
Jump to: navigation, search


13,066 bytes added, 15:00, 1 June 2023
Password Reset Emails on Non-Production Environments
Watch this video to get a general overview of the new features in this release.
 (Coming Soon){{#ev:youtube|Fjm2VxtKSCQ}}
====Multi-Factor Authentication Enabled by Default====
: ''Main Article: [[Multi-Factor Authentication]]''
Multi-factor authentication Factor Authentication (MFA) using verification codes sent by email will be enabled for all systems to improve security. If you have already enabled MFA in your SmartSimple Cloud system and have assigned roles to a single-use verification code sent by email, this enhancement will NOT change your existing settings. You may change your MFA preferences after the upgrade but we recommend you adjust your settings prior to the upgrade. If you did not set up MFA prior to the upgrade, the 'Everyone' role will be added to the setting called '''Roles with Verification Code via SMS and Email'''.
[[File:2022-11-ticket-144811-1.png|thumb|none|800px|The MFA setting above will be updated to "Everyone" if this Role setting is empty.]]
Time-based One-Time Password (TOTP) settings will NOT be affected.In addition, the setting '''Enable Trusted Device''' will also be toggled on by default. This allows users to choose whether they want the system to remember their device the next time they log in. Remembered devices can also be set to expire after a specific number of days by using the '''Expire Devices After''' setting.<u>'''Note:'''</u> Backup environments will be allowed to send out MFA emails. If your backup environment is not sending out emails, check to see if you have set up a default email address. To do this, go to '''Menu Icon''' > '''Global Settings''' > '''Communications''' tab > '''Email Options and Security''' > Toggle on '''Enable Default From Address'''. In the '''From Address''' field, you would typically enter something like ''''. If this field is empty, as part of this upgrade, we will be populating it with the email address used for new users (located at''' Menu Icon''' > '''Global Settings''' > '''Security''' tab > '''Password and Activation Policies''' > '''Activation Emails''' tab > '''From Address''').
If you are using an SMTP relay and/or have a dedicated instance, [ make sure you have set up a default email address that matches your domain]. Additionally, if you are using the SMTP relay with an IP restriction for sending emails, ensure the IP of your environments is in your IP list (backup, testing, production). If you need to help with identifying the IPs of your environments or have questions, reach out to our support team.
If you are using Single signSign-on On (SSO), you may opt to bypass MFA by going to '''Global Settings''' > '''Integrations''' tab > '''Single Sign-On''' > Edit a configuration then under > Under the "Authentication " section > Toggle , toggle on '''Bypass Multi-Factor Authentication (MFA) when logging in with Single Sign-On (SSO)'''.
<!-- 144811 - Apply MFA to all systems -->
Deprecated the '''Menu Icon Header Font''' setting which was never supported in the current header.
<!-- 139780 - Deprecate the Menu icon Header font setting -->
====Password Reset Emails on Non-Production Environments====
In addition to MFA emails being sent from non-production environments, password reset emails will also be sent from non-production environments. If you wish to add role restrictions for access to your backup environment, the setting is located at '''Menu''' icon > '''Global Settings''' > '''Security '''tab > '''System Feature Permissions''' > '''Feature''' tab > '''Restrict Login to Backup Environment to these Roles'''. When testing MFA and password reset emails on non-production environments, always use a test user and test email.
==Service Packs==
===June 8th 2023 (202306.01)===
* Fixed an issue with the '''Special - MSWord Merge''' custom field where some data was not displaying properly if exported from a list view.
<!-- 147020 - Exporting word merge field through list view doesn't resolve variable within merge field -->
* Fixed an issue with the '''List View – Mixed Record Type''' portal section where sorting by the '''Type''' column was ordering the rows by the type name rather than the caption.
<!-- 148359 - Mixed List View sorting by type name instead of caption-->
* Fixed an issue with the list view search where the results were not returning exact matches if predefined options were used.
<!-- 148636 - searching for country -->
* Fixed an issue where new workflow tasks could not be added if the '''From Address''' contained many SSlogic conditions.
<!-- 149006 - Can't Add a new Workflow Task -->
* Fixed an issue where the language switcher did not appear on the upper right-hand corner for signup pages using a verification service.
<!-- 149080 - language switcher missing on signup page -->
====Other Changes====
* Updated the Gort Automation process. In the case of a process error, the process lock will be automatically removed to allow the process to run again without the need for manual intervention. Also, a new maximum limit of 2 hours has been set for the runtime length of any single Gort process to improve the recovery time from processes that did not terminate correctly. This limit does not apply to the autoloader.<br /><u>'''Note:'''</u> The maximum limit can be adjusted for clients subscribed to the Private Cloud offering by submitting a request to our Support team.
<!-- 146876 - create automated recovery for Gort-->
* Updated the rich text editor.
<!-- 149329 - Vulnerable Javascript Dependency - CKEditor -->
* Updated various areas of the system for improved security.
<!-- 148909 - Security Vulnerabilities -->
<!-- 148837 - Security Vulnerability - Cross-site scripting (DOM-based) - s_viewxmlpage.jsp -->
<!-- 145460 - Fortify Scan Issues 2022-11 -->
===May 18th 2023 (202305.02)===
* Fixed an issue with the copy feature not working correctly after T2P under specific conditions.
<!-- 149108 - Copy Options not working on prod/backup after T2P -->
* Fixed an issue with list view export where negative numbers were being converted to text fields rather than number fields in Excel.
<!-- 148199 - Excel Download of Payments: Negative #s Shown as text -->
====Other Changes====
* Updated the request timeout limit from 30 seconds to 90 seconds for sending SOAP request to external APIs.
<!-- 147263 - field not getting updated with SOAP response (Field ID:1331755) -->
* Updated translations for English (UK) and Spanish.
<!-- 148928 - In UK English, translation file (Colour is missing the U) -->
<!-- 148314 - Instant Message header not translated to Spanish -->
===May 11th 2023 (202305.01)===
* Fixed an issue affecting clients using T2P that caused scheduled reports to run outside of schedule.
<!-- 147847 - Scheduled Reports Running Daily instead of Weekly -->
* Fixed an issue where scheduled reports were not being displayed under the '''Scheduled Exports''' tab if the report was using the classic scheduler.
<!-- 147525 - Schedule reports not listed as Activated when using old scheduler -->
* Fixed an issue where the '''Global Administrators''' tab was not displaying on the '''System Security Summary''' page under certain conditions.
<!-- 147583 - Sys Admin tab missing from security summary -->
====Other Changes====
* Added the ability to generate user tokens to be used for bearer authentication in SmartConnect API authorization. To view this feature, go to '''Global Settings''' > '''Integrations''' tab > '''SmartConnect API''' > '''API Users''' tab > Edit a user account.
* Added a limit to the image dimensions when rendering PDFs. If an image in a PDF exceeds approximately 50 megapixels (which is over twice the resolution of 4K Ultra HD), it will not be rendered and a message will be displayed in the PDF. Uploading images scanned at 150 or 300 DPI is recommended.
<!-- 148882 - Limit the size of images when rendering PDF-->
<!-- 143075 - Basic Authentication for API -->
* Added the ability to instantly push and unpack records using the new '''Data Exchange (DEX3)'''.
<!-- 145426 - Dex3 - Tweaks from December 2022 Discussion -->
* Updated the cookies policy translations for Spanish, Portuguese, French (Canada), Danish, Gaelic, Catalan, and Japanese.
<!-- 148094 - Cookie Policy Translation (Spanish) -->
* Deprecated the Janus Machine Learning feature.
<!-- 148005 - Janus machine learning deprecation -->
===April 20th 2023 (202304.02)===
* Fixed an issue with HTML tags displaying in custom field captions.
<!-- 148131 - HTML Tags are Displaying in Application and Grant Report Forms -->
* Fixed an issue with email broadcast previews not rendering as expected. For security reasons, the email broadcast preview screen will now contain a link to open emails containing HTML in a new window.
<!-- 147578 - Email Broadcast Preview not displaying -->
* Fixed an issue where the workflow initiator was receiving emails under specific conditions.
<!-- 147125 - L1 WF Emails with no Level 1 owner going to wrong person. -->
* Fixed an issue with user accounts not having access to the '''Organization Hierarchy''' page. This issue occurred when the user’s organization was flagged as container.
<!-- 147657 - European Climate Foundation: Organization Hierarchy not showing -->
====Other Changes====
* Updated the default '''From Address''' behavior. If the default '''From Address''' is empty or cleared, the system will compile the '''From Address''' from the instance email domain settings if SMTP relay is configured. Otherwise, the system will set the default from address to ''''. The default from address can be found by going to '''Menu Icon''' > '''Global Settings''' > '''Communications''' > '''Email Options and Security''' > Toggle on '''Enable Default From Address'''.
<!-- 146932 - MFA verification code email not being received -->
===April 13th 2023 (202304.01)===
* Fixed an issue where opening an Level 2 event on a calendar would return a permission error under specific conditions.
<!-- 132878 - Internal Staff: My Calendar access -->
* Fixed an issue where annotations were locked if a status had a status trigger attached to it.
<!-- 146996 - Annotation Mode issue -->
* Fixed an issue with the autoloader throwing a file extension error for decrypted files.
<!-- 145693 - Encrypted file extension error -->
* Fixed an issue where users were temporarily unable to download files from SmartFolders or access email broadcasts after a password reset.
<!-- 145933 - user session different behaviour after password reset -->
* Added variable syntax support for <code></code> and <code></code> which will return the full name of the state/province instead of the abbreviation. Also added support for the <code>@rolecaption@</code> variable within invitation templates which will return the role caption instead of the role name.
<!-- 146952 - Be able to display the state/province full name via a variable. -->
<!-- 146290 - Telethon - Invitation Templates Role caption -->
* Added ability to edit the sender email address used to send mail on behalf of the default '''From Address'''. To see this feature, go to '''Global Settings''' > '''Communications''' tab > '''Email Options and Security''' > Toggle on '''Enable Send Email On Behalf Of''' > Edit the address in the '''On Behalf Of Email''' field.
<!-- 147121 - Users receiving system emails with mismatch between URL and on behalf of -->
* Updated '''Message Queue''' to include emails sent containing autoloader logs.
<!-- 146374 - Deloitte Product - Autoloader Emails not routing through the Message Queue -->
* Updated charts so that the average value displayed is rounded to two decimal places for improved readability.
<!-- 139907 - QA Issue: Charts which compare against other records are generally unreadable -->
* Updated the word counts on text fields to exclude guillemets ( « » ). These double chevrons are used as quotation marks in a number of languages and are therefore no longer counted as words.
<!-- 146037 - Word Count Issue -->
* Updated Spanish translations.
<!-- 136206 - Translation Problems -->
* Updated various system areas for improved security.
<!-- 147433 - APR2023- Burpsuite Security Scan results -->
<!-- 145551 - Randomness or entropy analysis of 2 Factor Authentication secret key and other security issues -->
===March 30th 2023 (202303.05)===
* Fixed an issue with the open button on Level 2 contact association list views.
<!-- 147004 - Permission issues with Service area contact list users -->
* Fixed an issue with API queries for validation on a set criteria.
<!-- 147308 - SmartConnect API query ignores the 'providerid' criteria -->
===March 23rd 2023 (202303.04)===
* Fixed an issue with portal report charts not displaying if they had a negative value.
<!-- 146975 - Portal charts not displaying -->
* Fixed an issue with invitations to improve performance when there are many invitation records.
<!-- 147080 - Invitations don't load when there are many records -->
* Updated the word parsing feature found on the '''Upload - Single File Storage''' and '''Upload – Multiple File Storage''' fields to be able to parse an entire text document and store it in a single field. To use this feature, go to the configuration settings for the desired field and toggle on '''Enable Word Parsing'''. Inside the '''Field Mappings''' input, enter <code>[fieldname]=documnettext;</code> where fieldname is the name of the field where you want to store the text to. Additionally, if you only wish to parse the document body text without any header or footer information, enter <code>[fieldname]=documentbody;</code> instead.
<!-- 147088 - Word Parser - Read entire document into text field -->
* Updated the permissions for the sub-company tab in the left navigation of the organization record so that the tab will only appear to users if the company contains sub-companies and if the user has at least a view permission for the sub-companies.
<!-- 145707 - External user was able to edit the 'Individuals' container org -->
===March 16th 2023 (202303.03)===
* Fixed an issue where the '''Pronouns''' standard field was not displaying on user signup pages.
<!-- 146843 - Standard field not displaying on sign-up page-->
* Fixed an issue with the button that opens the record in a modal window on Level 2 Provider list view on the Level 1 record.
<!-- 145668 - UTA L2 Provider List Views: Modular/New Window is opening the L1 instead of L2 -->
* Updated behavior of the variable processor when processing custom fields to optimize efficiency.
<!-- 146994 - Variable Processor performance issues -->
* Updated workflow emails to allow support for activation link syntax.
<!-- 147069 - Activationlink variable not resolving -->
* Updated API for conditional versioning support on '''Universal Tracking Applications'''.
<!-- 144997 - Question about versioning in smartsimple -->
* Updated translations for French (Canada), Spanish, and Catalan.
<!-- 147013 - March translations for French, Spanish, Catalan
146657 - Confirmation message after adding meeting members not fully translated
146658 - Translation and visibility issues on Download Files feature -->
===March 10th 2023 (202303.02)===
* Fixed an issue with emails not being sent from the record.
<!-- 146834 - Unable to send decline letter emails to applicants -->

Navigation menu