10.3:release_notes.md

CzechIdM 10.3

Major tasks in version 10.3.0 focus on increasing of the flexibility of permission setting in IdM and therefore on security. It further contains new Report feature focused on export of table content in standard file format. New version also brings an improvement providing the user more information about resolved tasks.

Permission and security improvements

Version 10.3.0 brings changes to permission evaluation. Read change log and set new autorization policies on you project after upgrade from an older CzechIdM version. The main motivation is to increase security and flexibility of using. Among notable improvements belongs an option to set permissions of identity manager for the particular identity contract instead for the whole identity. Basic identity attributes can be newly individually protected from modifications. Extended identity attributes (EAV) are now secured by default without having to turn the security on explicitly. User is not able to read or modify them without granted permissions. The same now holds for contract extended attributes too. Permissions for long running tasks (LRT) were unified and extended. User can be allowed to see the progress of the running LRT without the need to be authorized to read it.

You can find more about this feature CzechIdM 10.3.

Historic tasks

When user clicked on a solved task link in past versions, one was only shown a message saying: β€œThis task doesn’t exist or has been already resolved.”. This message wasn’t very helpful. Currently the user is provided more information. In the picture below one can see an example of the solved task (role request) where the user is provided detail information when the task was solved, what result with, by whom and other details.

task-detail

Reports

Version 10.3.0 introduces a new Report feature. It serves to export of table content into a text format. Created reports are organized in Report section which provides their overview and download option in requested file format. IdM currently supports xlsx and json output file formats. Thanks to the support of standard formats it is possible to import them into other systems or process them by standard tools. Access to reports is controlled by set of permissions as it is usual in IdM.

report-table

You can find more about this feature CzechIdM 10.3.

πŸ’‘ New features in this version:

  • #2069 - General report to export tables to csv
  • #2229 - Identity projection - support edit more contracts in projection
  • #1719 - Improve error message
  • #2156 - Redirect to historic workflow task when is already solved
  • #2238 - Show statistics (count) for important DB tables in IdM GUI.
  • #2002 - Managers of contracts ended in the past shouldn't be able to change roles for currect contract
  • #2185 - Add support of Export/Import to Form definition agenda.
  • #2171 - General report to export tables: auto bulk action registration for all formable entites.
  • #2148 - Add type of role guarantor
  • #2155 - Support user type field (projection) in synchronization and provisioning
  • #2162 - Bulk action - change user type (projection)
  • #2228 - Evaluator for all identites that has contract on one organization unit
  • #1146 - Managers should change roles only for the contracts, for which they are managers
  • #2184 - Add support of bulk actions to Form definition agenda.
  • #2234 - Authorization policies - use selected persmissions only from transitive evaluator
  • #2242 - Eav: Return form instance values by attribute filter
  • #2204 - Authorization policies: Add permission to identity by contract (transitively)
  • #2206 - Authorization policies - add change permission to basic identity attributes
  • #2243 - Identity projection - support default detail as identity projection
  • #2225 - Authorization policies - add evaluator to codelist item by code
  • #519 - Filtering of audit log for entities - feedback
  • #2065 - LRT - add audit for long running task
  • #2169 - General report to export tables: add dowload button
  • #2235 - Implement support a context in the controller GET method
  • #2153 - Autorization policies - add evaluator by user type (projection)
  • #2182 - Back button on Auto. role rules tab
  • #2194 - Optimize owner loading in virtual system requests
  • #2195 - Max file upload - server configuration documentation
  • #2187 - Filter of non-virtual systems
  • #2163 - Authorization policies - support secured contract eav attributes by default
  • #2164 - Authorization policies - support secured identity eav attributes by default
  • #2226 - Identity detail and projection - add button for de/activate user manually
  • #2219 - Authorization policies - add autocomplete permission to LRT.
  • #2232 - Improve ForbiddenEntityException for add type and code
  • #2212 - Move MultipleSecureTextFormPropertyConverter from Extras module to product.
  • #2240 - Evaluator for all roles in one role catalogue
  • #2160 - Filter by event identifier doesn't find the event
  • #2039 - Bulk actions IdentityDisableBulkAction and IdentityEnableBulkAction execute disabling/enabling with normal priority
  • #2244 - Filter: filter identity by phone
  • #2188 - Show more than 10 running tasks on the tab
  • #1784 - LRT: support multiple properties

🐞 Defects fixed in this version:

  • #2210 - Provisioning brake removes connector server key when it starts braking
  • #2190 - Read only on form doesn't work properly - AbstractFrom
  • #2218 - Can't set permission to IdmImportLog, IdmScheduledTask, IdmProcessedTaskItem