a handler
 handler, handler' :: Handler a -> IO a
-handler  h = runResourceT $ getAppDevSettings >>= makeFoundation >>= liftIO . flip unsafeHandler h
-handler' h = runResourceT $ getAppSettings    >>= makeFoundation >>= liftIO . flip unsafeHandler h
+handler h = runResourceT $ getAppDevSettings >>= makeFoundation >>= liftIO . flip unsafeHandler h
+handler' h = runResourceT $ getAppSettings >>= makeFoundation >>= liftIO . flip unsafeHandler h

 -- | Run DB queries
 db, db' :: DB a -> IO a
--- a/src/Audit.hs
+++ b/src/Audit.hs
@ -1,17 +1,13 @@
-- SPDX-FileCopyrightText: 2023-24 Gregor Kleen <gregor.kleen@ifi.lmu.de>,Steffen Jost <s.jost@fraport.de>
+-- SPDX-FileCopyrightText: 2022 Gregor Kleen <gregor.kleen@ifi.lmu.de>
 --
 -- SPDX-License-Identifier: AGPL-3.0-or-later

-{-# LANGUAGE TypeApplications #-}
-
 module Audit
  ( module Audit.Types
  , AuditException(..)
  , audit
  , AuditRemoteException(..)
  , getRemote
-  , logInterface, logInterface'
-  , reportAdminProblem
  ) where


@ -19,8 +15,6 @@ import Import.NoModel
 import Settings
 import Model
 import Database.Persist.Sql
-import qualified Database.Esqueleto.Experimental as E -- needs TypeApplications Lang-Pragma
-import qualified Database.Esqueleto.Utils        as E
 import Audit.Types

 import qualified Data.Text          as Text
@ -109,93 +103,12 @@ audit :: ( AuthId (HandlerSite m) ~ Key User
 --   - `transactionLogInitiator` is currently logged in user (or none)
 --   - `transactionLogRemote` is determined from current HTTP-Request
 audit transaction@(toJSON -> transactionLogInfo) = do
+
  transactionLogTime <- liftIO getCurrentTime
  transactionLogInstance <- getsYesod $ view instanceID
  transactionLogInitiator <- liftHandler maybeAuthId
  transactionLogRemote <- handle (throwM . AuditRemoteException) $ Just <$> getRemote
+
  insert_ TransactionLog{..}
+
  $logInfoS "Audit" $ Text.filter (/= '\n') $ tshow (transaction, transactionLogInitiator, transactionLogRemote) <> " - " <> pack (prettyCallStack callStack)
-
-logInterface :: ( AuthId (HandlerSite m) ~ Key User
-         , IsSqlBackend (YesodPersistBackend (HandlerSite m))
-         , SqlBackendCanWrite (YesodPersistBackend (HandlerSite m))
-         , HasInstanceID (HandlerSite m) InstanceId
-         , YesodAuthPersist (HandlerSite m)
-         , MonadHandler m
-         , MonadCatch m
-         , HasAppSettings (HandlerSite m)
-         , HasCallStack
-         )
-      => Text       -- ^ Interface that is used
-      -> Text       -- ^ Subtype of the interface, if any
-      -> Bool       -- ^ Success=True, Failure=False
-      -> Maybe Int  -- ^ Number of transmitted datasets
-      -> Text       -- ^ Any additional information
-      -> ReaderT (YesodPersistBackend (HandlerSite m)) m ()
-- ^ Log a transaction using information available from `HandlerT`, also calls `audit`
-logInterface interfaceLogInterface interfaceLogSubtype interfaceLogSuccess interfaceLogRows interfaceLogInfo = do
-  interfaceLogWrite <- (methodGet /=) . Wai.requestMethod . reqWaiRequest <$> getRequest
-  logInterface' interfaceLogInterface interfaceLogSubtype interfaceLogWrite interfaceLogSuccess interfaceLogRows interfaceLogInfo
-
-logInterface' :: ( AuthId (HandlerSite m) ~ Key User
-         , IsSqlBackend (YesodPersistBackend (HandlerSite m))
-         , SqlBackendCanWrite (YesodPersistBackend (HandlerSite m))
-         , HasInstanceID (HandlerSite m) InstanceId
-         , YesodAuthPersist (HandlerSite m)
-         , MonadHandler m
-         , MonadCatch m
-         , HasAppSettings (HandlerSite m)
-         , HasCallStack
-         )
-      => Text       -- ^ Interface that is used
-      -> Text       -- ^ Subtype of the interface, if any
-      -> Bool       -- ^ True indicates Write Access to FRADrive
-      -> Bool       -- ^ Success=True, Failure=False
-      -> Maybe Int  -- ^ Number of transmitted datasets
-      -> Text       -- ^ Any additional information
-      -> ReaderT (YesodPersistBackend (HandlerSite m)) m ()
-- ^ Log a transaction using information available from `HandlerT`, also calls `audit`
-logInterface' (Text.strip -> interfaceLogInterface) (Text.strip -> interfaceLogSubtype) interfaceLogWrite interfaceLogSuccess interfaceLogRows (Text.strip -> interfaceLogInfo) = do
-  interfaceLogTime  <- liftIO getCurrentTime
-  -- deleteBy $ UniqueInterfaceSubtypeWrite interfaceLogInterface interfaceLogSubtype interfaceLogWrite -- deleteBy & insert would be justified here, leading to a new Row-ID, since the two rows are not truly connected.
-  -- insert_ InterfaceLog{..}
-  void $ upsertBy (UniqueInterfaceSubtypeWrite interfaceLogInterface interfaceLogSubtype interfaceLogWrite)
-    ( InterfaceLog{..} )
-    [ InterfaceLogTime    =. interfaceLogTime
-    , InterfaceLogRows    =. interfaceLogRows
-    , InterfaceLogInfo    =. interfaceLogInfo
-    , InterfaceLogSuccess =. interfaceLogSuccess
-    ]
-  audit TransactionInterface
-    { transactionInterfaceName    = interfaceLogInterface
-    , transactionInterfaceSubtype = interfaceLogSubtype
-    , transactionInterfaceWrite   = interfaceLogWrite
-    , transactionInterfaceRows    = interfaceLogRows
-    , transactionInterfaceInfo    = interfaceLogInfo
-    , transactionInterfaceSuccess = Just interfaceLogSuccess
-    }
-
-reportAdminProblem ::  ( IsSqlBackend (YesodPersistBackend (HandlerSite m))
-                  , SqlBackendCanWrite (YesodPersistBackend (HandlerSite m))
-                  , MonadHandler m
-                  -- , HasCallStack
-                  )
-      => AdminProblem -- ^ Problem to record
-      -> ReaderT (YesodPersistBackend (HandlerSite m)) m ()
-- ^ Log a problem that needs interventions by admins, provided this problem has not already been reported and is still unsolved
--
--   - `problemLogTime` is now
--   - `problemSolver` is Nothing, we do not record the person who caused it
-reportAdminProblem problem = do
-  let problemLogSolved = Nothing
-      problemLogSolver = Nothing
-      problemLogInfo   = toJSON problem
-  problemLogTime <- liftIO getCurrentTime
-  isKnown <- E.selectExists $ do
-    pl <- E.from $ E.table @ProblemLog
-    E.where_ $ E.isNothing (pl E.^. ProblemLogSolved)
-        E.&&. E.val problemLogInfo E.==. pl E.^. ProblemLogInfo
-  unless isKnown $ insert_ ProblemLog{..}
-  $logWarnS "Problem" $ Text.filter (/= '\n') $ tshow problem -- <> " - " <> pack (prettyCallStack callStack)
-
-
--- a/src/Audit/Types.hs
+++ b/src/Audit/Types.hs
@ -1,18 +1,15 @@
-- SPDX-FileCopyrightText: 2022-24 Gregor Kleen <gregor.kleen@ifi.lmu.de>,Sarah Vaupel <vaupel.sarah@campus.lmu.de>,Steffen Jost <s.jost@fraport.de>
+-- SPDX-FileCopyrightText: 2022-23 Gregor Kleen <gregor.kleen@ifi.lmu.de>,Sarah Vaupel <vaupel.sarah@campus.lmu.de>,,Steffen Jost <s.jost@fraport.de>
 --
 -- SPDX-License-Identifier: AGPL-3.0-or-later

 module Audit.Types
  ( Transaction(..)
-  , AdminProblem(..)
-  , decodeAdminProblem
  ) where

 import ClassyPrelude.Yesod hiding (derivePersistFieldJSON)
 import Model.Types.TH.JSON
 import Model

-import Data.Aeson
 import Data.Aeson.TH
 import Utils.PathPiece

@ -185,7 +182,7 @@ data Transaction
    }
  | TransactionLmsStart
    { transactionQualification :: QualificationId
-    , transactionLmsIdent      :: LmsIdent
+    , transactionLmsIdent      :: LmsIdent    
    , transactionLmsUser       :: UserId
    , transactionLmsUserKey    :: LmsUserId
    }
@ -216,10 +213,9 @@ data Transaction
  | TransactionQualificationUserEdit  -- Note that a renewal always entails unblocking as well!
    { transactionUser                         :: UserId                 -- qualification holder that is updated
    , transactionQualificationUser            :: QualificationUserId    -- not really necessary, maybe remove?
-    , transactionQualification                :: QualificationId
+    , transactionQualification                :: QualificationId    
    , transactionQualificationValidUntil      :: Day
    , transactionQualificationScheduleRenewal :: Maybe Bool -- Maybe, because some update may leave it unchanged (also avoids DB Migration)
-    , transactionNote                         :: Maybe Text
    }
  | TransactionQualificationUserDelete
    { transactionUser               :: UserId
@ -237,14 +233,6 @@ data Transaction
    , transactionQualification                :: QualificationId
    , transactionQualificationScheduleRenewal :: Maybe Bool           -- TRUE=will be notified upon expiry, FALSE=won't be notified; always JUST, for compatibility with TransactionQualificationUserEdit
    }
-  | TransactionInterface
-    { transactionInterfaceName                :: Text
-    , transactionInterfaceSubtype             :: Text
-    , transactionInterfaceWrite               :: Bool                 -- True implies a write to FRADrive
-    , transactionInterfaceRows                :: Maybe Int
-    , transactionInterfaceInfo                :: Text
-    , transactionInterfaceSuccess             :: Maybe Bool            -- Just False implies a failure; Maybe used to achieve backwards compatibility
-    }
  deriving (Eq, Ord, Read, Show, Generic)

 deriveJSON defaultOptions
@ -255,62 +243,3 @@ deriveJSON defaultOptions
  } ''Transaction

 derivePersistFieldJSON ''Transaction
-
-
-
-- Datatype for raising admin awareness to certain problems
-- Database stores generic Value in table ProblemLog, such that changes do not disturb old entries
-- Note that there is no RenderMessage instance, instead see @Handler.Admin.adminProblemCell dealing with special cases instead
-- Note: Adjust MsgAdminProblemInfoTooltip as well
-data AdminProblem
-  = AdminProblemNewCompany                                      -- new company was noticed, presumably without supervisors
-    { adminProblemCompany           :: CompanyId
-    }
-  | AdminProblemSupervisorNewCompany
-    { adminProblemUser              :: UserId                   -- a default supervisor has changed company
-    , adminProblemCompany           :: CompanyId                -- old company where the user had default supervisor rights
-    , adminProblemCompanyNew        :: CompanyId                -- new company of the user
-    , adminProblemSupervisorReroute :: Bool                     -- reroute included?
-    }
-  | AdminProblemSupervisorLeftCompany
-    { adminProblemUser              :: UserId                   -- user who had a supervisor but no longer has, due to supervisor change
-    , adminProblemCompany           :: CompanyId                -- old company
-    , adminProblemSupervisorReroute :: Bool                     -- reroute included?
-    }
-  | AdminProblemCompanySuperiorChange                           -- a company received a new superior user through AVS
-    { adminProblemUser              :: UserId                   -- new superior user
-    , adminProblemCompany           :: CompanyId                -- affected company
-    , adminProblemUserOld           :: Maybe UserId             -- previous superior
-    }
-  | AdminProblemCompanySuperiorNotFound                         -- a company received a new superior user through AVS, but user could not be created from email
-    { adminProblemEmail             :: Maybe Text               -- new superior user's email, not found in LDAP
-    , adminProblemCompany           :: CompanyId                -- affected company
-    , adminProblemUserOld           :: Maybe UserId             -- previous superior
-    }
-  | AdminProblemNewlyUnsupervised
-    { adminProblemUser              :: UserId                   -- user who had a supervisor but no longer has, due to user company change
-    , adminProblemCompanyOld        :: Maybe CompanyId          -- old company
-    , adminProblemCompanyNew        :: CompanyId                -- new company of the user
-    }
-  | AdminProblemUnknown                                         -- miscellanous problem, just displaying text
-    { adminProblemText              :: Text
-    }
-  deriving (Eq, Ord, Read, Show, Generic)
-
-- Columns shown in problem table: adminProblemCompany, adminProblemUser
-- For display: add clause to Handler.Admin.adminProblemCell
-
-deriveJSON defaultOptions
-  { constructorTagModifier = camelToPathPiece' 2
-  , fieldLabelModifier = camelToPathPiece' 2
-  , tagSingleConstructors = True
-  , sumEncoding = TaggedObject "problem" "data"
-  , rejectUnknownFields = False
-  } ''AdminProblem
-
-derivePersistFieldJSON ''AdminProblem
-
-decodeAdminProblem :: Value -> AdminProblem
-decodeAdminProblem v = case fromJSON v of
-  Error msg -> AdminProblemUnknown $ pack msg
-  Success p -> p
--- a/src/Auth/Dummy.hs
+++ b/src/Auth/Dummy.hs
@ -34,7 +34,7 @@ dummyForm = do
  mr <- getMessageRender
  wreq (ciField & addDatalist userList) (fslpI MsgDummyIdent (mr MsgDummyIdentPlaceholder) & addAttr "autocomplete" "username" & addName PostLoginDummy) Nothing
  where
-    userList = fmap mkOptionList . runDB $ withReaderT projectBackend (map toOption <$> selectList [UserId <=. UserKey 12] [Asc UserIdent] :: ReaderT SqlBackend _ [Option UserIdent])
+    userList = fmap mkOptionList . runDB $ withReaderT projectBackend (map toOption <$> selectList [] [Asc UserIdent] :: ReaderT SqlBackend _ [Option UserIdent])
    toOption (Entity _ User{..}) = Option userDisplayName userIdent (CI.original userIdent)

 apDummy :: Text
--- a/src/CryptoID.hs
+++ b/src/CryptoID.hs
@ -59,7 +59,6 @@ decCryptoIDs [ ''SubmissionId
             , ''MaterialFileId
             , ''PrintJobId
             , ''QualificationId
-             , ''SentMailId
             ]

 decCryptoIDKeySize
--- a/src/Data/CaseInsensitive/Instances.hs
+++ b/src/Data/CaseInsensitive/Instances.hs
@ -128,4 +128,4 @@ instance Swagger.ToSchema s => Swagger.ToSchema (CI s) where

 instance (CI.FoldCase s, Binary s) => Binary (CI s) where
  get = CI.mk <$> Binary.get
-  put = Binary.put . CI.original
+  put = Binary.put . CI.original
--- a/src/Database/Esqueleto/Utils.hs
+++ b/src/Database/Esqueleto/Utils.hs
@ -1,4 +1,4 @@
-- SPDX-FileCopyrightText: 2022-24 Gregor Kleen <gregor.kleen@ifi.lmu.de>,Steffen Jost <jost@tcs.ifi.lmu.de>,Steffen Jost <s.jost@fraport.de>
+-- SPDX-FileCopyrightText: 2022-23 Gregor Kleen <gregor.kleen@ifi.lmu.de>,Steffen Jost <jost@tcs.ifi.lmu.de>
 --
 -- SPDX-License-Identifier: AGPL-3.0-or-later

@ -15,26 +15,22 @@ module Database.Esqueleto.Utils
  , (=?.), (?=.)
  , (=~.), (~=.)
  , (>~.), (<~.)
-  , (~.), (~*.), (!~.), (!~*.)
  , or, and
  , any, all
-  , not__, parens
  , subSelectAnd, subSelectOr
-  , mkExactFilter, mkExactFilterWith, mkExactFilterWithComma
+  , mkExactFilter, mkExactFilterWith
  , mkExactFilterLast, mkExactFilterLastWith
  , mkExactFilterMaybeLast, mkExactFilterMaybeLast'
  , mkContainsFilter, mkContainsFilterWith
  , mkContainsFilterWithSet, mkContainsFilterWithComma, mkContainsFilterWithCommaPlus
  , mkDayFilter, mkDayFilterFrom, mkDayFilterTo
  , mkExistsFilter, mkExistsFilterWithComma
-  --  , mkRegExFilterWith
  , anyFilter, allFilter
  , ascNullsFirst, descNullsLast
  , orderByList
  , orderByOrd, orderByEnum
  , strip, lower, ciEq
  , selectExists, selectNotExists
-  , filterExists
  , SqlHashable
  , sha256
  , isTrue, isFalse
@ -44,19 +40,14 @@ module Database.Esqueleto.Utils
  , greatest, least
  , abs
  , SqlProject(..)
-  , (->.), (->>.), (->>>.), (#>>.)
+  , (->.), (->>.), (#>>.)
  , fromSqlKey
  , unKey
-  , subSelectCountDistinct
  , selectCountRows, selectCountDistinct
  , selectMaybe
-  , str2text, str2text'
-  , num2text --, text2num
  , day, day', dayMaybe, interval, diffDays, diffTimes
  , exprLift
  , explicitUnsafeCoerceSqlExprValue
-  , psqlVersion_
-  , truncateTable
  , module Database.Esqueleto.Utils.TH
  ) where

@ -67,16 +58,12 @@ import qualified Data.Set as Set
 import qualified Data.List as List
 import qualified Data.Foldable as F
 import Data.List.NonEmpty (NonEmpty(..))
-import qualified Database.Persist as P
-import qualified Database.Persist.EntityDef.Internal as P (entityDB)
 import qualified Database.Esqueleto.Legacy as E
 import qualified Database.Esqueleto.Experimental as Ex
 import qualified Database.Esqueleto.PostgreSQL as E
 import qualified Database.Esqueleto.Internal.Internal as E
 import Database.Esqueleto.Utils.TH

-- import qualified Database.Persist.Postgresql as P
-
 import qualified Data.Text as Text
 import qualified Data.Text.Lazy as Lazy (Text)
 import qualified Data.ByteString.Lazy as Lazy (ByteString)
@ -166,24 +153,6 @@ infixl 4 <~.
 (<~.) ::  PersistField typ => E.SqlExpr (E.Value typ) -> E.SqlExpr (E.Value (Maybe typ)) -> E.SqlExpr (E.Value Bool)
 (<~.) a b = E.isNothing b E.||. (E.just a E.<. b)

-infixr 2 ~., ~*., !~., !~*.
-
-- | PostgreSQL regular expression match, case sensitive. Works, but may throw SQL error for unblanced parenthesis, etc. Not suitable for dbTable filters
-(~.) :: E.SqlString s => E.SqlExpr (E.Value s) -> E.SqlExpr (E.Value s) -> E.SqlExpr (E.Value Bool)
-(~.) = E.unsafeSqlBinOp    " ~ "
-
-- | PostgreSQL regular expression match, case insensitive. Works, but may throw SQL errors
-(~*.) :: E.SqlString s => E.SqlExpr (E.Value s) -> E.SqlExpr (E.Value s) -> E.SqlExpr (E.Value Bool)
-(~*.) = E.unsafeSqlBinOp    " ~* "
-
-- | PostgreSQL regular expression does not match, case sensitive. Works, but may throw SQL error for unblanced parenthesis, etc. Not suitable for dbTable filters
-(!~.) :: E.SqlString s => E.SqlExpr (E.Value s) -> E.SqlExpr (E.Value s) -> E.SqlExpr (E.Value Bool)
-(!~.) = E.unsafeSqlBinOp    " !~ "
-
-- | PostgreSQL regular expression does not match, case insensitive. Works, but may throw SQL errors
-(!~*.) :: E.SqlString s => E.SqlExpr (E.Value s) -> E.SqlExpr (E.Value s) -> E.SqlExpr (E.Value Bool)
-(!~*.) = E.unsafeSqlBinOp    " !~* "
-

 -- | Negation of `isNothing` which is missing
 isJust :: PersistField typ => E.SqlExpr (E.Value (Maybe typ)) -> E.SqlExpr (E.Value Bool)
@ -256,13 +225,8 @@ explicitUnsafeCoerceSqlExprValue typ (E.ERaw _m1 f1) = E.ERaw E.noMeta $ \_nPare
      )

 and, or :: Foldable f => f (E.SqlExpr (E.Value Bool)) -> E.SqlExpr (E.Value Bool)
-- and = F.foldl' (E.&&.) true -- we can use foldl' since PostgreSQL reorders conditions anyway
-- or = F.foldl' (E.||.) false
-- Maybe this help the PostgreSQL query optimizer, though I doubt it?
-and f | F.null f    = true
-      | otherwise = F.foldl1 (E.&&.) f
-or f  | F.null f    = false
-      | otherwise = F.foldl1 (E.||.) f
+and = F.foldr (E.&&.) true
+or = F.foldr (E.||.) false

 -- | Given a test and a set of values, check whether anyone succeeds the test
 --   WARNING: SQL leaves it explicitely unspecified whether `||` is short curcuited (i.e. lazily evaluated)
@ -281,9 +245,6 @@ subSelectOr  q = parens . E.subSelectUnsafe $ flip (E.unsafeSqlAggregateFunction
 parens :: E.SqlExpr (E.Value a) -> E.SqlExpr (E.Value a)
 parens = E.unsafeSqlFunction ""

-- | Workaround for Esqueleto-Bug not placing parenthesis after NOT, see #155
-not__ :: E.SqlExpr (E.Value Bool) -> E.SqlExpr (E.Value Bool)
-not__ = E.not_ . parens

 -- Allow usage of Tuples as DbtRowKey, i.e. SqlIn instances for tuples
 $(sqlInTuples [2..16])
@ -322,17 +283,6 @@ mkExactFilterWith cast lenslike row criterias
  | Set.null criterias = true
  | otherwise = lenslike row `E.in_` E.valList (cast <$> Set.toList criterias)

-- | like `mkExactFilterWith` but splits comma separared Texts into multiple criteria
-mkExactFilterWithComma :: (PersistField b)
-  => (Text -> Maybe b)                   -- ^ type conversion
-  -> (t -> E.SqlExpr (E.Value b))  -- ^ getter from query to searched element
-  -> t                             -- ^ query row
-  -> Set.Set Text                  -- ^ needle collection
-  -> E.SqlExpr (E.Value Bool)
-mkExactFilterWithComma cast lenslike row (foldMap commaSeparatedText -> criterias)
-  | Set.null criterias = true
-  | otherwise = lenslike row `E.in_` E.valList (mapMaybe cast $ Set.toList criterias)
-
 -- | generic filter creation for dbTable
 --   Given a lens-like function, make filter for exact matches against last element of a collection
 mkExactFilterLast :: (PersistField a)
@ -350,7 +300,7 @@ mkExactFilterLastWith :: (PersistField b)
                      -> Last a                        -- ^ needle
                      -> E.SqlExpr (E.Value Bool)
 mkExactFilterLastWith cast lenslike row criterias
-  | Last (Just crit) <- criterias = lenslike row E.==. E.val (cast crit)
+  | Last (Just crit) <- criterias = lenslike row E.==. E.val (cast crit)  
  | otherwise = true

 -- | like `mkExactFilterLast` but deals with Nothing being a filter criterion as well
@ -379,7 +329,7 @@ mkExactFilterMaybeLast' lensexists lenslike row criterias
 -- | generic filter creation for dbTable
 --   Given a lens-like function, make filter searching for needles in String-like elements
 --   (Keep Set here to ensure that there are no duplicates)
-mkContainsFilter :: (E.SqlString a, Ord a)
+mkContainsFilter :: E.SqlString a
                 => (t -> E.SqlExpr (E.Value a))  -- ^ getter from query to searched element
                 -> t                             -- ^ query row
                 -> Set.Set a                     -- ^ needle collection
@ -387,7 +337,7 @@ mkContainsFilter :: (E.SqlString a, Ord a)
 mkContainsFilter = mkContainsFilterWith id

 -- | like `mkContainsFilter` but allows for conversion; convenient in conjunction with `anyFilter` and `allFilter`
-mkContainsFilterWith :: (E.SqlString b, Ord a)
+mkContainsFilterWith :: E.SqlString b
                     => (a -> b)
                     -> (t -> E.SqlExpr (E.Value b))  -- ^ getter from query to searched element
                     -> t                             -- ^ query row
@ -395,7 +345,7 @@ mkContainsFilterWith :: (E.SqlString b, Ord a)
                     -> E.SqlExpr (E.Value Bool)
 mkContainsFilterWith cast lenslike row criterias
  | Set.null criterias = true
-  | otherwise = any (hasInfix (lenslike row) . E.val . cast) criterias
+  | otherwise = any (hasInfix $ lenslike row) (E.val . cast <$> Set.toList criterias)

 -- | like `mkContainsFilterWith` but allows conversion to produce multiple needles
 mkContainsFilterWithSet :: (E.SqlString b, Ord b, Ord a)
@ -406,7 +356,7 @@ mkContainsFilterWithSet :: (E.SqlString b, Ord b, Ord a)
                     -> E.SqlExpr (E.Value Bool)
 mkContainsFilterWithSet cast lenslike row criterias
  | Set.null criterias = true
-  | otherwise = any (hasInfix (lenslike row) . E.val)  (foldMap cast criterias)
+  | otherwise = any (hasInfix $ lenslike row) (E.val <$> Set.toList (foldMap cast criterias))

 -- | like `mkContainsFilterWithSet` but fixed to comma separated Texts
 mkContainsFilterWithComma :: (E.SqlString b, Ord b)
@ -417,7 +367,7 @@ mkContainsFilterWithComma :: (E.SqlString b, Ord b)
                     -> E.SqlExpr (E.Value Bool)
 mkContainsFilterWithComma cast lenslike row (foldMap commaSeparatedText -> criterias)
  | Set.null criterias = true
-  | otherwise = any (hasInfix (lenslike row) . E.val . cast) criterias
+  | otherwise = any (hasInfix $ lenslike row) (E.val . cast <$> Set.toList criterias)

 -- | like `mkContainsFilterWithComma` but enforced the existence of all Texts prefixed with +
 mkContainsFilterWithCommaPlus :: (E.SqlString b, Ord b)
@ -431,22 +381,10 @@ mkContainsFilterWithCommaPlus cast lenslike row (foldMap commaSeparatedText -> c
  | Set.null compulsories = cond_optional
  | Set.null alternatives = cond_compulsory
  | otherwise             = cond_compulsory E.&&. cond_optional
-  where
+  where    
    (Set.mapMonotonic (Text.stripStart . Text.drop 1) -> compulsories, alternatives) = Set.partition (Text.isPrefixOf "+") criterias
-    cond_compulsory = all (hasInfix (lenslike row) . E.val . cast) compulsories
-    cond_optional   = any (hasInfix (lenslike row) . E.val . cast) alternatives
-
-- like `mkContainsFilterWith` but allows regular expression criterias
-- This works, but throws SQL errors for unbalanced parenthesis and similar invalid regex expressions
-- mkRegExFilterWith :: (E.SqlString b, Ord a)
--                      => (a -> b)
--                      -> (t -> E.SqlExpr (E.Value b))  -- ^ getter from query to searched element
--                      -> t                             -- ^ query row
--                      -> Set.Set a                     -- ^ needle collection
--                      -> E.SqlExpr (E.Value Bool)
-- mkRegExFilterWith cast lenslike row criterias
--   | Set.null criterias = true
--   | otherwise = any ((~.) (lenslike row) . E.val . cast) criterias
+    cond_compulsory = all (hasInfix $ lenslike row) (E.val . cast <$> Set.toList compulsories)
+    cond_optional   = any (hasInfix $ lenslike row) (E.val . cast <$> Set.toList alternatives)

 mkDayFilter :: (t -> E.SqlExpr (E.Value UTCTime))  -- ^ getter from query to searched element
            -> t                                   -- ^ query row
@ -491,7 +429,7 @@ mkExistsFilterWithComma :: PathPiece a
               -> E.SqlExpr (E.Value Bool)
 mkExistsFilterWithComma cast query row (foldMap commaSeparatedText -> criterias)
  | Set.null criterias = true
-  | otherwise = any (E.exists . query row . cast) criterias
+  | otherwise = any (E.exists . query row) (cast <$> Set.toList criterias)


 -- | Combine several filters, using logical or
@ -550,13 +488,6 @@ selectExists query = do
    _other      -> error "SELECT EXISTS ... returned zero or more than one rows"
 selectNotExists = fmap not . selectExists

-filterExists :: (MonadIO m, PersistEntity val, MonoFoldable mono, PersistField (Element mono))
-             => EntityField val (Element mono) -> mono -> E.SqlReadT m [Element mono]
-filterExists prj vs = fmap (fmap Ex.unValue) <$> Ex.select $ do
-  ent <- Ex.from Ex.table
-  Ex.where_ $ ent Ex.^. prj `Ex.in_` vals vs
-  return   $ ent Ex.^. prj
-

 class SqlHashable a
 instance SqlHashable Text
@ -650,7 +581,7 @@ max, min :: PersistField a
 max a b = bool a b $ b E.>. a
 min a b = bool a b $ b E.<. a

-- these alternatives for max/min ought to be more efficient; note that NULL is avoided by PostgreSQL greatest/least; for Bool: t > f
+-- these alternatives for max/min ought to be more efficient; note that NULL is avoided by PostgreSQL greatest/least
 greatest :: PersistField a => E.SqlExpr (E.Value a) -> E.SqlExpr (E.Value a) -> E.SqlExpr (E.Value a)
 greatest a b = E.unsafeSqlFunction "GREATEST" $ E.toArgList (a,b)

@ -689,16 +620,9 @@ infixl 8 ->.

 infixl 8 ->>.

-- Unsafe variant, see Database.Esqueleto.PostgreSQL.JSON for a safe version!
 (->>.) :: E.SqlExpr (E.Value a) -> Text -> E.SqlExpr (E.Value Text)
 (->>.) expr t = E.unsafeSqlBinOp "->>" expr $ E.val t

-infixl 8 ->>>.
-
-- Unsafe variant to obtain a DB key from a JSON field. Use with caution!
-(->>>.) :: (PersistField (Key entity)) => E.SqlExpr (E.Value a) -> Text -> E.SqlExpr (E.Value (Maybe (Key entity)))
-(->>>.) expr t = E.unsafeSqlCastAs "int" $ E.unsafeSqlBinOp "->>" expr $ E.val t
-
 infixl 8 #>>.

 (#>>.) :: E.SqlExpr (E.Value a) -> Text -> E.SqlExpr (E.Value (Maybe Text))
@ -714,12 +638,6 @@ unKey :: ( Coercible (Key entity) a
      => E.SqlExpr (E.Value (Key entity)) -> E.SqlExpr (E.Value a)
 unKey = E.veryUnsafeCoerceSqlExprValue

-- | distinct version of `Database.Esqueleto.subSelectCount`
-subSelectCountDistinct :: (Num a, PersistField a) => Ex.SqlQuery (Ex.SqlExpr (Ex.Value typ)) -> Ex.SqlExpr (Ex.Value a)
-subSelectCountDistinct query = Ex.subSelectUnsafe (Ex.countDistinct <$> query)
-
-- PersistField a => SqlQuery (SqlExpr (Value a)) -> SqlExpr (Value a)
-- countDistinct :: Num a => SqlExpr (Value typ) -> SqlExpr (Value a)

 selectCountRows :: (Num a, PersistField a, MonadIO m) => E.SqlQuery ignored -> E.SqlReadT m a
 selectCountRows q = do
@ -742,25 +660,10 @@ selectCountDistinct q = do
 selectMaybe :: (E.SqlSelect a r, MonadIO m) => E.SqlQuery a -> E.SqlReadT m (Maybe r)
 selectMaybe = fmap listToMaybe . E.select . (<* E.limit 1)

-- | convert something that is like a text to text
-str2text :: E.SqlString a => E.SqlExpr (E.Value a) -> E.SqlExpr (E.Value Text)
-str2text = E.unsafeSqlCastAs "text"
-
-str2text' :: E.SqlString a => E.SqlExpr (E.Value (Maybe a)) -> E.SqlExpr (E.Value (Maybe Text))
-str2text' = E.unsafeSqlCastAs "text"
-
-- | cast numeric type to text, which is safe and allows for an inefficient but safe comparison of numbers stored as text and numbers
-num2text :: Num n => E.SqlExpr (E.Value n) -> E.SqlExpr (E.Value Text)
-num2text = E.unsafeSqlCastAs "text"
-
-- unsafe, use with care!
-- text2num :: E.SqlExpr (E.Value Text) -> E.SqlExpr (E.Value n)
-- text2num = E.unsafeSqlCastAs "int"

 day :: E.SqlExpr (E.Value UTCTime) -> E.SqlExpr (E.Value Day)
 day = E.unsafeSqlCastAs "date"

-- | cast text to day, truly unsafe
 day' :: E.SqlExpr (E.Value Text) -> E.SqlExpr (E.Value Day)
 day' = E.unsafeSqlCastAs "date"

@ -768,12 +671,13 @@ dayMaybe :: E.SqlExpr (E.Value (Maybe UTCTime)) -> E.SqlExpr (E.Value (Maybe Day
 dayMaybe = E.unsafeSqlCastAs "date"

 interval :: CalendarDiffDays -> E.SqlExpr (E.Value Day) -- E.+=.  requires both types to be the same, so we use Day
-- interval _ = E.unsafeSqlCastAs "interval" $ E.unsafeSqlValue "'P2Y'" -- tested working example
+-- interval _ = E.unsafeSqlCastAs "interval" $ E.unsafeSqlValue "'P2Y'" -- tested working example 
 interval = E.unsafeSqlCastAs "interval". E.unsafeSqlValue . wrapSqlString . Text.Builder.fromString . iso8601Show
-  where
+  where 
    singleQuote     = Text.Builder.singleton '\''
    wrapSqlString b = singleQuote <> b <> singleQuote

+
 infixl 6 `diffDays`, `diffTimes`

 diffDays :: E.SqlExpr (E.Value Day) -> E.SqlExpr (E.Value Day) -> E.SqlExpr (E.Value Int)
@ -815,16 +719,3 @@ instance (PersistField a1, PersistField a2, PersistField b, Finite a1, Finite a2
    ]
    (E.else_ $ E.else_ $ E.veryUnsafeCoerceSqlExprValue (E.nothing :: E.SqlExpr (E.Value (Maybe ()))))

-psqlVersion_ :: E.SqlExpr (E.Value Text)
-psqlVersion_ = E.unsafeSqlFunction "VERSION" ()
-
-- Suspected to cause trouble. Needs more testing!
-- truncateTable :: (MonadIO m, BackendCompatible SqlBackend backend, PersistEntity record)
--               => record -> ReaderT backend m ()
-- truncateTable tbl = E.rawExecute ("TRUNCATE TABLE " <> P.tableName tbl <> "  RESTART IDENTITY") []
-
-truncateTable :: (MonadIO m, BackendCompatible SqlBackend backend, PersistEntity record) -- TODO: test this code
-                  => proxy record -> ReaderT backend m ()
-truncateTable tbl =
-  let tblName :: Text = P.unEntityNameDB $ P.entityDB $ P.entityDef tbl
-  in  E.rawExecute ("TRUNCATE TABLE " <> tblName <> " RESTART IDENTITY") []
--- a/src/Foundation/Authorization.hs
+++ b/src/Foundation/Authorization.hs
@ -539,11 +539,8 @@ tagAccessPredicate AuthAdmin = cacheAPSchoolFunction SchoolAdmin (Just $ Right d
        return Authorized

 tagAccessPredicate AuthSupervisor = APDB $ \_ _ mAuthId route _ -> case route of 
-    ForProfileR     cID -> checkSupervisor        (mAuthId, cID)
-    ForProfileDataR cID -> checkSupervisor        (mAuthId, cID)
-    FirmAllR            -> checkAnySupervisor      mAuthId
-    FirmUsersR      fsh -> checkCompanySupervisor (mAuthId, fsh)
-    FirmSupersR     fsh -> checkCompanySupervisor (mAuthId, fsh)
+    ForProfileR     cID -> checkSupervisor (mAuthId, cID)
+    ForProfileDataR cID -> checkSupervisor (mAuthId, cID)
    r -> $unsupportedAuthPredicate AuthSupervisor r    
  where 
    checkSupervisor sup@(mAuthId, cID) = $cachedHereBinary sup . exceptT return return $ do
@ -552,17 +549,6 @@ tagAccessPredicate AuthSupervisor = APDB $ \_ _ mAuthId route _ -> case route of
      isSupervisor <- lift . existsBy $ UniqueUserSupervisor authId uid
      guardMExceptT isSupervisor (unauthorizedI MsgUnauthorizedSupervisor)
      return Authorized
-    checkCompanySupervisor sup@(mAuthId, fsh) = $cachedHereBinary sup . exceptT return return $ do
-      authId <- maybeExceptT AuthenticationRequired $ return mAuthId      
-      -- isSupervisor <- lift . existsBy $ UniqueUserCompany authId $ CompanyKey fsh
-      isSupervisor <- lift $ exists [UserCompanyUser ==. authId, UserCompanyCompany ==. CompanyKey fsh, UserCompanySupervisor ==. True]
-      guardMExceptT isSupervisor (unauthorizedI $ MsgUnauthorizedCompanySupervisor fsh)
-      return Authorized
-    checkAnySupervisor mAuthId = $cachedHereBinary mAuthId . exceptT return return $ do
-      authId <- maybeExceptT AuthenticationRequired $ return mAuthId      
-      isSupervisor <- lift $ exists [UserSupervisorSupervisor ==. authId]
-      guardMExceptT isSupervisor (unauthorizedI MsgUnauthorizedAnySupervisor)
-      return Authorized

 tagAccessPredicate AuthSystemExamOffice = cacheAPSystemFunction SystemExamOffice (Just $ Right diffHour) $ \mAuthId' _ _ examOfficeList -> if
  | maybe True (`Set.notMember` examOfficeList) mAuthId' -> Right $ if
--- a/src/Foundation/I18n.hs
+++ b/src/Foundation/I18n.hs
@ -1,14 +1,9 @@
-- SPDX-FileCopyrightText: 2022-23 Gregor Kleen <gregor.kleen@ifi.lmu.de>,Sarah Vaupel <sarah.vaupel@ifi.lmu.de>,Sarah Vaupel <vaupel.sarah@campus.lmu.de>,Steffen Jost <s.jost@fraport.de>,Steffen Jost <jost@tcs.ifi.lmu.de>,Winnie Ros <winnie.ros@campus.lmu.de>
+-- SPDX-FileCopyrightText: 2022 Gregor Kleen <gregor.kleen@ifi.lmu.de>,Sarah Vaupel <sarah.vaupel@ifi.lmu.de>,Sarah Vaupel <vaupel.sarah@campus.lmu.de>,Steffen Jost <jost@cip.ifi.lmu.de>,Steffen Jost <jost@tcs.ifi.lmu.de>,Winnie Ros <winnie.ros@campus.lmu.de>
 --
 -- SPDX-License-Identifier: AGPL-3.0-or-later

-- To add new language files:
--   1. include new statement, e.g. mkMessageAddition ''UniWorX "Print" "messages/uniworx/categories/print" "de-de-formal"
--   2. create appropriate translation files in the specified folder
--   3. add constructor to list of module exports
-
 {-# LANGUAGE GeneralizedNewtypeDeriving #-}
-{-# OPTIONS_GHC -fno-warn-orphans -fno-warn-unused-top-binds #-}
+{-# OPTIONS_GHC -fno-warn-orphans #-}

 module Foundation.I18n
  ( appLanguages, appLanguagesOpts
@ -25,7 +20,6 @@ module Foundation.I18n
  , UniWorXI18nMessage(..),UniWorXJobsHandlerMessage(..), UniWorXModelTypesMessage(..), UniWorXYesodMiddlewareMessage(..)
  , UniWorXQualificationMessage(..)
  , UniWorXPrintMessage(..)
-  , UniWorXFirmMessage(..)
  , UniWorXAvsMessage(..)
  , UniWorXAuthorshipStatementMessage(..)
  , ShortTermIdentifier(..)
@ -39,12 +33,10 @@ module Foundation.I18n
  , StudyDegreeTerm(..)
  , ShortStudyFieldType(..)
  , StudyDegreeTermType(..)
-  , ErrorResponseTitle(..)
+  , ErrorResponseTitle(..)  
  , UniWorXMessages(..)
  , uniworxMessages
  , unRenderMessage, unRenderMessage', unRenderMessageLenient
-  , SomeMessages(..)
-  , someMessages
  , module Foundation.I18n.TH
  ) where

@ -87,30 +79,21 @@ pluralDE num singularForm pluralForm
  | num == 1  = singularForm
  | otherwise = pluralForm

-pluralDEx :: (Eq a, Num a) => Char -> a -> Text -> Text
-pluralDEx c n t = pluralDE n t $ t `snoc` c
+-- pluralDEx :: (Eq a, Num a) => Char -> a -> Text -> Text
+-- -- ^ @pluralENs n "Monat" = pluralEN n "Monat" "Monate"@ 
+-- pluralDEx c n t = pluralDE n t $ t `snoc` c

-- | like `pluralDEx` but also prefixes with the number
-pluralDExN :: (Eq a, Num a, Show a) => Char -> a -> Text -> Text
-pluralDExN c n t = tshow n <> cons ' ' (pluralDEx c n t)
+-- -- | like `pluralDEe` but also prefixes with the number
+-- pluralDExN :: (Eq a, Num a, Show a) => Char -> a -> Text -> Text
+-- pluralDExN c n t = tshow n <> cons ' ' (pluralDEx c n t)

 pluralDEe :: (Eq a, Num a) => a -> Text -> Text
-- ^ @pluralDEe n "Monat" = pluralDEe n "Monat" "Monate"@
-pluralDEe = pluralDEx 'e'
+-- ^ @pluralENs n "Monat" = pluralEN n "Monat" "Monate"@ 
+pluralDEe n t = pluralDE n t $ t `snoc` 'e'

 -- | like `pluralDEe` but also prefixes with the number
 pluralDEeN :: (Eq a, Num a, Show a) => a -> Text -> Text
-pluralDEeN = pluralDExN 'e'
-
-- | postfix plural with an 'n'
-pluralDEn :: (Eq a, Num a) => a -> Text -> Text
-- ^ @pluralENs n "Monat" = pluralEN n "Monat" "Monate"@
-pluralDEn = pluralDEx 'n'
-
-- | like `pluralDEn` but also prefixes with the number
-pluralDEnN :: (Eq a, Num a, Show a) => a -> Text -> Text
-pluralDEnN = pluralDExN 'n'
-
+pluralDEeN n t = tshow n <> cons ' ' (pluralDEe n t)

 noneOneMoreDE :: (Eq a, Num a)
              =>    a -- ^ Count
@ -123,14 +106,14 @@ noneOneMoreDE num noneText singularForm pluralForm
  | num == 1  = singularForm
  | otherwise = pluralForm

-noneMoreDE :: (Eq a, Num a)
-            =>    a -- ^ Count
-            -> Text -- ^ None
-            -> Text -- ^ Some
-            -> Text
-noneMoreDE num noneText someText
-  | num == 0  = noneText
-  | otherwise = someText
+-- noneMoreDE :: (Eq a, Num a)
+--             =>    a -- ^ Count
+--             -> Text -- ^ None
+--             -> Text -- ^ Some
+--             -> Text
+-- noneMoreDE num noneText someText
+--   | num == 0  = noneText
+--   | otherwise = someText

 pluralEN :: (Eq a, Num a)
         =>    a -- ^ Count
@ -145,7 +128,7 @@ pluralENs :: (Eq a, Num a)
          => a -- ^ Count
          -> Text -- ^ Singular
          -> Text
-- ^ @pluralENs n "foo" = pluralEN n "foo" "foos"@
+-- ^ @pluralENs n "foo" = pluralEN n "foo" "foos"@ 
 pluralENs n t = pluralEN n t $ t `snoc` 's'

 -- | like `pluralENs` but also prefixes with the number
@ -163,14 +146,14 @@ noneOneMoreEN num noneText singularForm pluralForm
  | num == 1  = singularForm
  | otherwise = pluralForm

-noneMoreEN :: (Eq a, Num a)
-            =>    a -- ^ Count
-            -> Text -- ^ None
-            -> Text -- ^ Some
-            -> Text
-noneMoreEN num noneText someText
-  | num == 0  = noneText
-  | otherwise = someText
+-- noneMoreEN :: (Eq a, Num a)
+--             =>    a -- ^ Count
+--             -> Text -- ^ None
+--             -> Text -- ^ Some
+--             -> Text
+-- noneMoreEN num noneText someText
+--   | num == 0  = noneText
+--   | otherwise = someText

 _ordinalEN :: ToMessage a
          => a
@ -190,20 +173,20 @@ notEN :: Bool -> Text
 notEN = bool "not" ""

 {-  -- TODO: use this is message eventually
-- Commonly used plurals
+-- Commonly used plurals 
 data Thing = Person | Examinee
  deriving (Eq)

-thingDE :: Int -> Thing -> Text
+thingDE :: Int -> Thing -> Text 
 thingDE num = (tshow num <>) . Text.cons ' ' . thing
-  where
+  where 
    thing :: Thing -> Text
    thing Person    = pluralDE num "Person"   "Personen"
    thing Examinee  = pluralDE num "Prüfling" "Prüflinge"
-
-thingEN :: Int -> Thing -> Text
+  
+thingEN :: Int -> Thing -> Text 
 thingEN num t = tshow num <> Text.cons ' ' (thing t)
-  where
+  where 
    thing :: Thing -> Text
    thing Person    = pluralENs num "person"
    thing Examinee  = pluralENs num "examinee"
@ -214,14 +197,6 @@ maybeToMessage :: ToMessage m => Text -> Maybe m -> Text -> Text
 maybeToMessage _      Nothing  _     = mempty
 maybeToMessage before (Just x) after = before <> toMessage x <> after

-maybeBoolMessage :: Maybe Bool -> Text -> Text -> Text -> Text
-maybeBoolMessage Nothing      n _ _ = n
-maybeBoolMessage (Just True)  _ t _ = t
-maybeBoolMessage (Just False) _ _ f = f
-
-- | Convenience function avoiding type signatures
-boolText :: Text -> Text -> Bool -> Text
-boolText = bool

 newtype ShortTermIdentifier = ShortTermIdentifier TermIdentifier
  deriving stock (Eq, Ord, Read, Show)
@ -258,7 +233,6 @@ mkMessageAddition ''UniWorX "Send" "messages/uniworx/categories/send" "de-de-for
 mkMessageAddition ''UniWorX "YesodMiddleware" "messages/uniworx/categories/yesod_middleware" "de-de-formal"
 mkMessageAddition ''UniWorX "User" "messages/uniworx/categories/user" "de-de-formal"
 mkMessageAddition ''UniWorX "Print" "messages/uniworx/categories/print" "de-de-formal"
-mkMessageAddition ''UniWorX "Firm" "messages/uniworx/categories/firm" "de-de-formal"
 mkMessageAddition ''UniWorX "Button" "messages/uniworx/utils/buttons" "de-de-formal"
 mkMessageAddition ''UniWorX "Form" "messages/uniworx/utils/handler_form" "de-de-formal"
 mkMessageAddition ''UniWorX "TableColumn" "messages/uniworx/utils/table_column" "de-de-formal"
@ -280,18 +254,6 @@ mkMessageAddition ''UniWorX "Avs" "messages/uniworx/categories/avs" "de-de-forma

 embedRenderMessage ''UniWorX ''LmsStatus (uncurry ((<>) . (<> "Status")) . Text.splitAt 3)

-
-newtype SomeMessages master = SomeMessages [SomeMessage master]
-  deriving newtype (Semigroup, Monoid)
-
-instance master ~ master' => RenderMessage master (SomeMessages master') where
-  renderMessage a b (SomeMessages msgs) = Text.intercalate "\n " $ renderMessage a b <$> msgs
-
-- | convenienience function if all messages happen to belong to the exact same type
-someMessages :: RenderMessage master msg => [msg] -> SomeMessages master
-someMessages msgs = SomeMessages $ SomeMessage <$> msgs
-
-
 instance RenderMessage UniWorX (Maybe LmsStatus) where -- useful for Filter with optionsFinite
  renderMessage f ls (Just s) = renderMessage f ls s
  renderMessage f ls Nothing  = renderMessage f ls MsgLmsStateOpen
@ -614,12 +576,12 @@ unRenderMessage = unRenderMessage' (==)

 unRenderMessageLenient :: forall a master. (Ord a, Finite a, RenderMessage master a) => master -> Text -> [a]
 unRenderMessageLenient = unRenderMessage' cmp
-  where cmp = (==) `on` mk . under packed (concatMap $ filter Char.isAlphaNum . unidecode)
+  where cmp = (==) `on` mk . under packed (filter Char.isAlphaNum . concatMap unidecode)


 instance Default DateTimeFormatter where
  def = mkDateTimeFormatter (getTimeLocale' []) def appTZ

-instance RenderMessage UniWorX Address where
+instance RenderMessage UniWorX Address where 
  renderMessage s l a@Address{addressName = Just aname} = aname <> cons ' ' (renderMessage s l a{addressName=Nothing})
  renderMessage _ _   Address{addressEmail = mail} = "<" <> mail <> ">"
--- a/src/Foundation/Navigation.hs
+++ b/src/Foundation/Navigation.hs
@ -87,9 +87,9 @@ breadcrumb (AdminUserR cID) = useRunDB . maybeT (i18nCrumb MsgBreadcrumbUser $ J
  uid <- decrypt cID
  User{..} <- MaybeT $ get uid
  return (userDisplayName, Just UsersR)
-breadcrumb (AdminUserDeleteR    cID) = i18nCrumb MsgBreadcrumbUserDelete  . Just $ AdminUserR cID
-breadcrumb (AdminHijackUserR    cID) = i18nCrumb MsgBreadcrumbUserHijack  . Just $ AdminUserR cID
-breadcrumb (UserNotificationR   cID) = useRunDB $ do
+breadcrumb (AdminUserDeleteR cID) = i18nCrumb MsgBreadcrumbUserDelete . Just $ AdminUserR cID
+breadcrumb (AdminHijackUserR cID) = i18nCrumb MsgBreadcrumbUserHijack . Just $ AdminUserR cID
+breadcrumb (UserNotificationR cID) = useRunDB $ do
  mayList <- hasReadAccessTo UsersR
  if
    | mayList
@ -121,27 +121,13 @@ breadcrumb ProblemUnreachableR  = i18nCrumb MsgProblemsUnreachableHeading $ Just
 breadcrumb ProblemWithoutAvsId  = i18nCrumb MsgProblemsNoAvsIdHeading     $ Just AdminProblemsR
 breadcrumb ProblemFbutNoR       = i18nCrumb MsgProblemsRWithoutFHeading   $ Just AdminProblemsR
 breadcrumb ProblemAvsSynchR     = i18nCrumb MsgProblemsAvsSynchHeading    $ Just AdminProblemsR
-breadcrumb ProblemAvsErrorR     = i18nCrumb MsgProblemsAvsErrorHeading    $ Just AdminProblemsR
-breadcrumb ConfigInterfacesR    = i18nCrumb MsgConfigInterfacesHeading    $ Just AdminProblemsR
+breadcrumb ProblemAvsErrorR     = i18nCrumb MsgProblemsAvsErrorHeading    $ Just ProblemAvsSynchR

-breadcrumb FirmAllR         = i18nCrumb MsgMenuFirms              Nothing
-breadcrumb FirmsCommR{}     = i18nCrumb MsgMenuFirmsComm        $ Just   FirmAllR
-breadcrumb FirmUsersR{}     = i18nCrumb MsgMenuFirmUsers        $ Just   FirmAllR
-breadcrumb (FirmSupersR fsh)= i18nCrumb MsgMenuFirmSupervisors  $ Just $ FirmUsersR fsh
-breadcrumb (FirmCommR   fsh)= i18nCrumb MsgMenuFirmsComm        $ Just $ FirmUsersR fsh
-
-breadcrumb CommCenterR      = i18nCrumb MsgMenuCommCenter       Nothing
-breadcrumb MailCenterR      = i18nCrumb MsgMenuMailCenter     $ Just CommCenterR
-breadcrumb MailHtmlR{}      = i18nCrumb MsgMenuMailHtml       $ Just MailCenterR
-breadcrumb MailPlainR{}     = i18nCrumb MsgMenuMailPlain      $ Just MailCenterR
-breadcrumb (MailAttachmentR mid _) = i18nCrumb MsgMenuMailAttachment $ Just $ MailHtmlR mid
-
-breadcrumb PrintCenterR     = i18nCrumb MsgMenuApc            $ Just CommCenterR
+breadcrumb PrintCenterR     = i18nCrumb MsgMenuApc              Nothing
 breadcrumb PrintSendR       = i18nCrumb MsgMenuPrintSend      $ Just PrintCenterR
 breadcrumb PrintDownloadR{} = i18nCrumb MsgMenuPrintDownload  $ Just PrintCenterR
 breadcrumb PrintAckR{}      = i18nCrumb MsgMenuPrintSend      $ Just PrintCenterR -- never displayed
-breadcrumb PrintAckDirectR{}= i18nCrumb MsgMenuPrintAck       $ Just PrintCenterR
-breadcrumb PrintLogR        = i18nCrumb MsgMenuPrintLog       $ Just PrintCenterR
+breadcrumb PrintAckDirectR{}= i18nCrumb MsgMenuPrintSend      $ Just PrintCenterR -- never displayed

 breadcrumb SchoolListR      = i18nCrumb MsgMenuSchoolList       $ Just AdminR
 breadcrumb (SchoolR ssh sRoute) = case sRoute of
@ -172,10 +158,9 @@ breadcrumb FaqR             = i18nCrumb MsgBreadcrumbFaq            $ Just InfoR
 breadcrumb HelpR            = i18nCrumb MsgMenuHelp            Nothing


-breadcrumb HealthR              = i18nCrumb MsgMenuHealth          Nothing
-breadcrumb (HealthInterfaceR _) = i18nCrumb MsgMenuHealthInterface (Just HealthR)
-breadcrumb InstanceR            = i18nCrumb MsgMenuInstance        Nothing
-breadcrumb StatusR              = i18nCrumb MsgMenuHealth          Nothing  -- never displayed
+breadcrumb HealthR          = i18nCrumb MsgMenuHealth          Nothing
+breadcrumb InstanceR        = i18nCrumb MsgMenuInstance        Nothing
+breadcrumb StatusR          = i18nCrumb MsgMenuHealth          Nothing  -- never displayed

 breadcrumb  QualificationAllR                       = i18nCrumb MsgMenuQualifications Nothing
 breadcrumb (QualificationSchoolR          ssh     ) = useRunDB . maybeT (i18nCrumb MsgBreadcrumbSchool . Just $ SchoolListR) $ do -- redirect only, used in other breadcrumbs
@ -194,13 +179,21 @@ breadcrumb (LmsR                ssh  qsh) = useRunDB . maybeT (i18nCrumb MsgBrea
  guardM . lift . existsBy $ SchoolQualificationShort ssh qsh
  return (CI.original qsh, Just $ LmsSchoolR ssh)
 breadcrumb (LmsEditR            ssh  qsh) = i18nCrumb MsgMenuLmsEdit       $ Just $ LmsR          ssh qsh
+breadcrumb (LmsUsersR           ssh  qsh) = i18nCrumb MsgMenuLmsUsers      $ Just $ LmsR          ssh qsh
+breadcrumb (LmsUsersDirectR     ssh  qsh) = i18nCrumb MsgMenuLmsUsers      $ Just $ LmsUsersR     ssh qsh -- never displayed, TypedContent
+breadcrumb (LmsUserlistR        ssh  qsh) = i18nCrumb MsgMenuLmsUserlist   $ Just $ LmsR          ssh qsh
+breadcrumb (LmsUserlistUploadR  ssh  qsh) = i18nCrumb MsgMenuLmsUpload     $ Just $ LmsUserlistR  ssh qsh
+breadcrumb (LmsUserlistDirectR  ssh  qsh) = i18nCrumb MsgMenuLmsUpload     $ Just $ LmsUserlistR  ssh qsh -- never displayed
+breadcrumb (LmsResultR          ssh  qsh) = i18nCrumb MsgMenuLmsResult     $ Just $ LmsR          ssh qsh
+breadcrumb (LmsResultUploadR    ssh  qsh) = i18nCrumb MsgMenuLmsUpload     $ Just $ LmsResultR    ssh qsh
+breadcrumb (LmsResultDirectR    ssh  qsh) = i18nCrumb MsgMenuLmsUpload     $ Just $ LmsResultR    ssh qsh -- never displayed
 -- v2
 breadcrumb (LmsLearnersR        ssh  qsh) = i18nCrumb MsgMenuLmsLearners   $ Just $ LmsR          ssh qsh
 breadcrumb (LmsLearnersDirectR  ssh  qsh) = i18nCrumb MsgMenuLmsLearners   $ Just $ LmsLearnersR  ssh qsh -- never displayed, TypedContent
 breadcrumb (LmsReportR          ssh  qsh) = i18nCrumb MsgMenuLmsReport     $ Just $ LmsR          ssh qsh
 breadcrumb (LmsReportUploadR    ssh  qsh) = i18nCrumb MsgMenuLmsUpload     $ Just $ LmsReportR    ssh qsh
 breadcrumb (LmsReportDirectR    ssh  qsh) = i18nCrumb MsgMenuLmsUpload     $ Just $ LmsReportR    ssh qsh -- never displayed
--
+-- 
 breadcrumb (LmsIdentR           ssh  qsh _ ) = breadcrumb $ LmsR ssh qsh -- just a redirect
 breadcrumb (LmsUserR            ssh _qsh u ) = i18nCrumb MsgMenuLmsUser       $ Just $ LmsUserSchoolR u ssh
 breadcrumb (LmsUserSchoolR    u _          ) = i18nCrumb MsgMenuLmsUserSchool $ Just $ LmsUserAllR u
@ -301,7 +294,7 @@ breadcrumb (CourseR tid ssh csh (TutorialR tutn sRoute)) = case sRoute of
  TUsersR  -> useRunDB . maybeT (i18nCrumb MsgBreadcrumbTutorial . Just $ CourseR tid ssh csh CTutorialListR) $ do
    guardM . lift . hasReadAccessTo $ CTutorialR tid ssh csh tutn TUsersR
    return (CI.original tutn, Just $ CourseR tid ssh csh CTutorialListR)
-  TAddUserR   -> i18nCrumb MsgMenuTutorialAddMembers      . Just $ CTutorialR tid ssh csh tutn TUsersR
+  TAddUserR   -> i18nCrumb MsgMenuTutorialAddMembers      . Just $ CTutorialR tid ssh csh tutn TUsersR 
  TEditR      -> i18nCrumb MsgMenuTutorialEdit            . Just $ CTutorialR tid ssh csh tutn TUsersR
  TDeleteR    -> i18nCrumb MsgMenuTutorialDelete          . Just $ CTutorialR tid ssh csh tutn TUsersR
  TCommR      -> i18nCrumb MsgMenuTutorialComm            . Just $ CTutorialR tid ssh csh tutn TUsersR
@ -761,18 +754,6 @@ defaultLinks = fmap catMaybes . mapM runMaybeT $ -- Define the menu items of the
        , navForceActive = False
        }
      }
-  , return NavHeader
-      { navHeaderRole = NavHeaderPrimary
-      , navIcon       = IconCompany
-      , navLink       = NavLink
-        { navLabel       = MsgMenuFirms
-        , navRoute       = FirmAllR
-        , navAccess'     = NavAccessTrue
-        , navType        = NavTypeLink { navModal = False }
-        , navQuick'      = mempty
-        , navForceActive = False
-        }
-      }
  , return NavHeader
      { navHeaderRole = NavHeaderPrimary
      , navIcon       = IconPrintCenter
@ -1342,17 +1323,6 @@ pageActions HealthR = return
      }
    , navChildren = []
    }
-  , NavPageActionPrimary
-    { navLink = NavLink
-      { navLabel       = MsgMenuHealthInterface
-      , navRoute       = HealthInterfaceR []
-      , navAccess'     = NavAccessTrue
-      , navType        = NavTypeLink { navModal = False }
-      , navQuick'      = mempty
-      , navForceActive = False
-      }
-    , navChildren = []
-    }
  ]
 pageActions InstanceR = return
  [ NavPageActionPrimary
@ -1464,12 +1434,6 @@ pageActions (ForProfileR cID) = return
    , navChildren = []
    }
  ]
-pageActions (ForProfileDataR cID) = return
-  [ NavPageActionPrimary
-    { navLink = defNavLink MsgAdminUserHeading $ AdminUserR cID
-    , navChildren = []
-    }
-  ]
 pageActions TermShowR = do
  participantsSecondary <- pageQuickActions NavQuickViewPageActionSecondary ParticipantsListR
  return
@ -2394,6 +2358,26 @@ pageActions (LmsR sid qsh) = return
        , defNavLink MsgMenuLmsDirectUpload $ LmsReportDirectR sid qsh
        ]
    }
+  , NavPageActionSecondary
+    { navLink = defNavLink MsgMenuLmsUsers $ LmsUsersR sid qsh
+    -- , navChildren =
+    --     [ defNavLink MsgMenuLmsDirectDownload $ LmsUsersDirectR sid qsh
+    --     ]
+    }
+  , NavPageActionSecondary
+    { navLink = defNavLink MsgMenuLmsUserlist $ LmsUserlistR sid qsh
+    -- , navChildren =
+    --     [ defNavLink MsgMenuLmsUpload       $ LmsUserlistUploadR sid qsh
+    --     , defNavLink MsgMenuLmsDirectUpload $ LmsUserlistDirectR sid qsh
+    --     ]
+    }
+  , NavPageActionSecondary
+    { navLink = defNavLink MsgMenuLmsResult $ LmsResultR sid qsh
+    -- , navChildren =
+    --     [ defNavLink MsgMenuLmsUpload       $ LmsResultUploadR sid qsh
+    --     , defNavLink MsgMenuLmsDirectUpload $ LmsResultDirectR sid qsh
+    --     ]
+    }
  , NavPageActionSecondary {
      navLink = defNavLink MsgMenuLmsEdit $ LmsEditR sid qsh
    }
@ -2414,18 +2398,6 @@ pageActions ApiDocsR = return
    , navChildren = []
    }
  ]
-pageActions (FirmUsersR fsh) = return
-  [ NavPageActionPrimary
-    { navLink = defNavLink MsgTableCompanyNrSupers $ FirmSupersR fsh
-    , navChildren = []
-    }
-  ]
-pageActions (FirmSupersR fsh) = return
-  [ NavPageActionPrimary
-    { navLink = defNavLink MsgTableCompanyNrUsers  $ FirmUsersR fsh
-    , navChildren = []
-    }
-  ]
 pageActions PrintCenterR = do
  openDays <- useRunDB $ Ex.select $ do
    pj <- Ex.from $ Ex.table @PrintJob
@ -2461,94 +2433,16 @@ pageActions PrintCenterR = do
                      , navForceActive = False
                      }
                    }
-      printLog = NavPageActionSecondary
-                    { navLink = NavLink
-                      { navLabel       = MsgMenuPrintLog
-                      , navRoute       = PrintLogR
-                      , navAccess'     = NavAccessTrue
-                      , navType        = NavTypeLink { navModal = False }
-                      , navQuick'      = mempty
-                      , navForceActive = False
-                      }
-                    }
-      printAck = NavPageActionSecondary
-                    { navLink = NavLink
-                      { navLabel       = MsgMenuPrintAck
-                      , navRoute       = PrintAckDirectR
-                      , navAccess'     = NavAccessTrue
-                      , navType        = NavTypeLink { navModal = False }
-                      , navQuick'      = mempty
-                      , navForceActive = False
-                      }
-                    }
  dayLinks <- mapM toDayAck $ Map.toAscList dayMap
-  return $ manualSend : printLog : printAck : take 9 dayLinks
+  return $ manualSend : take 9 dayLinks

-pageActions CommCenterR = return
-  [ NavPageActionPrimary
-    { navLink = defNavLink MsgMenuMailCenter MailCenterR
-    , navChildren = []
-    }
-  , NavPageActionPrimary
-    { navLink = defNavLink MsgMenuApc PrintCenterR
-    , navChildren = []
-    }
-  ]
-
-pageActions (MailHtmlR smid) = do
-  sid <- decrypt smid
-  usrNotiSettings <- useRunDB $ runMaybeT $ do
-    sm <- MaybeT $ get sid
-    uid <- hoistMaybe $ sentMailRecipient sm
-    User{userDisplayName} <- MaybeT $ get uid
-    uuid <- liftHandler $ encrypt uid
-    return NavPageActionPrimary
-        { navLink = defNavLink (MsgNotificationSettingsHeading userDisplayName) $ UserNotificationR uuid
-        , navChildren = []
-        }
-  let linkPlain = NavPageActionPrimary
-        { navLink = defNavLink MsgMenuMailPlain $ MailPlainR smid
-        , navChildren = []
-        }
-  return $ msnoc [linkPlain] usrNotiSettings
-pageActions (MailPlainR smid) = do
-  sid <- decrypt smid
-  usrNotiSettings <- useRunDB $ runMaybeT $ do
-    sm <- MaybeT $ get sid
-    uid <- hoistMaybe $ sentMailRecipient sm
-    User{userDisplayName} <- MaybeT $ get uid
-    uuid <- liftHandler $ encrypt uid
-    return NavPageActionPrimary
-        { navLink = defNavLink (MsgNotificationSettingsHeading userDisplayName) $ UserNotificationR uuid
-        , navChildren = []
-        }
-  let linkHtml = NavPageActionPrimary
-        { navLink = defNavLink MsgMenuMailHtml $ MailHtmlR smid
-        , navChildren = []
-        }
-  return $ msnoc [linkHtml] usrNotiSettings
-
-pageActions AdminCrontabR = return
+pageActions AdminCrontabR = return 
  [ NavPageActionPrimary
    { navLink = defNavLink MsgMenuAdminJobs AdminJobsR
    , navChildren = []
    }
  ]

-pageActions AdminProblemsR = return
-  [ NavPageActionPrimary
-    { navLink = defNavLink MsgConfigInterfacesHeading ConfigInterfacesR
-    , navChildren = []
-    }
-  , NavPageActionPrimary
-    { navLink = defNavLink MsgProblemsAvsSynchHeading ProblemAvsSynchR
-    , navChildren = []
-    }
-  , NavPageActionSecondary
-    { navLink = defNavLink MsgProblemsAvsErrorHeading ProblemAvsErrorR
-    }
-  ]
-
 pageActions _ = return []

 submissionList :: ( MonadIO m
--- a/src/Foundation/Type.hs
+++ b/src/Foundation/Type.hs
@ -15,7 +15,7 @@ module Foundation.Type
  , _memcachedLocalARC
  , SMTPPool
  , _appSettings', _appStatic, _appConnPool, _appSmtpPool, _appLdapPool, _appWidgetMemcached, _appHttpManager, _appLogger, _appLogSettings, _appCryptoIDKey, _appClusterID, _appInstanceID, _appJobState, _appSessionStore, _appSecretBoxKey, _appJSONWebKeySet, _appHealthReport, _appMemcached, _appUploadCache, _appVerpSecret, _appAuthKey, _appPersonalisedSheetFilesSeedKey, _appVolatileClusterSettingsCache, _appAvsQuery
-  , DB, DBRead, Form, MsgRenderer, MailM, DBFile
+  , DB, Form, MsgRenderer, MailM, DBFile
  ) where

 import Import.NoFoundation
@ -43,7 +43,7 @@ import Data.Time.Clock.POSIX (POSIXTime)
 import GHC.Fingerprint (Fingerprint)
 import Handler.Sheet.PersonalisedFiles.Types (PersonalisedSheetFilesSeedKey)

-import Utils.Avs (AvsQuery())
+import Utils.Avs (AvsQuery)


 type SMTPPool = Pool SMTPConnection
@ -123,9 +123,8 @@ instance HasCookieSettings RegisteredCookie UniWorX where
 instance (MonadHandler m, HandlerSite m ~ UniWorX) => ReadLogSettings m where
  readLogSettings = liftIO . readTVarIO =<< getsYesod (view _appLogSettings)

-
+  
 type DB = YesodDB UniWorX
-type DBRead = ReaderT SqlReadBackend (HandlerFor UniWorX)
 type Form x = Html -> MForm (HandlerFor UniWorX) (FormResult x, WidgetFor UniWorX ())
 type MsgRenderer = MsgRendererS UniWorX -- see Utils
 type MailM a = MailT (HandlerFor UniWorX) a
--- a/src/Foundation/Yesod/Auth.hs
+++ b/src/Foundation/Yesod/Auth.hs
@ -107,7 +107,7 @@ authenticate creds@Creds{..} = liftHandler . runDB . withReaderT projectBackend
          | not isDummy -> res <$ update uid [ UserLastAuthentication =. Just now ]
        _other -> return res

-  $logDebugS "auth" $ tshow Creds{..}
+  $logDebugS "auth" $ tshow Creds{..}  
  ldapPool' <- getsYesod $ view _appLdapPool

  flip catches excHandlers $ case ldapPool' of
@ -153,9 +153,9 @@ _upsertCampusUserMode mMode cs@Creds{..}

    defaultOther = apHash

-ldapLookupAndUpsert :: forall m. (MonadHandler m, HandlerSite m ~ UniWorX, MonadMask m, MonadUnliftIO m) => Text -> SqlPersistT m (Entity User)
-ldapLookupAndUpsert ident =
-  getsYesod (view _appLdapPool) >>= \case
+ldapLookupAndUpsert :: forall m. (MonadHandler m, HandlerSite m ~ UniWorX, MonadMask m, MonadUnliftIO m) => Text -> SqlPersistT m (Entity User)                    
+ldapLookupAndUpsert ident = 
+  getsYesod (view _appLdapPool) >>= \case 
    Nothing -> throwM $ CampusUserLdapError $ LdapHostNotResolved "No LDAP configuration in Foundation."
    Just ldapPool ->
      campusUser'' ldapPool campusUserFailoverMode ident >>= \case
@ -182,21 +182,22 @@ upsertCampusUser upsertMode ldapData = do
  userDefaultConf <- getsYesod $ view _appUserDefaults

  (newUser,userUpdate) <- decodeUser now userDefaultConf upsertMode ldapData
+  --TODO: newUser should be associated with a company and company supervisor through Handler.Utils.Company.upsertUserCompany, but this is called by upsertAvsUser already - conflict?

  oldUsers <- for (userLdapPrimaryKey newUser) $ \pKey -> selectKeysList [ UserLdapPrimaryKey ==. Just pKey ] []

  user@(Entity userId userRec) <- case oldUsers of
    Just [oldUserId] -> updateGetEntity oldUserId userUpdate
    _other           -> upsertBy (UniqueAuthentication (newUser ^. _userIdent)) newUser userUpdate
-  unless (validDisplayName (newUser ^. _userTitle)
+  unless (validDisplayName (newUser ^. _userTitle) 
                           (newUser ^. _userFirstName)
-                           (newUser ^. _userSurname)
+                           (newUser ^. _userSurname) 
                           (userRec ^. _userDisplayName)) $
-    update userId [ UserDisplayName   =. (newUser ^. _userDisplayName) ]  -- update invalid display names only
-  when (validEmail' (userRec ^. _userEmail)) $ do                         -- RECALL: userRec already contains basic updates
+    update userId [ UserDisplayName   =. (newUser ^. _userDisplayName) ]
+  when (validEmail' (userRec ^. _userEmail)) $ do 
    let emUps =  [ UserDisplayEmail   =. (newUser ^. _userEmail)  | not (validEmail' (userRec ^. _userDisplayEmail))  ]
              ++ [ UserAuthentication =. AuthLDAP                 | is _AuthNoLogin  (userRec ^. _userAuthentication) ]
-    update userId emUps -- update already checks whether list is empty
+    unless (null emUps) $ update userId emUps
    -- Attempt to update ident, too:
    unless (validEmail' (userRec ^. _userIdent)) $
      void $ maybeCatchAll (update userId [ UserIdent =. (newUser ^. _userEmail) ] >> return (Just ()))
@ -227,10 +228,10 @@ decodeUserTest mbIdent ldapData = do


 decodeUser :: (MonadThrow m) =>  UTCTime -> UserDefaultConf -> UpsertCampusUserMode -> Ldap.AttrList [] -> m (User,_)
-decodeUser now UserDefaultConf{..} upsertMode ldapData = do
+decodeUser now UserDefaultConf{..} upsertMode ldapData = do    
    let
-      userTelephone             = decodeLdap ldapUserTelephone <&> canonicalPhone
-      userMobile                = decodeLdap ldapUserMobile    <&> canonicalPhone
+      userTelephone             = decodeLdap ldapUserTelephone
+      userMobile                = decodeLdap ldapUserMobile
      userCompanyPersonalNumber = decodeLdap ldapUserFraportPersonalnummer
      userCompanyDepartment     = decodeLdap ldapUserFraportAbteilung

@ -266,7 +267,7 @@ decodeUser now UserDefaultConf{..} upsertMode ldapData = do
      --      -> return $ CI.mk userEmail
      | otherwise
        -> throwM CampusUserInvalidEmail
-
+        
    userLdapPrimaryKey <- if
      | [bs] <- ldapMap !!! ldapPrimaryKey
      , Right userLdapPrimaryKey'' <- Text.decodeUtf8' bs
@ -305,13 +306,13 @@ decodeUser now UserDefaultConf{..} upsertMode ldapData = do
        , userPrefersPostal           = userDefaultPrefersPostal
        , ..
        }
-      userUpdate =
+      userUpdate =  
        [ UserLastAuthentication      =. Just now  | isLogin ] ++
        [ UserEmail                   =. userEmail | validEmail' userEmail ] ++
        [
-        -- UserDisplayName             =. userDisplayName -- not updated here, since users are allowed to change their DisplayName; see line 191
+        -- UserDisplayName             =. userDisplayName -- not updated here, since users are allowed to change their DisplayName; see line 272
          UserFirstName               =. userFirstName
-        , UserSurname                 =. userSurname
+        , UserSurname                 =. userSurname                    
        , UserLastLdapSynchronisation =. Just now
        , UserLdapPrimaryKey          =. userLdapPrimaryKey
        , UserMobile                  =. userMobile
--- a/src/Foundation/Yesod/ErrorHandler.hs
+++ b/src/Foundation/Yesod/ErrorHandler.hs
@ -9,9 +9,9 @@ module Foundation.Yesod.ErrorHandler
 import Import.NoFoundation hiding (errorHandler)

 import Foundation.Type
-import Foundation.I18n
+-- import Foundation.I18n
 import Foundation.Authorization
-import Foundation.SiteLayout
+-- import Foundation.SiteLayout
 import Foundation.Routes
 import Foundation.DB

@ -20,15 +20,15 @@ import qualified Data.Text as Text

 import qualified Network.Wai as W
  
-import System.Exit -- DEBUG: just for testing
-import System.Posix.Process -- DEBUG: just for testing
+-- import System.Exit -- DEBUG: just for testing
+-- import System.Posix.Process -- DEBUG: just for testing

 errorHandler :: ( MonadSecretBox (HandlerFor UniWorX)
-                , MonadSecretBox (WidgetFor UniWorX)
+                -- , MonadSecretBox (WidgetFor UniWorX)
                , MonadSecretBox (ExceptT EncodedSecretBoxException (HandlerFor UniWorX))
                , MonadAuth (HandlerFor UniWorX)
                , BearerAuthSite UniWorX
-                , YesodPersistBackend UniWorX ~ SqlBackend
+                -- , YesodPersistBackend UniWorX ~ SqlBackend
                )
             => ErrorResponse -> HandlerFor UniWorX TypedContent
 errorHandler err = do
@ -72,39 +72,39 @@ errorHandler err = do
  setSessionJson SessionError sessErr

  selectRep $ do
-    provideRep $ do
-      mr <- getMessageRender
-      let
-        encrypted :: Text -> WidgetFor UniWorX () -> WidgetFor UniWorX ()
-        encrypted plaintextJson plaintext = do
-          let displayEncrypted ciphertext = 
-                [whamlet|
-                  $newline never
-                  <p>_{MsgErrorResponseEncrypted}
-                  <pre .literal-error>
-                    #{ciphertext}
-                |]
-          if
-            | isEncrypted && shouldEncrypt -> displayEncrypted plaintextJson
-            | shouldEncrypt -> displayEncrypted =<< encodedSecretBox SecretBoxPretty plaintextJson
-            | otherwise -> plaintext
+    -- provideRep $ do
+    --   mr <- getMessageRender
+    --   let
+    --     encrypted :: Text -> WidgetFor UniWorX () -> WidgetFor UniWorX ()
+    --     encrypted plaintextJson plaintext = do
+    --       let displayEncrypted ciphertext = 
+    --             [whamlet|
+    --               $newline never
+    --               <p>_{MsgErrorResponseEncrypted}
+    --               <pre .literal-error>
+    --                 #{ciphertext}
+    --             |]
+    --       if
+    --         | isEncrypted && shouldEncrypt -> displayEncrypted plaintextJson
+    --         | shouldEncrypt -> displayEncrypted =<< encodedSecretBox SecretBoxPretty plaintextJson
+    --         | otherwise -> plaintext

-        errPage = case err of
-          NotFound -> [whamlet|<p>_{MsgErrorResponseNotFound}|]
-          InternalError err'
-            | "Crash Button" `isPrefixOf` err'   -> liftIO $ exitImmediately ExitSuccess -- DEBUG: just for Testing
-            | otherwise -> encrypted err' [whamlet|<p .literal-error>#{fromMaybe err' decrypted}|]
-          InvalidArgs errs -> [whamlet|
-              <ul>
-                $forall err' <- errs
-                  <li .literal-error>
-                    #{err'}
-             |]
-          NotAuthenticated -> [whamlet|<p>_{MsgErrorResponseNotAuthenticated}|]
-          PermissionDenied err' -> [whamlet|<p .errMsg>#{err'}|]
-          BadMethod method -> [whamlet|<p>_{MsgErrorResponseBadMethod (decodeUtf8 method)}|]
-      siteLayout (toWgt . mr $ ErrorResponseTitle err) $ do
-        errPage
+    --     errPage = case err of
+    --       NotFound -> [whamlet|<p>_{MsgErrorResponseNotFound}|]
+    --       InternalError err'
+    --         | "Crash Button" `isPrefixOf` err'   -> liftIO $ exitImmediately ExitSuccess -- DEBUG: just for Testing
+    --         | otherwise -> encrypted err' [whamlet|<p .literal-error>#{fromMaybe err' decrypted}|]
+    --       InvalidArgs errs -> [whamlet|
+    --           <ul>
+    --             $forall err' <- errs
+    --               <li .literal-error>
+    --                 #{err'}
+    --          |]
+    --       NotAuthenticated -> [whamlet|<p>_{MsgErrorResponseNotAuthenticated}|]
+    --       PermissionDenied err' -> [whamlet|<p .errMsg>#{err'}|]
+    --       BadMethod method -> [whamlet|<p>_{MsgErrorResponseBadMethod (decodeUtf8 method)}|]
+    --   siteLayout (toWgt . mr $ ErrorResponseTitle err) $ do
+    --     errPage
    provideRep $ case err of
      PermissionDenied err' -> return err'
      InternalError err'
--- a/src/Handler/Admin.hs
+++ b/src/Handler/Admin.hs
@ -1,4 +1,4 @@
-- SPDX-FileCopyrightText: 2022-24 Gregor Kleen <gregor.kleen@ifi.lmu.de>,Steffen Jost <jost@tcs.ifi.lmu.de>,Steffen Jost <s.jost@fraport.de>
+-- SPDX-FileCopyrightText: 2022 Gregor Kleen <gregor.kleen@ifi.lmu.de>,Steffen Jost <jost@tcs.ifi.lmu.de>
 --
 -- SPDX-License-Identifier: AGPL-3.0-or-later

@ -8,29 +8,24 @@ module Handler.Admin

 import Import

+import Jobs
 -- import Data.Either
-import qualified Data.Set  as Set
-import qualified Data.Map  as Map
-import qualified Data.Text as Text
+import qualified Data.Set as Set
 -- import qualified Data.Text.Lazy.Encoding as LBS

 -- import qualified Control.Monad.Catch as Catch
 -- import Servant.Client (ClientError(..), ResponseF(..))
 -- import Text.Blaze.Html (preEscapedToHtml)

-import Database.Persist.Sql (updateWhereCount)
 import           Database.Esqueleto.Experimental ((:&)(..))
 import qualified Database.Esqueleto.Experimental as E
-import qualified Database.Esqueleto.Legacy as EL (on) -- needed for dbTable
 import qualified Database.Esqueleto.Utils as E

-import Jobs
-import Handler.Utils
+import Handler.Utils.DateTime
 import Handler.Utils.Avs
+import Handler.Utils.Widgets
 import Handler.Utils.Users
-- import Handler.Utils.Company
-import Handler.Health.Interface
-import Handler.Users (AllUsersAction(..))
+import Handler.Utils.Qualification

 import Handler.Admin.Test as Handler.Admin
 import Handler.Admin.ErrorMessage as Handler.Admin
@ -39,39 +34,45 @@ import Handler.Admin.Crontab as Handler.Admin
 import Handler.Admin.Avs as Handler.Admin
 import Handler.Admin.Ldap as Handler.Admin

-- avoids repetition of local definitions
-single :: (k,a) -> Map k a
-single = uncurry Map.singleton

-
-- Types and Template Haskell
-data ProblemTableAction = ProblemTableMarkSolved
-                        | ProblemTableMarkUnsolved
-  deriving (Eq, Ord, Enum, Bounded, Read, Show, Generic)
-  deriving anyclass (Universe, Finite)
-
-nullaryPathPiece ''ProblemTableAction $ camelToPathPiece' 2
-embedRenderMessage ''UniWorX ''ProblemTableAction id
-
-data ProblemTableActionData = ProblemTableMarkSolvedData
-                            | ProblemTableMarkUnsolvedData -- Placeholder, remove later
-  deriving (Eq, Ord, Read, Show, Generic)
-
-
-- Handlers
 getAdminR :: Handler Html
 getAdminR = redirect AdminProblemsR

-getAdminProblemsR, postAdminProblemsR :: Handler Html
-getAdminProblemsR = handleAdminProblems Nothing
-
-handleAdminProblems :: Maybe Widget -> Handler Html
-handleAdminProblems mbProblemTable = do
+getAdminProblemsR :: Handler Html
+getAdminProblemsR = do 
  now <- liftIO getCurrentTime
  let nowaday = utctDay now
-      cutOffOldDays = 1
-      cutOffOldTime  = toMidnight $ addDays (-cutOffOldDays) nowaday
+      cutOffPrintDays = 7
+      cutOffPrintJob  = addLocalDays  (-cutOffPrintDays) now      

+  (usersAreReachable, driversHaveAvsIds, rDriversHaveFs, noStalePrintJobs, noBadAPCids, noAvsSynchProblems) <- runDB $ (,,,,,) 
+      <$> areAllUsersReachable 
+      <*> allDriversHaveAvsId now
+      <*> allRDriversHaveFs now
+      <*> (not <$> exists [PrintJobAcknowledged ==. Nothing, PrintJobCreated  <=. cutOffPrintJob])
+      <*> (not <$> exists [PrintAcknowledgeProcessed ==. False])
+      <*> (not <$> exists [UserAvsLastSynchError !=. Nothing])    
+  diffLics <- try retrieveDifferingLicences >>= \case
+    -- (Left (UnsupportedContentType "text/html" resp)) -> Left $ text2widget "Html received"
+    (Left e) -> return $ Left $ text2widget $ tshow (e :: SomeException)
+    (Right AvsLicenceDifferences{..}) -> do
+      let problemIds = avsLicenceDiffRevokeAll <> avsLicenceDiffGrantVorfeld <> avsLicenceDiffRevokeRollfeld <> avsLicenceDiffGrantRollfeld      
+      forM_ (take 42 $ Set.toList problemIds) $ queueJob' . flip JobSynchroniseAvsId (Just nowaday)      
+      return $ Right
+        ( Set.size avsLicenceDiffRevokeAll
+        , Set.size avsLicenceDiffGrantVorfeld
+        , Set.size avsLicenceDiffRevokeRollfeld
+        , Set.size avsLicenceDiffGrantRollfeld
+        )
+  -- Attempt to format results in a nicer way failed, since rendering Html within a modal destroyed the page layout itself
+  -- let procDiffLics (to0, to1, to2) = Right (Set.size to0, Set.size to1, Set.size to2)
+  -- diffLics <- (procDiffLics <$> retrieveDifferingLicences) `catches`
+  --   [ Catch.Handler (\case (UnsupportedContentType "text/html;charset=utf-8" Response{responseBody})
+  --                                         -> return $ Left $ toWidget $ preEscapedToHtml $ fromRight "Response UTF8-decoding error" $ LBS.decodeUtf8' responseBody
+  --                          ex             -> return $ Left $ text2widget $ tshow ex)
+  --   , Catch.Handler (\(ex::SomeException) -> return $ Left $ text2widget $ tshow ex)
+  --   ]
+      
  -- we abuse messageTooltip for colored icons here
  msgSuccessTooltip <- messageI Success MsgMessageSuccess
  msgWarningTooltip <- messageI Warning MsgMessageWarning
@ -81,97 +82,23 @@ handleAdminProblems mbProblemTable = do
      flagWarning = messageTooltip . bool msgWarningTooltip msgSuccessTooltip
      flagNonZero :: Int -> Widget
      flagNonZero n | n <= 0    = flagError True
-                    | otherwise = messageTooltip =<< handlerToWidget (messageI Error (MsgProblemsDriverSynch n))
-
-  (usersAreReachable, driversHaveAvsIds, rDriversHaveFs, noStalePrintJobs, noBadAPCids, (interfaceOks, interfaceTable)) <- runDB $ (,,,,,)
-      <$> areAllUsersReachable
-      <*> allDriversHaveAvsId now
-      <*> allRDriversHaveFs now
-      <*> (not <$> exists [PrintJobAcknowledged ==. Nothing, PrintJobCreated  <. cutOffOldTime])
-      <*> (not <$> exists [PrintAcknowledgeProcessed ==. False])
-      <*> mkInterfaceLogTable mempty
-  let interfacesBadNr = length $ filter (not . snd) interfaceOks
-      -- interfacesOk = all snd interfaceOks
-
-  diffLics <- try retrieveDifferingLicences >>= \case
-    -- (Left (UnsupportedContentType "text/html" resp)) -> Left $ text2widget "Html received"
-    (Left e) -> return $ Left $ text2widget $ tshow (e :: SomeException)
-    (Right (AvsLicenceDifferences{..},_)) -> do
-      let problemIds = avsLicenceDiffRevokeAll <> avsLicenceDiffGrantVorfeld <> avsLicenceDiffRevokeRollfeld <> avsLicenceDiffGrantRollfeld
-      void $ runDB $ queueAvsUpdateByAID problemIds $ Just nowaday
-      return $ Right
-        ( Set.size avsLicenceDiffRevokeAll
-        , Set.size avsLicenceDiffGrantVorfeld
-        , Set.size avsLicenceDiffRevokeRollfeld
-        , Set.size avsLicenceDiffGrantRollfeld
-        )
-  -- Attempt to format results in a nicer way failed, since rendering Html within a modal destroyed the page layout itself
-  -- let procDiffLics (to0, to1, to2) = Right (Set.size to0, Set.size to1, Set.size to2)
-  -- diffLics <- (procDiffLics . fst <$> retrieveDifferingLicences) `catches`
-  --   [ Catch.Handler (\case (UnsupportedContentType "text/html;charset=utf-8" Response{responseBody})
-  --                                         -> return $ Left $ toWidget $ preEscapedToHtml $ fromRight "Response UTF8-decoding error" $ LBS.decodeUtf8' responseBody
-  --                          ex             -> return $ Left $ text2widget $ tshow ex)
-  --   , Catch.Handler (\(ex::SomeException) -> return $ Left $ text2widget $ tshow ex)
-  --   ]
-
+                    | otherwise = messageTooltip =<< handlerToWidget (messageI Error (MsgProblemsDriverSynch n))                                    
+  
  rerouteMail <- getsYesod $ view _appMailRerouteTo
-  problemLogTable <- maybeM (snd <$> runDB mkProblemLogTable) return $ return mbProblemTable    -- formResult only processed in POST-Handler

  siteLayoutMsg MsgProblemsHeading $ do
    setTitleI   MsgProblemsHeading
    $(widgetFile "admin-problems")

-postAdminProblemsR = do
-    (problemLogRes, problemLogTable) <- runDB mkProblemLogTable
-    formResult problemLogRes procProblems
-    handleAdminProblems $ Just problemLogTable
-  where
-    procProblems :: (ProblemTableActionData, Set ProblemLogId) -> Handler ()
-    procProblems (ProblemTableMarkSolvedData  , pids) = actUpdate True  pids
-    procProblems (ProblemTableMarkUnsolvedData, pids) = actUpdate False pids

-    actUpdate markdone pids = do
-      mauid <- maybeAuthId
-      now <- liftIO getCurrentTime
-      let (pls_fltr,newv,msg) | markdone  = (ProblemLogSolved ==. Nothing, Just now, MsgAdminProblemsSolved)
-                              | otherwise = (ProblemLogSolved !=. Nothing, Nothing , MsgAdminProblemsReopened)
-      (fromIntegral -> oks) <- runDB $ updateWhereCount [pls_fltr, ProblemLogId <-. toList pids]
-                                                        [ProblemLogSolved =. newv, ProblemLogSolver =. mauid]
-      let no_req = Set.size pids
-          mkind = if oks < no_req || no_req <= 0 then Warning else Success
-      addMessageI mkind $ msg oks
-      when (oks > 0) $ reloadKeepGetParams AdminProblemsR -- reload to update all tables
-
-getProblemUnreachableR,  postProblemUnreachableR :: Handler Html
-getProblemUnreachableR = postProblemUnreachableR
-postProblemUnreachableR = do
+getProblemUnreachableR :: Handler Html
+getProblemUnreachableR = do
  unreachables <- runDB retrieveUnreachableUsers
-
-  -- the following form is a nearly identicaly copy from Handler.Users:
-  ((noreachUsersRes, noreachUsersWgt'), noreachUsersEnctype) <- runFormPost . identifyForm FIDUnreachableUsersAction $ buttonForm
-  let noreachUsersWgt = wrapForm noreachUsersWgt' def
-        { formSubmit = FormNoSubmit
-        , formAction = Just $ SomeRoute ProblemUnreachableR
-        , formEncoding = noreachUsersEnctype
-        }
-  formResult noreachUsersRes $ \case
-    AllUsersLdapSync -> do
-      forM_ unreachables $ \Entity{entityKey=uid} -> void . queueJob $ JobSynchroniseLdapUser uid
-      addMessageI Success . MsgSynchroniseLdapUserQueued $ length unreachables
-      redirect ProblemUnreachableR
-    AllUsersAvsSync -> do
-      n <- runDB $ queueAvsUpdateByUID (entityKey <$> unreachables) Nothing
-      addMessageI Success . MsgSynchroniseAvsUserQueued $ fromIntegral n
-      redirect ProblemUnreachableR
-
  siteLayoutMsg MsgProblemsUnreachableHeading $ do
    setTitleI   MsgProblemsUnreachableHeading
    [whamlet|
      <section>
-        <h3>_{MsgProblemsUnreachableButtons}
-        ^{noreachUsersWgt}
-      <section>
-        #{length unreachables} _{MsgProblemsUnreachableBody}
+        #{length unreachables} _{MsgProblemsUnreachableBody}        
        <ul>
          $forall usr <- unreachables
            <li>
@ -179,8 +106,8 @@ postProblemUnreachableR = do
    |]

 getProblemFbutNoR :: Handler Html
-getProblemFbutNoR = do
-  now <- liftIO getCurrentTime
+getProblemFbutNoR = do 
+  now <- liftIO getCurrentTime  
  rnofs <- runDB $ E.select $ retrieveDriversRWithoutF now
  siteLayoutMsg MsgProblemsRWithoutFHeading $ do
    setTitleI   MsgProblemsRWithoutFHeading
@ -194,8 +121,8 @@ getProblemFbutNoR = do
    |]

 getProblemWithoutAvsId :: Handler Html
-getProblemWithoutAvsId = do
-  now <- liftIO getCurrentTime
+getProblemWithoutAvsId = do 
+  now <- liftIO getCurrentTime  
  rnofs <- runDB $ E.select $ retrieveDriversWithoutAvsId now
  siteLayoutMsg MsgProblemsNoAvsIdHeading $ do
    setTitleI   MsgProblemsNoAvsIdHeading
@ -210,47 +137,40 @@ getProblemWithoutAvsId = do

 {-
 mkUnreachableUsersTable = do
-  let dbtSQLQuery user -> do
+  let dbtSQLQuery user -> do 
        E.where_ $ E.isNothing (user E.^. UserPostAddress)
-          E.&&. E.not_ ((user E.^. UserEmail) `E.like` E.val "%@%.%")
+          E.&&. E.not_ ((user E.^. UserEmail) `E.like` E.val "%@%.%") 
        pure user
      dbtRowKey = (E.^. UserId)
      dbtProj = dbtProjId
-      dbtColonnade =
+      dbtColonnade = 
 -}

 areAllUsersReachable :: DB Bool
-- areAllUsersReachable = E.selectNotExists retrieveUnreachableUsers' -- works and would be more efficient, but we cannot check proper email validity within DB alone
+-- areAllUsersReachable = isNothing <$> E.selectOne retrieveUnreachableUsers'
+-- areAllUsersReachable = E.selectNotExists retrieveUnreachableUsers'
 areAllUsersReachable = null <$> retrieveUnreachableUsers
-
+  
 -- retrieveUnreachableUsers' :: E.SqlQuery (E.SqlExpr (Entity User))
-- retrieveUnreachableUsers' = do
+-- retrieveUnreachableUsers' = do     
 --     user <- E.from $ E.table @User
 --     E.where_ $   E.isNothing (user E.^. UserPostAddress)
 --           E.&&. (E.isNothing (user E.^. UserCompanyDepartment) E.||. user E.^. UserCompanyPersonalNumber `E.ilike` E.justVal "E%")
 --           E.&&. E.not_ ((user E.^. UserDisplayEmail)  `E.like` E.val "%@%.%")
 --           E.&&. E.not_ ((user E.^. UserEmail)         `E.like` E.val "%@%.%")
--     return user
+--     return user 

 retrieveUnreachableUsers :: DB [Entity User]
-retrieveUnreachableUsers = do
-    emailOnlyUsers <- E.select $ do
+retrieveUnreachableUsers = do 
+    emailOnlyUsers <- E.select $ do 
      user <- E.from $ E.table @User
      E.where_ $   E.isNothing (user E.^. UserPostAddress)
-            E.&&. (E.isNothing (user E.^. UserCompanyDepartment) E.||. user E.^. UserCompanyPersonalNumber `E.ilike` E.justVal "E%")
-            E.&&. E.notExists (do
-                (cmp :& usrCmp) <- E.from $ E.table @Company `E.innerJoin` E.table @UserCompany
-                  `E.on` (\(cmp :& usrCmp) -> cmp E.^. CompanyId E.==. usrCmp E.^. UserCompanyCompany)
-                E.where_ $ user E.^. UserId E.==. usrCmp E.^. UserCompanyUser
-                    E.&&.  usrCmp E.^. UserCompanyUseCompanyAddress
-                    E.&&.  E.isJust (cmp E.^. CompanyPostAddress)
-              )
+            E.&&. (E.isNothing (user E.^. UserCompanyDepartment) E.||. user E.^. UserCompanyPersonalNumber `E.ilike` E.justVal "E%")    
      return user
-    filterM hasInvalidEmail emailOnlyUsers
-    -- filterM hasInvalifPostal -- probably not worth it, since Utils.Postal.validPostAddress is pretty weak anyway
-  where
-    hasInvalidEmail = fmap isNothing . getUserEmail
-
+    return $ filter hasInvalidEmail emailOnlyUsers
+  where 
+    hasInvalidEmail = isNothing . getEmailAddress . entityVal
+  

 allDriversHaveAvsId :: UTCTime -> DB Bool
 -- allDriversHaveAvsId = fmap isNothing . E.selectOne . retrieveDriversWithoutAvsId
@ -259,17 +179,17 @@ allDriversHaveAvsId = E.selectNotExists . retrieveDriversWithoutAvsId
 {-
 -- | Returns users more than once if they own multiple avs-related valid licences, but no AvsID is known
 retrieveDriversWithoutAvsId' :: Day -> E.SqlQuery (E.SqlExpr (Entity User))
-retrieveDriversWithoutAvsId' nowaday = do
+retrieveDriversWithoutAvsId' nowaday = do     
  (usr :& qualUsr :& qual) <- E.from $ E.table @User
    `E.innerJoin`  E.table @QualificationUser
    `E.on` (\(usr :& qualUsr) -> usr E.^. UserId E.==. qualUsr E.^. QualificationUserUser)
-    `E.innerJoin`  E.table @Qualification
-    `E.on` (\(_usr :& qualUsr :& qual) -> qual E.^. QualificationId E.==. qualUsr E.^. QualificationUserQualification)
+    `E.innerJoin`  E.table @Qualification              
+    `E.on` (\(_usr :& qualUsr :& qual) -> qual E.^. QualificationId E.==. qualUsr E.^. QualificationUserQualification)    
  E.where_ $ -- is avs licence
      E.isJust (qual E.^. QualificationAvsLicence)
    E.&&. (qualUsr & validQualification nowaday)
    E.&&. -- AvsId is unknown
-      E.notExists (do
+      E.notExists (do 
        avsUsr <- E.from $ E.table @UserAvs
        E.where_ $ avsUsr E.^. UserAvsUser E.==. usr E.^. UserId
      )
@ -278,20 +198,20 @@ retrieveDriversWithoutAvsId' nowaday = do

 -- | Returns users at most once, even if they own multiple avs-related licences, but no AvsID is known
 retrieveDriversWithoutAvsId :: UTCTime -> E.SqlQuery (E.SqlExpr (Entity User))
-retrieveDriversWithoutAvsId now = do
+retrieveDriversWithoutAvsId now = do     
  usr <- E.from $ E.table @User
-  E.where_ $
-      E.exists (do -- a valid avs licence
-        (qual :& qualUsr) <- E.from (E.table @Qualification
+  E.where_ $ 
+      E.exists (do -- a valid avs licence 
+        (qual :& qualUsr) <- E.from (E.table @Qualification 
              `E.innerJoin` E.table @QualificationUser
              `E.on` (\(qual :& qualUsr) -> qual E.^. QualificationId E.==. qualUsr E.^. QualificationUserQualification))
        E.where_ $ -- is avs licence
            E.isJust (qual E.^. QualificationAvsLicence)
          E.&&. (qualUsr & validQualification now) -- currently valid
-          E.&&. -- matches user
+          E.&&. -- matches user 
            (qualUsr E.^. QualificationUserUser E.==. usr E.^. UserId)
      )
-    E.&&.
+    E.&&. 
      E.notExists (do -- a known AvsId
        avsUsr <- E.from $ E.table @UserAvs
        E.where_ $ avsUsr E.^. UserAvsUser E.==. usr E.^. UserId
@ -300,133 +220,21 @@ retrieveDriversWithoutAvsId now = do


 allRDriversHaveFs :: UTCTime -> DB Bool
-- allRDriversHaveFs = fmap isNothing . E.selectOne . retrieveDriversRWithoutF
-allRDriversHaveFs = E.selectNotExists . retrieveDriversRWithoutF
+-- allRDriversHaveFs = fmap isNothing . E.selectOne . retrieveDriversRWithoutF 
+allRDriversHaveFs = E.selectNotExists . retrieveDriversRWithoutF 

 -- | Returns users at most once, even if they own multiple avs-related licences, but no AvsID is known
 retrieveDriversRWithoutF :: UTCTime -> E.SqlQuery (E.SqlExpr (Entity User))
-retrieveDriversRWithoutF now = do
+retrieveDriversRWithoutF now = do     
  usr <- E.from $ E.table @User
  let hasValidQual lic = do
-        (qual :& qualUsr) <- E.from (E.table @Qualification
+        (qual :& qualUsr) <- E.from (E.table @Qualification 
              `E.innerJoin` E.table @QualificationUser
              `E.on` (\(qual :& qualUsr) -> qual E.^. QualificationId E.==. qualUsr E.^. QualificationUserQualification))
-        E.where_ $  (qual E.^. QualificationAvsLicence  E.==. E.justVal lic)    -- matches licence
-              E.&&. (qualUsr E.^. QualificationUserUser E.==. usr E.^. UserId)  -- matches user
-              E.&&. (qualUsr & validQualification now)                          -- currently valid
+        E.where_ $  (qual E.^. QualificationAvsLicence  E.==. E.justVal lic)    -- matches licence 
+              E.&&. (qualUsr E.^. QualificationUserUser E.==. usr E.^. UserId)  -- matches user 
+              E.&&. (qualUsr & validQualification now)                                 -- currently valid            
  E.where_ $ E.exists (hasValidQual AvsLicenceRollfeld)
    E.&&. E.notExists (hasValidQual AvsLicenceVorfeld)
  return usr
-
-
-
-type ProblemLogTableExpr = E.SqlExpr (Entity ProblemLog) `E.LeftOuterJoin` E.SqlExpr (Maybe (Entity User)) `E.LeftOuterJoin` E.SqlExpr (Maybe (Entity User))
-queryProblem :: ProblemLogTableExpr -> E.SqlExpr (Entity ProblemLog)
-queryProblem = $(E.sqlLOJproj 3 1)
-
-querySolver :: ProblemLogTableExpr -> E.SqlExpr (Maybe (Entity User))
-querySolver = $(E.sqlLOJproj 3 2)
-
-queryUser :: ProblemLogTableExpr -> E.SqlExpr (Maybe (Entity User))
-queryUser = $(E.sqlLOJproj 3 3)
-
-type ProblemLogTableData = DBRow (Entity ProblemLog, Maybe (Entity User), Maybe (Entity User))
-resultProblem :: Lens' ProblemLogTableData (Entity ProblemLog)
-resultProblem = _dbrOutput . _1
-
-resultSolver :: Traversal' ProblemLogTableData (Entity User)
-resultSolver = _dbrOutput . _2 . _Just
-
-resultUser :: Traversal' ProblemLogTableData (Entity User)
-resultUser = _dbrOutput . _3 . _Just
-
-mkProblemLogTable :: DB (FormResult (ProblemTableActionData, Set ProblemLogId), Widget)
-mkProblemLogTable = do
-    -- problem_types <- E.select $ do
-    --   ap <- E.from $ E.table @ProblemLog
-    --   let res = ap E.^. ProblemLogInfo E.->>. "problem"
-    --   E.groupBy res
-    --   return res
-    over _1 postprocess <$> dbTable validator DBTable{..}
-  where
-    -- TODO: query to collect all occurring problem types to use as tooltip for the problem filter, so that these don't run out of synch
-    dbtIdent = "problem-log" :: Text
-    dbtSQLQuery = \(problem `E.LeftOuterJoin` solver `E.LeftOuterJoin` usr) -> do
-                    -- EL.on (usr    E.?. UserId E.==. E.text2num (problem E.^. ProblemLogInfo   E.->>. "user")) -- works
-                    EL.on (usr    E.?. UserId E.==. problem E.^. ProblemLogInfo E.->>>. "user")
-                    EL.on (solver E.?. UserId E.==. problem E.^. ProblemLogSolver)
-                    return (problem, solver, usr)
-    dbtRowKey = queryProblem >>> (E.^. ProblemLogId)
-    dbtProj = dbtProjFilteredPostId
-    dbtColonnade = formColonnade $ mconcat
-      [ dbSelect (applying _2) id $ return . view (resultProblem . _entityKey)
-      , sortable (Just "time")    (i18nCell MsgAdminProblemCreated) $ \(   view $ resultProblem . _entityVal . _problemLogTime   -> t) ->           dateTimeCell t
-      , sortable (Just "info")    (i18nCell MsgAdminProblemInfo)    $ \(   view $ resultProblem . _entityVal . _problemLogAdminProblem -> p) -> adminProblemCell p
-      -- , sortable (Just "firm")    (i18nCell MsgTableCompany)        $ \(preview $ resultProblem . _entityVal . _problemLogAdminProblem . _adminProblemCompany -> c) -> cellMaybe companyIdCell c
-      , sortable (Just "firm")    (i18nCell MsgTableCompany)        $ \(   view $ resultProblem . _entityVal . _problemLogAdminProblem -> p) -> cellMaybe companyIdCell $ join (p ^? _adminProblemCompanyOld) <|> (p ^? _adminProblemCompany)
-      , sortable (Just "user")    (i18nCell MsgAdminProblemUser)    $ \(preview resultUser   -> u) -> maybeCell u $ cellHasUserLink AdminUserR
-      , sortable (Just "solved")  (i18nCell MsgAdminProblemSolved)  $ \(   view $ resultProblem . _entityVal . _problemLogSolved -> t) -> cellMaybe dateTimeCell t
-      , sortable (Just "solver")  (i18nCell MsgAdminProblemSolver)  $ \(preview resultSolver -> u) -> maybeCell u $ cellHasUserLink AdminUserR
-      ]
-    dbtSorting = mconcat
-      [ single ("time"  , SortColumn $ queryProblem >>> (E.^. ProblemLogTime))
-      , single ("info"  , SortColumn $ queryProblem >>> (E.^. ProblemLogInfo))
-      -- , single ("firm"  , SortColumn ((E.->>. "company" ).(queryProblem >>> (E.^. ProblemLogInfo))))
-      , single ("firm"  , SortColumn $ \r -> queryProblem r E.^. ProblemLogInfo E.->>. "company")
-      , single ("user"  , sortUserNameBareM queryUser)
-      , single ("solved", SortColumn $ queryProblem >>> (E.^. ProblemLogSolved))
-      , single ("solver", sortUserNameBareM querySolver)
-      ]
-    dbtFilter = mconcat
-      [ single ("user"    , FilterColumn . E.mkContainsFilterWithCommaPlus Just $ views (to queryUser)   (E.?. UserDisplayName))
-      , single ("solver"  , FilterColumn . E.mkContainsFilterWithCommaPlus Just $ views (to querySolver) (E.?. UserDisplayName))
-      , single ("company" , FilterColumn . E.mkContainsFilter  $ views (to queryProblem) ((E.->>. "company").(E.^. ProblemLogInfo)))
-      , single ("solved"  , FilterColumn . E.mkExactFilterLast $ views (to queryProblem) (E.isJust . (E.^. ProblemLogSolved)))
-      -- , single ("problem" , FilterColumn . E.mkContainsFilter  $ views (to queryProblem) ((E.->>. "problem").(E.^. ProblemLogInfo))) -- not stored in plaintext!
-      , single ("problem" , mkFilterProjectedPost $ \(getLast -> criterion) dbr -> -- falls es nicht schnell genug ist: in dbtProj den Anzeigetext nur einmal berechnen
-          ifNothingM criterion True $ \(crit::Text) -> do
-            let problem = dbr ^. resultProblem . _entityVal . _problemLogAdminProblem
-            protxt <- adminProblem2Text problem
-            return $ crit `Text.isInfixOf` protxt
-        )
-      ]
-    dbtFilterUI mPrev = mconcat
-      [ prismAForm (singletonFilter "user"    . maybePrism _PathPiece) mPrev $ aopt (hoistField lift textField)                        (fslI MsgAdminProblemUser   & setTooltip MsgTableFilterCommaPlus)
-      , prismAForm (singletonFilter "solver"  . maybePrism _PathPiece) mPrev $ aopt (hoistField lift textField)                        (fslI MsgAdminProblemSolver & setTooltip MsgTableFilterCommaPlusShort)
-      , prismAForm (singletonFilter "problem" . maybePrism _PathPiece) mPrev $ aopt (hoistField lift textField)                        (fslI MsgAdminProblemInfo)
-      , prismAForm (singletonFilter "company" . maybePrism _PathPiece) mPrev $ aopt (hoistField lift textField)                        (fslI MsgTableCompanyShort)
-      , prismAForm (singletonFilter "solved"  . maybePrism _PathPiece) mPrev $ aopt (boolField . Just $ SomeMessage MsgBoolIrrelevant) (fslI MsgAdminProblemSolved)
-      ]
-    acts :: Map ProblemTableAction (AForm Handler ProblemTableActionData)
-    acts = mconcat
-      [ singletonMap ProblemTableMarkSolved   $ pure ProblemTableMarkSolvedData
-      , singletonMap ProblemTableMarkUnsolved $ pure ProblemTableMarkUnsolvedData
-      ]
-    dbtParams = DBParamsForm
-          { dbParamsFormMethod = POST
-          , dbParamsFormAction = Nothing
-          , dbParamsFormAttrs  = []
-          , dbParamsFormSubmit = FormSubmit
-          , dbParamsFormAdditional
-              = renderAForm FormStandard
-                   $  (, mempty) . First . Just
-                  <$> multiActionA acts (fslI MsgTableAction) (Just ProblemTableMarkSolved)
-          , dbParamsFormEvaluate = liftHandler . runFormPost
-          , dbParamsFormResult   = id
-          , dbParamsFormIdent    = def
-          }
-    dbtCsvEncode = noCsvEncode
-    dbtCsvDecode = Nothing
-    dbtExtraReps = []
-    dbtStyle = def { dbsFilterLayout = defaultDBSFilterLayout }
-    validator = def & defaultSorting [SortAscBy "time"]
-                    & defaultFilter  (singletonMap "solved" [toPathPiece False])
-    postprocess :: FormResult (First ProblemTableActionData, DBFormResult ProblemLogId Bool ProblemLogTableData)
-                -> FormResult (      ProblemTableActionData, Set ProblemLogId)
-    postprocess inp = do
-      (First (Just act), usrMap) <- inp
-      let usrSet = Map.keysSet . Map.filter id $ getDBFormResult (const False) usrMap
-      return (act, usrSet)
-
-- adminProblemCell :: IsDBTable m a => AdminProblem -> DBCell m a -- moved to Handler.Utils
-- msgAdminProblem :: AdminProblem -> DB (SomeMessages UniWorX) -- moved to Handler.Utils
+  
--- a/src/Handler/Admin/Avs.hs
+++ b/src/Handler/Admin/Avs.hs
@ -9,7 +9,7 @@

 module Handler.Admin.Avs
  ( getAdminAvsR, postAdminAvsR
-  , getAdminAvsUserR, postAdminAvsUserR
+  , getAdminAvsUserR
  , getProblemAvsSynchR, postProblemAvsSynchR
  , getProblemAvsErrorR
  ) where
@ -17,7 +17,7 @@ module Handler.Admin.Avs
 import Import
 import qualified Control.Monad.State.Class as State
 -- import Data.Aeson (encode)
-- import qualified Data.Aeson.Encode.Pretty as Pretty
+import qualified Data.Aeson.Encode.Pretty as Pretty
 import qualified Data.Text as Text
 import qualified Data.CaseInsensitive as CI
 import qualified Data.Set  as Set
@ -27,8 +27,9 @@ import qualified Data.Map as Map
 import Handler.Utils
 import Handler.Utils.Avs
 -- import Handler.Utils.Qualification
-import Handler.Utils.Users (getUserPrimaryCompany)
-import Handler.Utils.Company (switchAvsUserCompany)
+
+import Utils.Avs
+

 import           Database.Esqueleto.Experimental ((:&)(..))
 import qualified Database.Esqueleto.Legacy as E
@ -42,13 +43,6 @@ import qualified Database.Esqueleto.Utils        as E
 single :: (k,a) -> Map k a
 single = uncurry Map.singleton

-exceptionWgt :: SomeException -> Widget
-exceptionWgt (SomeException e) = [whamlet|<h2>Error:</h2> #{tshow e}|]
-
-tryShow :: MonadCatch m => m Widget -> m Widget
-tryShow act = try act >>= \case
-  Left  err -> return $ exceptionWgt err
-  Right res -> return res

 -- Button only needed in AVS TEST; further buttons see below
 data ButtonAvsTest = BtnCheckLicences   --  | BtnSynchLicences
@ -59,7 +53,7 @@ instance Finite ButtonAvsTest
 nullaryPathPiece ''ButtonAvsTest camelToPathPiece

 instance Button UniWorX ButtonAvsTest where
-  btnLabel    BtnCheckLicences = "Show all licence difference to current AVS"       -- could be msg
+  btnLabel    BtnCheckLicences = "Check all licences"       -- could be msg
  -- btnLabel    BtnSynchLicences = "Synchronize all licences" -- could be msg
  btnClasses  BtnCheckLicences = [BCIsButton, BCPrimary]
  -- btnClasses  BtnSynchLicences = [BCIsButton, BCDanger]
@ -93,7 +87,7 @@ validateAvsQueryPerson = do
    is _Just avsPersonQueryInternalPersonalNo ||
    is _Just avsPersonQueryVersionNo

-makeAvsStatusForm :: Maybe AvsPersonId -> Form AvsQueryStatus
+makeAvsStatusForm :: Maybe AvsQueryStatus -> Form AvsQueryStatus
 makeAvsStatusForm tmpl = identifyForm FIDAvsQueryStatus . validateForm validateAvsQueryStatus $ \html ->
  flip (renderAForm FormStandard) html $
    parseAvsIds <$> areq textField (fslI MsgAvsPersonId) (unparseAvsIds <$> tmpl)
@ -103,15 +97,15 @@ makeAvsStatusForm tmpl = identifyForm FIDAvsQueryStatus . validateForm validateA
      where
        nonemptys = filter (not . Text.null) $ Text.strip <$> Text.split (==',') txt
        ids = mapMaybe readMay nonemptys
-    unparseAvsIds :: AvsPersonId -> Text
-    unparseAvsIds = tshow . avsPersonId
+    unparseAvsIds :: AvsQueryStatus -> Text
+    unparseAvsIds (AvsQueryStatus ids) = Text.intercalate ", " $ tshow <$> Set.toAscList ids

 validateAvsQueryStatus :: FormValidator AvsQueryStatus Handler ()
 validateAvsQueryStatus = do
  AvsQueryStatus ids <- State.get
  guardValidation (MsgAvsQueryStatusInvalid $ tshow ids) $ not (null ids)

-makeAvsContactForm :: Maybe AvsPersonId -> Form AvsQueryContact
+makeAvsContactForm :: Maybe AvsQueryContact -> Form AvsQueryContact
 makeAvsContactForm tmpl = identifyForm FIDAvsQueryContact . validateForm validateAvsQueryContact $ \html ->
  flip (renderAForm FormStandard) html $
    parseAvsIds <$> areq textField (fslI MsgAvsPersonId) (unparseAvsIds <$> tmpl) -- consider using cfAnySeparatedSet here
@ -121,9 +115,8 @@ makeAvsContactForm tmpl = identifyForm FIDAvsQueryContact . validateForm validat
      where
        nonemptys = filter (not . Text.null) $ Text.strip <$> Text.split (==',') txt
        ids = mapMaybe (fmap AvsObjPersonId . readMay) nonemptys
-    unparseAvsIds :: AvsPersonId -> Text
-    unparseAvsIds = tshow . avsPersonId
-    --unparseAvsIds (AvsQueryContact ids) = Text.intercalate ", " $ tshow <$> Set.toAscList ids
+    unparseAvsIds :: AvsQueryContact -> Text
+    unparseAvsIds (AvsQueryContact ids) = Text.intercalate ", " $ tshow <$> Set.toAscList ids

 validateAvsQueryContact :: FormValidator AvsQueryContact Handler ()
 validateAvsQueryContact = do
@ -147,270 +140,173 @@ postAdminAvsR = do
  mbAvsConf <- getsYesod $ view _appAvsConf
  let avsWgt = [whamlet|
          $maybe avsConf <- mbAvsConf
-            <h2>
-              AVS Konfiguration
-            <ul>
-              <li>
-                Host:  #{decodeUtf8 (avsUser avsConf)}@#{avsHost avsConf}:#{avsPort avsConf}
-              <li>
-                Timeout sekundäre AVS Abfragen: #{avsTimeout avsConf}s
-              <li>
-                Cache Gültigkeit sekundäre AVS Abfragen: #{tshow (avsCacheExpiry avsConf)}
+            AVS Konfiguration ist #{decodeUtf8 (avsUser avsConf)}@#{avsHost avsConf}:#{avsPort avsConf}
          $nothing
            AVS nicht konfiguriert!
        |]
+  mAvsQuery <- getsYesod $ view _appAvsQuery
+  case mAvsQuery of
+    Nothing -> siteLayoutMsg MsgMenuAvs [whamlet|Error: AVS interface configuration is incomplete.|] -- should never occur after initilisation
+    Just AvsQuery{..} -> do
+      ((presult, pwidget), penctype) <- runFormPost $ makeAvsPersonForm Nothing

-  ((presult, pwidget), penctype) <- runFormPost $ makeAvsPersonForm Nothing
+      let procFormPerson fr = do
+            addMessage Info $ text2Html $ "Query: " <> tshow (toJSON fr)
+            res <- avsQueryPerson fr
+            case res of
+              Left  err -> let msg = tshow err in return $ Just [whamlet|<h2>Error:</h2> #{msg}|]
+              Right (AvsResponsePerson pns) -> return $ Just [whamlet|
+                  <ul>
+                    $forall p <- pns
+                      <li>#{decodeUtf8 (Pretty.encodePretty (toJSON p))}
+                |]
+      mbPerson <- formResultMaybe presult procFormPerson

-  let procFormPerson :: AvsQueryPerson -> Handler (Maybe (Maybe Widget, Maybe AvsPersonId))
-      procFormPerson (fixAvsQueryPerson -> fr) = do
-        addMessage Info $ text2Html $ "Query: " <> tshow (toJSON fr)
-        try (avsQuery fr) >>= \case
-          Left err  -> return $ Just (Just $ exceptionWgt err, Nothing)
-          Right (AvsResponsePerson pns) -> do
-            let mapid = case Set.toList pns of
-                          [AvsDataPerson{avsPersonPersonID=apid}] -> Just apid
-                          _ -> Nothing
-                wgt = [whamlet|
+      ((sresult, swidget), senctype) <- runFormPost $ makeAvsStatusForm Nothing
+      let procFormStatus fr = do
+            addMessage Info $ text2Html $ "Status Query: " <> tshow (toJSON fr)
+            res <- avsQueryStatus fr
+            case res of
+              Left err -> let msg = tshow err in return $ Just [whamlet|<h2>Error:</h2> #{msg}|]
+              Right (AvsResponseStatus pns) -> return $ Just [whamlet|
+                  <ul>
+                    $forall p <- pns
+                      <li>#{decodeUtf8 (Pretty.encodePretty (toJSON p))}
+                |]
+      mbStatus <- formResultMaybe sresult procFormStatus
+
+      ((cresult, cwidget), cenctype) <- runFormPost $ makeAvsContactForm Nothing
+      let procFormContact fr = do
+            addMessage Info $ text2Html $ "Contact Query: " <> tshow (toJSON fr)
+            res <- avsQueryContact fr
+            case res of
+              Left err -> let msg = tshow err in return $ Just [whamlet|<h2>Error:</h2> #{msg}|]
+              Right (AvsResponseContact pns) -> return $ Just [whamlet|
+                  <ul>
+                    $forall AvsDataContact{..} <- pns
+                      <li>
                        <ul>
-                          $forall p <- pns
-                            <li>^{jsonWidget p}
-                      |] -- <li>#{decodeUtf8 (Pretty.encodePretty (toJSON p))}
-            return $ Just (toMaybe (notNull pns) wgt, mapid)
-  (mbPerson,mapid) <- fromMaybe (Nothing,Nothing) <$> formResultMaybe presult procFormPerson
+                          <li>AvsId: #{tshow avsContactPersonID}
+                          <li>#{decodeUtf8 (Pretty.encodePretty (toJSON avsContactPersonInfo))}
+                          <li>#{decodeUtf8 (Pretty.encodePretty (toJSON avsContactFirmInfo))}
+                |]
+      mbContact <- formResultMaybe cresult procFormContact

-  ((sresult', swidget), senctype) <- runFormPost $ makeAvsStatusForm mapid
-  let sresult = sresult' <|> maybe FormMissing (FormSuccess . AvsQueryStatus . Set.singleton) mapid -- use unique AvsId from PersonSearch for convenience, if form was empty
-      procFormStatus fr = do
-        addMessage Info $ text2Html $ "Status Query: " <> tshow (toJSON fr)
-        tryShow $ do
-          AvsResponseStatus pns <- avsQuery fr
-          return [whamlet|
-              <ul>
-                $forall p <- pns
-                  <li>^{jsonWidget p}
-            |]
-  mbStatus <- formResultMaybe sresult (Just <<$>> procFormStatus)

-  ((cresult', cwidget), cenctype) <- runFormPost $ makeAvsContactForm mapid
-  let cresult = cresult' <|> maybe FormMissing (FormSuccess . AvsQueryContact . Set.singleton . AvsObjPersonId) mapid -- use unique AvsId from PersonSearch for convenience, if form was empty
-      procFormContact fr = do
-        addMessage Info $ text2Html $ "Contact Query: " <> tshow (toJSON fr)
-        tryShow $ do
-          AvsResponseContact pns <- avsQuery fr
-          return [whamlet|
-              <ul>
-                $forall AvsDataContact{..} <- pns
-                  <li>
+      ((crUsrRes, crUsrWgt), crUsrEnctype) <- runFormPost $ identifyForm FIDAvsCreateUser $ \html ->
+        flip (renderAForm FormStandard) html $ areq textField (fslI MsgAvsCardNo) Nothing
+      let procFormCrUsr fr = do
+            -- addMessage Info $ text2Html $ "Query: " <> tshow (toJSON fr)
+            res <- try $ guessAvsUser fr
+            case res of
+              (Right (Just uid)) -> do
+                uuid :: CryptoUUIDUser <- encrypt uid
+                return $ Just [whamlet|<h2>Success:</h2> <a href=@{ForProfileR uuid}>User created or updated.|]
+              (Right Nothing) ->
+                return $ Just [whamlet|<h2>Warning:</h2> No user found.|]
+              (Left e) -> do
+                let msg = tshow (e :: SomeException)
+                return $ Just [whamlet|<h2>Error:</h2> #{msg}|]
+      mbCrUser <- formResultMaybe crUsrRes procFormCrUsr
+
+      ((getLicRes, getLicWgt), getLicEnctype) <- runFormPost $ identifyForm FIDAvsQueryLicence $ \html ->
+        flip (renderAForm FormStandard) html $ (,,) <$> aopt intField (fslI $ text2message "Min AvsPersonId") Nothing
+                                                    <*> aopt intField (fslI $ text2message "Max AvsPersonId") Nothing
+                                                    <*> aopt (selectField $ return avsLicenceOptions) (fslI MsgAvsLicence) Nothing
+      let procFormGetLic fr = do
+            res <- avsQueryGetAllLicences
+            case res of
+              (Right (AvsResponseGetLicences lics)) -> do
+                let flics = Set.toList $ Set.filter lfltr lics
+                    lfltr = case fr of -- not pretty, but it'll do
+                      (Just idmin, Just idmax, Just lic) -> \AvsPersonLicence{..} -> (avsLicenceRampLicence == lic) && (avsLicencePersonID `inBetween` (AvsPersonId idmin, AvsPersonId idmax))
+                      (Just idmin, Nothing,    Just lic) -> \AvsPersonLicence{..} -> (avsLicenceRampLicence == lic) && (avsLicencePersonID == AvsPersonId idmin)
+                      (Nothing   , Just idmax, Just lic) -> \AvsPersonLicence{..} -> (avsLicenceRampLicence == lic) && (avsLicencePersonID == AvsPersonId idmax)
+                      (Nothing   , Nothing,    Just lic) -> \AvsPersonLicence{..} ->  avsLicenceRampLicence == lic
+                      (Just idmin, Just idmax, Nothing ) -> (`inBetween` (AvsPersonId idmin, AvsPersonId idmax)) . avsLicencePersonID
+                      (Just idmin, Nothing,    Nothing ) -> (== AvsPersonId idmin) . avsLicencePersonID
+                      (Nothing   , Just idmax, Nothing ) -> (== AvsPersonId idmax) . avsLicencePersonID
+                      (Nothing   , Nothing,    Nothing ) -> const True
+                addMessage Info $ text2Html $ "Query returned " <> tshow (length flics) <> " licences."
+                return $ Just [whamlet|
+                    <h2>Success:</h2>
                    <ul>
-                      <li>AvsId: #{tshow avsContactPersonID}
-                      <li>^{jsonWidget avsContactPersonInfo}
-                      <li>^{jsonWidget avsContactFirmInfo}
-            |] -- <li>#{decodeUtf8 (Pretty.encodePretty (toJSON avsContactPersonInfo))}
-  mbContact <- formResultMaybe cresult (Just <<$>> procFormContact)
+                      $forall AvsPersonLicence{..} <- flics
+                        <li> #{tshow avsLicencePersonID}: #{licence2char avsLicenceRampLicence}
+                  |]
+
+              (Left err) -> do
+                let msg = tshow err
+                return $ Just [whamlet|<h2>Error:</h2> #{msg}|]
+      mbGetLic <- formResultMaybe getLicRes procFormGetLic
+
+      ((setLicRes, setLicWgt), setLicEnctype) <- runFormPost $ identifyForm FIDAvsSetLicence $ \html ->
+        flip (renderAForm FormStandard) html $ (,) <$> areq intField (fslI MsgAvsPersonId) Nothing
+                                                   <*> areq (selectField $ return avsLicenceOptions) (fslI MsgAvsLicence) (Just AvsLicenceVorfeld)
+      let procFormSetLic (aid, lic) = do
+            res <- try $ setLicenceAvs (AvsPersonId aid) lic
+            case res of
+              (Right True) ->
+                return $ Just [whamlet|<h2>Success:</h2> Licence #{tshow (licence2char lic)} set for #{tshow aid}.|]
+              (Right False) ->
+                return $ Just [whamlet|<h2>Error:</h2> Licence could not be set for #{tshow aid}.|]
+              (Left e) -> do
+                let msg = tshow (e :: SomeException)
+                return $ Just [whamlet|<h2>Error:</h2> #{msg}|]
+      mbSetLic <- formResultMaybe setLicRes procFormSetLic


-  ((crUsrRes, crUsrWgt), crUsrEnctype) <- runFormPost $ identifyForm FIDAvsCreateUser $ \html ->
-    flip (renderAForm FormStandard) html $ areq textField (fslI MsgAvsCardNo) Nothing
-  let procFormCrUsr fr = do
-        -- addMessage Info $ text2Html $ "Query: " <> tshow (toJSON fr)
-        res <- try $ guessAvsUser fr
-        case res of
-          (Right (Just uid)) -> do
-            uuid :: CryptoUUIDUser <- encrypt uid
-            return $ Just [whamlet|<h2>Success:</h2> <a href=@{ForProfileR uuid}>User created or updated.|]
-          (Right Nothing) ->
-            return $ Just [whamlet|<h2>Warning:</h2> No user found.|]
-          (Left e) -> return $ Just $ exceptionWgt e
-  mbCrUser <- formResultMaybe crUsrRes procFormCrUsr
-
-  ((getLicRes, getLicWgt), getLicEnctype) <- runFormPost $ identifyForm FIDAvsQueryLicence $ \html ->
-    flip (renderAForm FormStandard) html $ (,,) <$> aopt intField (fslI $ text2message "Min AvsPersonId") Nothing
-                                                <*> aopt intField (fslI $ text2message "Max AvsPersonId") Nothing
-                                                <*> aopt (selectField $ return avsLicenceOptions) (fslI MsgAvsLicence) Nothing
-  let procFormGetLic fr = tryShow $ do
-        AvsResponseGetLicences lics <- avsQuery AvsQueryGetAllLicences
-        let flics = Set.toList $ Set.filter lfltr lics
-            lfltr = case fr of -- not pretty, but it'll do
-                (Just idmin, Just idmax, Just lic) -> \AvsPersonLicence{..} -> (avsLicenceRampLicence == lic) && (avsLicencePersonID `inBetween` (AvsPersonId idmin, AvsPersonId idmax))
-                (Just idmin, Nothing,    Just lic) -> \AvsPersonLicence{..} -> (avsLicenceRampLicence == lic) && (avsLicencePersonID == AvsPersonId idmin)
-                (Nothing   , Just idmax, Just lic) -> \AvsPersonLicence{..} -> (avsLicenceRampLicence == lic) && (avsLicencePersonID == AvsPersonId idmax)
-                (Nothing   , Nothing,    Just lic) -> \AvsPersonLicence{..} ->  avsLicenceRampLicence == lic
-                (Just idmin, Just idmax, Nothing ) -> (`inBetween` (AvsPersonId idmin, AvsPersonId idmax)) . avsLicencePersonID
-                (Just idmin, Nothing,    Nothing ) -> (== AvsPersonId idmin) . avsLicencePersonID
-                (Nothing   , Just idmax, Nothing ) -> (== AvsPersonId idmax) . avsLicencePersonID
-                (Nothing   , Nothing,    Nothing ) -> const True
-        addMessage Info $ text2Html $ "Query returned " <> tshow (length flics) <> " licences."
-        return [whamlet|
-              <h2>Success:</h2>
-              <ul>
-                $forall AvsPersonLicence{..} <- flics
-                  <li> #{tshow avsLicencePersonID}: #{licence2char avsLicenceRampLicence}
-            |]
-  mbGetLic <- formResultMaybe getLicRes (Just <<$>> procFormGetLic)
-
-  ((setLicRes, setLicWgt), setLicEnctype) <- runFormPost $ identifyForm FIDAvsSetLicence $ \html ->
-    flip (renderAForm FormStandard) html $ (,) <$> areq intField (fslI MsgAvsPersonId) Nothing
-                                                <*> areq (selectField $ return avsLicenceOptions) (fslI MsgAvsLicence) (Just AvsLicenceVorfeld)
-  let procFormSetLic (aid, lic) = do
-        res <- try $ setLicenceAvs (AvsPersonId aid) lic
-        case res of
-          (Right True) ->
-            return $ Just [whamlet|<h2>Success:</h2> Licence #{tshow (licence2char lic)} set for #{tshow aid}.|]
-          (Right False) ->
-            return $ Just [whamlet|<h2>Error:</h2> Licence could not be set for #{tshow aid}.|]
-          (Left e) -> do
-            let msg = tshow (e :: SomeException)
-            return $ Just [whamlet|<h2>Error:</h2> #{msg}|]
-  mbSetLic <- formResultMaybe setLicRes procFormSetLic
-
-
-  (qryLicForm, qryLicRes) <- runButtonForm FIDAvsQueryLicenceDiffs
-  (mbQryLic :: Maybe Widget, mbAutoDiffs :: Maybe Html) <- case qryLicRes of
-    Nothing -> return mempty
-    (Just BtnCheckLicences) -> do
-      res <- try $ do
-        allLicences <- avsQueryNoCache AvsQueryGetAllLicences
-        computeDifferingLicences allLicences
-      basediffs <- case res of
-        (Right diffs) -> do
-          let showLics l =
-                let chgs = Set.filter ((l ==) . avsLicenceRampLicence) diffs
-                in if Set.null chgs
-                    then ("[ ]", 0)
-                    else (Text.intercalate ", " (tshow . avsLicencePersonID <$> Set.toList chgs), Set.size chgs)
-              (r_grant, rg_size) = showLics AvsLicenceRollfeld
-              (f_set  , fs_size) = showLics AvsLicenceVorfeld
-              (revoke , rv_size) = showLics AvsNoLicence
-          return $ Just [whamlet|
-              <h2>Licence check AVS-ID differences:
-              <dl .deflist>
-                <dt .deflist__dt>Grant R (#{rg_size}):
-                <dd .deflist__dd>#{r_grant}
-
-                <dt .deflist__dt>Set to F (#{fs_size}):
-                <dd .deflist__dd>#{f_set}
-
-                <dt .deflist__dt>Revoke licence (#{rv_size}):
-                <dd .deflist__dd>#{revoke}
-            |]
-        (Left e) -> do
-          let msg = tshow (e :: SomeException)
-          return $ Just [whamlet|<h2>Licence check error:</h2> #{msg}|]
-      autoDiffs <- do
-        -- what follows is copy of the code from Jobs.Handler.SynchroniseAvs.dispatchJobSynchroniseAvsLicences modified to not do anything actually
-        AvsLicenceSynchConf
-          { avsLicenceSynchLevel        = synchLevel   -- SynchLevel corresponds to tables of ProblemAvsSynchR: 4=top grant R, 3= reduce R->F, 2= grant F, 1= revoke F
-          , avsLicenceSynchReasonFilter = reasonFilter
-          , avsLicenceSynchMaxChanges   = maxChanges
-          } <- getsYesod $ view _appAvsLicenceSynchConf
-        guardMonoidM (synchLevel > 0) $ do
-          let showApids apids
-                | null apids = "[ ]"
-                | otherwise = Text.intercalate ", " (tshow <$> Set.toList apids)
-              procLic :: (Ord a, Show a) => AvsLicence -> Bool -> Set a -> Html
-              procLic aLic up apids
-                | n <- Set.size apids, n > 0 =
-                  let subtype   = Text.cons (bool '↧' '↥' up) $ Text.singleton $ licence2char aLic
-                  in if NTop (Just n) <= NTop maxChanges
-                      then
-                        [shamlet|
-                          <dt .deflist__dt>#{subtype} (#{n}):
-                          <dd .deflist__dd>#{showApids apids}
-                        |]
-                      else
-                        [shamlet|
-                          <dt .deflist__dt>#{subtype} (#{n}):
-                          <dd .deflist__dd>Too many changes at once. Consider increasing avs-licence-synch-max-changes #{tshow maxChanges}
-                        |]
-                | otherwise = mempty
-
-          (AvsLicenceDifferences{..}, rsChanged) <- retrieveDifferingLicences
-          -- prevent automatic changes to users blocked with certain reasons and with currently being associated with multiple companies
-          reasonFltrdIds <- ifNothingM reasonFilter mempty $ \reasons -> do
-            now <- liftIO getCurrentTime
-            firmBlocks <- runDBRead $ E.select $ do
-              (uavs :& _qualUser :& qblock) <- X.from $ E.table @UserAvs
-                `E.innerJoin` E.table @QualificationUser      `X.on` (\( uavs :& qualUser) -> uavs E.^. UserAvsUser E.==. qualUser E.^. QualificationUserUser)
-                `E.innerJoin` E.table @QualificationUserBlock `X.on` (\(_uavs :& qualUser :& qblock) ->
-                    qualUser E.^. QualificationUserId E.==. qblock E.^. QualificationUserBlockQualificationUser
-                    E.&&. qblock `isLatestBlockBefore'` E.val now)
-              E.where_ $ (qblock E.^. QualificationUserBlockReason E.~*. E.val reasons)
-                    E.&&.  uavs E.^. UserAvsPersonId `E.in_` E.vals (Set.unions [avsLicenceDiffRevokeAll, avsLicenceDiffRevokeRollfeld, avsLicenceDiffGrantVorfeld, avsLicenceDiffGrantRollfeld])
-              return $ uavs E.^. UserAvsPersonId
-            return $ Set.fromList $ map E.unValue firmBlocks
-
-          let fltrIds
-                | synchLevel >= 5 = id
-                | synchLevel >= 3 = flip Set.difference   reasonFltrdIds
-                | otherwise       = flip Set.difference $ reasonFltrdIds `Set.union` rsChanged
-
-              l1 = guardMonoid (synchLevel >= 1) $ procLic AvsNoLicence       False $ fltrIds avsLicenceDiffRevokeAll        --revoke    Vorfeld and maybe also Rollfeld
-              l2 = guardMonoid (synchLevel >= 2) $ procLic AvsLicenceVorfeld  True  $ fltrIds avsLicenceDiffGrantVorfeld     --grant     Vorfeld
-              l3 = guardMonoid (synchLevel >= 3) $ procLic AvsLicenceVorfeld  False $ fltrIds avsLicenceDiffRevokeRollfeld   --downgrade Rollfeld -> Vorfeld
-              l4 = guardMonoid (synchLevel >= 4) $ procLic AvsLicenceRollfeld True  $ fltrIds avsLicenceDiffGrantRollfeld    --grant     Rollfeld
-              avsIdChanges = [shamlet|
-                  <h3>
-                    Next automatic AVS-ID licence synchronisation:
-                  <dl .deflist>
-                    ^{l4}
-                    ^{l3}
-                    ^{l2}
-                    ^{l1}
-                    $maybe reason <- reasonFilter
-                      <dt .deflist__dt>Filtered "#{reason}" (#{Set.size reasonFltrdIds}):
-                      <dd .deflist__dd>#{showApids reasonFltrdIds}
+      (qryLicForm, qryLicRes) <- runButtonForm FIDAvsQueryLicenceDiffs
+      mbQryLic <- case qryLicRes of
+        Nothing -> return Nothing
+        (Just BtnCheckLicences) -> do
+          res <- try $ do
+            allLicences <- throwLeftM avsQueryGetAllLicences
+            computeDifferingLicences allLicences
+          case res of
+            (Right diffs) -> do
+              let showLics l = Text.intercalate ", " $ fmap (tshow . avsLicencePersonID) $ Set.toList $ Set.filter ((l ==) . avsLicenceRampLicence) diffs
+                  r_grant = showLics AvsLicenceRollfeld
+                  f_set   = showLics AvsLicenceVorfeld
+                  revoke  = showLics AvsNoLicence
+              return $ Just [whamlet|
+                  <h2>Licence check differences:
+                  <h3>Grant R:
+                  <p>
+                    #{r_grant}
+                  <h3>Set to F:
+                  <p>
+                    #{f_set}
+                  <h3>Revoke licence:
+                  <p>
+                    #{revoke}
                |]
-          ----------------------------------------------------
-          -- translate AVS-IDs to AVS-NOs for convenience only
-          avsidnos <- runDBRead $ E.select $ do
-            ua <- X.from $ E.table @UserAvs
-            E.where_ $ ua E.^. UserAvsPersonId `E.in_` E.vals (Set.unions [avsLicenceDiffRevokeAll, avsLicenceDiffRevokeRollfeld, avsLicenceDiffGrantVorfeld, avsLicenceDiffGrantRollfeld]) -- , reasonFltrdIds])
-            return (ua E.^. UserAvsPersonId, ua E.^. UserAvsNoPerson)
-          let id2no = Map.fromList $ $(E.unValueN 2) <$> avsidnos
-              translate = setMapMaybe (`Map.lookup` id2no)
-              l1' = guardMonoid (synchLevel >= 1) $ procLic AvsNoLicence       False $ translate $ fltrIds avsLicenceDiffRevokeAll        --revoke    Vorfeld and maybe also Rollfeld
-              l2' = guardMonoid (synchLevel >= 2) $ procLic AvsLicenceVorfeld  True  $ translate $ fltrIds avsLicenceDiffGrantVorfeld     --grant     Vorfeld
-              l3' = guardMonoid (synchLevel >= 3) $ procLic AvsLicenceVorfeld  False $ translate $ fltrIds avsLicenceDiffRevokeRollfeld   --downgrade Rollfeld -> Vorfeld
-              l4' = guardMonoid (synchLevel >= 4) $ procLic AvsLicenceRollfeld True  $ translate $ fltrIds avsLicenceDiffGrantRollfeld    --grant     Rollfeld
-              autoNoDiffs =  [shamlet|
-                  <h3>
-                    Next automatic licence changes translated to human readable AVS-Numbers, if known:
-                  <dl .deflist>
-                    ^{l4'}
-                    ^{l3'}
-                    ^{l2'}
-                    ^{l1'}
-                    $maybe reason <- reasonFilter
-                      <dt .deflist__dt>Filtered "#{reason}" (#{Set.size reasonFltrdIds}):
-                      <dd .deflist__dd>#{showApids $ translate reasonFltrdIds}
-                |]
-          return $ Just $ avsIdChanges <> autoNoDiffs
-      return (basediffs, autoDiffs)
+            (Left e) -> do
+              let msg = tshow (e :: SomeException)
+              return $ Just [whamlet|<h2>Licence check error:</h2> #{msg}|]
+        -- (Just BtnSynchLicences) -> do
+        --   res <- try synchAvsLicences
+        --   case res of
+        --     (Right True) ->
+        --       return $ Just [whamlet|<h2>Success:</h2> Licences sychronized.|]
+        --     (Right False) ->
+        --       return $ Just [whamlet|<h2>Error:</h2> Licences could not be synchronized, see error log.|]
+        --     (Left e) -> do
+        --       let msg = tshow (e :: SomeException)
+        --       return $ Just [whamlet|<h2>Licence synchronisation error:</h2> #{msg}|]

-    -- (Just BtnSynchLicences) -> do
-    --   res <- try synchAvsLicences
-    --   case res of
-    --     (Right True) ->
-    --       return $ Just [whamlet|<h2>Success:</h2> Licences sychronized.|]
-    --     (Right False) ->
-    --       return $ Just [whamlet|<h2>Error:</h2> Licences could not be synchronized, see error log.|]
-    --     (Left e) -> do
-    --       let msg = tshow (e :: SomeException)
-    --       return $ Just [whamlet|<h2>Licence synchronisation error:</h2> #{msg}|]
-
-  actionUrl <- fromMaybe AdminAvsR <$> getCurrentRoute
-  siteLayoutMsg MsgMenuAvs $ do
-    setTitleI MsgMenuAvs
-    let wrapFormHere fw fe = wrapForm fw def { formAction = Just $ SomeRoute actionUrl, formEncoding = fe }
-        personForm  = wrapFormHere pwidget  penctype
-        statusForm  = wrapFormHere swidget  senctype
-        contactForm = wrapFormHere cwidget  cenctype
-        crUsrForm   = wrapFormHere crUsrWgt crUsrEnctype
-        getLicForm  = wrapFormHere getLicWgt getLicEnctype
-        setLicForm  = wrapFormHere setLicWgt setLicEnctype
-    -- TODO: use i18nWidgetFile instead if this is to become permanent
-    $(widgetFile "avs")
+      actionUrl <- fromMaybe AdminAvsR <$> getCurrentRoute
+      siteLayoutMsg MsgMenuAvs $ do
+        setTitleI MsgMenuAvs
+        let wrapFormHere fw fe = wrapForm fw def { formAction = Just $ SomeRoute actionUrl, formEncoding = fe }
+            personForm  = wrapFormHere pwidget  penctype
+            statusForm  = wrapFormHere swidget  senctype
+            contactForm = wrapFormHere cwidget  cenctype
+            crUsrForm   = wrapFormHere crUsrWgt crUsrEnctype
+            getLicForm  = wrapFormHere getLicWgt getLicEnctype
+            setLicForm  = wrapFormHere setLicWgt setLicEnctype
+        -- TODO: use i18nWidgetFile instead if this is to become permanent
+        $(widgetFile "avs")

 {-

@ -473,8 +369,8 @@ postProblemAvsSynchR = getProblemAvsSynchR
 getProblemAvsSynchR = do
  let catchAllAvs' r = flip catch (\err -> addMessageModal Error (i18n MsgAvsCommunicationError) (Right (text2widget $ tshow (err :: SomeException))) >> redirect r)
      catchAllAvs    = catchAllAvs' ProblemAvsSynchR -- == current route; use only in conditions that are not repeated upon reload; do not call redirect within catchAllAvs actions!
-  ((AvsLicenceDifferences{..}, rsChanged), apidStatus) <- catchAllAvs' AdminR retrieveDifferingLicencesStatus
-  let mkLicTbl = mkLicenceTable apidStatus rsChanged
+  (AvsLicenceDifferences{..}, apidStatus) <- catchAllAvs' AdminR retrieveDifferingLicencesStatus
+
  --
  unknownLicenceOwners' <- whenNonEmpty avsLicenceDiffRevokeAll $ \neZeros ->
    runDB $ E.select $ do
@ -487,7 +383,7 @@ getProblemAvsSynchR = do
      numUnknownLicenceOwners = length unknownLicenceOwners

  (btnImportUnknownWgt, btnImportUnknownRes) <- runButtonFormHash unknownLicenceOwners FIDBtnAvsImportUnknown
-  ifNothingM btnImportUnknownRes () $ \BtnAvsImportUnknown -> do
+  ifMaybeM btnImportUnknownRes () $ \BtnAvsImportUnknown -> do
    res <- catchAllAvs $ forM (take 500 unknownLicenceOwners) $ try . upsertAvsUserById -- TODO: turn this into a background job
    let procRes (Right _)                           = (Sum 1, mempty :: Set.Set AvsPersonId, mempty :: Set.Set AvsPersonId, mempty)
        --TODO: continue here!
@ -518,7 +414,7 @@ getProblemAvsSynchR = do
            ^{revokeUnknownExecWgt}
        |]

-  ifNothingM btnRevokeUnknownRes () $ \BtnAvsRevokeUnknown -> do
+  ifMaybeM btnRevokeUnknownRes () $ \BtnAvsRevokeUnknown -> do
    let revokes = Set.map (AvsPersonLicence AvsNoLicence) $ Set.fromList unknownLicenceOwners
        no_revokes = Set.size revokes
    oks <- catchAllAvs $ setLicencesAvs revokes
@ -529,10 +425,10 @@ getProblemAvsSynchR = do

  -- licence differences
  ((tres0,tb0),(tres1up,tb1up),(tres1down,tb1down),(tres2,tb2)) <- runDB $ (,,,)
-          <$> mkLicTbl "avsLicDiffRevokeVorfeld"  AvsLicenceVorfeld   avsLicenceDiffRevokeAll
-          <*> mkLicTbl "avsLicDiffGrantVorfeld"   AvsNoLicence        avsLicenceDiffGrantVorfeld
-          <*> mkLicTbl "avsLicDiffRevokeRollfeld" AvsLicenceRollfeld  avsLicenceDiffRevokeRollfeld -- downgrade to Vorfeld
-          <*> mkLicTbl "avsLicDiffGrantRollfeld"  AvsNoLicence        avsLicenceDiffGrantRollfeld
+          <$> mkLicenceTable apidStatus "avsLicDiffRevokeVorfeld"  AvsLicenceVorfeld   avsLicenceDiffRevokeAll
+          <*> mkLicenceTable apidStatus "avsLicDiffGrantVorfeld"   AvsNoLicence        avsLicenceDiffGrantVorfeld
+          <*> mkLicenceTable apidStatus "avsLicDiffRevokeRollfeld" AvsLicenceRollfeld  avsLicenceDiffRevokeRollfeld
+          <*> mkLicenceTable apidStatus "avsLicDiffGrantRollfeld"  AvsNoLicence        avsLicenceDiffGrantRollfeld

  now <- liftIO getCurrentTime
  let procRes :: AvsLicence -> (LicenceTableActionData, Set AvsPersonId) -> Handler ()
@ -545,8 +441,8 @@ getProblemAvsSynchR = do

      procRes alic (LicenceTableRevokeFDriveData{..}, apids) = do
        oks <- runDB $ do
-          qIds <- selectKeysList [QualificationAvsLicence ==. Just alic] []          -- sanity check
-          if licenceTableChangeFDriveQId `notElem` qIds
+          qId <- getKeyBy404 $ UniqueQualificationAvsLicence $ Just alic
+          if qId /= licenceTableChangeFDriveQId
            then return (-1)
            else do
              uids <- view _userAvsUser <<$>> selectList [UserAvsPersonId <-. Set.toList apids] []
@ -571,7 +467,6 @@ getProblemAvsSynchR = do
  formResult tres1up    $ procRes AvsLicenceVorfeld
  formResult tres0      $ procRes AvsNoLicence

-  AvsLicenceSynchConf{..} <- getsYesod $ view _appAvsLicenceSynchConf
  siteLayoutMsg MsgAvsTitleLicenceSynch $ do
    setTitleI   MsgAvsTitleLicenceSynch
    $(i18nWidgetFile "avs-synchronisation")
@ -624,17 +519,14 @@ instance HasUser LicenceTableData where
 -- instance HasQualificationUser LicenceTableData where -- Not possible, since not all rows have a QualificationUser
 --   hasQualificationUser = resultQualUser . _entityVal

-mkLicenceTable :: AvsPersonIdMapPersonCard -> Set AvsPersonId -> Text -> AvsLicence -> Set AvsPersonId -> DB (FormResult (LicenceTableActionData, Set AvsPersonId), Widget)
-mkLicenceTable apidStatus rsChanged dbtIdent aLic apids = do
-  (currentRoute, usrHasAvsRerr) <- liftHandler $ (,)
-    <$> (fromMaybe (error "mkLicenceTable called from 404-handler") <$> liftHandler getCurrentRoute)
-    <*> (messageTooltip <$> messageI Error MsgProblemAvsUsrHadR)
-  avsQualifications <- selectList [QualificationAvsLicence !=. Nothing] [Asc QualificationName]
+mkLicenceTable :: AvsPersonIdMapPersonCard -> Text -> AvsLicence -> Set AvsPersonId -> DB (FormResult (LicenceTableActionData, Set AvsPersonId), Widget)
+mkLicenceTable apidStatus dbtIdent aLic apids = do
+  currentRoute <- fromMaybe (error "mkLicenceTable called from 404-handler") <$> liftHandler getCurrentRoute
+  avsQualifications <- selectList [QualificationAvsLicence !=. Nothing] []
  now <- liftIO getCurrentTime

  let nowaday = utctDay now
      avsQids = entityKey <$> avsQualifications
-      qualOpts = pure $ qualificationsOptionList avsQualifications
      -- fltrLic qual = if
      --   | aLic == AvsNoLicence -> E.isNothing (qual E.?. QualificationId) E.||. E.isJust (E.joinV $ qual E.?. QualificationAvsLicence)         -- could be R, F, both or none at all, but has licence in AVS
      --   | otherwise            -> E.isNothing (qual E.?. QualificationId) E.||. (E.val aLic E.=?. E.joinV (qual E.?. QualificationAvsLicence)) -- if we suggest granting that licence, this join should deliver a value too
@ -656,31 +548,19 @@ mkLicenceTable apidStatus rsChanged dbtIdent aLic apids = do
        [ dbSelect (applying _2) id $ return . view (resultUserAvs . _userAvsPersonId)
                                --  (\DBRow{dbrOutput=(_,_,apid,_)} -> return apid -- return . view resultAvsPID) -- does not type due to traversal
        , colUserNameLink AdminUserR
-        , sortable (Just "avspersonno")  (i18nCell MsgAvsPersonNo)    $ \(view  resultUserAvs -> a) -> avsPersonNoLinkedCellAdmin a
+        , sortable (Just "avspersonno")  (i18nCell MsgAvsPersonNo)    $ \(view  resultUserAvs -> a) -> avsPersonNoLinkedCell a
        -- , colUserCompany
        , sortable (Just "user-company") (i18nCell MsgTableCompanies) $ \(view (resultUser . _entityKey) -> uid) -> flip (set' cellContents) mempty $ do -- why does sqlCell not work here? Mismatch "YesodDB UniWorX" and "RWST (Maybe (Env,FileEnv), UniWorX, [Lang]) Enctype Ints (HandlerFor UniWorX"
-            companies' <- liftHandler . runDBRead . E.select $ E.from $ \(usrComp `E.InnerJoin` comp) -> do
+            companies' <- liftHandler . runDB . E.select $ E.from $ \(usrComp `E.InnerJoin` comp) -> do
              E.on $ usrComp E.^. UserCompanyCompany E.==. comp E.^. CompanyId
              E.where_ $ usrComp E.^. UserCompanyUser E.==. E.val uid
              E.orderBy [E.asc (comp E.^. CompanyName)]
-              return (comp E.^. CompanyShorthand, comp E.^. CompanyName, usrComp E.^. UserCompanySupervisor)
-            let icnSuper  = toWidget $ text2markup " " <> icon IconSupervisor
-                companies =
-                  (\(E.Value cmpSh, E.Value cmpName, E.Value cmpSpr) -> simpleLink (citext2widget cmpName) (FirmUsersR cmpSh) <> bool mempty icnSuper cmpSpr) <$> companies'
-
-            pure $ intercalate (text2widget "; ") companies
-        , sortable (Just "qualification") (i18nCell MsgTableQualifications) $
-            if aLic /= AvsLicenceVorfeld
-              then
-                \(preview   resultQualification -> q) -> cellMaybe lmsShortCell q
-              else
-                \row ->
-                  let q       = row ^? resultQualification
-                      apid    = row ^. resultUserAvs . _userAvsPersonId
-                      warnCell c = if Set.member apid rsChanged
-                        then c <> spacerCell <> wgtCell usrHasAvsRerr    -- expected to be effectively dead code in practice, but we never know
-                        else c
-                  in warnCell $ cellMaybe lmsShortCell q
+              return (comp E.^. CompanyName, usrComp E.^. UserCompanySupervisor)
+            let companies = intersperse (text2markup ", ") $
+                  (\(E.Value cmpName, E.Value cmpSpr) -> text2markup (CI.original cmpName) <> bool mempty icnSuper cmpSpr) <$> companies'
+                icnSuper = text2markup " " <> icon IconSupervisor
+            pure $ toWgt $ mconcat companies
+        , sortable (Just "qualification") (i18nCell MsgTableQualifications)          $ \(preview   resultQualification -> q) -> cellMaybe lmsShortCell q
        , sortable (Just "first-held")    (i18nCell MsgTableQualificationFirstHeld)  $ \(preview $ resultQualUser . _entityVal . _qualificationUserFirstHeld   -> d)  -> cellMaybe dayCell d
        , sortable (Just "last-refresh")  (i18nCell MsgTableQualificationLastRefresh)$ \(preview $ resultQualUser . _entityVal . _qualificationUserLastRefresh -> d)  -> cellMaybe dayCell d
        -- , sortable (Just "valid-until")   (i18nCell MsgLmsQualificationValidUntil)   $ \(preview $ resultQualUser . _entityVal . _qualificationUserValidUntil  -> d)  -> cellMaybe dayCell d
@ -724,6 +604,14 @@ mkLicenceTable apidStatus rsChanged dbtIdent aLic apids = do
        , prismAForm (singletonFilter "user-company") mPrev $ aopt textField (fslI MsgTableCompany)
        ]

+      qualOpt :: Entity Qualification -> Handler (Option QualificationId)
+      qualOpt (Entity qualId qual) = do
+        cQualId :: CryptoUUIDQualification <- encrypt qualId
+        return $ Option
+          { optionDisplay       = CI.original $ qualificationName qual
+          , optionInternalValue = qualId
+          , optionExternalValue = tshow cQualId
+          }
      aLicQid = fmap entityKey . headMay $ filter ((== Just aLic) . qualificationAvsLicence . entityVal) avsQualifications

      -- Block identical to Handler/Qualifications TODO: refactor
@ -741,20 +629,20 @@ mkLicenceTable apidStatus rsChanged dbtIdent aLic apids = do
      mkOption :: E.Value Text -> Option Text
      mkOption (E.unValue -> t) = Option{ optionDisplay = t, optionInternalValue = t, optionExternalValue = toPathPiece t }
      suggestionsBlock :: HandlerFor UniWorX (OptionList Text)
-      suggestionsBlock   = mkOptionList . fmap mkOption <$> runDBRead (getBlockReasons E.not__)
-      suggestionsUnblock = mkOptionList . fmap mkOption <$> runDBRead (getBlockReasons id)
+      suggestionsBlock   = mkOptionList . fmap mkOption <$> runDB (getBlockReasons E.not_)
+      suggestionsUnblock = mkOptionList . fmap mkOption <$> runDB (getBlockReasons id)

      acts :: Map LicenceTableAction (AForm Handler LicenceTableActionData)
      acts = mconcat
          [ singletonMap LicenceTableChangeAvs    $ pure LicenceTableChangeAvsData
          , if aLic == AvsNoLicence
              then singletonMap LicenceTableRevokeFDrive $ LicenceTableRevokeFDriveData
-                    <$> apreq (selectField qualOpts) (fslI MsgQualificationName) aLicQid
+                    <$> apreq (selectField . fmap mkOptionList $ mapM qualOpt avsQualifications) (fslI MsgQualificationName) aLicQid
                    <*> apreq (textField & cfStrip & addDatalist suggestionsBlock)    (fslI MsgQualificationBlockReason) Nothing
                    <*> areq (boolField . Just $ SomeMessage MsgBoolIrrelevant)       (fslI MsgQualificationBlockNotify) (Just False)

              else singletonMap LicenceTableGrantFDrive  $ LicenceTableGrantFDriveData
-                    <$> apreq (selectField qualOpts) (fslI MsgQualificationName) aLicQid
+                    <$> apreq (selectField . fmap mkOptionList $ mapM qualOpt avsQualifications) (fslI MsgQualificationName) aLicQid
                    <*> apreq (textField & cfStrip & addDatalist suggestionsUnblock)  (fslI MsgQualificationGrantReason) Nothing
                    <*> apreq dayField (fslI MsgLmsQualificationValidUntil) Nothing -- apreq?!
                    <*> aopt (convertField not not (boolField . Just $ SomeMessage MsgBoolIrrelevant)) (fslI MsgQualificationUserNoRenewal) Nothing
@ -788,204 +676,52 @@ mkLicenceTable apidStatus rsChanged dbtIdent aLic apids = do



-data UserAvsAction = UserAvsSwitchCompany
-  deriving (Eq, Ord, Enum, Bounded, Read, Show, Generic)
-  deriving anyclass (Universe, Finite)
-
-nullaryPathPiece ''UserAvsAction $ camelToPathPiece' 1
-embedRenderMessage ''UniWorX ''UserAvsAction id
-instance Button UniWorX UserAvsAction where
-  btnClasses UserAvsSwitchCompany = [BCIsButton, BCDefault]
-
-
-getAdminAvsUserR,  postAdminAvsUserR :: CryptoUUIDUser -> Handler Html
-getAdminAvsUserR = postAdminAvsUserR
-postAdminAvsUserR uuid = do
-    isModal <- hasCustomHeader HeaderIsModal
-
-    uid <- decrypt uuid
-    Entity{entityVal=UserAvs{..}} <- runDB $ getBy404 $ UniqueUserAvsUser uid
-    -- let fltrById prj = over _Wrapped (Set.filter ((== userAvsPersonId) . prj)) -- not sufficiently polymorphic
-    let fltrIdContact = over _Wrapped (Set.filter ((== userAvsPersonId) . avsContactPersonID))
-        -- fltrIdStatus  = over _Wrapped (Set.filter ((== userAvsPersonId) . avsStatusPersonID))
-    mbContact <- try $ fmap fltrIdContact $ avsQuery $ AvsQueryContact $ Set.singleton $ AvsObjPersonId userAvsPersonId
-    -- mbStatus  <- try $ fmap fltrIdStatus  $ avsQuery $ AvsQueryStatus  $ Set.singleton                  userAvsPersonId
-    mbStatus <- try $ queryAvsFullStatus userAvsPersonId -- TODO: delete Handler.Utils.Avs.lookupAvsUser if no longer needed -- NOTE: currently needed to provide card firms that are missing in AVS status query responses
-    let compsUsed :: [CompanyName] = stripCI <$> mbStatus ^.. _Right . _Wrapped . folded . _avsStatusPersonCardStatus . folded . _avsDataFirm . _Just
-    compDict <- if 1 >= length compsUsed
-      then return mempty -- switch company only sensible if there is more than one company to choose
-      else do
-        let switchCompFormHandler :: [(CompanyName,CompanyId)] -> Maybe CompanyId -> Handler Widget
-            switchCompFormHandler availComps      _  | 1 >= length availComps = return mempty    -- don't offer a form if there is only one company
-            switchCompFormHandler availComps mbPrime = do
-                let switchCompForm :: AForm (HandlerFor UniWorX) (CryptoUUIDUser,CompanyId)
-                    switchCompForm = (,)
-                      <$> apopt hiddenField "" (Just uuid)
-                      <*> areq (selectFieldList [(ciOriginal cn, cid) | (cn, cid) <- availComps]) (fslI MsgUserAvsSwitchCompanyField) mbPrime
-                      <*  aopt (buttonField UserAvsSwitchCompany) "" Nothing
-                    switchCompValidate :: FormValidator (CryptoUUIDUser,CompanyId) Handler ()
-                    switchCompValidate = do
-                      (uuid_rcvd,_) <- State.get
-                      guardValidation MsgWrongButtonValue $ uuid_rcvd == uuid
-                ((spRes, spWgt), spEnc) <- runFormPost . validateForm switchCompValidate . identifyForm ("switch-primary-company"::Text) $ renderAForm FormStandard switchCompForm
-                formResultModal spRes (AdminAvsUserR uuid) (\(_,cid) -> do
-                    lift $ $logInfoS "AVS" ("Switch company option result " <> tshow spRes)
-                    problems <- liftHandler . runDB $ do
-                      (usrUp, problems) <- switchAvsUserCompany True False uid cid
-                      update uid usrUp
-                      forM problems $ \p -> reportAdminProblem p >> msgAdminProblem p
-                    forM_ problems (\p -> do
-                        -- lift $ $logErrorS "AVS" $ "Switch company problem: " <> tshow p -- no instance Show for SomeMessages
-                        tell . pure =<< messageI Warning p
-                      )
-                    let ok = if null problems then Success else Error
-                    tell . pure =<< messageI ok (MsgUserAvsCompanySwitched $ unCompanyKey cid)
-                  )
-                return $ wrapForm spWgt
-                  def { formAction = Just $ SomeRoute (AdminAvsUserR uuid), formEncoding = spEnc, formSubmit = FormNoSubmit, formAttrs = [ asyncSubmitAttr | isModal ]}
-        (availComps, primName, primId) <- runDB $ do
-          mbPrimeUsrComp :: Maybe UserCompany <- getUserPrimaryCompany uid
-          mbPrimeComp :: Maybe Company <- traverseJoin (get . userCompanyCompany) mbPrimeUsrComp
-          -- let fltrCmps = (CompanyName <-. compsUsed) : maybeEmpty mbPrimeComp (\Company{companyShorthand=pShort} -> [CompanyShorthand !=. pShort])
-          comps :: [Entity Company] <- selectList [CompanyName <-. compsUsed]  [Asc CompanyName, Asc CompanyAvsId] -- company name is already unique, but AVS sometimes contains uses whitespace
-          return ([(companyName v, k) | (Entity k v) <- comps], companyName <$> mbPrimeComp, CompanyKey . companyShorthand <$> mbPrimeComp)
-        -- formDict <- Map.traverseWithKey runSwitchFrom compDict
-        swForm <- switchCompFormHandler availComps primId
-        return (primName, swForm)
-
-    msgWarningTooltip <- messageI Warning MsgMessageWarning
-    let warnBolt = messageTooltip msgWarningTooltip
-        heading = [whamlet|_{MsgAvsPersonNo} #{userAvsNoPerson}|]
-    siteLayout heading $ do
-      setTitle $ toHtml $ show userAvsNoPerson
-      let contactWgt = case mbContact of
-            Left err -> exceptionWgt err
-            Right (AvsResponseContact adcs) ->
-              if null adcs
-                then [whamlet|_{MsgAvsPersonSearchEmpty}|]
-                else
-                  let cs = mkContactWgt warnBolt userAvsNoPerson <$> toList adcs
-                  in  mconcat cs
-          cardsWgt = case mbStatus of
-            Left err -> exceptionWgt err
-            Right (AvsResponseStatus asts) ->
-              if null asts
-                then [whamlet|_{MsgAvsStatusSearchEmpty}|]
-                else
-                  let cs = mkCardsWgt compDict . avsStatusPersonCardStatus <$> toList asts
-                  in mconcat cs
-      [whamlet|
+getAdminAvsUserR :: CryptoUUIDUser -> Handler Html
+getAdminAvsUserR uuid = do
+  uid <- decrypt uuid
+  Entity{entityVal=UserAvs{..}} <- runDB $ getBy404 $ UniqueUserAvsUser uid
+  mAvsQuery <- getsYesod $ view _appAvsQuery
+  resWgt <- case mAvsQuery of
+    Nothing -> return [whamlet|Error: AVS interface configuration is incomplete.|] -- should never occur after initilisation
+    Just AvsQuery{..} -> do
+      mbContact <- avsQueryContact $ AvsQueryContact $ Set.singleton $ AvsObjPersonId userAvsPersonId
+      mbDataPerson <- lookupAvsUser userAvsPersonId
+      return [whamlet|
        <p>
-          ^{contactWgt}
+          Vorläufige Admin Ansicht AVS Daten.
+          Ansicht zeigt aktuelle Daten.
+          Es erfolgte damit aber noch kein Update der FRADrive Daten.
        <p>
-          ^{cardsWgt}
-        <p>
-          _{MsgAvsCurrentData}
-      |]
-  where
-    mkContactWgt :: Widget -> Int -> AvsDataContact -> Widget
-    mkContactWgt warnBolt reqAvsNo AvsDataContact
-      { -- avsContactPersonID = _api
-        avsContactPersonInfo = AvsPersonInfo{..}
-      , avsContactFirmInfo   = AvsFirmInfo{ avsFirmFirm = firmName }
-      } =
-      let avsNoOk = readMay avsInfoPersonNo /= Just reqAvsNo in
-      [whamlet|
-        <section .profile>
-          <dl .deflist.profile-dl>
-            $if avsNoOk
-              <dt .deflist__dt>
-                _{MsgAvsPersonNo}
-              <dd .deflist__dd>
-                #{avsInfoPersonNo}
-                ^{warnBolt}
-                _{MsgAvsPersonNoMismatch}
-            <dt .deflist__dt>
-              _{MsgAvsLastName}
+          <dl .deflist>
+            <dt .deflist__dt>InfoPersonContact <br>
+              <i>(bevorzugt)
            <dd .deflist__dd>
-              #{avsInfoLastName}
-            <dt .deflist__dt>
-              _{MsgAvsFirstName}
+              $case mbContact
+                $of Left err
+                  Fehler: #{tshow err}
+                $of Right contactInfo
+                  #{decodeUtf8 (Pretty.encodePretty (toJSON contactInfo))}
+            <dt .deflist__dt>PersonStatus und mehrere PersonSearch <br>
+              <i>(benötigt mehrere AVS Abfragen)
            <dd .deflist__dd>
-              #{avsInfoFirstName}
-            <dt .deflist__dt>
-              _{MsgAvsPrimaryCompany}
-            <dd .deflist__dd>
-              #{firmName}
-            $maybe bday <- avsInfoDateOfBirth
-              <dt .deflist__dt>
-                _{MsgAdminUserBirthday}
-              <dd .deflist__dd>
-                ^{formatTimeW SelFormatDate bday}
-            <dt .deflist__dt>
-              _{MsgAvsLicence}
-            <dd .deflist__dd>
-              $maybe licence <- parseAvsLicence avsInfoRampLicence
-                _{licence}
+              $maybe dataPerson <- mbDataPerson
+                #{decodeUtf8 (Pretty.encodePretty (toJSON dataPerson))}
              $nothing
-                _{MsgAvsNoLicenceGuest}
-      |]
-
-    -- mkCardsWgt :: (Maybe CompanyName, Map CompanyName Widget, Widget) -> Set AvsDataPersonCard -> Widget
-    mkCardsWgt :: (Maybe CompanyName, Widget) -> Set AvsDataPersonCard -> Widget
-    mkCardsWgt (mbPrimName, swForm) crds
-      | null crds = [whamlet|_{MsgAvsCardsEmpty}|]
-      | otherwise = do
-        let hasCompany     = isJust $ Set.foldr ((<|>) . avsDataFirm)       Nothing crds -- some if, since a true AVS status query never delivers values for these fields, but queryAvsFullStatus-workaround does
-            hasIssueDate   = isJust $ Set.foldr ((<|>) . avsDataIssueDate)  Nothing crds
-            hasValidToDate = isJust $ Set.foldr ((<|>) . avsDataValidTo)    Nothing crds
-        [whamlet|
-          <div .scrolltable .scrolltable-bordered>
-            <table .table .table--striped>
-              <thead>
-                <tr .table__row .table__row--head>
-                  <th .table__th>_{MsgAvsCardNo}
-                  <th .table__th>_{MsgTableAvsCardValid}
-                  <th .table__th>_{MsgAvsCardColor}
-                  <th .table__th>_{MsgAvsCardAreas}
-                  $if hasIssueDate
-                    <th .table__th>_{MsgTableAvsCardIssueDate}
-                  $if hasValidToDate
-                    <th .table__th>_{MsgTableAvsCardValidTo}
-                  $if hasCompany
-                    <th .table__th>_{MsgTableCompany}
-                    <th .table__th>_{MsgAvsPrimaryCompany}
-              <tbody>
-                $forall c <- Set.toDescList crds
-                  $with AvsDataPersonCard{avsDataValid,avsDataCardColor,avsDataCardAreas,avsDataFirm,avsDataIssueDate,avsDataValidTo} <- c
-                    <tr .table__row>
-                      <td .table__td>
-                        #{tshowAvsFullCardNo (getFullCardNo c)}
-                      <td .table__td>
-                        #{boolSymbol avsDataValid}
-                      <td .table__td>
-                        _{avsDataCardColor}
-                      <td .table__td>
-                        $forall a <- avsDataCardAreas
-                          #{a} #
-                      $if hasIssueDate
-                        <td .table__td>
-                          $maybe d <- avsDataIssueDate
-                            ^{formatTimeW SelFormatDate d}
-                      $if hasValidToDate
-                        <td .table__td>
-                          $maybe d <- avsDataValidTo
-                            ^{formatTimeW SelFormatDate d}
-                      $if hasCompany
-                        <td .table__td>
-                          $maybe f <- avsDataFirm
-                            #{f}
-                        <td .table__td>
-                          $maybe f <- avsDataFirm
-                            $with fci <- stripCI f
-                              $maybe primName <- mbPrimName
-                                $if (primName == fci)
-                                  _{MsgAvsPrimaryCompany}
-            <p>
-              ^{swForm}
+                Keine Daten erhalten.
+        <h3>
+          Provisorische formatierte Ansicht
+        <p>
+          Generisch formatierte Ansicht, die zeigt, in welche Richtung die Endansicht gehen könnte.
+          In der Endansicht wären nur ausgewählte Felder mit besserer Bennenung in einer manuell gewählten Reihenfolge sichtbar.
+        <p>
+          ^{foldMap jsonWidget mbContact}
+        <p>
+          ^{foldMap jsonWidget mbDataPerson}
        |]
-
-
+  let heading = [whamlet|_{MsgAvsPersonNo} #{userAvsNoPerson}|]
+  siteLayout heading $ do
+    setTitle $ toHtml $ show userAvsNoPerson
+    resWgt

 instance HasEntity (DBRow (Entity UserAvs, Entity User)) User where
  hasEntity = _dbrOutput . _2
@ -1003,9 +739,9 @@ getProblemAvsErrorR = do
        dbtSQLQuery (usravs `E.InnerJoin` user) = do
          E.on $ usravs E.^. UserAvsUser E.==. user E.^. UserId
          E.where_ $ E.isJust $ usravs E.^. UserAvsLastSynchError
-          return (usravs, user) -- , E.substring (usravs E.^. UserAvsLastSynchError) (E.val ("'#\"%#\" %'") (E.val "#")) -- needs a different type on substring
+          return (usravs, user)
        qerryUsrAvs :: (E.SqlExpr (Entity UserAvs) `E.InnerJoin` E.SqlExpr (Entity User)) -> E.SqlExpr (Entity UserAvs)
-        qerryUsrAvs   = $(E.sqlIJproj 2 1)
+        qerryUsrAvs   = $(E.sqlIJproj 2 1) 
        qerryUser   :: (E.SqlExpr (Entity UserAvs) `E.InnerJoin` E.SqlExpr (Entity User)) -> E.SqlExpr (Entity User)
        qerryUser     = $(E.sqlIJproj 2 2)
        reserrUsrAvs :: Lens' (DBRow (Entity UserAvs, Entity User)) (Entity UserAvs)
@ -1015,7 +751,7 @@ getProblemAvsErrorR = do
        dbtRowKey = qerryUsrAvs >>> (E.^. UserAvsId)
        dbtProj = dbtProjId
        dbtColonnade = dbColonnade $ mconcat
-          [ colUserNameModalHdrAdmin MsgLmsUser AdminUserR
+          [ colUserNameModalHdr MsgLmsUser AdminUserR
          , sortable (Just "avs-nr")          (i18nCell MsgAvsPersonNo)
              $ avsPersonNoLinkedCell . view reserrUsrAvs
          , sortable Nothing                  (i18nCell MsgAvsPersonId)
@ -1051,3 +787,4 @@ getProblemAvsErrorR = do
  siteLayoutMsg MsgMenuAvsSynchError $ do
    setTitleI MsgMenuAvsSynchError
    [whamlet|^{avsSyncErrTbl}|]
+    
--- a/src/Handler/Admin/Crontab.hs
+++ b/src/Handler/Admin/Crontab.hs
@ -35,9 +35,6 @@ import qualified Database.Esqueleto.Legacy as E
 import qualified Database.Esqueleto.Utils as E
 -- import Database.Esqueleto.Utils.TH

-- Number of minutes a job must have been locked already to allow forced deletion
-jobDeleteLockMinutes :: Int
-jobDeleteLockMinutes = 3 

 deriveJSON defaultOptions
  { constructorTagModifier = camelToPathPiece' 1
@ -121,9 +118,7 @@ instance Finite JobTableAction
 nullaryPathPiece ''JobTableAction $ camelToPathPiece' 1
 embedRenderMessage ''UniWorX ''JobTableAction id

-newtype JobTableActionData = ActJobDeleteData 
-                            { jobDeleteLocked :: Bool
-                            }
+data JobTableActionData = ActJobDeleteData
  deriving (Eq, Ord, Read, Show, Generic)


@ -169,8 +164,7 @@ postAdminJobsR = do
          ]
        dbtStyle = def { dbsFilterLayout = defaultDBSFilterLayout }
        acts :: Map JobTableAction (AForm Handler JobTableActionData)
-        acts = Map.singleton ActJobDelete $ ActJobDeleteData
-                <$> areq checkBoxField (fslI $ MsgActJobDeleteForce jobDeleteLockMinutes) Nothing
+        acts = Map.singleton ActJobDelete $ pure ActJobDeleteData
        dbtParams = DBParamsForm 
          { dbParamsFormAdditional = 
            renderAForm FormStandard
@ -199,22 +193,13 @@ postAdminJobsR = do
  (jobActRes, jobsTable) <- runDB (over _1 postprocess <$> dbTable jobsDBTableValidator jobsDBTable)

  formResult jobActRes $ \case
-    (ActJobDeleteData{jobDeleteLocked}, jobIds) -> do
-      now <- liftIO getCurrentTime
-      let cutoff :: UTCTime
-          cutoff = addUTCTime (nominalMinute * fromIntegral (negate jobDeleteLockMinutes)) now
-          jobReq    = length jobIds
-          lockCriteria
-            | jobDeleteLocked = 
-                [ QueuedJobLockTime ==. Nothing ] ||.
-                [ QueuedJobLockTime <=. Just cutoff ]
-            | otherwise = 
-                [ QueuedJobLockTime     ==. Nothing
-                , QueuedJobLockInstance ==. Nothing
-                ]
+    (ActJobDeleteData, jobIds) -> do
+      let jobReq  = length jobIds
      rmvd <- runDB $ fromIntegral <$> deleteWhereCount
-        ((QueuedJobId <-. Set.toList jobIds) : lockCriteria)
-        
+        [ QueuedJobLockTime ==. Nothing
+        , QueuedJobLockInstance ==. Nothing
+        , QueuedJobId <-. Set.toList jobIds
+        ]
      addMessageI (bool Success Warning $ rmvd < jobReq) (MsgTableJobActDeleteFeedback rmvd jobReq)
      reloadKeepGetParams AdminJobsR

--- a/src/Handler/Admin/Test.hs
+++ b/src/Handler/Admin/Test.hs
@ -28,9 +28,7 @@ import Text.Hamlet
 -- import Handler.Utils.I18n

 import Handler.Admin.Test.Download (testDownload)
-import qualified Database.Esqueleto.Experimental as E (selectOne, unValue)
-import qualified Database.Esqueleto.PostgreSQL as E  (now_)
-import qualified Database.Esqueleto.Utils as E (psqlVersion_)
+

 -- BEGIN - Buttons needed only here
 data ButtonCreate = CreateMath | CreateInf | CrashApp -- Dummy for Example
@ -114,7 +112,7 @@ postAdminTestR = do
  let emailWidget' = wrapForm emailWidget def
        { formAction = Just . SomeRoute $ AdminTestR
        , formEncoding = emailEnctype
-        , formAttrs = [asyncSubmitAttr] -- equivalent to [("uw-async-form", "")]
+        , formAttrs = [("uw-async-form", "")]
        }

  now <- liftIO getCurrentTime
@ -228,13 +226,10 @@ postAdminTestR = do

  UniWorX{ appSettings' = AppSettings{..} } <- getYesod

-  psqlVersion <- runDBRead $ E.selectOne $ return E.psqlVersion_
-  dbTime      <- runDBRead $ E.selectOne $ return E.now_
-
  let locallyDefinedPageHeading = [whamlet|Admin TestPage for Uni2work|]
  siteLayout locallyDefinedPageHeading $ do
  -- defaultLayout $ do
-    setTitle "Uni2work Admin Testpage"
+    setTitle "Uni2work Admin Testpage"    

    $(i18nWidgetFile "admin-test")

@ -332,30 +327,19 @@ postAdminTestR = do
          <dd .deflist__dd>#{tshow appSynchroniseAvsUsersWithin}
    |]

-    [whamlet|
-      <section>
-        <h2> PostgreSQL Information
-        <dl .deflist>
-          $maybe pver <- psqlVersion
-            <dt .deflist__dt>DB Version
-            <dd .deflist__dd>#{E.unValue pver}
-          $maybe ptme <- dbTime
-            <dt .deflist__dt>DB Time
-            <dd .deflist__dd>#{tshow (E.unValue ptme)}
-    |]



 getAdminTestPdfR :: Handler TypedContent
 getAdminTestPdfR = do
-  usr  <- requireAuth -- to determine language and recipient for test
+  usr  <- requireAuth -- to determine language and recipient for test 
  qual <- fromMaybeM
            (addMessage Error "Keine Qualifikation in der Datenbank zur Erzeugung eines Test-PDFs gefunden." >> redirect AdminTestR)
            (runDB $ selectFirst [] [Asc QualificationAvsLicence, Asc QualificationShorthand])
  encRecipient :: CryptoUUIDUser <- encrypt $ usr ^. _entityKey
  now <- liftIO getCurrentTime
  let nowaday = utctDay now
-      letter  = LetterRenewQualification
+      letter  = LetterRenewQualificationF
        { lmsLogin      = LmsIdent "abcdefgh"
        , lmsPin        = "12345678"
        , qualHolderID  = usr ^. _entityKey
@ -367,17 +351,15 @@ getAdminTestPdfR = do
        , qualShort     = qual ^. _qualificationShorthand . _CI
        , qualSchool    = qual ^. _qualificationSchool
        , qualDuration  = qual ^. _qualificationValidDuration
-        , qualRenewAuto = qual ^. _qualificationElearningRenews
-        , qualELimit    = qual ^. _qualificationElearningLimit
        , isReminder    = False
-        }
+        }  
  apcIdent <- letterApcIdent letter encRecipient now
-  renderLetterPDF usr letter apcIdent Nothing >>= \case
+  renderLetterPDF usr letter apcIdent >>= \case
    Left err  -> sendResponseStatus internalServerError500 $ "PDF generation failed: \n" <> err
    Right pdf -> do
      liftIO $ LBS.writeFile "/tmp/generated.pdf" pdf
      encryptPDF "tomatenmarmelade" pdf >>= \case
        Left err      -> sendResponseStatus internalServerError500 $ "PDFtk error: \n" <> err
-        Right encPdf  -> do
+        Right encPdf  -> do 
          liftIO $ LBS.writeFile "/tmp/crypted.pdf" encPdf
          sendByteStringAsFile "demoPDF.pdf" (LBS.toStrict pdf) now
--- a/src/Handler/CommCenter.hs
+++ b/src/Handler/CommCenter.hs
@ -1,152 +0,0 @@
-- SPDX-FileCopyrightText: 2024 Steffen Jost <s.jost@fraport.de>
--
-- SPDX-License-Identifier: AGPL-3.0-or-later
-
-{-# OPTIONS_GHC -fno-warn-orphans #-}
-
-module Handler.CommCenter
-  ( getCommCenterR
-  ) where
-
-import Import
-import Handler.Utils
-
-- import qualified Data.Set as Set
-import qualified Data.Map as Map
-- import qualified Data.Text as Text
-import Data.Text.Lens (packed)
-
-- import Database.Persist.Sql (updateWhereCount)
-- import           Database.Esqueleto.Experimental ((:&)(..))
-import qualified Database.Esqueleto.Legacy as EL (on) -- only `on` and `from` are different, needed for dbTable using Esqueleto.Legacy
-import qualified Database.Esqueleto.Experimental as E
-import qualified Database.Esqueleto.Utils as E
-import qualified Database.Esqueleto.PostgreSQL as E
-import Database.Esqueleto.Utils.TH
-
-
-- avoids repetition of local definitions
-single :: (k,a) -> Map k a
-single = uncurry Map.singleton
-
-
-data CCTableAction = CCActDummy -- just a dummy, since we don't now yet which actions we will be needing
-  deriving (Eq, Ord, Enum, Bounded, Read, Show, Generic)
-
-instance Universe CCTableAction
-instance Finite CCTableAction
-nullaryPathPiece ''CCTableAction $ camelToPathPiece' 2
-embedRenderMessage ''UniWorX ''CCTableAction id
-
-data CCTableActionData  = CCActDummyData
-  deriving (Eq, Ord, Read, Show, Generic)
-
-
-- SJ: I don't know how to use E.unionAll_ with dbTable, so we simulate it by a FullOuterJoin with constant False ON-clause instead
-type CCTableExpr =
-  (                   (E.SqlExpr (Maybe (Entity User))  `E.InnerJoin` E.SqlExpr (Maybe (Entity SentMail)))
-    `E.FullOuterJoin` (E.SqlExpr (Maybe (Entity User))  `E.InnerJoin` E.SqlExpr (Maybe (Entity PrintJob)))
-  )
-
-queryRecipientMail :: CCTableExpr -> E.SqlExpr (Maybe (Entity User))
-queryRecipientMail = $(sqlIJproj 2 1) . $(sqlFOJproj 2 1)
-
-queryMail :: CCTableExpr -> E.SqlExpr (Maybe (Entity SentMail))
-queryMail = $(sqlIJproj 2 2) . $(sqlFOJproj 2 1)
-
-queryRecipientPrint :: CCTableExpr -> E.SqlExpr (Maybe (Entity User))
-queryRecipientPrint = $(sqlIJproj 2 1) . $(sqlFOJproj 2 2)
-
-queryPrint :: CCTableExpr -> E.SqlExpr (Maybe (Entity PrintJob))
-queryPrint = $(sqlIJproj 2 2) . $(sqlFOJproj 2 2)
-
-type CCTableData = DBRow (Maybe (Entity User), Maybe (Entity SentMail), Maybe (Entity User), Maybe (Entity PrintJob))
-
-resultRecipientMail :: Traversal' CCTableData (Entity User)
-resultRecipientMail = _dbrOutput . _1 . _Just
-
-resultMail :: Traversal' CCTableData (Entity SentMail)
-resultMail = _dbrOutput . _2 . _Just
-
-resultRecipientPrint :: Traversal' CCTableData (Entity User)
-resultRecipientPrint = _dbrOutput . _3 . _Just
-
-resultPrint :: Traversal' CCTableData (Entity PrintJob)
-resultPrint = _dbrOutput . _4 . _Just
-
-
-mkCCTable :: DB (Any, Widget)
-mkCCTable = do
-  let
-    dbtSQLQuery :: CCTableExpr -> E.SqlQuery (E.SqlExpr (Maybe (Entity User)), E.SqlExpr (Maybe (Entity SentMail)), E.SqlExpr (Maybe (Entity User)), E.SqlExpr (Maybe (Entity PrintJob)))
-    dbtSQLQuery  ((recipientMail `E.InnerJoin` mail) `E.FullOuterJoin` (recipientPrint `E.InnerJoin` printJob)) = do
-      EL.on $ recipientMail  E.?. UserId E.==. E.joinV (mail     E.?. SentMailRecipient)
-      EL.on $ recipientPrint E.?. UserId E.==. E.joinV (printJob E.?. PrintJobRecipient)
-      -- EL.on $ recipientMail  E.?. UserId E.==. recipientPrint E.?. UserId E.&&. E.false -- simulating E.unionAll_ by a constant false full outer join, since it is unclear how dbTable could handle E.unionAll_
-      EL.on E.false -- simulating E.unionAll_ by a constant false full outer join, since it is unclear how dbTable could handle E.unionAll_
-      -- E.where_ $ E.isJust (recipientMail E.?. UserId) E.||. E.isJust (recipientPrint E.?. UserId) -- not needed for full outer join
-      -- return (E.coalesce[recipientMail, recipientPrint], mail, print) -- coalesce only works on values, not entities
-      return (recipientMail,  mail, recipientPrint, printJob)
-    -- dbtRowKey = (,) <$> views (to queryMail) (E.?. SentMailId) <*> views (to queryPrint) (E.?. PrintJobId)
-    dbtRowKey ((_recipientMail `E.InnerJoin` mail) `E.FullOuterJoin` (_recipientPrint `E.InnerJoin` printJob)) = (mail E.?. SentMailId, printJob E.?. PrintJobId)
-
-    dbtProj = dbtProjId
-    dbtColonnade = dbColonnade $ mconcat -- prefer print over email in the impossible case that both are Just
-      [ sortable (Just "date")      (i18nCell MsgPrintJobCreated)       $ \row ->
-          let tprint  = row ^? resultPrint  . _entityVal . _printJobCreated
-              tmail   = row ^? resultMail   . _entityVal . _sentMailSentAt
-          in maybeCell (tprint <|> tmail) dateTimeCell
-      , sortable (Just "recipient") (i18nCell MsgPrintRecipient)        $ \row ->
-          let uprint = row ^? resultRecipientPrint
-              umail  = row ^? resultRecipientMail
-          in  maybeCell (uprint <|> umail) $ cellHasUserLink AdminUserR
-      , sortable Nothing (i18nCell MsgCommBody) $ \row -> if
-          | (Just k) <- row ^? resultPrint . _entityKey
-            -> anchorCellM (PrintDownloadR <$> encrypt k) $ toWgt (iconLetterOrEmail True ) <> text2widget "-link"
-          | (Just k) <- row ^? resultMail  . _entityKey
-            -> anchorCellM (MailHtmlR      <$> encrypt k) $ toWgt (iconLetterOrEmail False) <> text2widget "-link"
-          | otherwise
-            -> mempty
-      , sortable Nothing (i18nCell MsgCommSubject) $ \row ->
-          let tsubject = row ^? resultPrint . _entityVal . _printJobFilename . packed
-              msubject = row ^? resultMail . _entityVal . _sentMailHeaders . _mailHeaders' . _mailHeader' "Subject"
-          in maybeCell (tsubject <|> msubject) textCell
-      ]
-    dbtSorting = mconcat
-      [ singletonMap "date"       $ SortColumn  $ \row -> E.coalesce [queryPrint row E.?. PrintJobCreated, queryMail row E.?. SentMailSentAt]
-      , singletonMap "recipient"  $ SortColumns $ \row ->
-          [ SomeExprValue $ E.coalesce [queryRecipientPrint row E.?. UserSurname    , queryRecipientMail row E.?. UserSurname    ]
-          , SomeExprValue $ E.coalesce [queryRecipientPrint row E.?. UserDisplayName, queryRecipientMail row E.?. UserDisplayName]
-          ]
-      ]
-    dbtFilter = mconcat
-      [ single ("sent"      , FilterColumn . E.mkDayFilterTo
-                                $ \row -> E.coalesceDefault [queryPrint row E.?. PrintJobCreated, queryMail row E.?. SentMailSentAt] E.now_) -- either one is guaranteed to be non-null, default never used
-      , single ("recipient" , FilterColumn . E.mkContainsFilterWithCommaPlus Just
-                                $ \row -> E.coalesce [queryRecipientPrint row E.?. UserDisplayName, queryRecipientMail row E.?. UserDisplayName])
-      , single ("subject"   , FilterColumn . E.mkContainsFilterWithCommaPlus Just
-                                $ \row -> E.coalesce [E.str2text' $ queryPrint row E.?. PrintJobFilename
-                                                     ,E.str2text' $ queryMail  row E.?. SentMailHeaders  ])
-      ]
-    dbtFilterUI mPrev = mconcat
-      [ prismAForm (singletonFilter "date"      . maybePrism _PathPiece) mPrev $ aopt (hoistField lift  dayField)  (fslI MsgPrintJobCreated)
-      , prismAForm (singletonFilter "recipient" . maybePrism _PathPiece) mPrev $ aopt (hoistField lift textField)  (fslI MsgPrintRecipient & setTooltip MsgTableFilterCommaPlus)
-      , prismAForm (singletonFilter "subject"   . maybePrism _PathPiece) mPrev $ aopt (hoistField lift textField)  (fslI MsgCommSubject    & setTooltip MsgTableFilterCommaPlusShort)
-      ]
-    dbtStyle = def { dbsFilterLayout = defaultDBSFilterLayout}
-    dbtIdent :: Text
-    dbtIdent = "comms"
-    dbtCsvEncode = noCsvEncode
-    dbtCsvDecode = Nothing
-    dbtExtraReps = []
-    dbtParams = def
-    psValidator = def & defaultSorting [SortDescBy "date"]
-  dbTable psValidator DBTable{..}
-
-getCommCenterR :: Handler Html
-getCommCenterR = do
-  (_, ccTable) <- runDB mkCCTable
-  siteLayoutMsg MsgMenuCommCenter $ do
-    setTitleI MsgMenuCommCenter
-    $(widgetFile "comm-center")
-
--- a/src/Handler/Course/Communication.hs
+++ b/src/Handler/Course/Communication.hs
@ -64,10 +64,8 @@ postCCommR tid ssh csh = do

    return (cid, tuts, exams, sheets)

-  let heading = SomeMessage . prependCourseTitle tid ssh csh $ SomeMessage MsgCommCourseHeading
  commR CommunicationRoute
-    { crHeading    = heading
-    , crTitle      = heading
+    { crHeading    = SomeMessage . prependCourseTitle tid ssh csh $ SomeMessage MsgCommCourseHeading
    , crUltDest    = SomeRoute $ CourseR tid ssh csh CCommR
    , crJobs       = crJobsCourseCommunication cid
    , crTestJobs   = crTestJobsCourseCommunication cid
--- a/src/Handler/Course/Edit.hs
+++ b/src/Handler/Course/Edit.hs
@ -1,4 +1,4 @@
-- SPDX-FileCopyrightText: 2022-24 Gregor Kleen <gregor.kleen@ifi.lmu.de>,Sarah Vaupel <sarah.vaupel@ifi.lmu.de>,Sarah Vaupel <vaupel.sarah@campus.lmu.de>,Steffen Jost <jost@cip.ifi.lmu.de>,Steffen Jost <s.jost@fraport.de>,Winnie Ros <winnie.ros@campus.lmu.de>
+-- SPDX-FileCopyrightText: 2022 Gregor Kleen <gregor.kleen@ifi.lmu.de>,Sarah Vaupel <sarah.vaupel@ifi.lmu.de>,Sarah Vaupel <vaupel.sarah@campus.lmu.de>,Steffen Jost <jost@cip.ifi.lmu.de>,Steffen Jost <jost@tcs.ifi.lmu.de>,Winnie Ros <winnie.ros@campus.lmu.de>
 --
 -- SPDX-License-Identifier: AGPL-3.0-or-later

@ -46,13 +46,12 @@ data CourseForm = CourseForm
        , cfRegTo        :: Maybe UTCTime
        , cfDeRegUntil   :: Maybe UTCTime
        , cfLecturers    :: [Either (UserEmail, Maybe LecturerType) (UserId, LecturerType)]
-        , cfQualis       :: [(QualificationId, Int)]
        }

 makeLenses_ ''CourseForm

-courseToForm :: Entity Course -> [Lecturer] -> Map UserEmail (InvitationDBData Lecturer) -> [CourseQualification] -> CourseForm
-courseToForm (Entity cid Course{..}) lecs lecInvites qualis = CourseForm
+courseToForm :: Entity Course -> [Lecturer] -> Map UserEmail (InvitationDBData Lecturer) -> CourseForm
+courseToForm (Entity cid Course{..}) lecs lecInvites = CourseForm
    { cfCourseId            = Just cid
    , cfName                = courseName
    , cfDesc                = courseDescription
@ -70,9 +69,6 @@ courseToForm (Entity cid Course{..}) lecs lecInvites qualis = CourseForm
    , cfDeRegUntil          = courseDeregisterUntil
    , cfLecturers           = [Right (lecturerUser, lecturerType) | Lecturer{..} <- lecs]
                           ++ [Left (email, mType) | (email, InvDBDataLecturer mType) <- Map.toList lecInvites ]
-    -- TODO: Filterung nach aktueller Schule, da ansonsten ein Sicherheitleck droht! Siehe #150
-    , cfQualis              = [ (courseQualificationQualification, courseQualificationSortOrder)
-                              | CourseQualification{..} <- qualis, courseQualificationCourse == cid ]
    }


@ -85,19 +81,17 @@ makeCourseForm miButtonAction template = identifyForm FIDcourse . validateFormDB
    MsgRenderer mr <- getMsgRenderer

    uid <- liftHandler requireAuthId
-    (userSchools, elegibleQualifications) :: ([SchoolId], OptionList QualificationId) <- liftHandler . runDB $ do
-      lecturerSchools   <- map (userFunctionSchool . entityVal) <$> selectList [UserFunctionUser ==. uid, UserFunctionFunction <-. [SchoolLecturer]] []
-      protoAdminSchools <- map (userFunctionSchool . entityVal) <$> selectList [UserFunctionUser ==. uid, UserFunctionFunction <-. [SchoolAdmin]]    [] -- default rights
-      adminSchools <- filterM (hasWriteAccessTo . flip SchoolR SchoolEditR) protoAdminSchools -- and user as admin rights active right now
+    (lecturerSchools, adminSchools, oldSchool) <- liftHandler . runDB $ do
+      lecturerSchools <- map (userFunctionSchool . entityVal) <$> selectList [UserFunctionUser ==. uid, UserFunctionFunction <-. [SchoolLecturer]] []
+      protoAdminSchools  <- map (userFunctionSchool . entityVal) <$> selectList [UserFunctionUser ==. uid, UserFunctionFunction <-. [SchoolAdmin]] []
+      adminSchools <- filterM (hasWriteAccessTo . flip SchoolR SchoolEditR) protoAdminSchools
      oldSchool <- forM (cfCourseId =<< template) $ fmap courseSchool . getJust
-      let elegibleSchools = Set.fromList $ lecturerSchools ++ adminSchools
-          userSchools = Set.toList $ maybe id Set.insert oldSchool elegibleSchools
-      elegibleQualifications <- selectList [QualificationSchool <-. Set.toList elegibleSchools] [Asc QualificationName, Asc QualificationSchool]
-      return (userSchools, qualificationsOptionList elegibleQualifications)
+      return (lecturerSchools, adminSchools, oldSchool)
+    let userSchools = nubOrd . maybe id (:) oldSchool $ lecturerSchools ++ adminSchools

    (termsField, userTerms) <- liftHandler $ case template of
      -- Change of term is only allowed if user may delete the course (i.e. no participants) or admin
-      (Just cform)  | (Just cid) <- cfCourseId cform -> do -- edit existing course& \c
+      (Just cform)  | (Just cid) <- cfCourseId cform -> do -- edit existing course
          _courseOld@Course{..} <- runDB $ get404 cid
          mayEditTerm <- isAuthorized TermEditR True
          mayDelete   <- isAuthorized (CourseR courseTerm courseSchool courseShorthand CDeleteR) True
@ -108,7 +102,51 @@ makeCourseForm miButtonAction template = identifyForm FIDcourse . validateFormDB
              -> return (termsSetField [cfTerm cform], [cfTerm cform])
      _allOtherCases -> (termsAllowedField, ) . Set.toList <$> runDB getActiveTerms

-    let lecturerForm :: AForm Handler [Either (UserEmail, Maybe LecturerType) (UserId, LecturerType)]
+    let miAdd :: ListPosition -> Natural -> ListLength -> (Text -> Text) -> FieldView UniWorX -> Maybe (Form (Map ListPosition (Either UserEmail UserId) -> FormResult (Map ListPosition (Either UserEmail UserId))))
+        miAdd _ _ _ nudge btn = Just $ \csrf -> do
+          (addRes, addView) <- mpreq (multiUserInvitationField $ MUILookupAnyUser Nothing) (fslI MsgCourseLecturerEmail & addName (nudge "email") & addPlaceholder (mr MsgLdapIdentificationOrEmail)) Nothing
+          let addRes'' = addRes <&> \newDat oldDat -> if
+                | existing <- newDat `Set.intersection` Set.fromList (Map.elems oldDat)
+                , not $ Set.null existing
+                  -> FormFailure [mr MsgCourseLecturerAlreadyAdded]
+                | otherwise
+                  -> FormSuccess . Map.fromList . zip [maybe 0 (succ . fst) $ Map.lookupMax oldDat ..] $ Set.toList newDat
+              addView' = $(widgetFile "course/lecturerMassInput/add")
+          return (addRes'', addView')
+
+        miCell :: ListPosition -> Either UserEmail UserId -> Maybe (Maybe LecturerType) -> (Text -> Text) -> Form (Maybe LecturerType)
+        miCell _ (Right lid) defType nudge = \csrf -> do
+          (lrwRes,lrwView) <- mreq (selectField optionsFinite) (fslI MsgCourseLecturerType & addName (nudge "lecturer-type")) (join defType)
+          usr <- liftHandler . runDB $ get404 lid
+          let lrwView' = $(widgetFile "course/lecturerMassInput/cellKnown")
+          return (Just <$> lrwRes,lrwView')
+        miCell _ (Left lEmail) defType nudge = \csrf -> do
+          (lrwRes,lrwView) <- mopt (selectField optionsFinite) ("" & addName (nudge "lecturer-type")) defType
+          invWarnMsg <- messageIconI Info IconEmail MsgEmailInvitationWarning
+          let lrwView' = $(widgetFile "course/lecturerMassInput/cellInvitation")
+          return (lrwRes,lrwView')
+
+        miDelete :: Map ListPosition (Either UserEmail UserId) -- ^ Current shape
+                 -> ListPosition -- ^ Coordinate to delete
+                 -> MaybeT (MForm (HandlerFor UniWorX)) (Map ListPosition ListPosition)
+        miDelete = miDeleteList
+
+        miAddEmpty :: ListPosition -> Natural -> ListLength -> Set ListPosition
+        miAddEmpty _ _ _ = Set.empty
+
+        miLayout :: ListLength
+                 -> Map ListPosition (Either UserEmail UserId, FormResult (Maybe LecturerType)) -- ^ massInput state
+                 -> Map ListPosition Widget -- ^ Cell widgets
+                 -> Map ListPosition (FieldView UniWorX) -- ^ Deletion buttons
+                 -> Map (Natural, ListPosition) Widget -- ^ Addition widgets
+                 -> Widget
+        miLayout lLength _ cellWdgts delButtons addWdgts = $(widgetFile "course/lecturerMassInput/layout")
+
+        miIdent :: Text
+        miIdent = "lecturers"
+
+
+        lecturerForm :: AForm Handler [Either (UserEmail, Maybe LecturerType) (UserId, LecturerType)]
        lecturerForm = formToAForm . over (mapped._2) pure . over (mapped._1.mapped) (map liftEither . Map.elems) $ massInput
                MassInput{..}
                (fslI MsgCourseLecturers & setTooltip MsgCourseLecturerRightsIdentical)
@ -125,79 +163,6 @@ makeCourseForm miButtonAction template = identifyForm FIDcourse . validateFormDB
            unliftEither (Right (lid   , lType )) = (Right lid  , Just lType)
            unliftEither (Left  (lEmail, mLType)) = (Left lEmail, mLType    )

-            miAdd :: ListPosition -> Natural -> ListLength -> (Text -> Text) -> FieldView UniWorX -> Maybe (Form (Map ListPosition (Either UserEmail UserId) -> FormResult (Map ListPosition (Either UserEmail UserId))))
-            miAdd _ _ _ nudge btn = Just $ \csrf -> do
-              (addRes, addView) <- mpreq (multiUserInvitationField $ MUILookupAnyUser Nothing) (fslI MsgCourseLecturerEmail & addName (nudge "email") & addPlaceholder (mr MsgLdapIdentificationOrEmail)) Nothing
-              let addRes'' = addRes <&> \newDat oldDat -> if
-                    | existing <- newDat `Set.intersection` Set.fromList (Map.elems oldDat)
-                    , not $ Set.null existing
-                      -> FormFailure [mr MsgCourseLecturerAlreadyAdded]
-                    | otherwise
-                      -> FormSuccess . Map.fromList . zip [maybe 0 (succ . fst) $ Map.lookupMax oldDat ..] $ Set.toList newDat
-                  addView' = $(widgetFile "course/lecturerMassInput/add")
-              return (addRes'', addView')
-
-            miCell :: ListPosition -> Either UserEmail UserId -> Maybe (Maybe LecturerType) -> (Text -> Text) -> Form (Maybe LecturerType)
-            miCell _ (Right lid) defType nudge = \csrf -> do
-              (lrwRes,lrwView) <- mreq (selectField optionsFinite) (fslI MsgCourseLecturerType & addName (nudge "lecturer-type")) (join defType)
-              usr <- liftHandler . runDB $ get404 lid
-              let lrwView' = $(widgetFile "course/lecturerMassInput/cellKnown")
-              return (Just <$> lrwRes,lrwView')
-            miCell _ (Left lEmail) defType nudge = \csrf -> do
-              (lrwRes,lrwView) <- mopt (selectField optionsFinite) ("" & addName (nudge "lecturer-type")) defType
-              invWarnMsg <- messageIconI Info IconEmail MsgEmailInvitationWarning
-              let lrwView' = $(widgetFile "course/lecturerMassInput/cellInvitation")
-              return (lrwRes,lrwView')
-
-            miDelete :: Map ListPosition (Either UserEmail UserId) -- ^ Current shape
-                    -> ListPosition -- ^ Coordinate to delete
-                    -> MaybeT (MForm (HandlerFor UniWorX)) (Map ListPosition ListPosition)
-            miDelete = miDeleteList
-
-            miAddEmpty :: ListPosition -> Natural -> ListLength -> Set ListPosition
-            miAddEmpty _ _ _ = Set.empty
-
-            miLayout :: ListLength
-                    -> Map ListPosition (Either UserEmail UserId, FormResult (Maybe LecturerType)) -- ^ massInput state
-                    -> Map ListPosition Widget -- ^ Cell widgets
-                    -> Map ListPosition (FieldView UniWorX) -- ^ Deletion buttons
-                    -> Map (Natural, ListPosition) Widget -- ^ Addition widgets
-                    -> Widget
-            miLayout lLength _ cellWdgts delButtons addWdgts = $(widgetFile "course/lecturerMassInput/layout")
-
-            miIdent :: Text
-            miIdent = "lecturers"
-
-        qualificationsForm :: Maybe [(QualificationId, Int)] -> AForm Handler [(QualificationId, Int)] -- filter by admin school done later through upsertCourseQualifications
-        qualificationsForm = massInputAccumEditA miAdd miEdit miButtonAction miLayout miIdent (fslI $ MsgCourseQualifications 9) False
-          where
-            miIdent :: Text
-            miIdent = "qualifications"
-
-            miAdd :: (Text -> Text) -> FieldView UniWorX -> Form ([(QualificationId,Int)] -> FormResult [(QualificationId,Int)])
-            miAdd  nudge submitView csrf = do
-              (formRes, formView) <- aCourseQualiForm nudge Nothing csrf
-              let addRes = formRes <&> \newDat@(newQid,oldOrd) (unzip -> (oldQids,oldOrds)) ->
-                    let qidBad = guardMonoid (newQid `elem` oldQids) [mr MsgCourseEditQualificationFailExists]
-                        ordBad = guardMonoid (oldOrd `elem` oldOrds) [mr MsgCourseEditQualificationFailOrder ]
-                        problems = qidBad ++ ordBad
-                    in if null problems
-                        then FormSuccess $ pure newDat
-                        else FormFailure problems
-              return (addRes, $(widgetFile "widgets/massinput/courseQualifications/add"))
-
-            miEdit :: (Text -> Text) -> (QualificationId, Int) -> Form (QualificationId, Int)
-            miEdit nudge  = aCourseQualiForm nudge . Just
-
-            miLayout :: MassInputLayout ListLength (QualificationId,Int) (QualificationId, Int)
-            miLayout lLength _ cellWdgts delButtons addWdgts = $(widgetFile "widgets/massinput/courseQualifications/layout")
-
-            aCourseQualiForm :: (Text -> Text) -> Maybe (QualificationId, Int) -> Form (QualificationId, Int)
-            aCourseQualiForm nudge mTemplate csrf = do
-              (cquRes, cquView) <- mpreq (selectField $ pure elegibleQualifications) ("" & addName (nudge "cquali")) (view _1 <$> mTemplate)
-              (ordRes, ordView) <- mpreq     intField                                ("" & addName (nudge "cqordr")) (view _2 <$> mTemplate)
-              return ((,) <$> cquRes <*> ordRes, $(widgetFile "widgets/massinput/courseQualifications/form"))
-
    (newVisFrom,newRegFrom,newRegTo,newDeRegUntil) <- case template of
        (Just cform) | (Just _cid) <- cfCourseId cform -> return (Nothing,Nothing,Nothing,Nothing)
        _allIOtherCases -> do
@ -243,7 +208,6 @@ makeCourseForm miButtonAction template = identifyForm FIDcourse . validateFormDB
            & setTooltip MsgCourseDeregisterUntilTip)                   (deepAlt (cfDeRegUntil <$> template) newDeRegUntil)
      <*  aformSection MsgCourseFormSectionAdministration
      <*> lecturerForm
-      <*> qualificationsForm (cfQualis <$> template)
    return (result, widget)


@ -263,10 +227,6 @@ validateCourse = do
  unless userAdmin $ do
    guardValidation MsgCourseUserMustBeLecturer
      $ anyOf (traverse . _Right . _1) (== uid) cfLecturers
-  guardValidation MsgCourseEditQualificationFailExists
-    $ not $ hasDuplicates $ fst <$> cfQualis
-  guardValidation MsgCourseEditQualificationFailOrder
-    $ not $ hasDuplicates $ snd <$> cfQualis

  warnValidation MsgCourseShorthandTooLong
    $ length (CI.original cfShort) <= 10
@ -319,12 +279,9 @@ getCourseNewR = do
                    , E.desc $ courseCreated course]                                     -- most recent created course
          E.limit 1
          return course
-      template <- case oldCourses of
-        (oldTemplate:_) -> runDB $ do
-            mbLecs       <- oldTemplate & \course -> map entityVal <$> selectList [LecturerCourse ==. entityKey course] [Asc LecturerType]
-            mbLecInvites <- oldTemplate & sourceInvitationsF . entityKey
-            mbQualis     <- oldTemplate & \course -> map entityVal <$> selectList [CourseQualificationCourse ==. entityKey course] [Asc CourseQualificationSortOrder]
-            let newTemplate = courseToForm oldTemplate mbLecs mbLecInvites mbQualis
+      template <- case listToMaybe oldCourses of
+        (Just oldTemplate) ->
+            let newTemplate = courseToForm oldTemplate mempty mempty in
            return $ Just $ newTemplate
                { cfCourseId   = Nothing
                , cfTerm       = TermKey $ termFromRational 0 -- invalid, will be ignored; undefined won't work due to strictness
@ -332,11 +289,11 @@ getCourseNewR = do
                , cfRegTo      = Nothing
                , cfDeRegUntil = Nothing
                }
-        [] -> do
+        Nothing -> do
            (tidOk,sshOk,cshOk) <- runDB $ (,,)
-                <$> ifNothingM mbTid True existsKey
-                <*> ifNothingM mbSsh True existsKey
-                <*> ifNothingM mbCsh True (\csh -> not . null <$> selectKeysList [CourseShorthand ==. csh] [LimitTo 1])
+                <$> ifMaybeM mbTid True existsKey
+                <*> ifMaybeM mbSsh True existsKey
+                <*> ifMaybeM mbCsh True (\csh -> not . null <$> selectKeysList [CourseShorthand ==. csh] [LimitTo 1])
            unless tidOk $ addMessageI Warning $ MsgNoSuchTerm   $ fromJust mbTid -- safe, since tidOk==True otherwise
            unless sshOk $ addMessageI Warning $ MsgNoSuchSchool $ fromJust mbSsh -- safe, since sshOk==True otherwise
            unless cshOk $ addMessageI Warning $ MsgNoSuchCourseShorthand $ fromJust mbCsh
@ -357,11 +314,10 @@ pgCEditR tid ssh csh = do
      mbCourse     <- getBy (TermSchoolCourseShort tid ssh csh)
      mbLecs       <- for mbCourse $ \course -> map entityVal <$> selectList [LecturerCourse ==. entityKey course] [Asc LecturerType]
      mbLecInvites <- for mbCourse $ sourceInvitationsF . entityKey
-      mbQualis     <- for mbCourse $ \course -> map entityVal <$> selectList [CourseQualificationCourse ==. entityKey course] [Asc CourseQualificationSortOrder]
-      return $ (,,,) <$> mbCourse <*> mbLecs <*> mbLecInvites <*> mbQualis
+      return $ (,,) <$> mbCourse <*> mbLecs <*> mbLecInvites
  -- IMPORTANT: both GET and POST Handler must use the same template,
  --    since an Edit is identified via CourseID, which is not embedded in the received form data for security reasons.
-  courseEditHandler (\p -> Just . SomeRoute $ CourseR tid ssh csh CEditR :#: p) $ $(uncurryN 4) courseToForm <$> courseData
+  courseEditHandler (\p -> Just . SomeRoute $ CourseR tid ssh csh CEditR :#: p) $ $(uncurryN 3) courseToForm <$> courseData


 -- | Course Creation and Editing
@ -401,7 +357,6 @@ courseEditHandler miButtonAction mbCourseForm = do
              let (invites, adds) = partitionEithers $ cfLecturers res
              insertMany_ $ map (\(lid, lty) -> Lecturer lid cid lty) adds
              sinkInvitationsF lecturerInvitationConfig $ map (\(lEmail, mLty) -> (lEmail, cid, (InvDBDataLecturer mLty, InvTokenDataLecturer))) invites
-              void $ upsertCourseQualifications aid cid $ cfQualis res
              insert_ $ CourseEdit aid now cid
              memcachedByInvalidate AuthCacheLecturerList $ Proxy @(Set UserId)
            return insertOkay
@ -450,9 +405,11 @@ courseEditHandler miButtonAction mbCourseForm = do
                    let (invites, adds) = partitionEithers $ cfLecturers res
                    insertMany_ $ map (\(lid, lty) -> Lecturer lid cid lty) adds
                    sinkInvitationsF lecturerInvitationConfig $ map (\(lEmail, mLty) -> (lEmail, cid, (InvDBDataLecturer mLty, InvTokenDataLecturer))) invites
-                    void $ upsertCourseQualifications aid cid $ cfQualis res
+
                    insert_ $ CourseEdit aid now cid
+
                    memcachedByInvalidate AuthCacheLecturerList $ Proxy @(Set UserId)
+
                    addMessageI Success $ MsgCourseEditOk tid ssh csh
                    return True
          when success $ redirect $ CourseR tid ssh csh CShowR
@ -463,35 +420,3 @@ courseEditHandler miButtonAction mbCourseForm = do
        { formAction = Just $ SomeRoute actionUrl
        , formEncoding = formEnctype
        }
-
-- upsertCourseQualifications :: forall m backend . (MonadIO m, PersistStoreWrite backend, PersistQueryRead backend) => UserId -> CourseId -> [(QualificationId, Int)] -> ReaderT backend m Bool
-upsertCourseQualifications :: UserId -> CourseId -> [(QualificationId, Int)] -> YesodJobDB UniWorX Bool -- could be generalized
-upsertCourseQualifications uid cid qualis = do
-  let newQualis = Map.fromList qualis
-  oldQualis <- Map.fromList . fmap (\Entity{entityKey=k, entityVal=CourseQualification{..}} -> (courseQualificationQualification, (k, courseQualificationSortOrder)))
-                <$> selectList [CourseQualificationCourse ==. cid] [Asc CourseQualificationQualification]
-  -- NOTE: CourseQualification allow the immediate assignment of these qualifications to any enrolled user. Hence SchoolAdmins must not be allowed to assign school-foreign qualifications, see #150
-  okSchools <- Set.fromList . fmap (userFunctionSchool . entityVal)
-                <$> selectList [UserFunctionUser ==. uid, UserFunctionFunction <-. [SchoolAdmin, SchoolLecturer]] [Asc UserFunctionSchool]
-  {- Some debugging due to an error caused by using fromDistinctAscList with violated precondition:
-  $logErrorS "CourseQuali" $ "OLD  Course Qualifications:" <> tshow oldQualis
-  $logErrorS "CourseQuali" $ "NEW  Course Qualifications:" <> tshow newQualis
-  $logErrorS "CourseQuali" $ "DIFF Course Qualifications:" <> tshow (newQualis Map.\\ oldQualis)
-  -}
-  foldWithKeyMapM oldQualis $ \qu (k, so_old) -> case Map.lookup qu newQualis of
-        Just so_new | so_new /= so_old
-                -> update k [CourseQualificationSortOrder =. so_new] -- existing CourseQualifications may be re-ordered, regardless of school association
-        Nothing -> delete k                                          -- existing CourseQualifications may be removed,    regardless of school association
-        _       -> return ()
-  res <- foldWithKeyMapM (newQualis Map.\\ oldQualis) $ \qu so -> get qu >>= \case
-        Just Qualification{qualificationSchool=ssh, qualificationShorthand=qsh}
-          | Set.member ssh okSchools ->
-              insert_ CourseQualification{courseQualificationQualification = qu, courseQualificationCourse = cid, courseQualificationSortOrder = so}
-              $> All True
-          | otherwise -> do
-              addMessageI Warning $ MsgCourseEditQualificationFailRights qsh ssh
-              pure $ All False
-        _ -> do
-              addMessageI Warning   MsgCourseEditQualificationFail
-              pure $ All False
-  pure $ getAll res
--- a/src/Handler/Course/List.hs
+++ b/src/Handler/Course/List.hs
@ -226,16 +226,7 @@ getCourseListR = do
        ]
      validator = def
        & defaultSorting [SortDescBy "term",SortAscBy "course"]
-  now <- liftIO getCurrentTime
-  coursesTable <- runDB $ do
-    activeTs <- selectList [TermActiveFrom <=. now
-                , FilterOr [TermActiveTo >. Just now, TermActiveTo ==. Nothing]
-                , FilterOr [TermActiveFor ==. muid, TermActiveFor ==. Nothing]   -- TermActiveFor <-. [Nothing, muid] did not work as intended
-                ] [Desc TermActiveTerm]
-    let addTermFilter = if null activeTs 
-          then id
-          else defaultFilter $ singletonMap "term" [toPathPiece termActiveTerm | Entity _ TermActive{termActiveTerm} <- activeTs]
-    makeCourseTable colonnade (validator & addTermFilter)
+  coursesTable <- runDB $ makeCourseTable colonnade validator
  defaultLayout $ do
    setTitleI MsgCourseListTitle
    $(widgetFile "courses")
--- a/src/Handler/Course/ParticipantInvite.hs
+++ b/src/Handler/Course/ParticipantInvite.hs
@ -192,37 +192,26 @@ handleAddUserR tid ssh csh tdesc ttyp = do

  currentRoute <- fromMaybe (error "postCAddUserR called from 404-handler") <$> getCurrentRoute

-  (_ , registerConfirmResult) <- runButtonForm FIDCourseRegisterConfirm    
-  --   $logDebugS "***AbortProblem***" $ tshow registerConfirmResult
-  prefillUsers <- case registerConfirmResult of 
-    Nothing -> return mempty
-    (Just BtnCourseRegisterAbort)   -> do 
-      addMessageI Warning MsgAborted
-      -- prefill confirmed users for convenience. Note that Browser-Back may also return to the filled form, but history.back() does not in Chrome
-      confirmedActs :: [CourseRegisterActionData] <- exceptT (const $ return mempty) return . mapMM encodedSecretBoxOpen . lookupPostParams $ toPathPiece PostCourseUserAddConfirmAction  -- ignore any exception, since it is only used to prefill a form field for convenience
-      return $ Just $ Set.fromList $ fmap crActIdent confirmedActs
-    (Just BtnCourseRegisterConfirm) -> do
-      confirmedActs :: Set CourseRegisterActionData <- fmap Set.fromList . throwExceptT . mapMM encodedSecretBoxOpen . lookupPostParams $ toPathPiece PostCourseUserAddConfirmAction  
-      --   $logDebugS "CAddUserR confirmedActs" . tshow $ Set.map Aeson.encode confirmedActs
-      unless (Set.null confirmedActs) $ do -- TODO: check that all acts are member of availableActs
-        let
-          users = Map.fromList . fmap (\act -> (crActIdent act, Just . view _1 $ crActUser act)) $ Set.toList confirmedActs
-          tutActs = Set.filter (is _CourseRegisterActionAddTutorialMemberData) confirmedActs
-          actTutorial = crActTutorial <$> Set.lookupMin tutActs -- tutorial ident must be the same for every added member!      
-        registeredUsers <- registerUsers cid users
-        whenIsJust actTutorial $ \(tutName,tutType,tutDay) -> do
-          whenIsJust (tutName <|> fmap (tutorialDefaultName tutType) tutDay) $ \tName -> do
-            tutId <- upsertNewTutorial cid tName tutType tutDay
-            registerTutorialMembers tutId registeredUsers
-            -- when (Set.size tutActs == Set.size confirmedActs) $ -- not sure how this condition might be false at this point
-            redirect $ CTutorialR tid ssh csh tName TUsersR
-        redirect $ CourseR tid ssh csh CUsersR
-      return mempty
+  confirmedActs :: Set CourseRegisterActionData <- fmap Set.fromList . throwExceptT . mapMM encodedSecretBoxOpen . lookupPostParams $ toPathPiece PostCourseUserAddConfirmAction
+  --   $logDebugS "CAddUserR confirmedActs" . tshow $ Set.map Aeson.encode confirmedActs
+  unless (Set.null confirmedActs) $ do -- TODO: check that all acts are member of availableActs
+    let
+      users = Map.fromList . fmap (\act -> (crActIdent act, Just . view _1 $ crActUser act)) $ Set.toList confirmedActs
+      tutActs = Set.filter (is _CourseRegisterActionAddTutorialMemberData) confirmedActs
+      actTutorial = crActTutorial <$> Set.lookupMin tutActs -- tutorial ident must be the same for every added member!      
+    registeredUsers <- registerUsers cid users
+    whenIsJust actTutorial $ \(tutName,tutType,tutDay) -> do
+      whenIsJust (tutName <|> fmap (tutorialDefaultName tutType) tutDay) $ \tName -> do
+        tutId <- upsertNewTutorial cid tName tutType tutDay
+        registerTutorialMembers tutId registeredUsers
+        -- when (Set.size tutActs == Set.size confirmedActs) $ -- not sure how this condition might be false at this point
+        redirect $ CTutorialR tid ssh csh tName TUsersR
+    redirect $ CourseR tid ssh csh CUsersR
  
-  ((usersToAdd :: FormResult AddUserRequest, formWgt), formEncoding) <- runFormPost . identifyForm FIDCourseRegister . renderWForm FormStandard $ do
+  ((usersToAdd :: FormResult AddUserRequest, formWgt), formEncoding) <- runFormPost . renderWForm FormStandard $ do
    let tutTypesMsg   = [(SomeMessage tt,tt) | tt <- tutTypes]
        tutDefType    = ttyp >>= (\ty -> if ty `elem` tutTypes then Just ty else Nothing)        
-    auReqUsers <- wreq (textField & cfAnySeparatedSet) (fslI MsgCourseParticipantsRegisterUsersField & setTooltip MsgCourseParticipantsRegisterUsersFieldTip) prefillUsers
+    auReqUsers <- wreq (textField & cfAnySeparatedSet) (fslI MsgCourseParticipantsRegisterUsersField & setTooltip MsgCourseParticipantsRegisterUsersFieldTip) mempty
    auReqTutorial <- optionalActionW
      ( (,,) 
        <$> aopt  (textField & cfStrip & cfCI & addDatalist tutNameSuggestions)
--- a/src/Handler/Course/Register.hs
+++ b/src/Handler/Course/Register.hs
@ -68,7 +68,7 @@ courseRegisterForm (Entity cid Course{..}) = liftHandler $ do
      | otherwise
        -> return $ FormSuccess ()

-    mayViewCourseAfterDeregistration <- liftHandler . runDBRead $ E.selectExists . E.from $ \course -> do
+    mayViewCourseAfterDeregistration <- liftHandler . runDB $ E.selectExists . E.from $ \course -> do
      E.where_ $  course E.^. CourseId E.==. E.val cid
           E.&&. (       isSchoolAdminLike muid ata (course E.^. CourseSchool)
                   E.||. mayEditCourse muid ata course
@ -92,7 +92,7 @@ courseMayReRegister :: Entity Course -> DB Bool
 courseMayReRegister (Entity cid Course{..}) = do
  registrations <- count [ CourseParticipantState ==. CourseParticipantActive, CourseParticipantCourse ==. cid ]
  let capacity = maybe True (>= registrations) courseCapacity
-
+  
  wouldHaveWriteAccessTo [(AuthCapacity, capacity), (AuthCourseRegistered, False)] $ CourseR courseTerm courseSchool courseShorthand CRegisterR


--- a/src/Handler/Course/User.hs
+++ b/src/Handler/Course/User.hs
@ -9,11 +9,12 @@ module Handler.Course.User
 import Import

 import Utils.Form
-import Utils.Mail (pickValidUserEmail)
 import Handler.Utils
 import Handler.Utils.SheetType
+import Handler.Utils.Profile (pickValidEmail)
 import Handler.Utils.StudyFeatures
 import Handler.Submission.List
+
 import Handler.Course.Register

 import Jobs.Queue
--- a/src/Handler/Course/Users.hs
+++ b/src/Handler/Course/Users.hs
@ -129,11 +129,11 @@ _userSheets = _dbrOutput . _7

 -- _userQualifications :: Traversal' UserTableData [Entity Qualification]
 -- _userQualifications = _dbrOutput . _8 . (traverse _1)
-- last part: ([Entity Qualification] -> f [Entity Qualification]) -> UserTableQualifications -> f UserTableQualifications
+-- last part: ([Entity Qualification] -> f [Entity Qualification]) -> UserTableQualfications -> f UserTableQualifications

 _userQualifications :: Getter UserTableData [Entity Qualification]
 _userQualifications = _dbrOutput . _8 . to (fmap fst3)
-- _userQualifications = _dbrOutput . _8 . each . _1 -- TODO: how to make this work
+-- _userQualifications = _dbrOutput . _8 . each . _1 -- TODO: how to make this work 


 _userCourseQualifications :: Lens' UserTableData UserTableQualifications
@ -194,7 +194,7 @@ colUserQualifications cutoff = sortable (Just "qualifications") (i18nCell MsgTab
 colUserQualificationBlocked :: forall m c. IsDBTable m c => Bool -> Day -> Colonnade Sortable UserTableData (DBCell m c)
 colUserQualificationBlocked isAdmin cutoff = sortable (Just "qualification-block") (i18nCell MsgQualificationValidIndicator & cellTooltip MsgTableQualificationBlockedTooltipSimple) $
  let qualNamedReasonCell (q,qu,qb) = textCell ((q ^. hasQualification . _qualificationShorthand . _CI) <> ": ") <> qualificationValidReasonCell' Nothing isAdmin cutoff qb qu
-  in  \(view _userCourseQualifications -> qualis) ->
+  in  \(view _userCourseQualifications -> qualis) ->  
        (cellAttrs <>~ [("class", "list--inline list--comma-separated list--iconless")]) . listCell qualis $ qualNamedReasonCell

 data UserTableCsv = UserTableCsv
@ -420,12 +420,12 @@ makeCourseUserTable cid acts restrict colChoices psValidator csvColumns = do
                     )
                   )
          qualis <- E.select . E.from $ \(qualification `E.InnerJoin` qualificationUser `E.LeftOuterJoin` qualificationBlock) -> do
-            E.on $ qualificationUser E.^. QualificationUserId  E.=?. qualificationBlock E.?. QualificationUserBlockQualificationUser
+            E.on $ qualificationUser E.^. QualificationUserId  E.=?. qualificationBlock E.?. QualificationUserBlockQualificationUser 
                  E.&&. qualificationBlock `isLatestBlockBefore` E.now_
-            E.on $ qualificationUser E.^. QualificationUserQualification E.==. qualification E.^. QualificationId
+            E.on $ qualificationUser E.^. QualificationUserQualification E.==. qualification E.^. QualificationId 
            E.where_ $ qualificationUser E.^. QualificationUserUser E.==. E.val (entityKey user)
-                  E.&&. qualification E.^. QualificationId `E.in_` E.valList cqids
-            E.orderBy [E.asc $ qualification E.^. QualificationShorthand] -- we should sort by CourseQualificationSortOrder instead, but since we have not seen a course with multiple qualifications yet, we take a shortcut here
+                  E.&&. qualification E.^. QualificationId `E.in_` E.valList cqids                  
+            E.orderBy [E.asc $ qualification E.^. QualificationShorthand] -- we should sort by CourseQualificationSortOrder instead, but since we have not seen a course with multiple qualifications yet, we take a shortcut here 
            return (qualification, qualificationUser, qualificationBlock)
          let
            regGroups = setOf (folded . _entityVal . _tutorialRegGroup . _Just) tutorials
@ -660,7 +660,7 @@ postCUsersR tid ssh csh = do
          , pure . cap' $ colUserNameLink (CourseR tid ssh csh . CUserR)
          , guardOn showSex . cap' $ colUserSex'
          , pure . cap' $ colUserEmail
-          , pure . cap' $ colUserMatriclenr False
+          , pure . cap' $ colUserMatriclenr
          , pure . cap' $ colUserQualifications nowaday
          , guardOn hasSubmissionGroups $ cap' colUserSubmissionGroup
          , guardOn hasTutorials . cap' $ colUserTutorials tid ssh csh
@ -739,7 +739,7 @@ postCUsersR tid ssh csh = do
        redirect $ CourseR tid ssh csh CUsersR
    (CourseUserRegisterExamData{..}, selectedUsers) -> do
        Sum nrReg <- fmap mconcat . runDB . forM (Set.toList selectedUsers) $ \uid -> maybeT (return mempty) $ do
-          guardM . lift $ exists [ CourseParticipantUser ==. uid, CourseParticipantCourse ==. cid, CourseParticipantState ==. CourseParticipantActive ]
+          guardM . lift $ exists [ CourseParticipantUser ==. uid, CourseParticipantCourse ==. cid, CourseParticipantState ==. CourseParticipantActive ]          
          let (exam, mOccurrence) = registerExam
          mExamReg <- lift $ insertUnique ExamRegistration
            { examRegistrationExam       = exam
@ -763,7 +763,7 @@ postCUsersR tid ssh csh = do
        Just _  -> addMessageI Success $ MsgCourseUsersSubmissionGroupSetNew nrSet

      redirect $ CourseR tid ssh csh CUsersR
-    (CourseUserReRegisterData, selectedUsers) -> do
+    (CourseUserReRegisterData, selectedUsers) -> do      
      Sum nrSet <- runDB . flip foldMapM selectedUsers $ \uid -> maybeT (return mempty) $ do
        didUpdate <- lift $ updateWhereCount
          [ CourseParticipantUser ==. uid
--- a/src/Handler/Exam/Users.hs
+++ b/src/Handler/Exam/Users.hs
@ -484,7 +484,7 @@ postEUsersR tid ssh csh examn = do
          dbtColonnade = mconcat $ catMaybes
            [ pure $ dbSelect (_2 . applying _2) _1 $ return . view (resultExamRegistration . _entityKey)
            , pure $ colUserNameLink (CourseR tid ssh csh . CUserR)
-            , pure $ colUserMatriclenr False
+            , pure   colUserMatriclenr
            , pure $ colStudyFeatures resultStudyFeatures
            , pure $ sortable (Just "occurrence") (i18nCell MsgTableExamOccurrence) $ maybe mempty (anchorCell' (\n -> CExamR tid ssh csh examn EShowR :#: [st|exam-occurrence__#{n}|]) id . examOccurrenceName . entityVal) . view _userTableOccurrence
            , guardOn showPasses $ sortable Nothing (i18nCell MsgAchievedPasses) $ \(view $ resultUser . _entityKey -> uid) ->
--- a/src/Handler/Firm.hs
+++ b/src/Handler/Firm.hs
--- a/src/Handler/Health.hs
+++ b/src/Handler/Health.hs
@ -6,7 +6,6 @@ module Handler.Health where

 import Import

-import Data.Time.Format.ISO8601 (iso8601Show)
 import Handler.Utils.DateTime (formatTimeW)

 import qualified Data.Aeson.Encode.Pretty as Aeson
@ -20,9 +19,6 @@ import Control.Concurrent.STM.Delay

 import System.Environment (lookupEnv) -- while git version number is not working

-import qualified Database.Esqueleto.Experimental as E
-import qualified Database.Esqueleto.PostgreSQL as E  (now_)
-
 -- import Data.FileEmbed (embedStringFile)

 getHealthR :: Handler TypedContent
@ -81,12 +77,12 @@ getHealthR = do
                      #{boolSymbol (healthOk hcstatus)} #
                      $case report
                        $of HealthLDAPAdmins (Just found)
-                          #{textPercent found 1}
+                          #{textPercent found 1}  
                        $of HealthActiveJobExecutors (Just active)
                          #{textPercent active 1}
                        $of _
                      <div>
-                        ^{formatTimeW SelFormatDateTime lUp}
+                        ^{formatTimeW SelFormatDateTime lUp}                      
          |]
        provideJson healthReports
        provideRep . return . Builder.toLazyText $ Aeson.encodePrettyToTextBuilder healthReports
@ -117,44 +113,34 @@ getInstanceR = do
 getStatusR :: Handler Html
 getStatusR = do
  starttime <- getsYesod appStartTime
-  dbTime <- runDBRead $ E.selectOne $ return E.now_
-  (currtime,env_version) <- liftIO $ (,) <$> getCurrentTime <*> lookupEnv "VERSION_NR"
+  (currtime, env_version) <- liftIO $ (,) <$> getCurrentTime <*> lookupEnv "VERSION_NR"
  -- ft <- formatTime'  "%Y-%m-%d %H:%M:%S" currtime
-  let diffTime :: UTCTime -> Text
-      diffTime t =
-        let tdiff = diffUTCTime currtime t
-        in if 64 > abs tdiff
-            then tshow tdiff
-            else pack . iso8601Show . calendarTimeTime . fromIntegral $ truncate tdiff
-
-  withUrlRenderer
+  withUrlRenderer 
    [hamlet|
      $doctype 5
      <html lang=en>
-        <head>
+        <head>        
          <title>Status
        <body>
          $maybe env_ver <- env_version
            <p>
              Environment version #{env_ver}
+          <p> 
+            Current Time <br> 
+            #{show currtime} <br>     
          <p>
-            Current Application Time <br>
-            #{show currtime} <br>
-          $maybe dbtval <- dbTime
-            $with dbt <- E.unValue dbtval
-              Current Database Time <br>
-              #{show dbt} #
-              Difference: #{diffTime dbt} <br>
-          <p>
-            Instance Start <br>
+            Instance Start <br> 
            #{show starttime} #
-            Uptime: #{diffTime starttime}
+            Uptime: #{show $ ddays starttime currtime} days.
          <p>
            Compile Time <br>
            #{show cTime} #
-            Build age: #{diffTime cTime}
+            Build age: #{show $ ddays cTime currtime} days.
    |]
-  where
-    -- vnr_full :: Text = $(embedStringFile "nix/docker/version.json") -- nix/ files not accessible during container construction
+  where 
+    -- vnr_full :: Text = $(embedStringFile "nix/docker/version.json") -- nix/ files not accessible during container construction  
    cTime :: UTCTime
-    cTime = $compileTime
+    cTime = $compileTime
+
+    ddays :: UTCTime -> UTCTime -> Double
+    ddays tstart tstop = (/100) $ fromIntegral $ round $ diffUTCTime tstop tstart / (36 * 24)
--- a/src/Handler/Health/Interface.hs
+++ b/src/Handler/Health/Interface.hs
@ -1,402 +0,0 @@
-- SPDX-FileCopyrightText: 2024 Steffen Jost <s.jost@fraport.de>
--
-- SPDX-License-Identifier: AGPL-3.0-or-later
-
-
-module Handler.Health.Interface
-  (
-    getHealthInterfaceR
-  , mkInterfaceLogTable
-  , runInterfaceChecks
-  , getConfigInterfacesR, postConfigInterfacesR
-  )
- where
-
-import Import
-
-import qualified Data.Set as Set
-import qualified Data.Map as Map
-import qualified Data.Text as Text
-import Handler.Utils
-import Handler.Utils.Concurrent
-
-- import           Database.Esqueleto.Experimental ((:&)(..))
-import qualified Database.Esqueleto.Experimental as E
-import qualified Database.Esqueleto.Utils as E
-import qualified Database.Esqueleto.Legacy as EL (on)
-import qualified Database.Persist.Sql as E (deleteWhereCount)
-
-defaultInterfaceWarnHours :: Int
-defaultInterfaceWarnHours = 3 * 24      -- if no warn time can be found, use 3 days instead
-
-- | identify a wildcard argument
-wc2null :: Text -> Maybe Text
-- wc2null "." = Nothing -- does not work, since dots are eliminated in URLs
-- wc2null "-" = Nothing -- used as wildcard subtype in lpr interface
-wc2null "_" = Nothing
-wc2null "*" = Nothing
-wc2null  o  = Just o
-
-warnIntervalCell :: (IsDBTable m b, Integral a) => a -> DBCell m b
-warnIntervalCell x
-  | x >= 0      = textCell $ formatDiffHours x
-  | x <= (-100) = i18nCell MsgInterfaceWarningDisabledEntirely
-  | otherwise   = i18nCell MsgInterfaceWarningDisabledInterval
-
-- | sloppily parse a boolean, also see Model.Types.Avs.SloppyBool
-pbool :: Text -> Maybe Bool
-pbool (Text.toLower . Text.strip -> w)
-  | w `elem` ["1", "t", "true" ,"wahr", "w"] = Just True
-  | w `elem` ["0", "f", "false","falsch"]    = Just False
-  | otherwise                                = Nothing
-
-- | parse UniqueInterfaceHealth with subtype and write arguments being optional for the last interface. Wildcards '_' or '.' are also allowed in all places.
-identifyInterfaces :: [Text] -> [Unique InterfaceHealth]
-identifyInterfaces []        = []
-identifyInterfaces [i]       = [UniqueInterfaceHealth i Nothing     Nothing]
-identifyInterfaces [i,s]     = [UniqueInterfaceHealth i (wc2null s) Nothing]
-identifyInterfaces (i:s:w:r) =  UniqueInterfaceHealth i (wc2null s) (pbool w) : identifyInterfaces r
-
-type ReqBanInterfaceHealth = ([Unique InterfaceHealth],[Unique InterfaceHealth])
-
-- | Interface names prefixed with '-' are to be excluded from the query
-splitInterfaces :: [Unique InterfaceHealth] -> ReqBanInterfaceHealth
-splitInterfaces = foldl' aux mempty
-  where
-    aux (reqs,bans) uih@(UniqueInterfaceHealth i s w)
-      | Just ('-', b) <- Text.uncons i = (reqs, UniqueInterfaceHealth b s w : bans)
-      | otherwise = (uih : reqs, bans)
-
-- | check whether the first argument is equal or more specialzed (i.e. more Just) than the second
-matchesUniqueInterfaceHealth :: Unique InterfaceHealth -> Unique InterfaceHealth -> Bool
-matchesUniqueInterfaceHealth (UniqueInterfaceHealth ai as aw) (UniqueInterfaceHealth bi bs bw) = ai == bi && eqOrNothing as bs && eqOrNothing aw bw
-  where
-    eqOrNothing _ Nothing = True
-    eqOrNothing a b       = a == b
-
-
-getHealthInterfaceR :: [Text] -> Handler TypedContent
-getHealthInterfaceR (dropWhile (=="force") -> ris) = do               -- for backwards compatibility we ignore leading "force"
-  let interfs = splitInterfaces $ identifyInterfaces ris
-  (missing, allok, res, iltable) <- runInterfaceLogTable interfs
-  when missing notFound                                               -- send 404 if any requested interface was not found
-  let ihstatus = if allok then status200
-                          else internalServerError500
-      plainMsg = if allok then "Interfaces are healthy."
-                          else "Unhealthy interfaces: " <> Text.intercalate ", " [iface | (iface, False) <- res]
-  sendResponseStatus ihstatus <=< selectRep $ do                      -- most browsers send accept:text/html, thus text/plain can be default here
-    provideRep . return . RepPlain $ toContent plainMsg               -- /?_accept=text/plain
-    provideRep . siteLayoutMsg MsgMenuHealthInterface $ do            -- /?_accept=text/html
-      setTitleI MsgMenuHealthInterface
-      [whamlet|
-        <div>
-          #{plainMsg}
-        <div>
-          ^{iltable}
-      |]
-
-
-runInterfaceLogTable :: ReqBanInterfaceHealth -> Handler (Bool, Bool, [(Text,Bool)], Widget)
-runInterfaceLogTable interfs@(reqIfs,_) = do
-  (res, twgt) <- runDB $ mkInterfaceLogTable interfs
-  let missing = notNull [ifce | (UniqueInterfaceHealth ifce _subt _writ) <- reqIfs, ifce `notElem` (fst <$> res) ]
-      allok   = all snd res
-  return (missing, allok, res, twgt)
-
-- ihDebugShow :: Unique InterfaceHealth -> Text
-- ihDebugShow (UniqueInterfaceHealth i s w) = "(" <> tshow i <> "," <> tshow s <> "," <> tshow w <> ")"
-
-mkInterfaceLogTable :: ReqBanInterfaceHealth -> DB ([(Text,Bool)], Widget)
-mkInterfaceLogTable interfs@(reqIfs, banIfs) = do
-    --   $logWarnS "DEBUG" $ tshow ([ihDebugShow x | x<- reqIfs], [ihDebugShow x | x<- banIfs])
-    flagError <- liftHandler $ do
-      void $ timeoutHandler 42000001 $ runDB $ runInterfaceChecks interfs -- ensure interface checkc are up to date
-      mkErrorFlag
-    now <- liftIO getCurrentTime
-    dbTableDB ilvalidator DBTable{dbtColonnade=colonnade now flagError, ..}
-  where
-    sanitize      = text2AlphaNumPlus ['+','-','_','Ä','Ö','Ü','ß','ä','ö','ü']
-    dbtIdent      = "interface-log" :: Text
-    dbtProj       = dbtProjId
-    dbtSQLQuery (ilog `E.LeftOuterJoin` ihealth) = do
-      EL.on (       ilog E.^. InterfaceLogInterface E.=?.          ihealth E.?. InterfaceHealthInterface
-              E.&&. ilog E.^. InterfaceLogSubtype   E.=~. E.joinV (ihealth E.?. InterfaceHealthSubtype)
-              E.&&. ilog E.^. InterfaceLogWrite     E.=~. E.joinV (ihealth E.?. InterfaceHealthWrite  )
-              E.&&. E.notExists (do -- a more specific match does not exist
-                  otherh <- E.from $ E.table @InterfaceHealth
-                  E.where_ $ ilog    E.^. InterfaceLogInterface E.==.         otherh E.^. InterfaceHealthInterface
-                      E.&&.  ilog    E.^. InterfaceLogSubtype   E.=~.         otherh E.^. InterfaceHealthSubtype
-                      E.&&.  ilog    E.^. InterfaceLogWrite     E.=~.         otherh E.^. InterfaceHealthWrite
-                      E.&&.  ihealth E.?. InterfaceHealthHours  E.!=. E.just (otherh E.^. InterfaceHealthHours)
-                      E.&&.  (E.isNothing (E.joinV $ ihealth E.?. InterfaceHealthSubtype)
-                        E.||. E.isNothing (E.joinV $ ihealth E.?. InterfaceHealthWrite  ))
-                    )
-                )
-      let matchUIH crits = E.or
-           [ E.and $ catMaybes
-             [  ilog E.^. InterfaceLogInterface E.==.    E.val  (sanitize     ifce) & Just
-             , (ilog E.^. InterfaceLogSubtype   E.==.) . E.val . sanitize <$> subt
-             , (ilog E.^. InterfaceLogWrite     E.==.) . E.val            <$> writ
-             ]
-           | (UniqueInterfaceHealth ifce subt writ) <- crits
-           ]
-          matchUIHnot crits = E.and
-           [ E.or $ catMaybes
-             [  ilog E.^. InterfaceLogInterface E.!=.    E.val  (sanitize     ifce) & Just
-             , (ilog E.^. InterfaceLogSubtype   E.!=.) . E.val . sanitize <$> subt
-             , (ilog E.^. InterfaceLogWrite     E.!=.) . E.val            <$> writ
-             ]
-           | (UniqueInterfaceHealth ifce subt writ) <- crits
-           ]
-      unless (null reqIfs) $ E.where_ $ matchUIH    reqIfs
-      unless (null banIfs) $ E.where_ $ matchUIHnot banIfs
-      -- unless (null banIfs) $ E.where_ $ E.not_ $ matchUIH banIfs -- !!! DOES NOT WORK !!! Yields strange results, see #155
-      -- unless (null banIfs) $ E.where_ $ E.not_ $ E.parens $ matchUIH banIfs -- WORKS OKAY
-      -- E.where_ $ E.not_ (ilog E.^. InterfaceLogInterface E.==. E.val "LMS" E.&&.  ilog E.^. InterfaceLogSubtype E.==. E.val (sanitize "F")) -- BAD  All missing, except for "Printer" "F"
-      -- E.where_ $ E.not_ $ E.parens (ilog E.^. InterfaceLogInterface E.==. E.val "LMS" E.&&.  ilog E.^. InterfaceLogSubtype E.==. E.val (sanitize "F")) -- WORKS OKAY
-      -- E.where_ $         ilog E.^. InterfaceLogInterface E.!=. E.val "LMS" E.||.  ilog E.^. InterfaceLogSubtype E.!=. E.val (sanitize "F")  -- WORKS OKAY
-      let ihour = E.coalesceDefault [ihealth E.?. InterfaceHealthHours] (E.val defaultInterfaceWarnHours)  -- if no default time is set, use a default instead
-      return (ilog, ihour)
-
-    queryILog     :: (E.SqlExpr (Entity InterfaceLog) `E.LeftOuterJoin` E.SqlExpr (Maybe (Entity InterfaceHealth))) -> E.SqlExpr (Entity InterfaceLog)
-    queryILog     = $(E.sqlLOJproj 2 1)
-    queryHealth   :: (E.SqlExpr (Entity InterfaceLog) `E.LeftOuterJoin` E.SqlExpr (Maybe (Entity InterfaceHealth))) -> E.SqlExpr (Maybe (Entity InterfaceHealth))
-    queryHealth   = $(E.sqlLOJproj 2 2)
-    resultILog    :: Lens' (DBRow (Entity InterfaceLog, E.Value Int)) InterfaceLog
-    resultILog    = _dbrOutput . _1 . _entityVal
-    resultHours   :: Lens' (DBRow (Entity InterfaceLog, E.Value Int)) Int
-    resultHours   = _dbrOutput . _2 . E._unValue
-
-    dbtRowKey     = queryILog >>> (E.^.InterfaceLogId)
-    colonnade now flagError = mconcat
-        [ sortable Nothing (i18nCell MsgInterfaceStatus) $ \row -> -- do
-            let hours   = row ^. resultHours
-                -- defmsg  = row ^? resultErrMsg
-                logtime = row ^. resultILog . _interfaceLogTime
-                success = row ^. resultILog . _interfaceLogSuccess
-                iface   = row ^. resultILog . _interfaceLogInterface
-                status  = (success || hours <= -100) && (hours < 0 || now <= addHours hours logtime)
-            in tellCell [(iface,status)] $ wgtCell $ flagError $ toMaybe (success || not status) status
-        , sortable (Just "interface") (i18nCell MsgInterfaceName      ) $ \(view (resultILog . _interfaceLogInterface) -> n) -> textCell n
-        , sortable (Just "subtype")   (i18nCell MsgInterfaceSubtype   ) $ textCell . view (resultILog . _interfaceLogSubtype)
-        , sortable (Just "write")     (i18nCell MsgInterfaceWrite     ) $ (`ifIconCell` IconEdit) . view (resultILog . _interfaceLogWrite)
-        , sortable (Just "time")      (i18nCell MsgInterfaceLastSynch ) $ dateTimeCell . view (resultILog . _interfaceLogTime)
-        , sortable (Just "hours")     (i18nCell MsgInterfaceFreshness & cellTooltips [SomeMessage MsgInterfaceFreshnessTooltip, SomeMessage MsgTableDiffDaysTooltip]
-                                                                      ) $ warnIntervalCell . view resultHours
-        , sortable (Just "rows")      (i18nCell MsgTableRows          ) $ cellMaybe numCell . view (resultILog . _interfaceLogRows)
-        , sortable (Just "success")   (i18nCell MsgInterfaceSuccess   ) $ \(view (resultILog . _interfaceLogSuccess) -> s) -> iconBoolCell s
-        , sortable Nothing            (i18nCell MsgInterfaceInfo      ) $ \(view resultILog -> ilt) -> case ilt of
-            InterfaceLog "AVS" "Synch" True _ _ i _ -> anchorCell ProblemAvsErrorR  $ toWgt $ bool i "AVS-Log" $ null i
-            InterfaceLog "LPR" _       _    _ _ i _ -> anchorCell PrintLogR         $ toWgt $ bool i "LPR-Log" $ null i
-            InterfaceLog _     _       _    _ _ i _ -> textCell i
-        ]
-
-    dbtSorting    = mconcat
-        [ singletonMap "interface" $ SortColumn $ queryILog >>> (E.^. InterfaceLogInterface)
-        , singletonMap "subtype"   $ SortColumn $ queryILog >>> (E.^. InterfaceLogSubtype)
-        , singletonMap "write"     $ SortColumn $ queryILog >>> (E.^. InterfaceLogWrite)
-        , singletonMap "time"      $ SortColumn $ queryILog >>> (E.^. InterfaceLogTime)
-        , singletonMap "rows"      $ SortColumn $ queryILog >>> (E.^. InterfaceLogRows)
-        , singletonMap "success"   $ SortColumn $ queryILog >>> (E.^. InterfaceLogSuccess)
-        , singletonMap "hours"     $ SortColumn $ \r -> E.coalesceDefault [queryHealth r E.?. InterfaceHealthHours] (E.val defaultInterfaceWarnHours)
-        ]
-    ilvalidator   = def & defaultSorting [SortAscBy "interface", SortAscBy "subtype", SortAscBy "write"]
-    dbtFilter     = mempty
-    dbtFilterUI   = mempty
-    dbtStyle      = def
-    dbtParams     = def
-    dbtCsvEncode  = noCsvEncode
-    dbtCsvDecode  = Nothing
-    dbtExtraReps  = []
-
-
-- | runs additional checks and logs results within InterfaceLogTable; assumed to executable within a handler call
-runInterfaceChecks :: ReqBanInterfaceHealth -> DB ()
-runInterfaceChecks interfs = do
-  avsInterfaceCheck interfs
-  lprAckCheck interfs
-
-maybeRunCheck :: ReqBanInterfaceHealth -> Unique InterfaceHealth -> (UTCTime -> DB ()) -> DB ()
-maybeRunCheck (reqIfs,banIfs) uih act
-  | null reqIfs ||      any (matchesUniqueInterfaceHealth uih) reqIfs
-  , null banIfs || not (any (matchesUniqueInterfaceHealth uih) banIfs) = do
-      mih <- getBy uih
-      whenIsJust mih $ \eih -> do
-        now <- liftIO getCurrentTime
-        act $ addHours (negate $ interfaceHealthHours $ entityVal eih) now
-  | otherwise = return ()
-
-
-lprAckCheck :: ReqBanInterfaceHealth -> DB ()
-lprAckCheck interfs = maybeRunCheck interfs (UniqueInterfaceHealth "Printer" (Just "Acknowledge") (Just True)) $ \cutOffOldTime -> do
-    unproc <- selectList [PrintAcknowledgeTimestamp <. cutOffOldTime, PrintAcknowledgeProcessed ==. False] []
-    if notNull unproc
-      then mkLog False (Just $ length unproc) "Long unprocessed APC-Idents exist"
-      else do
-        oks <- E.deleteWhereCount [PrintAcknowledgeTimestamp <. cutOffOldTime, PrintAcknowledgeProcessed ==. True]
-        if oks > 0
-          then mkLog True (Just $ fromIntegral oks) "Long processed APC-Idents removed"
-          else mkLog True Nothing mempty
-  where
-    mkLog = logInterface' "Printer" "Acknowledge" True
-
-
-avsInterfaceCheck :: ReqBanInterfaceHealth -> DB ()
-avsInterfaceCheck interfs = maybeRunCheck interfs (UniqueInterfaceHealth "AVS" (Just "Synch") (Just True)) $ \cutOffOldTime -> do
-  avsSynchStats <- E.select $ do
-    uavs <- E.from $ E.table @UserAvs
-    E.where_ $ uavs E.^. UserAvsLastSynch E.>. E.val cutOffOldTime
-    let isOk = E.isNothing (uavs E.^. UserAvsLastSynchError)
-    E.groupBy isOk
-    E.orderBy [E.descNullsLast isOk]
-    return (isOk, E.countRows, E.max_ $ uavs E.^. UserAvsLastSynch)
-  let
-    mkBadInfo badRows (fromMaybe cutOffOldTime -> badTime) | badRows > 0 = do
-      fmtCut <- formatTime SelFormatDate cutOffOldTime
-      fmtBad <- formatTime SelFormatDateTime badTime
-      return $ tshow badRows <> " Fehler seit " <> fmtCut <> ", zuletzt um " <> fmtBad
-    mkBadInfo _ _ = return mempty
-    writeAvsSynchStats okRows badInfo =
-      logInterface' "AVS" "Synch" True (null badInfo) okRows badInfo
-  --case $(unValueN 3) <$> avsSynchStats of
-  case avsSynchStats of
-    ((E.Value True , E.Value okRows, E.Value _okTime):(E.Value False, E.Value badRows, E.Value badTime):_) ->
-      writeAvsSynchStats (Just okRows) =<< mkBadInfo badRows badTime
-    ((E.Value True , E.Value okRows, E.Value _okTime):_)    ->
-      writeAvsSynchStats (Just okRows) mempty
-    ((E.Value False, E.Value badRows, E.Value badTime):_) ->
-      -- lastOk <- userAvsLastSynch . entityVal <<$>> selectFirst [UserAvsLastSynchError ==. Nothing] [Desc UserAvsLastSynch]
-      writeAvsSynchStats Nothing =<< mkBadInfo badRows badTime
-    _ -> return ()
-
-
-
-data IWTableAction
-    = IWTActAdd
-    | IWTActDelete
-  deriving (Eq, Ord, Enum, Bounded, Read, Show, Generic)
-
-instance Universe IWTableAction
-instance Finite   IWTableAction
-nullaryPathPiece ''IWTableAction $ camelToPathPiece' 2
-embedRenderMessage ''UniWorX ''IWTableAction id
-
-data IWTableActionData
-    = IWTActAddData
-        { iwtActInterface :: Text
-        , iwtActSubtype   :: Maybe Text
-        , iwtActWrite     :: Maybe Bool
-        , iwtActHours     :: Int
-        }
-    | IWTActDeleteData
-  deriving (Eq, Ord, Read, Show, Generic)
-
-type IWTableExpr = E.SqlExpr (Entity InterfaceHealth)
-
-queryInterfaceHealth :: IWTableExpr -> E.SqlExpr (Entity InterfaceHealth)
-queryInterfaceHealth = id
-
-type IWTableData = DBRow (Entity InterfaceHealth)
-
-resultInterfaceHealth :: Lens' IWTableData (Entity InterfaceHealth)
-resultInterfaceHealth = _dbrOutput
-
-wildcardCell :: IsDBTable m b => (a -> DBCell m b) -> Maybe a -> DBCell m b
-wildcardCell _ Nothing  = iconFixedCell $ icon IconWildcard
-wildcardCell c (Just x) = c x
-
-mkInterfaceWarnTable :: DB (FormResult (IWTableActionData, Set InterfaceHealthId), Widget)
-mkInterfaceWarnTable = do
-  let
-    mkOption :: E.Value Text -> Option Text
-    mkOption (E.unValue -> t) = Option{ optionDisplay = t, optionInternalValue = t, optionExternalValue = toPathPiece t }
-    getSuggestion pj = E.select $ E.distinct $ do
-      il <- E.from $ E.table @InterfaceLog
-      let res = il E.^. pj
-      E.orderBy [E.asc res]
-      pure res
-    suggestionInterface :: HandlerFor UniWorX (OptionList Text)
-    suggestionInterface = mkOptionList . fmap mkOption <$> runDB (getSuggestion InterfaceLogInterface)
-    suggestionSubtype   :: HandlerFor UniWorX (OptionList Text)
-    suggestionSubtype   = mkOptionList . fmap mkOption <$> runDB (getSuggestion InterfaceLogSubtype)
-    dbtIdent = "interface-warnings" :: Text
-    dbtSQLQuery :: IWTableExpr -> E.SqlQuery IWTableExpr
-    dbtSQLQuery = return
-    dbtRowKey = queryInterfaceHealth >>> (E.^. InterfaceHealthId)
-    dbtProj = dbtProjId
-    dbtColonnade = formColonnade $ mconcat
-      [ dbSelect (applying _2) id (return . view (resultInterfaceHealth . _entityKey))
-      , sortable (Just "interface") (i18nCell MsgInterfaceName      ) $ \(view (resultInterfaceHealth . _entityVal . _interfaceHealthInterface) -> n) -> textCell n
-      , sortable (Just "subtype")   (i18nCell MsgInterfaceSubtype   ) $ wildcardCell textCell . view (resultInterfaceHealth . _entityVal . _interfaceHealthSubtype )
-      , sortable (Just "write")     (i18nCell MsgInterfaceWrite     ) $ wildcardCell (iconFixedCell . iconWriteReadOnly) . view (resultInterfaceHealth . _entityVal . _interfaceHealthWrite   )
-      -- , sortable (Just "hours")     (i18nCell MsgInterfaceFreshness ) $ numCell                               . view (resultInterfaceHealth . _entityVal . _interfaceHealthHours   )
-      , sortable (Just "hours")     (i18nCell MsgInterfaceFreshness
-                              & cellTooltip MsgTableDiffDaysTooltip ) $ warnIntervalCell . view (resultInterfaceHealth . _entityVal . _interfaceHealthHours   )
-      ]
-    dbtSorting = mconcat
-      [ singletonMap "interface" $ SortColumn $ queryInterfaceHealth >>> (E.^. InterfaceHealthInterface)
-      , singletonMap "subtype"   $ SortColumn $ queryInterfaceHealth >>> (E.^. InterfaceHealthSubtype)
-      , singletonMap "write"     $ SortColumn $ queryInterfaceHealth >>> (E.^. InterfaceHealthWrite)
-      , singletonMap "hours"     $ SortColumn $ queryInterfaceHealth >>> (E.^. InterfaceHealthHours)
-      ]
-    dbtFilter     = mempty
-    dbtFilterUI   = mempty
-    dbtStyle      = def { dbsFilterLayout = defaultDBSFilterLayout }
-    dbtParams     = DBParamsForm
-      { dbParamsFormMethod = POST
-      , dbParamsFormAction = Nothing -- Just $ SomeRoute currentRoute
-      , dbParamsFormAttrs  = []
-      , dbParamsFormSubmit = FormSubmit
-      , dbParamsFormAdditional
-          = let acts :: Map IWTableAction (AForm Handler IWTableActionData)
-                acts = mconcat
-                  [ singletonMap IWTActAdd    $      IWTActAddData
-                      <$> apreq (textField & cfStrip & addDatalist suggestionInterface) (fslI MsgInterfaceName)       Nothing
-                      <*> aopt  (textField & cfStrip & addDatalist suggestionSubtype)   (fslI MsgInterfaceSubtype)    Nothing
-                      <*> aopt   boolField'                                             (fslI MsgInterfaceWrite)      Nothing
-                      <*> apreq  intField                                               (fslI MsgInterfaceFreshness & setTooltip MsgHours)  Nothing
-                  , singletonMap IWTActDelete $ pure IWTActDeleteData
-                  ]
-             in renderAForm FormStandard
-               $  (, mempty) . First . Just
-              <$> multiActionA acts (fslI MsgTableAction) Nothing
-      , dbParamsFormEvaluate = liftHandler . runFormPost
-      , dbParamsFormResult   = id
-      , dbParamsFormIdent    = def
-      }
-    dbtCsvEncode  = noCsvEncode
-    dbtCsvDecode  = Nothing
-    dbtExtraReps  = []
-    postprocess :: FormResult (First IWTableActionData, DBFormResult InterfaceHealthId Bool IWTableData)
-                -> FormResult (      IWTableActionData,          Set InterfaceHealthId)
-    postprocess inp = do
-        (First (Just act), jobMap) <- inp
-        let jobSet = Map.keysSet . Map.filter id $ getDBFormResult (const False) jobMap
-        return (act, jobSet)
-    psValidator   = def & defaultSorting [SortAscBy "interface", SortAscBy "subtype", SortAscBy "write"]
-  over _1 postprocess <$> dbTable psValidator DBTable{..}
-
-getConfigInterfacesR,  postConfigInterfacesR :: Handler Html
-getConfigInterfacesR = postConfigInterfacesR
-postConfigInterfacesR = do
-  ((interfaceOks, interfaceTable), (warnRes, configTable)) <- runDB $ (,)
-    <$> mkInterfaceLogTable mempty
-    <*> mkInterfaceWarnTable
-  let interfacesBadNr = length $ filter (not . snd) interfaceOks
-  formResult warnRes $ \case
-    (IWTActAddData{..}, _) -> do
-      void $ runDB $ upsertBy
-        (UniqueInterfaceHealth iwtActInterface iwtActSubtype iwtActWrite)
-        (      InterfaceHealth iwtActInterface iwtActSubtype iwtActWrite iwtActHours)
-        [InterfaceHealthHours =. iwtActHours]
-      addMessageI Success MsgInterfaceWarningAdded
-      reloadKeepGetParams ConfigInterfacesR
-    (IWTActDeleteData, ihids) -> do
-      runDB $ mapM_ delete ihids
-      addMessageI Success $ MsgInterfaceWarningDeleted $ Set.size ihids
-      reloadKeepGetParams ConfigInterfacesR
-
-  siteLayoutMsg MsgConfigInterfacesHeading $ do
-    setTitleI MsgConfigInterfacesHeading
-    let defWarnTime = formatDiffHours defaultInterfaceWarnHours
-    $(i18nWidgetFile "config-interfaces")
--- a/src/Handler/Info.hs
+++ b/src/Handler/Info.hs
@ -1,4 +1,4 @@
-- SPDX-FileCopyrightText: 2022-2024 Felix Hamann <felix.hamann@campus.lmu.de>, Gregor Kleen <gregor@kleen.consulting>, Sarah Vaupel <sarah.vaupel@ifi.lmu.de>, Steffen Jost <jost@tcs.ifi.lmu.de>, Winnie Ros <winnie.ros@campus.lmu.de>, Steffen Jost <s.jost@fraport.de>
+-- SPDX-FileCopyrightText: 2022-2023 Felix Hamann <felix.hamann@campus.lmu.de>, Gregor Kleen <gregor@kleen.consulting>, Sarah Vaupel <sarah.vaupel@ifi.lmu.de>, Steffen Jost <jost@tcs.ifi.lmu.de>, Winnie Ros <winnie.ros@campus.lmu.de>
 --
 -- SPDX-License-Identifier: AGPL-3.0-or-later

@ -13,12 +13,12 @@ import Data.Map ((!))
 import qualified Data.CaseInsensitive as CI
 import qualified Data.Set as Set

-- import qualified Database.Esqueleto.Legacy as E
-- import qualified Database.Esqueleto.Utils as E
+import qualified Database.Esqueleto.Legacy as E
+import qualified Database.Esqueleto.Utils as E

 import Development.GitRev

-- import Auth.LDAP (ADError(..), ADInvalidCredentials(..), CampusMessage(..))
+import Auth.LDAP (ADError(..), ADInvalidCredentials(..), CampusMessage(..))

 import Yesod.Auth.Message(AuthMessage(..)) 

@ -175,7 +175,6 @@ showFAQ :: ( MonadAP m
           , MonadThrow m
           )
        => Route UniWorX -> FAQItem -> m Bool
-showFAQ _ FAQLoginExpired = return True
 showFAQ _ FAQNoCampusAccount = is _Nothing <$> maybeAuthId
 showFAQ (AuthR _) FAQCampusCantLogin = return True
 showFAQ _ FAQCampusCantLogin = is _Nothing <$> maybeAuthId
@ -184,20 +183,38 @@ showFAQ _ FAQForgottenPassword = is _Nothing <$> maybeAuthId
 showFAQ _ FAQNotLecturerHowToCreateCourses
  = and2M (is _Just <$> maybeAuthId)
          (not <$> hasWriteAccessTo CourseNewR)
-- showFAQ (CourseR tid ssh csh _) FAQCourseCorrectorsTutors
--   = and2M (is _Just <$> maybeAuthId)
--           (or2M (hasWriteAccessTo $ CourseR tid ssh csh SheetNewR)
--                 (hasWriteAccessTo $ CourseR tid ssh csh CTutorialNewR)
--           )
-- showFAQ _ _ = return False
+showFAQ (CourseR tid ssh csh _) FAQCourseCorrectorsTutors
+  = and2M (is _Just <$> maybeAuthId)
+          (or2M (hasWriteAccessTo $ CourseR tid ssh csh SheetNewR)
+                (hasWriteAccessTo $ CourseR tid ssh csh CTutorialNewR)
+          )
+showFAQ (CExamR tid ssh csh examn _) FAQExamPoints
+  = and2M (hasWriteAccessTo $ CExamR tid ssh csh examn EEditR)
+          noExamParts
+  where
+    noExamParts = liftHandler . runDB . E.selectNotExists . E.from $ \(examPart `E.InnerJoin` exam `E.InnerJoin` course) -> do
+      E.on $ course E.^. CourseId E.==. exam E.^. ExamCourse
+      E.on $ exam E.^. ExamId E.==. examPart E.^. ExamPartExam
+      E.where_ $ course E.^. CourseTerm E.==. E.val tid
+           E.&&. course E.^. CourseSchool E.==. E.val ssh
+           E.&&. course E.^. CourseShorthand E.==. E.val csh
+           E.&&. exam E.^. ExamName E.==. E.val examn
+showFAQ _ FAQInvalidCredentialsAdAccountDisabled = maybeT (return False) $ do
+  guardM $ is _Nothing <$> maybeAuthId
+  sessionError <- MaybeT $ lookupSessionJson SessionError
+  guard $ sessionError == PermissionDenied (toPathPiece $ ADInvalidCredentials ADAccountDisabled)
+  return True
+showFAQ _ _ = return False

 prioFAQ :: Monad m
        => Route UniWorX -> FAQItem -> m Rational
-prioFAQ _ FAQLoginExpired = return 2
 prioFAQ _ FAQNoCampusAccount = return 1
 prioFAQ _ FAQCampusCantLogin = return 1
 prioFAQ _ FAQForgottenPassword = return 1
 prioFAQ _ FAQNotLecturerHowToCreateCourses = return 1
+prioFAQ _ FAQCourseCorrectorsTutors = return 1
+prioFAQ _ FAQExamPoints = return 2
+prioFAQ _ FAQInvalidCredentialsAdAccountDisabled = return 3  


 getInfoLecturerR :: Handler Html
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
David Mosbach	b13c1c47ce	Revert "style(frontend): replaced Font Awesome icons" This reverts commit `541e7ada43`.	2024-05-06 03:55:31 +00:00
David Mosbach	784dcffbc6	Revert "chore(icons): adjusted icon sizes" This reverts commit `b52da06129`.	2024-05-06 03:54:31 +00:00
David Mosbach	b52da06129	chore(icons): adjusted icon sizes	2024-04-29 14:30:48 +00:00
David Mosbach	541e7ada43	style(frontend): replaced Font Awesome icons	2024-04-29 02:49:19 +00:00
David Mosbach	22781e1565	feat(frontend): load icons from svg files	2024-04-25 23:01:35 +00:00
David Mosbach	ad71e165c6	chore(frontend): ttf to woff conversion	2024-04-18 04:17:28 +00:00
Sarah Vaupel	9409cfeb81	chore: reuse lint	2023-12-06 13:06:20 +00:00
Sarah Vaupel	2b5682e3f3	chore: reuse lint	2023-12-06 13:04:47 +00:00
Sarah Vaupel	08b05849b0	style(frontend): prefer Arial over Liberation	2023-11-29 01:01:23 +00:00
Sarah Vaupel	6debee64a0	style(frontend): use local FRADrive Sans in application	2023-11-29 00:45:38 +00:00
Sarah Vaupel	2aa6d5e249	chore(assets): add FRADrive Sans and Mono fonts (derived from Liberation Sans and Mono)	2023-11-29 00:43:50 +00:00
Sarah Vaupel	a1592d5871	chore(frontend): remove old/deprecated typeface dependencies	2023-11-28 22:11:27 +00:00
Sarah Vaupel	16933d53ce	chore(nix): setup system-wide fonts dir inside docker image	2023-10-25 04:12:46 +00:00
Sarah Vaupel	a55518b822	chore(gitlab-ci): remove font ci variables from pipeline definitions	2023-10-25 03:18:22 +00:00
Sarah Vaupel	6545ccb21c	chore(gitignore): undo font dir ignore	2023-10-25 03:17:10 +00:00
Sarah Vaupel	d0d92998d7	Merge branch 'master' into fradrive/fraport-corporate-design	2023-10-25 02:56:47 +00:00
Sarah Vaupel	14e20a33d5	chore(gitlab-ci): install and decode font ttfs	2023-10-24 21:37:58 +00:00
Sarah Vaupel	8bad468b04	chore(node-deps): add ttf2woff as dev dep	2023-10-24 20:34:45 +00:00
Sarah Vaupel	dc8c9f662c	chore(nix): remove debris	2023-10-24 20:34:13 +00:00
Sarah Vaupel	36c822c747	style(frontend): switch to fraport fonts for app	2023-10-24 20:33:48 +00:00
Sarah Vaupel	654b7eb0cb	chore(gitignore): do not publish font files (for now)	2023-10-24 20:32:01 +00:00