2021.9.0

Released on: 2021-10-11

Contributors: Tomaž Jerman (GH), Peter Grlica (GH), Mia Arh (GH), Denis Arh (GH), sgg-adraynrion (GH), Katrin Yordanova (GH), Jože Fortun (GH), Vivek Patel (GH), Matija Rešek (GH), Mario Burazer (GH), Bill Ewanick (GH)

Added:

  • Added support for internationalization of Corteza web applications (#237, 31132570, e4eb28b8, c3ff0ae1), as well as for some user-provided resources (Low Code modules, namespaces, and pages) (46a7d94d). Locale specific number and date-time formatting are also included (da9a450f).

  • Added a system-managed facility for defining and handling custom API endpoints (#232, 652cc074. The facility allows you to trivially define new API endpoints for webhooks or custom integrations needed by your business processes. The facility defines a tight integration with Workflows for request processing (#245).

  • Added a specialized facility for creating, managing, and running reports(02b3e833). The reporting facility defines a dedicated user interface (corteza-webapp-reporter).

  • Extended Low Code feature set:

    • added role based filtering to user module fields (da181c30),

    • added advanced record list filtering using field-specific filters (5e7e8ce5),

    • added a comment page block (1032399f), and general UI/UX tweaks for easier navigation,

    • added configurable module field descriptions and hints,

    • Added an additional namespaceID parameter when searching over namespaces (21a3c5e6).

  • Added a fake data generator which can be used to create placeholder records and users (#216). The data generator is invoked through the CLI @todo CLI ref.

  • Added support for entire Low Code namespace duplication, import, and export directly from the Low Code interface (000664ef, 533b534f).

  • Extended authentication feature set; allowing authentication sessions to be manually revoked (#254, #210, 1cb2e64d), improved the users CLI commands with additional options (bed63c4f, e4cd1f5b), and added the client_credentials and user impersonation (b245726c, 25e4d11f). The authentication clients user interface now provides a series of cURL examples for interacting with authentication clients (16ae4c22).

  • Added support for SAML authentication providers (#188, aedb2aef, 670b1609).

  • Added *.search RBAC access control operations for all resources 92d2de86, f630a3d9, 0a388382.

  • Added support for automation which is triggered before or after a user is suspended (13fc9d26).

  • Extended Workflow feature set:

    • added the invoker and runner credentials in the initial scope (806dbfaa),

    • improved trigger validation based on the workflow configuration (f40f7982),

    • added functions to interact with the RBAC facility (89ae50db),

    • improved the user interface to display configuration and debug errors (the triggers now also show errors),

    • added an indicator for when the workflow try-run is running.

  • Expended the feature set of the expression engine:

  • Improved system setup and configuration flow as well as overall stability (5a67ecf7, a94e39b3, a229d0ec):

    • Added option to limit the number of users (1b3a811c),

    • Added support for .env file configuration from arbitrary location via the --env-file command parameter ({SERVER_COMMIT_BASE6496027a[6496027a]}).

  • Prepared the store infrastructure for cockroachDB support (109e23fc).

Changed:

  • The user interface of the Corteza web applications was changed to increase consistency, accessibility 58aa46ee, 89ad4311, and better user experience. More notable changes:

    • the navigation was moved under the left sidebar,

    • the top bar defines shortcuts to the more common operations related to the viewed page,

    • the module field picker was completely reworked (8364da10).

  • Changed the file field preview to show the last uploaded attachment when the single image option is selected (2d593af0).

  • Reworked the RBAC access control facility allowing greater flexibility with resource-specific rules, contextual roles (2f2c055e), and improved logging (922f4c31). Corteza now defines a series of system users and roles which are used for system tasks, such as provisioning and federation.

  • Low Code module, module field, and record RBAC rule configuration buttons are now located under a single drop-down.

  • Added the reporter webapp to the default list of webapps (e6950812).

  • Changed workflow deferred triggers to ignore and skip empty constraint values (8d9a3d54).

  • Upgraded zap logger to v1.19 (e48ffb2e).

  • Tweaked system logging:

    • replaced errors with warnings for runtime OAuth issues (0cb91793),

    • tweaked log stacktrace and added support for depth level control using the LOG_STACKTRACE_LEVEL .env variable (28e1774c).

  • Moved PROVISION_SETTINGS_ settings into a YAML provision file (2d78ae42).

  • Switch the base image to deb/ubuntu due to library incompatibilities (00ba60e5).

Removed:

  • Removed PROVISION_SETTINGS_ in favour of a YAML provision file (2d78ae42).

  • Removed the query parameter from the record list filter endpoint (10e8b77d).

  • Removed Google maps from the provisioned application list (d6f24605).

  • Removed obsolete settings for the namespace sidebar and Corteza One (b459bd35).

  • Removed tabs and panels on Corteza One.

Fixed:

  • Fix broken links in README (7974ca65).

  • Fix inconsistent grant-validGrant auth client JSON prop name (40ddb9db).

  • Fixed attachment upload errors when an empty attachment or an ico file were uploaded (f5532acf).

  • Removed unneeded content from the served webapp content evaluation check (3638ecac).

  • Fixed failing mount when webapps are disabled (63dbe702).

  • Exclude deleted reminders from the reminder list API endpoint (9f74d5c0).

  • Prevented duplicate values on multi-value selection fields.

  • Fixed the task duplication bug on calendars (2e322054).

  • Fixed namespace searching be case insensitive (5ce9572d).

  • Fixed improper actionlog type casting which resulted in broken log messages when the front-end technology stack was unable to parse the values (5ac8790b, d1ccbc3e).

  • Fix invalid error message if the user is not allowed to search over namespaces (7cf6c18d).

  • Fixed missing notifications across web applications.

  • Fixed typos in envoy error messages (0a241fab).

  • Fixed notifications disappearing when changing the current page.

  • Fix ClaimsToIdentify to return identity with all authenticated roles (67d7882b).

  • Added missing access control properties to resource responses (774354d6).

  • Addedd missing access control checks for reminders (03344782).

  • Fixed improper admin webapp permission display if the user does not have sufficient permissions..

  • Fixed improper automation session state representation for prompted sessions (234d3795).

  • Fixed expression function parameter and return value casting for string functions.

  • Added missing federation structure sync response wrappers (8ee91eb7).

  • General stability of the system has been improved.

Security:

  • CLI commands now use the system user when executing commands (dca5757f).

  • Moved import/provisioning access control from Envoy to the invoking service (a2b964c5).

Development:

  • Defined a proper facility for testing Integration gateway handling logic (6ceadf40).

  • Allow store function codegen logic to define imports specific to them (b95e878c).

  • Build and integration pipelines moved to Github Actions.

  • Removed misleading federation etc/ (d4505482).

  • Removed the long deprecated storybook (76270476).

  • Implemented the C3 feature and applied it to web applications (a318b380, 4c5e2c24).