Posts

Corteza 2021.9.11 has been released. It includes the following fixes:

  • Fixed improper credential validation on user registration causing the user to be created even when invalid credentials (mainly the password) was provided. The fix moves the password validation step to the earlier stage of the sign up flow (#ff13912).
  • Fixed improper record count for grouped reports where multi-value fields are involved. The fix, for some cases, omits duplicate values (7546dbb).

Read more

Corteza 2021.9.11 has been released. It includes the following fixes:

  • Fixed improper PostgreSQL formatting for ISO timestamp templates by adding an edge-case exception (#034a7f9).
  • Fixed improper number and text setting value decoding by covering edge-cases (#ced2daf).
  • Fixed improper module field resource translation encoding, decoding, and store persistance causing the field description and hint field to get mixed up by fixing invalid value mapping and removing translations from the DB (#0422e5f, #e7ea299, #6c2dd28).
  • Fixed improper workflow prompt handling when user has multiple Corteza instances (tabs) open at the same time. Corteza web applications improved communication on what prompts are already resolved and where the prompts should be shown (#ef238df).
  • Fixed broken module field value expressions where the old record reference was used. The issue occurred because the value was never provided (#993cd22).

Read more

Corteza 2021.9.10 has been released. It includes important memory leak fixes. The complete list of updates and changes is:

  • Changed the profiler endpoints (when enabled) to be under /debug instead of /__profiler to conform to pprof requirements (2653c3894).
  • Fixed improper static translation loading for custom languages (964b71a56).
  • Fixed memory leaks and general performance optimizations for content sanitization (2711b0211), workflow loading (35c1c0892), and expression processing (4eccaa826).
  • Fixed workflow attachment uploading for all supported types (Reader, Bytes, and String) (7448a2d7b).
  • Fixed prompt duplication by preventing prompts from being resent over web sockets (f8a089a15.

Read more

Corteza 2021.9.9 has been released. It includes the following updates, improvements and changes.

  • Changed resource translation sanitization to be looser to support a wider range of formatting options (4278e5823).
  • Fixed missing role references for namespace export where the User module field defined role prefilters (cb44b6591).
  • Fixed improper namespace import resource re-identification due to resources being ignored (3b235e330).
  • Fixed workflow trace parameter (3e068026).
  • Fixed improper resource translation content sanitization for RTE contents (50671180d), link attributes (f699d4b1e).
  • Fixed actionlog codegen lapsus (d44d396b3)
  • Fixed missing roles in the impersonated user — roles were not included in the generated JWT (e4ba223da)
  • Fixed improper resource iterator data chunking which caused the database to error out for large datasets (69c95a5a3)
  • Fixed record list not working when duplicate fields reside on same page (c13dd1e81).
  • Added additional link tags to make them more secure (889e2485f).

Read more

Corteza 2021.9.8 has been released. It includes the following updates, improvements and changes.

  1. Changed default background colour to white in MetricConfigurator (49a525a).
  1. Fixed count expression function to properly handle the no argument case when typed values are being used (usually when invoked via workflow expressions) (5d7d3aa3).
  2. Fixed improper page blockID assignment on page create (95065f8e7).
  3. Fixed improper page blockID assignment on page create (95065f8e7).
  4. Fixed role management on external auth providers (d679a59).
  5. Append custom args when executing Corredor scripts via Compose REST handlers (2741e3577).
  6. Fixed improper handling of unresolved (type any) values (5ff68c414).
  7. Hide refresh data button when no data is present in MetricConfigurator (8fc446c).
  8. Increase z-index for PageBuilder to avoid toolbar with icons appearing below the Block’s title and description (667a9b0).
  9. Translate messages in errors component (acd5473, 1e933b2, 0af18b1).
  10. Reminders of other people showing up (63b3efe).
  11. Translations of field configurators and calendars (d4a379e, 5f00980).
  12. Relative values with charts (eb5c4c7, 025cfd5).
  13. Fix number of record to be exported in ExporterModal (eb5c4c7, 5f36917).
  14. Add missing input string to integration gateway namespace for admin (eb5c4c7, 64d27e1).
  15. Fixed cumulative funnel chart value calculations (0fbce36).
  16. Fixed improper reporter funnel chart display due to invalid data type conversion (c7ca7d1).
  1. Strengthen reset-password flow with rate limiting and invalidation of existing tokens(d2d0245d5).
  2. Improve attachment validation on size and type for compose uploads (6f19f00b2).
  3. Sanitize back-link on logout page (XSS) (8c0a62284).
  4. Refactor delete all session of user from auth page (23a8b757ee).

Read more

Corteza 2021.9.7 has been released. It includes the following updates, improvements and changes.

  • Fixed set expression function to properly handle types provided by workflow execution (f42d707).
  • Fixed OIDC provider scope string issue (b1572e1).
  • Fixed workflow issues with invoker/runner (c4d80b88).
  • Fixed resource translations for content and automation page blocks (8a8cf42e).
  • Fixed inconsistent NULL order for different DB engines causing paging cursor issues (2be460ee).

Read more

Corteza 2021.9.6 has been released. It includes the following updates, improvements and changes.

  • Added support for RTL direction.
  • Added support for additional arguments when invoking automation scripts via API (91eb88d2).
  • Added support for resource translation on select field options (c72902a8).
  • Added support for SAML signed requests (5e4486c7, 7ec02f6e).
  • Added support for SAML HTTP binding (717cae5c0b, 5cf0597b40)
  • Added option to hide the import button on the record list (cd982a8, 9c85d0b, 874e0b2).
  • Added support for version specific DB_DSN .env variable, simplifying development (c3516dd).
  • Added find and has expression functions (86deaea9).
  • Added sort expr function (be6b572)
  • Added support for multi-value filtering on record lists (d0213cb).
  • Added processing indicator when deleting records in record list (6d47c1b)
  • Refactored workflow execution and fixed runner/invoker logic (92224360).
  • Fixed improper attachment upload permission checks due to partial request parameters (#309, #346).
  • Fixed improper QL argument transformations based on the used database (#308).
  • Fix broken docker container health check on Corredor server (dce30ba).
  • Changed federation locales (91094e44).
  • Refactored minio store and fixed invalid bucket name issue (23a2446).
  • Fixed scrolling when only one pageBlock is added (88f3e72).
  • Fixed translations on password reset (87f08d8).
  • Fixed RBAC rules and workflows not applying after being imported via namespace import (ff6cadc0).
  • Fixed improper handling of empty resource translation strings (resource-translations) (4b264798, 043588f1).
  • Fixed external OIDC for Corteza flow (398242b).
  • Fixed percentage calculation for all types of charts (2b7c949).
  • Fixed field picker system field translations (fa80ade, 485187e).
  • Fixed namespace importing — additional request validation (ca178714b), improve internal resource identification (00dd86fb9, d247ec678, and 8be8be96d).
  • Fixed improper API request content parsing when Content-Type defines character set (d0154cc1b).
  • Fixed improper error handling for the upload component (a0a1ac0).
  • Fixed role-security setting for external providers (05a40ca).
  • Fixed issue with OIDC provider removal (c078808).
  • Fixed queue name matching on workflow onMessage event (79d8a842)
  • Fixed calendar event display for events that span multiple months (4d2f824)
  • Fixed record list filter for number and id fields (3b421a1)
  • Fixed namespace selector overflowing sidebar (b9aa41e)
  • Fixed metric page block field selector options (cb69c80)
  • Fixed chart rendering edge case where the canvas did not yet exist (1b965f8).
  • Fixed centering for the empty record list label (f467e0f)
  • Fixed inline record editor not checking permissions for deletion (f74d398)
  • Fixed improper reminder handling, causing them to sometimes not show (94247f0)
  • Fixed invalid membership fetch for closed roles (88955eb)
  • Fixed column order not persisting for ColumnPicker component (9659d9f, 2b7c949, b53bc6b).
  • Make default value not required for multi fields (aae3f6f)
  • Prefill inline record editor related values (c457679)
  • Disable page deletion if it has sub-pages (67c3b2c)

Read more

Corteza 2021.9.5 has been released. It includes a long list of updates and improvements.

  • The record import via the import CLI command requires you to provide module field definitions along with the record import definitions. The constraint will be lifted in future patch releases.
  • Role security (forbidden, permitted, forced) on external authentication providers (91eb88d2).
  • Workflow functions for attachment management (8a8c7685).
  • OIDC support for corteza (a2091db).
  • Integration Gateway json response postfilter and http request to scope (b0590d2f).
  • JWT generate workflow function (eecf8670).
  • Unix strftime support to gval functions (d5001341).
  • Integer caster to gval functions (3473a267).
  • Added support for role permission cloning (0564fe7, d06cd41, 9bd530a).
  • Added custom processing button (6ec4157).
  • Translations for reporter webapp (6e26d5a, 931011c).
  • Added additional string manipulation functions to reporter expressions (a45c914e).
  • Added support for record import via the import CLI command (96556f54).
  • Translatable content (modules, names, pages, namespaces) is now sent with current language (5bd3bd37).
  • Improve slow performance in some casses with wf-loops by increesing workflow session state flushing from 10 to 1000 (486a5752).
  • Prevent table display elements from crashing if an empty join frame is recieved (f244b7b2).
  • Fixed improper report route bindings (d250827b).
  • Added missing type definition to the report filter perser registry (08ef5ab10).
  • Fixed panicking report filter marshaling when invalid (59ef8da1a).
  • Fixed improper handling of automation page blocks which define buttons with no references (047b647af).
  • Prevent text from exiting container in EditorToolbox (147dcd7).
  • Fixed improper date manipulation functions for reporter expressions (46372f55).
  • Fixed persistent run-as workflow issue after trigger removal (87f08d8b).
  • Fix access control checks on UI (e902382).
  • Fix user role membership picker (cadb6e1).
  • Fix module field order changing when you navigated to all records (3525ef8).
  • Fix record and user selector editors not rendering properly (09bca49).
  • Fix display element configurator options form not resetting properly (6b33655).
  • Broken translations on password reset (87f08d8)
  • Prevent error message from being transformed by toLowerCase() 32e9325)
  • Changed chart display element configurator (b553f72).

Read more

Corteza 2021.9.4 has been released. It includes a long list of updates and improvements.

  • Added .env options to control OAuth2 access and refresh token lifetime

  • Added support for base password constraints

  • Added translations for webapp-workflow

  • Added custom processing button

  • Added multi select to workflow options prompts

  • Added warning when workflow triggers paths change

  • Added expandable expressions editor to workflows

  • Fixed improper report filter type casting for ID-like values

  • Fixed default record module field value validation setup

  • Boolean value (record field) sanitization

  • Uint64 JSON serialization in APP_AUTOMATION payloads

  • Fixed invalid data point labeling for radial charts

  • Fixed report table pagination

  • Fixed workflow help shortcut opening when inputting

  • Admin role membership management

  • Update Bluemonday & net packages

Read more

Corteza 2021.9.3 has been released. It includes a long list of updates and improvements.

  • All user’s access tokens are now removed after password change (01577191).
  • Fixed improper page block ref validation for yaml encode (5afc715f).
  • Fixed unstable RBAC check that was caused by more complex setup of roles and RBAC rules (a385fe1c).
  • Fixed multi value required field errors (a5e4fb21).
  • Fixed display elements configurator sometimes not loading correct information when switching between elements (b8121e5).

Read more