remove normannen + move to new server

remove ister :-(
Merge pull request 'rebase to rowt' (#12 ) from upd into main
2025-07-18 17:53:54 +02:00 · 2025-04-28 22:41:54 +02:00 · 2025-04-28 22:41:32 +02:00 · 2025-04-28 22:40:48 +02:00 · 2025-04-28 22:39:45 +02:00 · 2025-04-28 22:37:31 +02:00
31 changed files with 1522 additions and 816 deletions
--- a/.gitea/workflows/action.yml
+++ b/.gitea/workflows/action.yml
@@ -63,73 +63,14 @@ jobs:
          echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
          chmod 600 ~/.ssh/id_rsa

-          scp -C target/$CARGO_TARGET/release/rot $SSH_USER@$SSH_HOST:/home/wolfgangsee/rot-updating
-          scp -C -r static $SSH_USER@$SSH_HOST:/home/wolfgangsee/
-          scp -C -r templates $SSH_USER@$SSH_HOST:/home/wolfgangsee/
-          scp -C -r svelte $SSH_USER@$SSH_HOST:/home/wolfgangsee/
-          ssh $SSH_USER@$SSH_HOST 'mkdir -p /home/wolfgangsee/svelte/build'
-          ssh $SSH_USER@$SSH_HOST 'sudo systemctl stop wolfgangsee'
-          ssh $SSH_USER@$SSH_HOST 'mv  /home/wolfgangsee/rot-updating /home/wolfgangsee/rot'
-          ssh $SSH_USER@$SSH_HOST 'sudo systemctl start wolfgangsee'
-        env:
-          SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
-          SSH_HOST: ${{ secrets.SSH_HOST }}
-          SSH_USER: ${{ secrets.SSH_USER }}
-      - name: Deploy Normannen
-        run: |
-          mkdir -p ~/.ssh
-          ssh-keyscan -H $SSH_HOST >> ~/.ssh/known_hosts
-          echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
-          chmod 600 ~/.ssh/id_rsa
-
-          scp -C target/$CARGO_TARGET/release/rot $SSH_USER@$SSH_HOST:/home/normannen/rot-updating
-          scp -C -r static $SSH_USER@$SSH_HOST:/home/normannen/
-          scp -C -r templates $SSH_USER@$SSH_HOST:/home/normannen/
-          scp -C -r svelte $SSH_USER@$SSH_HOST:/home/normannen/
-          ssh $SSH_USER@$SSH_HOST 'mkdir -p /home/normannen/svelte/build'
-          ssh $SSH_USER@$SSH_HOST 'sudo systemctl stop normannen'
-          ssh $SSH_USER@$SSH_HOST 'mv  /home/normannen/rot-updating /home/normannen/rot'
-          ssh $SSH_USER@$SSH_HOST 'sudo systemctl start normannen'
-        env:
-          SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
-          SSH_HOST: ${{ secrets.SSH_HOST }}
-          SSH_USER: ${{ secrets.SSH_USER }}
-
-      - name: Deploy Ister
-        run: |
-          mkdir -p ~/.ssh
-          ssh-keyscan -H $SSH_HOST >> ~/.ssh/known_hosts
-          echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
-          chmod 600 ~/.ssh/id_rsa
-
-          scp -C target/$CARGO_TARGET/release/rot $SSH_USER@$SSH_HOST:/home/ister/rot-updating
-          scp -C -r static $SSH_USER@$SSH_HOST:/home/ister/
-          scp -C -r templates $SSH_USER@$SSH_HOST:/home/ister/
-          scp -C -r svelte $SSH_USER@$SSH_HOST:/home/ister/
-          ssh $SSH_USER@$SSH_HOST 'mkdir -p /home/ister/svelte/build'
-          ssh $SSH_USER@$SSH_HOST 'sudo systemctl stop ister'
-          ssh $SSH_USER@$SSH_HOST 'mv  /home/ister/rot-updating /home/ister/rot'
-          ssh $SSH_USER@$SSH_HOST 'sudo systemctl start ister'
-        env:
-          SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
-          SSH_HOST: ${{ secrets.SSH_HOST }}
-          SSH_USER: ${{ secrets.SSH_USER }}
-
-      - name: Deploy Kufstein 
-        run: |
-          mkdir -p ~/.ssh
-          ssh-keyscan -H $SSH_HOST >> ~/.ssh/known_hosts
-          echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
-          chmod 600 ~/.ssh/id_rsa
-
-          scp -C target/$CARGO_TARGET/release/rot $SSH_USER@$SSH_HOST:/home/kufstein/rot-updating
-          scp -C -r static $SSH_USER@$SSH_HOST:/home/kufstein/
-          scp -C -r templates $SSH_USER@$SSH_HOST:/home/kufstein/
-          scp -C -r svelte $SSH_USER@$SSH_HOST:/home/kufstein/
-          ssh $SSH_USER@$SSH_HOST 'mkdir -p /home/kufstein/svelte/build'
-          ssh $SSH_USER@$SSH_HOST 'sudo systemctl stop kufstein'
-          ssh $SSH_USER@$SSH_HOST 'mv  /home/kufstein/rot-updating /home/kufstein/rot'
-          ssh $SSH_USER@$SSH_HOST 'sudo systemctl start kufstein'
+          scp -C target/$CARGO_TARGET/release/rot $SSH_USER@$SSH_HOST:/root/rowing-wolfgangsee/rot-updating
+          scp -C -r static $SSH_USER@$SSH_HOST:/root/rowing-wolfgangsee/
+          scp -C -r templates $SSH_USER@$SSH_HOST:/root/rowing-wolfgangsee/
+          scp -C -r svelte $SSH_USER@$SSH_HOST:/root/rowing-wolfgangsee/
+          ssh $SSH_USER@$SSH_HOST 'mkdir -p /root/rowing-wolfgangsee/svelte/build'
+          ssh $SSH_USER@$SSH_HOST 'sudo systemctl stop rowing-wolfgangsee'
+          ssh $SSH_USER@$SSH_HOST 'mv  /root/rowing-wolfgangsee/rot-updating /root/rowing-wolfgangsee/rot'
+          ssh $SSH_USER@$SSH_HOST 'sudo systemctl start rowing-wolfgangsee'
        env:
          SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
          SSH_HOST: ${{ secrets.SSH_HOST }}
--- a/Cargo.lock
+++ b/Cargo.lock
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,7 +1,7 @@
 [package]
 name = "rot"
 version = "0.1.0"
-edition = "2021"
+edition = "2024"

 [features]
 default = ["rest", "rowing-tera" ]
@@ -13,20 +13,20 @@ rocket = { version = "0.5.0", features = ["secrets"]}
 rocket_dyn_templates = {version = "0.2", features = [ "tera" ], optional = true }
 log = "0.4"
 env_logger = "0.11"
-sqlx = { version = "0.7", features = ["sqlite", "runtime-tokio-rustls", "macros", "chrono", "time"] }
+sqlx = { version = "0.8", features = ["sqlite", "runtime-tokio-rustls", "macros", "chrono"] }
 argon2 = "0.5"
 serde = { version = "1.0", features = [ "derive" ]}
 serde_json = "1.0"
 chrono =  { version = "0.4", features = ["serde"]}
-chrono-tz = "0.9"
+chrono-tz = "0.10"
 tera =  { version = "1.18", features = ["date-locale"], optional = true}
 ics = "0.5"
 futures = "0.3"
 lettre = "0.11"
 csv = "1.3"
-itertools = "0.13"
+itertools = "0.14"
 job_scheduler_ng = "2.0"
-ureq = { version = "2.9", features = ["json"] }
+ureq = { version = "3.0", features = ["json"] }
 regex = "1.10"
 urlencoding = "2.1"

--- a/Rocket.toml
+++ b/Rocket.toml
@@ -2,7 +2,7 @@
 secret_key = "/NtVGizglEoyoxBLzsRDWTy4oAG1qDw4J4O+CWJSv+fypD7W9sam8hUY4j90EZsbZk8wEradS5zBoWtWKi3k8w=="
 rss_key = "rss-key-for-ci"
 limits = { file = "10 MiB", data-form = "10 MiB"}
-smtp_pw = "8kIjlLH79Ky6D3j"
+smtp_pw = "my-smtp-password"
 usage_log_path = "./usage.txt"
-openweathermap_key = "c8dab8f91b5b815d76e9879cbaecd8d5"
+openweathermap_key = "openweather-key"
 wordpress_key = "pw-to-allow-sending-notifications"
--- a/doc/nextcloud-notes.md
+++ b/doc/nextcloud-notes.md
@@ -0,0 +1,94 @@
+# Nextcloud integration
+
+- Based on [this plugin](https://github.com/nextcloud/user_external)
+- Install that plugin via web
+- Connect to server, enter nextcloud-docker-image: `docker exec -it nextcloud-aio-nextcloud bash`
+- Adapt `/var/www/html/custom_apps/user_external/lib/BasicAuth.php` to switch from BasicAuth to RowtAuth:
+```php
+<?php
+/**
+ * Copyright (c) 2019 Lutz Freitag <lutz.freitag@gottliebtfreitag.de>
+ * This file is licensed under the Affero General Public License version 3 or
+ * later.
+ * See the COPYING-README file.
+ */
+
+namespace OCA\UserExternal;
+
+class BasicAuth extends Base {
+    private $authUrl;
+
+    public function __construct($authUrl) {
+        parent::__construct($authUrl);
+        $this->authUrl = $authUrl;
+    }
+
+    /**
+     * Check if the password is correct without logging in the user
+     *
+     * @param string $uid      The username
+     * @param string $password The password
+     *
+     * @return true/false
+     */
+    public function checkPassword($uid, $password) {
+        // Prepare POST data with credentials
+        $postData = http_build_query([
+            'name' => $uid,
+            'password' => $password
+        ]);
+
+        // Create context with POST method
+        $context = stream_context_create([
+            'http' => [
+                'method' => 'POST',
+                'header' => 'Content-Type: application/x-www-form-urlencoded',
+                'content' => $postData,
+                'follow_location' => 0
+            ]
+        ]);
+
+        // Get the content of the response
+        $content = @file_get_contents($this->authUrl, false, $context);
+
+        if ($content === false) {
+            \OC::$server->getLogger()->error(
+                'ERROR: Failed to get content from Auth Url: '.$this->authUrl,
+                ['app' => 'user_external']
+            );
+            return false;
+        }
+
+        // Check if the content is "SUCC"
+        if (trim($content) === "SUCC") {
+            $this->storeUser($uid);
+            return $uid;
+        }
+
+        return false;
+    }
+}
+```
+- In `/var/www/html/config/config.php` add this:
+```
+ 'user_backends' => 
+  array (
+    0 => 
+    array (
+      'class' => '\\OCA\\UserExternal\\BasicAuth',
+      'arguments' => 
+      array (
+        0 => 'https://app.rudernlinz.at/nxauth',
+      ),
+    ),
+  ),
+```
+- In `/var/www/html/config/config.php` add this `'skeletondirectory' => '',` to disable default folders for new users
+- To automatically add users to a group (e.g. `vorstand`), use the `Auto Groups` plugin
+- Shared folders are not shared with new members due to [this bug](https://github.com/nextcloud/server/issues/25062#issuecomment-766445043)
+	- Find DB config: `docker exec nextcloud-aio-database env | grep POSTGRES`
+	- Workaround: Connect to docker-db: `docker exec -it nextcloud-aio-database bash`
+	- Connect to db: `psql -U nextcloud -d nextcloud_database`
+	- (with `\l` you see all dbs)
+	- Connect to nextcloud db: `\c nextcloud_database`
+	- Do query from issue: `UPDATE oc_share SET accepted = 1 WHERE share_type = 1;`
--- a/frontend/main.ts
+++ b/frontend/main.ts
@@ -23,6 +23,7 @@ document.addEventListener("DOMContentLoaded", function () {
  addRelationMagic(<HTMLElement>document.querySelector("body"));
  reloadPage();
  setCurrentdate(<HTMLInputElement>document.querySelector("#departure"));
+  initDropdown();
 });

 function changeTheme() {
@@ -795,3 +796,21 @@ function replaceStrings() {
    weekday.innerHTML = weekday.innerHTML.replace("Freitag", "Markttag");
  });
 }
+
+function initDropdown() {
+  const popoverTriggerList = document.querySelectorAll('[data-dropdown]');    
+
+  popoverTriggerList.forEach((popoverTriggerEl: Element) => {
+    const id = popoverTriggerEl.getAttribute('data-dropdown');
+    
+    if (id) {
+      const element = document.getElementById(id);
+      if (element) {
+        // Toggle visibility of the dropdown when clicked
+        popoverTriggerEl.addEventListener('click', () => {
+          element.classList.toggle('hidden');
+        });
+      }
+    }
+  });
+}
--- a/frontend/tests/cox.spec.ts
+++ b/frontend/tests/cox.spec.ts
@@ -120,18 +120,69 @@ test.describe("cox can edit trips", () => {
  });

  test("call off trip", async () => {
+    // Someone registers...
+    await sharedPage.goto("/auth/logout");
+    await sharedPage.goto("/auth");
+    await sharedPage.getByPlaceholder("Name").click();
+    await sharedPage.getByPlaceholder("Name").fill("rower");
+    await sharedPage.getByPlaceholder("Name").press("Tab");
+    await sharedPage.getByPlaceholder("Passwort").fill("rower");
+    await sharedPage.getByPlaceholder("Passwort").press("Enter");
+
    await sharedPage.goto("/");
+    await sharedPage.getByRole('link', { name: 'Mitrudern' }).nth(1).click();
+
+    
+    // Login as cox again
+    await sharedPage.goto("/auth/logout");
+    await sharedPage.goto("/auth");
+    await sharedPage.getByPlaceholder("Name").click();
+    await sharedPage.getByPlaceholder("Name").fill("cox");
+    await sharedPage.getByPlaceholder("Name").press("Tab");
+    await sharedPage.getByPlaceholder("Passwort").fill("cox");
+    await sharedPage.getByPlaceholder("Passwort").press("Enter");
+
+    await sharedPage.goto("/");
+
+
+    // ... now I can cancel trip
    await sharedPage.getByRole("link", { name: "Details" }).nth(1).click();
-    await expect(sharedPage.locator("#sidebar")).toContainText(
-      "Freie Plätze: 3",
-    );
-    await sharedPage.getByRole("spinbutton").click();
-    await sharedPage.getByRole("spinbutton").fill("0");
-    await sharedPage.getByRole("button", { name: "Speichern" }).click();
+    await sharedPage.getByRole("button", { name: "Ausfahrt absagen" }).click();
    await expect(sharedPage.locator("body")).toContainText(
      "Ausfahrt erfolgreich aktualisiert.",
    );
    await expect(sharedPage.locator("body")).toContainText("(Absage cox)");
+
+
+    // Done with the test -> cancel the cancellation of the trip, otherwise the afterAll function below fails
+    await sharedPage.getByRole("link", { name: "Details" }).nth(1).click();
+    await sharedPage.getByRole("spinbutton").click();
+    await sharedPage.getByRole("spinbutton").fill("3");
+    await sharedPage.getByRole("button", { name: "Speichern" }).click();
+
+
+
+    // deregistering
+    await sharedPage.goto("/auth/logout");
+    await sharedPage.goto("/auth");
+    await sharedPage.getByPlaceholder("Name").click();
+    await sharedPage.getByPlaceholder("Name").fill("rower");
+    await sharedPage.getByPlaceholder("Name").press("Tab");
+    await sharedPage.getByPlaceholder("Passwort").fill("rower");
+    await sharedPage.getByPlaceholder("Passwort").press("Enter");
+
+    await sharedPage.goto("/");
+    await sharedPage.getByRole('link', { name: 'Abmelden' }).click();
+
+
+    // now cox can delete trip again in afterAll
+    await sharedPage.goto("/auth/logout");
+    await sharedPage.goto("/auth");
+    await sharedPage.getByPlaceholder("Name").click();
+    await sharedPage.getByPlaceholder("Name").fill("cox");
+    await sharedPage.getByPlaceholder("Name").press("Tab");
+    await sharedPage.getByPlaceholder("Passwort").fill("cox");
+    await sharedPage.getByPlaceholder("Passwort").press("Enter");
  });

  test.afterAll(async () => {
--- a/seeds.sql
+++ b/seeds.sql
@@ -53,6 +53,7 @@ INSERT INTO "planned_event" (name, planned_amount_cox, trip_details_id) VALUES('
 INSERT INTO "trip_details" (planned_starting_time, max_people, day, notes) VALUES('11:00', 1, date('now', '+1 day'), 'trip_details for trip from cox');
 INSERT INTO "trip" (cox_id, trip_details_id) VALUES(4, 2);

+INSERT INTO "trip_details" (planned_starting_time, max_people, day, notes) VALUES('10:00', 2, date('now'), 'same trip_details as id=1');
 INSERT INTO "trip_type" (name, desc, question, icon) VALUES ('Regatta', 'Regatta!', 'Kein normales Event. Das ist eine Regatta! Willst du wirklich teilnehmen?', '&#127941;');
 INSERT INTO "trip_type" (name, desc, question, icon) VALUES ('Lange Ausfahrt', 'Lange Ausfahrt!', 'Das ist eine lange Ausfahrt! Willst du wirklich teilnehmen?', '&#128170;');
 INSERT INTO "trip_type" (name, desc, question, icon) VALUES ('Wanderfahrt', 'Wanderfahrt!', 'Kein normales Event. Das ist eine Wanderfahrt! Bitte überprüfe ob du alle Anforderungen erfüllst. Willst du wirklich teilnehmen?', '&#9969;');
--- a/src/model/event.rs
+++ b/src/model/event.rs
@@ -1,8 +1,8 @@
 use std::io::Write;

-use chrono::NaiveDate;
+use chrono::{Duration, NaiveDate, NaiveTime};
 use ics::{
-    properties::{DtStart, Summary},
+    properties::{DtEnd, DtStart, Summary},
    ICalendar,
 };
 use serde::Serialize;
@@ -11,7 +11,6 @@ use sqlx::{FromRow, Row, SqlitePool};
 use super::{
    log::Log,
    notification::Notification,
-    role::Role,
    tripdetails::TripDetails,
    triptype::TripType,
    user::{EventUser, User},
@@ -34,11 +33,13 @@ pub struct Event {
 }

 #[derive(Serialize, Debug)]
-pub struct EventWithUserAndTriptype {
+pub struct EventWithDetails {
    #[serde(flatten)]
    pub event: Event,
    trip_type: Option<TripType>,
+    tripdetails: TripDetails,
    cox_needed: bool,
+    cancelled: bool,
    cox: Vec<Registration>,
    rower: Vec<Registration>,
 }
@@ -96,8 +97,8 @@ FROM trip WHERE planned_event_id = ?
        .unwrap()
        .into_iter()
        .map(|r| Registration {
-            name: r.name,
-            registered_at: r.registered_at,
+            name: r.name.unwrap(),
+            registered_at: r.registered_at.unwrap(),
            is_guest: false,
            is_real_guest: false,
        })
@@ -116,6 +117,12 @@ pub struct EventUpdate<'a> {
    pub trip_type_id: Option<i64>,
 }

+impl EventUpdate<'_> {
+    fn cancelled(&self) -> bool {
+        self.max_people == -1
+    }
+}
+
 impl Event {
    pub async fn find_by_id(db: &SqlitePool, id: i64) -> Option<Self> {
        sqlx::query_as!(
@@ -134,16 +141,13 @@ WHERE planned_event.id like ?
        .ok()
    }

-    pub async fn get_pinned_for_day(
-        db: &SqlitePool,
-        day: NaiveDate,
-    ) -> Vec<EventWithUserAndTriptype> {
+    pub async fn get_pinned_for_day(db: &SqlitePool, day: NaiveDate) -> Vec<EventWithDetails> {
        let mut events = Self::get_for_day(db, day).await;
        events.retain(|e| e.event.always_show);
        events
    }

-    pub async fn get_for_day(db: &SqlitePool, day: NaiveDate) -> Vec<EventWithUserAndTriptype> {
+    pub async fn get_for_day(db: &SqlitePool, day: NaiveDate) -> Vec<EventWithDetails> {
        let day = format!("{day}");
        let events = sqlx::query_as!(
            Event,
@@ -164,10 +168,15 @@ WHERE day=?",
            if let Some(trip_type_id) = event.trip_type_id {
                trip_type = TripType::find_by_id(db, trip_type_id).await;
            }
-            ret.push(EventWithUserAndTriptype {
+            let tripdetails = TripDetails::find_by_id(db, event.trip_details_id)
+                .await
+                .expect("db constraints");
+            ret.push(EventWithDetails {
                cox_needed: event.planned_amount_cox > cox.len() as i64,
                cox,
                rower: Registration::all_rower(db, event.trip_details_id).await,
+                cancelled: tripdetails.cancelled(),
+                tripdetails,
                event,
                trip_type,
            });
@@ -191,7 +200,8 @@ INNER JOIN trip_details ON planned_event.trip_details_id = trip_details.id",
        let mut ret = Vec::new();
        let events = Self::all(db).await;
        for event in events {
-            if event.is_rower_registered(db, user).await {
+            if event.is_rower_registered(db, user).await || event.is_cox_registered(db, user).await
+            {
                ret.push(event);
            }
        }
@@ -215,6 +225,21 @@ INNER JOIN trip_details ON planned_event.trip_details_id = trip_details.id",
        is_rower.amount > 0
    }

+    pub async fn is_cox_registered(&self, db: &SqlitePool, user: &User) -> bool {
+        let is_rower = sqlx::query!(
+            "SELECT count(*) as amount
+            FROM trip 
+            WHERE planned_event_id = ?
+            AND cox_id = ?",
+            self.id,
+            user.id
+        )
+        .fetch_one(db)
+        .await
+        .unwrap(); //Okay, bc planned_event can only be created with proper DB backing
+        is_rower.amount > 0
+    }
+
    pub async fn find_by_trip_details(db: &SqlitePool, tripdetails_id: i64) -> Option<Self> {
        sqlx::query_as!(
            Self,
@@ -297,7 +322,7 @@ WHERE trip_details.id=?
        .unwrap(); //Okay, as planned_event can only be created with proper DB backing

        let tripdetails = self.trip_details(db).await;
-        let was_already_cancelled = tripdetails.max_people == 0;
+        let was_already_cancelled = tripdetails.cancelled();

        sqlx::query!(
            "UPDATE trip_details SET max_people = ?, notes = ?, always_show = ?, is_locked = ?, trip_type_id = ? WHERE id = ?",
@@ -322,7 +347,7 @@ WHERE trip_details.id=?
            .await;
        }

-        if update.max_people == 0 && !was_already_cancelled {
+        if update.cancelled() && !was_already_cancelled {
            let coxes = Registration::all_cox(db, self.id).await;
            for user in coxes {
                if let Some(user) = User::find_by_name(db, &user.name).await {
@@ -371,7 +396,7 @@ WHERE trip_details.id=?
                }
            }
        }
-        if update.max_people > 0 && was_already_cancelled {
+        if !update.cancelled() && was_already_cancelled {
            Notification::delete_by_action(
                db,
                &format!("remove_user_trip_with_trip_details_id:{}", tripdetails.id),
@@ -409,7 +434,7 @@ WHERE trip_details.id=?
    }

    pub fn is_cancelled(&self) -> bool {
-        self.max_people == 0
+        self.max_people == -1
    }

    pub async fn get_ics_feed(db: &SqlitePool) -> String {
@@ -425,12 +450,32 @@ WHERE trip_details.id=?
    }

    pub(crate) async fn get_vevent(self, db: &SqlitePool) -> ics::Event {
-        let mut vevent = ics::Event::new(format!("{}@rudernlinz.at", self.id), "19900101T180000");
+        let mut vevent = ics::Event::new(format!("event-{}@ruad.at", self.id), "19900101T180000");
+        let time_str = self.planned_starting_time.replace(':', "");
+        let formatted_time = if time_str.len() == 3 {
+            format!("0{}", time_str)
+        } else {
+            time_str.clone() // TODO: remove again
+        };
        vevent.push(DtStart::new(format!(
            "{}T{}00",
            self.day.replace('-', ""),
-            self.planned_starting_time.replace(':', "")
+            formatted_time
        )));
+
+        let original_time = NaiveTime::parse_from_str(&self.planned_starting_time, "%H:%M")
+            .expect("Failed to parse time");
+        let later_time = original_time + Duration::hours(3);
+        if later_time > original_time {
+            // Check if no day-overflow
+            let time_three_hours_later = later_time.format("%H%M").to_string();
+            vevent.push(DtEnd::new(format!(
+                "{}T{}00",
+                self.day.replace('-', ""),
+                time_three_hours_later
+            )));
+        }
+
        let tripdetails = self.trip_details(db).await;
        let mut name = String::new();
        if self.is_cancelled() {
@@ -513,6 +558,6 @@ mod test {

        let today = Local::now().date_naive().format("%Y%m%d").to_string();
        let actual = Event::get_ics_feed(&pool).await;
-        assert_eq!(format!("BEGIN:VCALENDAR\r\nVERSION:2.0\r\nPRODID:ics-rs\r\nBEGIN:VEVENT\r\nUID:1@rudernlinz.at\r\nDTSTAMP:19900101T180000\r\nDTSTART:{today}T100000\r\nSUMMARY:test-planned-event \r\nEND:VEVENT\r\nEND:VCALENDAR\r\n"), actual);
+        assert_eq!(format!("BEGIN:VCALENDAR\r\nVERSION:2.0\r\nPRODID:ics-rs\r\nBEGIN:VEVENT\r\nUID:event-1@ruad.at\r\nDTSTAMP:19900101T180000\r\nDTSTART:{today}T100000\r\nDTEND:{today}T130000\r\nSUMMARY:test-planned-event \r\nEND:VEVENT\r\nEND:VCALENDAR\r\n"), actual);
    }
 }
--- a/src/model/log.rs
+++ b/src/model/log.rs
@@ -45,8 +45,8 @@ LIMIT 1000
 <rss version="2.0">
 <channel>
 <title>Ruder App Admin Feed</title>
-<link>app.rudernlinz.at</link>
-<description>An RSS feed with activities from app.rudernlinz.at</description>"#,
+<link>ruad.at</link>
+<description>An RSS feed with activities</description>"#,
        );
        for log in Self::last(db).await {
            let utc_time: DateTime<Utc> = Utc::from_utc_datetime(&Utc, &log.created_at);
--- a/src/model/mod.rs
+++ b/src/model/mod.rs
@@ -6,8 +6,8 @@ use waterlevel::WaterlevelDay;
 use crate::AMOUNT_DAYS_TO_SHOW_TRIPS_AHEAD;

 use self::{
-    event::{Event, EventWithUserAndTriptype},
-    trip::{Trip, TripWithUserAndType},
+    event::{Event, EventWithDetails},
+    trip::{Trip, TripWithDetails},
    waterlevel::Waterlevel,
    weather::Weather,
 };
@@ -28,8 +28,8 @@ pub mod weather;
 #[derive(Serialize, Debug)]
 pub struct Day {
    day: NaiveDate,
-    events: Vec<EventWithUserAndTriptype>,
-    trips: Vec<TripWithUserAndType>,
+    events: Vec<EventWithDetails>,
+    trips: Vec<TripWithDetails>,
    is_pinned: bool,
    regular_sees_this_day: bool,
    max_waterlevel: Option<WaterlevelDay>,
--- a/src/model/notification.rs
+++ b/src/model/notification.rs
@@ -208,6 +208,15 @@ ORDER BY read_at DESC, created_at DESC;
            }
        }
    }
+
+    pub(crate) async fn mark_all_read(db: &SqlitePool, user: &User) {
+        let notifications = Self::for_user(db, user).await;
+
+        for notification in notifications {
+            notification.mark_read(db).await;
+        }
+    }
+
    pub(crate) async fn delete_by_action(db: &sqlx::Pool<Sqlite>, action: &str) {
        sqlx::query!(
            "DELETE FROM notification WHERE action_after_reading=? and read_at is null",
@@ -275,7 +284,7 @@ mod test {
        let cancel_update = EventUpdate {
            name: &event.name,
            planned_amount_cox: event.planned_amount_cox as i32,
-            max_people: 0,
+            max_people: -1,
            notes: event.notes.as_deref(),
            always_show: event.always_show,
            is_locked: event.is_locked,
@@ -289,7 +298,7 @@ mod test {
        assert_eq!(rower_notification.category, "Absage Ausfahrt");
        assert_eq!(
            rower_notification.action_after_reading.as_deref(),
-            Some("remove_user_trip_with_trip_details_id:3")
+            Some("remove_user_trip_with_trip_details_id:4")
        );

        // Cox received notification
--- a/src/model/trip.rs
+++ b/src/model/trip.rs
@@ -1,5 +1,5 @@
-use chrono::{Local, NaiveDate};
-use ics::properties::{DtStart, Summary};
+use chrono::{Duration, Local, NaiveDate, NaiveTime};
+use ics::properties::{DtEnd, DtStart, Summary};
 use serde::Serialize;
 use sqlx::SqlitePool;

@@ -30,11 +30,12 @@ pub struct Trip {
 }

 #[derive(Serialize, Debug)]
-pub struct TripWithUserAndType {
+pub struct TripWithDetails {
    #[serde(flatten)]
    pub trip: Trip,
    pub rower: Vec<Registration>,
    trip_type: Option<TripType>,
+    cancelled: bool,
 }

 pub struct TripUpdate<'a> {
@@ -46,7 +47,13 @@ pub struct TripUpdate<'a> {
    pub is_locked: bool,
 }

-impl TripWithUserAndType {
+impl<'a> TripUpdate<'a> {
+    fn cancelled(&self) -> bool {
+        self.max_people == -1
+    }
+}
+
+impl TripWithDetails {
    pub async fn from(db: &SqlitePool, trip: Trip) -> Self {
        let mut trip_type = None;
        if let Some(trip_type_id) = trip.trip_type_id {
@@ -54,8 +61,9 @@ impl TripWithUserAndType {
        }
        Self {
            rower: Registration::all_rower(db, trip.trip_details_id.unwrap()).await,
-            trip,
            trip_type,
+            cancelled: trip.is_cancelled(),
+            trip,
        }
    }
 }
@@ -81,7 +89,6 @@ impl Trip {
            trip_details.planned_starting_time,
        )
        .await;
-        if same_starting_datetime.len() > 1 {
        for notify in same_starting_datetime {
            // don't notify oneself
            if notify.id == trip_details.id {
@@ -94,10 +101,10 @@ impl Trip {
            }

            if let Some(trip) = Trip::find_by_trip_details(db, notify.id).await {
-                    let user = User::find_by_id(db, trip.cox_id as i32).await.unwrap();
+                let user_earlier_trip = User::find_by_id(db, trip.cox_id as i32).await.unwrap();
                Notification::create(
                    db,
-                        &user,
+                    &user_earlier_trip,
                    &format!(
                        "{} hat eine Ausfahrt zur selben Zeit ({} um {}) wie du erstellt",
                        user.name, trip.day, trip.planned_starting_time
@@ -110,7 +117,6 @@ impl Trip {
            }
        }
    }
-    }

    pub async fn find_by_trip_details(db: &SqlitePool, tripdetails_id: i64) -> Option<Self> {
        sqlx::query_as!(
@@ -130,12 +136,33 @@ WHERE trip_details.id=?
    }

    pub(crate) async fn get_vevent(self, user: &User) -> ics::Event {
-        let mut vevent = ics::Event::new(format!("{}@rudernlinz.at", self.id), "19900101T180000");
+        let mut vevent = ics::Event::new(format!("trip-{}@ruad.at", self.id), "19900101T180000");
+        let time_str = self.planned_starting_time.replace(':', "");
+        let formatted_time = if time_str.len() == 3 {
+            format!("0{}", time_str)
+        } else {
+            time_str
+        };
+
        vevent.push(DtStart::new(format!(
            "{}T{}00",
            self.day.replace('-', ""),
-            self.planned_starting_time.replace(':', "")
+            formatted_time
        )));
+
+        let original_time = NaiveTime::parse_from_str(&self.planned_starting_time, "%H:%M")
+            .expect("Failed to parse time");
+        let later_time = original_time + Duration::hours(3);
+        if later_time > original_time {
+            // Check if no day-overflow
+            let time_three_hours_later = later_time.format("%H%M").to_string();
+            vevent.push(DtEnd::new(format!(
+                "{}T{}00",
+                self.day.replace('-', ""),
+                time_three_hours_later
+            )));
+        }
+
        let mut name = String::new();
        if self.is_cancelled() {
            name.push_str("ABGESAGT");
@@ -222,7 +249,7 @@ WHERE trip.id=?
            return Err(CoxHelpError::DetailsLocked);
        }

-        if event.max_people == 0 {
+        if event.is_cancelled() {
            return Err(CoxHelpError::CanceledEvent);
        }

@@ -239,12 +266,12 @@ WHERE trip.id=?
        }
    }

-    pub async fn get_for_today(db: &SqlitePool) -> Vec<TripWithUserAndType> {
+    pub async fn get_for_today(db: &SqlitePool) -> Vec<TripWithDetails> {
        let today = Local::now().date_naive();
        Self::get_for_day(db, today).await
    }

-    pub async fn get_for_day(db: &SqlitePool, day: NaiveDate) -> Vec<TripWithUserAndType> {
+    pub async fn get_for_day(db: &SqlitePool, day: NaiveDate) -> Vec<TripWithDetails> {
        let day = format!("{day}");
        let trips = sqlx::query_as!(
            Trip,
@@ -263,7 +290,7 @@ WHERE day=?

        let mut ret = Vec::new();
        for trip in trips {
-            ret.push(TripWithUserAndType::from(db, trip).await);
+            ret.push(TripWithDetails::from(db, trip).await);
        }
        ret
    }
@@ -277,20 +304,18 @@ WHERE day=?
            return Err(TripUpdateError::NotYourTrip);
        }

-        if update.trip_type != Some(4) {
-            if !update.cox.allowed_to_steer(db).await {
+        if update.trip_type != Some(4) && !update.cox.allowed_to_steer(db).await {
            return Err(TripUpdateError::TripTypeNotAllowed);
        }
-        }

        let Some(trip_details_id) = update.trip.trip_details_id else {
            return Err(TripUpdateError::TripDetailsDoesNotExist); //TODO: Remove?
        };

        let tripdetails = TripDetails::find_by_id(db, trip_details_id).await.unwrap();
-        let was_already_cancelled = tripdetails.max_people == 0;
+        let was_already_cancelled = tripdetails.cancelled();

-        let is_locked = if update.max_people == 0 {
+        let is_locked = if update.cancelled() {
            false
        } else {
            update.is_locked
@@ -308,10 +333,8 @@ WHERE day=?
        .await
        .unwrap(); //Okay, as trip_details can only be created with proper DB backing

-        if update.max_people == 0 && !was_already_cancelled {
-            let rowers = TripWithUserAndType::from(db, update.trip.clone())
-                .await
-                .rower;
+        if update.cancelled() && !was_already_cancelled {
+            let rowers = TripWithDetails::from(db, update.trip.clone()).await.rower;
            for user in rowers {
                if let Some(user) = User::find_by_name(db, &user.name).await {
                    let notes = match update.notes {
@@ -347,7 +370,7 @@ WHERE day=?
            .await;
        }

-        if update.max_people > 0 && was_already_cancelled {
+        if !update.cancelled() && was_already_cancelled {
            Notification::delete_by_action(
                db,
                &format!("remove_user_trip_with_trip_details_id:{}", trip_details_id),
@@ -435,14 +458,14 @@ WHERE day=?
    pub(crate) async fn get_pinned_for_day(
        db: &sqlx::Pool<sqlx::Sqlite>,
        day: NaiveDate,
-    ) -> Vec<TripWithUserAndType> {
+    ) -> Vec<TripWithDetails> {
        let mut trips = Self::get_for_day(db, day).await;
        trips.retain(|e| e.trip.always_show);
        trips
    }

    fn is_cancelled(&self) -> bool {
-        self.max_people == 0
+        self.max_people == -1
    }
 }

@@ -478,6 +501,7 @@ mod test {
    use crate::{
        model::{
            event::Event,
+            notification::Notification,
            trip::{self, TripDeleteError},
            tripdetails::TripDetails,
            user::{SteeringUser, User},
@@ -509,6 +533,34 @@ mod test {
        assert!(Trip::find_by_id(&pool, 1).await.is_some());
    }

+    #[sqlx::test]
+    fn test_notification_cox_if_same_datetime() {
+        let pool = testdb!();
+        let cox = SteeringUser::new(
+            &pool,
+            User::find_by_name(&pool, "cox".into()).await.unwrap(),
+        )
+        .await
+        .unwrap();
+        let trip_details = TripDetails::find_by_id(&pool, 1).await.unwrap();
+        Trip::new_own(&pool, &cox, trip_details).await;
+
+        let cox2 = SteeringUser::new(
+            &pool,
+            User::find_by_name(&pool, "cox2".into()).await.unwrap(),
+        )
+        .await
+        .unwrap();
+        let trip_details = TripDetails::find_by_id(&pool, 3).await.unwrap();
+        Trip::new_own(&pool, &cox2, trip_details).await;
+
+        let last_notification = &Notification::for_user(&pool, &cox).await[0];
+
+        assert!(last_notification
+            .message
+            .starts_with("cox2 hat eine Ausfahrt zur selben Zeit"));
+    }
+
    #[sqlx::test]
    fn test_get_day_cox_trip() {
        let pool = testdb!();
--- a/src/model/tripdetails.rs
+++ b/src/model/tripdetails.rs
@@ -6,7 +6,7 @@ use sqlx::{FromRow, SqlitePool};

 use super::{
    notification::Notification,
-    trip::{Trip, TripWithUserAndType},
+    trip::{Trip, TripWithDetails},
    triptype::TripType,
 };

@@ -95,7 +95,7 @@ WHERE day = ? AND planned_starting_time = ?
    }

    pub fn cancelled(&self) -> bool {
-        self.max_people == 0
+        self.max_people == -1
    }

    /// This function is called when a person registers to a trip or when the cox changes the
@@ -138,7 +138,7 @@ WHERE day = ? AND planned_starting_time = ?
                // This trip_details belongs to a planned_event, no need to do anything
                continue;
            };
-            let pot_coxes = TripWithUserAndType::from(db, trip.clone()).await;
+            let pot_coxes = TripWithDetails::from(db, trip.clone()).await;
            let pot_coxes = pot_coxes.rower;
            for user in pot_coxes {
                let cox = User::find_by_id(db, trip.cox_id as i32).await.unwrap();
@@ -196,7 +196,7 @@ WHERE day = ? AND planned_starting_time = ?
        .fetch_one(db)
        .await
        .unwrap(); //TODO: fixme
-        let amount_currently_registered = i64::from(amount_currently_registered.count);
+        let amount_currently_registered = amount_currently_registered.count;

        amount_currently_registered >= self.max_people
    }
@@ -339,7 +339,7 @@ mod test {
                }
            )
            .await,
-            3,
+            4,
        );
        assert_eq!(
            TripDetails::create(
@@ -354,7 +354,7 @@ mod test {
                }
            )
            .await,
-            4,
+            5,
        );
    }

--- a/src/model/user/fee.rs
+++ b/src/model/user/fee.rs
@@ -0,0 +1,58 @@
+use super::User;
+use serde::Serialize;
+
+#[derive(Debug, Serialize)]
+pub struct Fee {
+    pub sum_in_cents: i64,
+    pub parts: Vec<(String, i64)>,
+    pub name: String,
+    pub user_ids: String,
+    pub paid: bool,
+    pub users: Vec<User>,
+}
+
+impl Default for Fee {
+    fn default() -> Self {
+        Self::new()
+    }
+}
+
+impl Fee {
+    pub fn new() -> Self {
+        Self {
+            sum_in_cents: 0,
+            name: "".into(),
+            parts: Vec::new(),
+            user_ids: "".into(),
+            users: Vec::new(),
+            paid: false,
+        }
+    }
+
+    pub fn add(&mut self, desc: String, price_in_cents: i64) {
+        self.sum_in_cents += price_in_cents;
+
+        self.parts.push((desc, price_in_cents));
+    }
+
+    pub fn add_person(&mut self, user: &User) {
+        if !self.name.is_empty() {
+            self.name.push_str(" + ");
+            self.user_ids.push('&');
+        }
+        self.name.push_str(&user.name);
+
+        self.user_ids.push_str(&format!("user_ids[]={}", user.id));
+        self.users.push(user.clone());
+    }
+
+    pub fn paid(&mut self) {
+        self.paid = true;
+    }
+
+    pub fn merge(&mut self, fee: Fee) {
+        for (desc, price_in_cents) in fee.parts {
+            self.add(desc, price_in_cents);
+        }
+    }
+}
--- a/src/model/user/mod.rs
+++ b/src/model/user/mod.rs
@@ -31,7 +31,7 @@ pub struct User {
 pub struct UserWithDetails {
    #[serde(flatten)]
    pub user: User,
-    pub amount_unread_notifications: i32,
+    pub amount_unread_notifications: i64,
    pub allowed_to_steer: bool,
    pub roles: Vec<String>,
 }
@@ -72,7 +72,7 @@ impl User {
        self.has_role_tx(db, "cox").await || self.has_role_tx(db, "Bootsführer").await
    }

-    pub async fn amount_unread_notifications(&self, db: &SqlitePool) -> i32 {
+    pub async fn amount_unread_notifications(&self, db: &SqlitePool) -> i64 {
        sqlx::query!(
            "SELECT COUNT(*) as count FROM notification WHERE user_id = ? AND read_at IS NULL",
            self.id
@@ -197,15 +197,24 @@ WHERE lower(name)=?
    }

    pub async fn all(db: &SqlitePool) -> Vec<Self> {
-        sqlx::query_as!(
-            Self,
+        Self::all_with_order(db, "last_access", false).await
+    }
+
+    pub async fn all_with_order(db: &SqlitePool, sort: &str, asc: bool) -> Vec<Self> {
+        let mut query = format!(
            "
        SELECT id, name, pw, deleted, last_access, user_token
        FROM user
        WHERE deleted = 0
-ORDER BY last_access DESC
-        "
-        )
+        ORDER BY {}
+        ",
+            sort
+        );
+        if !asc {
+            query.push_str(" DESC");
+        }
+
+        sqlx::query_as::<_, User>(&query)
            .fetch_all(db)
            .await
            .unwrap()
--- a/src/model/usertrip.rs
+++ b/src/model/usertrip.rs
@@ -3,7 +3,7 @@ use sqlx::{FromRow, SqlitePool};

 use super::{
    notification::Notification,
-    trip::{Trip, TripWithUserAndType},
+    trip::{Trip, TripWithDetails},
    tripdetails::TripDetails,
    user::{SteeringUser, User},
 };
@@ -158,7 +158,7 @@ impl UserTrip {
                .unwrap()
                .cancelled()
            {
-                let trip = TripWithUserAndType::from(db, trip.clone()).await;
+                let trip = TripWithDetails::from(db, trip.clone()).await;
                if trip.rower.len() == 1 {
                    trip_to_delete = Some(trip.trip);
                }
--- a/src/scheduled/waterlevel.rs
+++ b/src/scheduled/waterlevel.rs
@@ -5,7 +5,7 @@ use sqlx::SqlitePool;
 use crate::model::waterlevel::{self, Waterlevel};

 pub async fn update(db: &SqlitePool) -> Result<(), String> {
-    let mut tx = db.begin().await.unwrap();
+    /*let mut tx = db.begin().await.unwrap();

    // 1. Delete water levels starting from yesterday
    Waterlevel::delete_all(&mut tx).await;
@@ -44,7 +44,7 @@ pub async fn update(db: &SqlitePool) -> Result<(), String> {
    }

    // 3. Save in DB
-    tx.commit().await.unwrap();
+    tx.commit().await.unwrap();*/

    Ok(())
 }
@@ -80,8 +80,8 @@ fn fetch() -> Result<Station, String> {
    let url = "https://hydro.ooe.gv.at/daten/internet/stations/OG/207068/S/forecast.json";

    match ureq::get(url).call() {
-        Ok(response) => {
-            let forecast: Result<Vec<Station>, _> = response.into_json();
+        Ok(mut response) => {
+            let forecast: Result<Vec<Station>, _> = response.body_mut().read_json();

            if let Ok(data) = forecast {
                if data.len() == 1 {
--- a/src/scheduled/weather.rs
+++ b/src/scheduled/weather.rs
@@ -96,11 +96,11 @@ struct DailyWeather {
 }

 fn fetch(api_key: &str) -> Result<Data, String> {
-    let url = format!("https://api.openweathermap.org/data/3.0/onecall?lat=48.31970&lon=14.29451&units=metric&exclude=current,minutely,hourly,alert&appid={api_key}");
+    let url = format!("https://api.openweathermap.org/data/3.0/onecall?lat=47.766249&lon=13.367683&units=metric&exclude=current,minutely,hourly,alert&appid={api_key}");

    match ureq::get(&url).call() {
-        Ok(response) => {
-            let data: Result<Data, _> = response.into_json();
+        Ok(mut response) => {
+            let data: Result<Data, _> = response.body_mut().read_json();

            if let Ok(data) = data {
                Ok(data)
--- a/src/tera/admin/user.rs
+++ b/src/tera/admin/user.rs
@@ -33,13 +33,17 @@ impl<'r> FromRequest<'r> for Referer {
    }
 }

-#[get("/user")]
+#[get("/user?<sort>&<asc>")]
 async fn index(
    db: &State<SqlitePool>,
    user: ManageUserUser,
    flash: Option<FlashMessage<'_>>,
+    sort: Option<String>,
+    asc: bool,
 ) -> Template {
-    let user_futures: Vec<_> = User::all(db)
+    let sort_column = sort.unwrap_or_else(|| "last_access".to_string());
+
+    let user_futures: Vec<_> = User::all_with_order(db, &sort_column, asc)
        .await
        .into_iter()
        .map(|u| async move { UserWithDetails::from_user(u, db).await })
--- a/src/tera/auth.rs
+++ b/src/tera/auth.rs
@@ -73,7 +73,7 @@ async fn login(
            );
        }
        Err(_) => {
-            return Flash::error(Redirect::to("/auth"), "Falscher Benutzername/Passwort. Du bist Vereinsmitglied und der Login klappt nicht? Melde dich bitte unter it@verein.tld!");
+            return Flash::error(Redirect::to("/auth"), "Falscher Benutzername/Passwort. Du bist Vereinsmitglied und der Login klappt nicht? Melde dich bitte beim Vorstand!");
        }
    };

--- a/src/tera/misc.rs
+++ b/src/tera/misc.rs
@@ -38,7 +38,7 @@ async fn cal_registered(
        return Err("Invalid".into());
    };

-    if &user.user_token != uuid {
+    if user.user_token != uuid {
        return Err("Invalid".into());
    }

--- a/src/tera/mod.rs
+++ b/src/tera/mod.rs
@@ -71,7 +71,6 @@ async fn steering(db: &State<SqlitePool>, user: User, flash: Option<FlashMessage
 fn unauthorized_error(req: &Request) -> Redirect {
    // Save the URL the user tried to access, to be able to go there once logged in
    let mut redirect_cookie = Cookie::new("redirect_url", format!("{}", req.uri()));
-    println!("{}", req.uri());
    redirect_cookie.set_expires(OffsetDateTime::now_utc() + Duration::hours(1));
    req.cookies().add_private(redirect_cookie);

@@ -80,7 +79,7 @@ fn unauthorized_error(req: &Request) -> Redirect {

 #[catch(403)] //forbidden
 fn forbidden_error() -> Flash<Redirect> {
-    Flash::error(Redirect::to("/"), "Keine Berechtigung für diese Aktion. Wenn du der Meinung bist, dass du das machen darfst, melde dich bitte bei it@rudernlinz.at.")
+    Flash::error(Redirect::to("/"), "Keine Berechtigung für diese Aktion. Wenn du der Meinung bist, dass du das machen darfst, melde dich bitte bei p+ruadat@hofer.link.")
 }

 struct Usage {}
--- a/src/tera/notification.rs
+++ b/src/tera/notification.rs
@@ -30,6 +30,12 @@ async fn mark_read(db: &State<SqlitePool>, user: User, notification_id: i64) ->
    }
 }

-pub fn routes() -> Vec<Route> {
-    routes![mark_read]
+#[get("/read/all")]
+async fn mark_all_read(db: &State<SqlitePool>, user: User) -> Flash<Redirect> {
+    Notification::mark_all_read(db, &user).await;
+    Flash::success(Redirect::to("/"), "Alle Nachrichten als gelesen markiert")
+}
+
+pub fn routes() -> Vec<Route> {
+    routes![mark_read, mark_all_read]
 }
--- a/templates/admin/user/index.html.tera
+++ b/templates/admin/user/index.html.tera
@@ -4,11 +4,13 @@
    <div class="max-w-screen-lg w-full">
        <h1 class="h1">Mitglieder</h1>
        {% if allowed_to_edit %}
+            <details class="mt-5 bg-gray-200 dark:bg-primary-600 p-3 rounded-md">
+                <summary class="px-3 cursor-pointer text-md font-bold text-primary-950 dark:text-white">Neue Person hinzufügen</summary>
                <form action="/admin/user/new"
+		  onsubmit="return confirm('Willst du wirklich einen neuen Benutzer anlegen?');"
                  method="post"
-                  class="mt-4 bg-primary-900 rounded-md text-white px-3 pb-3 pt-2 sm:flex items-end justify-between">
+                  class="flex mt-4 rounded-md sm:flex items-end justify-between">
                <div class="w-full">
-                    <h2 class="text-md font-bold mb-2 uppercase tracking-wide">Neues Mitglied hinzufügen</h2>
                    <div class="grid md:grid-cols-3">
                        <div>
                            <label for="name" class="sr-only">Name</label>
@@ -19,21 +21,44 @@
                        </div>
                    </div>
                </div>
-                <div class="text-right">
+                <div class="text-right ml-3">
                    <input value="Hinzufügen"
                           type="submit"
                           class="w-28 mt-2 sm:mt-0 rounded-md bg-primary-500 px-3 py-2 text-sm font-semibold text-white hover:bg-primary-500 focus-visible:outline focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-primary-600 cursor-pointer" />
                </div>
            </form>
+            </details>
+            
        {% endif %}
        <!-- START filterBar -->
-        <div class="search-wrapper">
+        <div class="search-wrapper flex">
            <label for="name" class="sr-only">Suche</label>
            <input type="search"
                   name="name"
                   id="filter-js"
                   class="search-bar"
-                   placeholder="Suchen nach (Name, [yes|no]-role:<name>" />
+                   placeholder="Suchen nach (Name, [yes|no]-role:<name>, has-[no-]membership-pdf)" />
+
+            <div class="relative">
+              <button id="dropdownbtn" data-dropdown="dropdown" class="btn btn-dark ml-3" type="button">
+                Sortieren 
+              </button>
+
+              <!-- Dropdown menu -->
+              <div id="dropdown" class="z-10 hidden bg-white divide-y divide-gray-100 text-secondary-900 rounded-lg shadow-sm w-44 absolute right-0">
+                  <ul class="py-2 text-sm" aria-labelledby="dropdownbtn">
+                    <li>
+                      <a href="./user" class="block px-4 py-2 hover:bg-gray-100 hover:text-secondary-950">Zuletzt eingeloggt</a>
+                    </li>
+                    <li>
+                      <a href="?sort=name&asc" class="block px-4 py-2 hover:bg-gray-100 hover:text-secondary-950">Name A-Z</a>
+                    </li>
+                    <li>
+                      <a href="?sort=name" class="block px-4 py-2 hover:bg-gray-100 hover:text-secondary-950">Name Z-A</a>
+                    </li>
+                  </ul>
+              </div> 
+            </div>
        </div>
        <!-- END filterBar -->
        <div id="filter-result-js" class="search-result"></div>
@@ -46,7 +71,7 @@
                        <span class="text-black dark:text-white cursor-pointer">
                            <span class="font-bold">
                                {{ user.name }}
-                                {% if not user.last_access and "admin" in loggedin_user.roles %}
+                                {% if not user.last_access and allowed_to_edit and user.mail %}
                                    <form action="/admin/user"
                                          method="post"
                                          enctype="multipart/form-data"
--- a/templates/board/boathouse.html.tera
+++ b/templates/board/boathouse.html.tera
@@ -4,13 +4,12 @@
 {% extends "base" %}
 {% macro show_place(aisle_name, side_name, level) %}
    <li class="truncate p-2 flex relative w-full">
-        {% set aisle = aisle_name ~ "-aisle" %}
-        {% set place = boathouse[aisle][side_name] %}
+        {% set place = boathouse[aisle_name][side_name].boats %}
        {% if place[level] %}
-            {{ place[level].1.name }}
+            {{ place[level].boat.name }}
            {% if "admin" in loggedin_user.roles %}
                <a class="btn btn-primary absolute end-0"
-                   href="/board/boathouse/{{ place[level].0 }}/delete">X</a>
+                   href="/board/boathouse/{{ place[level].boathouse_id }}/delete">X</a>
            {% endif %}
        {% elif boats | length > 0 %}
            {% if "admin" in loggedin_user.roles %}
--- a/templates/calinfo.html.tera
+++ b/templates/calinfo.html.tera
@@ -18,12 +18,12 @@
                                            <small>Dieser Link enthält einen zufällig generierten Teil, damit nur du (und jene, denen du diesen Link weitergibst) Zugang zu diesen Daten hast.</small>
                                        </li>
                                        <li>
-                                            <a class="break-all	underline" href="https://app.rudernlinz.at/cal"><strong>Alle Events</strong></a>
+                                            <a class="break-all	underline" href="/cal"><strong>Alle Events</strong></a>
                                            <br />
-                                            <small>Beachte, dass dieser Kalender keine Ausfahrten enthält, die von einzelnen Steuerpersonen augeschrieben werden. Dieser Kalender auf der Vereinswebsite verwendet werden, wo zB keine persönlichen Daten (Namen etc.) veröffentlicht werden soll.</small>
+                                            <small>Beachte, dass dieser Kalender keine Ausfahrten enthält, die von einzelnen Steuerpersonen augeschrieben werden. Dieser Kalender kann zB auf der Vereinswebsite verwendet werden, wo keine persönlichen Daten (Namen etc.) veröffentlicht werden sollen.</small>
                                        </li>
                                    </ol>
-                                    Du kannst die Kalender einfach in deinen Kalender als "externen Kalender" synchronisieren. Die genauen Schritte hängen von deiner verwendeten Software ab.
+                                    Du kannst die Kalender einfach in deinen Kalender als <q>externen Kalender</q> synchronisieren. Die genauen Schritte hängen von deiner verwendeten Software ab.

                </div>
                </div>
--- a/templates/faq.html.tera
+++ b/templates/faq.html.tera
@@ -10,7 +10,7 @@

                        <div class="mt-8">
                            <p class="p-2">
-				Willkommen in der Testversion von ruad.at!
+				Willkommen in der Ausfahrtsverwaltung von ruad.at!
 				Hier wird nochmal <s>alles</s> vieles erklärt.
 				Wenn du Fragen/Wünsche/... hast, kannst du dich gerne jederzeit unter <a href="mailto:philipp@hofer.link">philipp@hofer.link</a> melden.
                            </p>
@@ -60,18 +60,6 @@
 			    Steuerpersonen sehen das ganze Jahr (um im Vorhinein Ausfahrten ausschreiben zu können). Ab Dezember sehen sie auch das volle kommende Jahr.
 				</p>
 				</details>
-			    <details class="p-2">
-				<summary>Mitgliederdaten einspielen</summary>
-                            <p class="mt-3">
-Wenn du auch schon Mitgliederdaten testen willst, kannst du mir gern in <q>irgendeinem</q> maschinell lesbaren Format geben (csv, Excel, txt, ...), ich brauche lediglich den Namen (eindeutig, da dieser für den Login verwendet wird) und welche Rolle(n) der User hat: Admin, Anfänger, Steuerperson, Eventmanager
-				</p>
-				</details>
-			    <details class="p-2">
-				<summary>Welcher Wasserstand wird angezeigt?</summary>
-                            <p class="mt-3">
-			    In der Demo wirk der (prognostizierte) Wasserstand von Linz angezeigt. Solltet ihr euch im Verein für ruad.at entscheiden, können wir uns gemeinsam ansehen, welche Datenquelle wir am Besten für euren Verein verwenden.
-				</p>
-				</details>

                    </div>
                    </div>
--- a/templates/impressum.html.tera
+++ b/templates/impressum.html.tera
@@ -74,9 +74,6 @@
                        <li>
                            Die <strong>Wetterdaten</strong> werden von <a class="underline" href="https://openweathermap.org">OpenWeather</a> bereitgestellt.
                        </li>
-                        <li>
-                            <strong>Wasserstandsvorhersagen:</strong> Die Vorhersagen werden stündlich vom <a class="underline" href="https://hydro.ooe.gv.at">Hydrographischen Dienstes Oberösterreich</a> geladen und zwischengespeichert, der höchste Tages-Mittelwert wird gemeinsam mit der Schwankungsbreite bei den geplanten Ausfahrten angezeigt. Es handelt sich hierbei um ungeprüfte Rohdaten. Rohdatenfehler können durch betriebliche Störungen an den Messgeräten, Fernübertragungseinrichtungen u. dgl. entstehen. Die Vorhersagen sind daher mit Unsicherheiten behaftet! Mit der Länge des Vorhersagezeitraumeszeitraumes werden diese Unsicherheiten größer! Es wird keine Gewähr für die Vollständigkeit, Richtigkeit und Genauigkeit der dargestellten Daten übernommen. Gewährleistungs- und Haftungsansprüche werden ausdrücklich ausgeschlossen (sowohl vom Hydrographischen Dienstes Oberösterreich als auch von ruad.at).
-                        </li>
                    </ul>
                </div>
            </div>
--- a/templates/index.html.tera
+++ b/templates/index.html.tera
@@ -51,7 +51,7 @@
                                                {% if event.always_show and not day.regular_sees_this_day %}
                                                    <span title="Du siehst diese Ausfahrt schon, obwohl sie mehr als {{ amount_days_to_show_trips_ahead }} Tage in der Zukunft liegt. Du Magier!">🔮</span>
                                                {% endif -%}
-                                                {%- if event.max_people == 0 %}
+                                                {%- if event.cancelled %}
                                                    <strong class="text-[#f43f5e]">&#9888; Absage
                                                        {{ event.planned_starting_time }}
                                                        Uhr
@@ -129,7 +129,7 @@
                                            <div id="event{{ event.trip_details_id }}">
                                                {# --- START List Coxes --- #}
                                                {% if event.planned_amount_cox > 0 %}
-                                                    {% if event.max_people == 0 %}
+                                                    {% if event.cancelled %}
                                                        {{ macros::box(participants=event.cox, empty_seats="", header='Absage', bg='[#f43f5e]') }}
                                                    {% else %}
                                                        {% if amount_cox_missing > 0 %}
@@ -142,9 +142,9 @@
                                                {# --- END List Coxes --- #}
                                                {# --- START List Rowers --- #}
                                                {% set amount_cur_rower = event.rower | length %}
-                                                {% if event.max_people == 0 %}
+                                                {% if event.cancelled %}
                                                    {{ macros::box(header='Absage', bg='[#f43f5e]', participants=event.rower, trip_details_id=event.trip_details_id, allow_removing="manage_events" in loggedin_user.roles) }}
-                                                {% else %}
+                                                {% elif event.max_people > 0  %}
                                                    {{ macros::box(participants=event.rower, empty_seats=event.max_people - amount_cur_rower, bg='primary-100', color='black', trip_details_id=event.trip_details_id, allow_removing="manage_events" in loggedin_user.roles) }}
                                                {% endif %}
                                                {# --- END List Rowers --- #}
@@ -167,7 +167,11 @@
                                                        <input type="hidden" name="_method" value="put" />
                                                        <input type="hidden" name="id" value="{{ event.id }}" />
                                                        {{ macros::input(label='Titel', name='name', type='input', value=event.name) }}
+                                                        {% if event.cancelled %} 
+                                                          <input type="hidden" name="max_people" value="-1" />
+                                                        {% else %}
                                                          {{ macros::input(label='Anzahl Ruderer', name='max_people', type='number', required=true, value=event.max_people, min='1') }}
+                                                        {% endif %}
                                                        {{ macros::input(label='Anzahl Steuerleute', name='planned_amount_cox', type='number', value=event.planned_amount_cox, required=true, min='0') }}
                                                        {{ macros::checkbox(label='Immer anzeigen', name='always_show', id=event.id,checked=event.always_show, help="Grundsätzlich sehen Rudernde Ausfahrten 10 Tage im vorhinein. Wenn du diese Option aktivierst, ist diese Ausfahrt sofort allen ersichtlich.") }}
                                                        {{ macros::checkbox(label='Gesperrt', name='is_locked', id=event.id,checked=event.is_locked, help="Wenn diese Option aktiviert ist, kann sich keiner mehr an- und abmelden. Sinnvoll, wenn zB bereits die Bootseinteilung vorgenommen wurde") }}
@@ -187,7 +191,7 @@
                                                        </a>
                                                    </div>
                                                {% else %}
-                                                    {% if event.max_people == 0 %}
+                                                    {% if event.cancelled %}
                                                        Wenn du deine Absage absagen (:^)) willst, einfach entsprechende Anzahl an Ruderer oben eintragen.
                                                    {% else %}
                                                        <div class="bg-gray-100 dark:bg-primary-900 p-3 mt-4 rounded-md">
@@ -196,9 +200,8 @@
                                                                <input type="hidden" name="_method" value="put" />
                                                                <input type="hidden" name="id" value="{{ event.id }}" />
                                                                {{ macros::input(label='Grund der Absage', name='notes', type='input', value='') }}
-                                                                {{ macros::input(label='', name='max_people', type='hidden', value=0) }}
+                                                                {{ macros::input(label='', name='max_people', type='hidden', value=-1) }}
                                                                {{ macros::input(label='', name='name', type='hidden', value=event.name) }}
-                                                                {{ macros::input(label='', name='max_people', type='hidden', value=event.max_people) }}
                                                                {{ macros::input(label='', name='planned_amount_cox', type='hidden', value=event.planned_amount_cox) }}
                                                                {{ macros::input(label='', name='always_show', type='hidden', value=event.always_show) }}
                                                                {{ macros::input(label='', name='is_locked', type='hidden', value=event.is_locked) }}
@@ -228,7 +231,7 @@
                                            {% if trip.always_show and not day.regular_sees_this_day %}
                                                <span title="Du siehst diese Ausfahrt schon, obwohl sie mehr als {{ amount_days_to_show_trips_ahead }} Tage in der Zukunft liegt. Du Magier!">🔮</span>
                                            {% endif -%}
-                                            {% if trip.max_people == 0 %}
+                                            {% if trip.cancelled %}
                                                <strong class="text-[#f43f5e]">&#9888;
                                                    {{ trip.planned_starting_time }}
                                                Uhr</strong>
@@ -250,7 +253,7 @@
                                            {% endif %}
                                            <br />
                                            <a href="#" data-sidebar="true" data-trigger="sidebar" data-header="<strong>
-                                                {% if trip.max_people == 0 %}&#9888;{% endif %}
+                                                {% if trip.cancelled %}&#9888;{% endif %}
                                                {{ trip.planned_starting_time }} Uhr</strong> ({{ trip.cox_name }})
                                                {% if trip.trip_type %}<small class='block'>{{ trip.trip_type.desc }}</small>{% endif %}
                                                {% if trip.notes %}<small class='block'>{{ trip.notes }}</small>{% endif %}
@@ -279,7 +282,7 @@
                                    {# --- START Sidebar Content --- #}
                                    <div class="hidden">
                                        <div id="trip{{ trip.trip_details_id }}">
-                                            {% if trip.max_people == 0 %}
+                                            {% if trip.cancelled %}
                                                {# --- border-[#f43f5e] bg-[#f43f5e] --- #}
                                                {{ macros::box(participants=trip.rower,bg='[#f43f5e]',header='Absage', trip_details_id=trip.trip_details_id, allow_removing=loggedin_user.id == trip.cox_id) }}
                                            {% else %}
@@ -319,13 +322,13 @@
                                                    </a>
                                                </div>
                                            {% else %}
-                                                {% if trip.max_people == 0 %}
+                                                {% if trip.cancelled %}
                                                    Wenn du deine Absage absagen (:^)) willst, einfach entsprechende Anzahl an Ruderer oben eintragen.
                                                {% else %}
                                                    <div class="bg-gray-100 dark:bg-primary-900 p-3 mt-4 rounded-md">
                                                        <h3 class="text-primary-950 dark:text-white font-bold uppercase tracking-wide mb-2">Ausfahrt absagen</h3>
                                                        <form action="/cox/trip/{{ trip.id }}" method="post" class="grid">
-                                                            {{ macros::input(label='', name='max_people', type='hidden', value=0) }}
+                                                            {{ macros::input(label='', name='max_people', type='hidden', value=-1) }}
                                                            {{ macros::input(label='Grund der Absage', name='notes', type='input', value='') }}
                                                            {{ macros::input(label='', name='is_locked', type='hidden', value=trip.is_locked) }}
                                                            {{ macros::input(label='', name='trip_type', type='hidden', value=trip.trip_type_id) }}
--- a/templates/notifications.html.tera
+++ b/templates/notifications.html.tera
@@ -9,7 +9,8 @@
            {% if notifications %}
                    {% if loggedin_user.amount_unread_notifications > 10 %}
                        <div class="text-primary-950 dark:text-white bg-gray-200 dark:bg-primary-950 bg-opacity-80 text-center pb-3 px-3">
-                            Du hast viele ungelesene Benachrichtigungen. Um deine Oberfläche übersichtlich zu halten und wichtige Updates nicht zu verpassen, nimm dir bitte einen Moment Zeit sie zu überprüfen und als gelesen zu markieren (&#10003;).
+                            Du hast viele ungelesene Benachrichtigungen. Um deine Oberfläche übersichtlich zu halten und wichtige Updates nicht zu verpassen, nimm dir bitte in Zukunft einen kurzen Moment Zeit sie zu überprüfen und als gelesen zu markieren (&#10003;).<br /><a href="/notification/read/all" class="underline">Du kannst hier ausnahmsweise alle als gelesen markieren.</a>
+
                        </div>
                    {% endif %}
                    <div class="divide-y">