Difference between revisions of "Template:March2023Upgrade"

m (Multi-Factor Authentication Enabled by Default)
m (Password Reset Emails on Non-Production Environments)
 
(107 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 
==General Details==
 
==General Details==
 
===Upgrade Dates===
 
===Upgrade Dates===
Public Cloud Production release date: '''March 9 2022'''<br />
+
Public Cloud Production release date: '''March 9 2023'''<br />
Public Cloud Backup release date: '''February 23 2022'''
+
Public Cloud Backup release date: '''February 23 2023'''
  
Private Cloud Production (Managed Upgrades) release date: '''March 23 2022'''<br />
+
Private Cloud Production (Managed Upgrades) release date: '''March 23 2023'''<br />
Private Cloud Backup (Managed Upgrades) release date: '''March 9 2022'''
+
Private Cloud Backup (Managed Upgrades) release date: '''March 9 2023'''
  
 
==Overview==
 
==Overview==
 
Watch this video to get a general overview of the new features in this release.
 
Watch this video to get a general overview of the new features in this release.
  
(Coming Soon)
+
{{#ev:youtube|Fjm2VxtKSCQ}}
  
  
Line 21: Line 21:
 
====Multi-Factor Authentication Enabled by Default====
 
====Multi-Factor Authentication Enabled by Default====
 
: ''Main Article: [[Multi-Factor Authentication]]''
 
: ''Main Article: [[Multi-Factor Authentication]]''
Multi-factor authentication (MFA) using verification codes sent by email will be enabled for all systems to improve security. If you have already enabled MFA in your SmartSimple Cloud system and have assigned roles to a single-use verification code sent by email, this enhancement will NOT change your existing settings. You may change your MFA preferences after the upgrade but we recommend you adjust your settings prior to the upgrade. If you did not set up MFA prior to the upgrade, the 'Everyone' role will be added to the setting called '''Roles with Verification Code via SMS and Email'''.  
+
Multi-Factor Authentication (MFA) using verification codes sent by email will be enabled for all systems to improve security. If you have already enabled MFA in your SmartSimple Cloud system and have assigned roles to a single-use verification code sent by email, this enhancement will NOT change your existing settings. You may change your MFA preferences after the upgrade but we recommend you adjust your settings prior to the upgrade. If you did not set up MFA prior to the upgrade, the 'Everyone' role will be added to the setting called '''Roles with Verification Code via SMS and Email'''.
 +
[[File:2022-11-ticket-144811-1.png|thumb|none|800px|The MFA setting above will be updated to "Everyone" if this Role setting is empty.]]
 +
Time-based One-Time Password (TOTP) settings will NOT be affected. In addition, the setting '''Enable Trusted Device''' will also be toggled on by default. This allows users to choose whether they want the system to remember their device the next time they log in. Remembered devices can also be set to expire after a specific number of days by using the '''Expire Devices After''' setting.
 +
<u>'''Note:'''</u> Backup environments will be allowed to send out MFA emails. If your backup environment is not sending out emails, check to see if you have set up a default email address. To do this, go to '''Menu Icon''' > '''Global Settings''' > '''Communications''' tab > '''Email Options and Security''' > Toggle on '''Enable Default From Address'''. In the '''From Address''' field, you would typically enter something like ''donotreply@smartsimplemailer.com''. If this field is empty, as part of this upgrade, we will be populating it with the email address used for new users (located at''' Menu Icon''' > '''Global Settings''' > '''Security''' tab > '''Password and Activation Policies''' > '''Activation Emails''' tab > '''From Address''').
  
[[File:144811-MFA Everyone Role.png|thumb|none|800px|Systems that do not have MFA set up will automatically have the 'Everyone' role added to the single-use verification code setting.]]
+
If you are using an SMTP relay and/or have a dedicated instance, [https://wiki.smartsimple.com/wiki/Multi-Factor_Authentication#Setting_up_a_Default_Email_Address make sure you have set up a default email address that matches your domain]. Additionally, if you are using the SMTP relay with an IP restriction for sending emails, ensure the IP of your environments is in your IP list (backup, testing, production). If you need to help with identifying the IPs of your environments or have questions, reach out to our support team.
  
Time-based One-Time Password (TOTP) settings will NOT be affected. Note backup environments will be allowed to send out MFA emails. If your backup environment is not sending out emails check that you have set up a default email at '''Menu Icon''' > '''Global Settings''' > '''Communications''' > '''Email Options and Security''' > Toggle on '''Enable Default From Address'''. Typically, you would enter something like donotreply@smartsimple.com. If you are using SMTP relay with an IP restriction for sending emails, ensure the IP of your backup environment is in your IP list.  
+
If you are using Single Sign-On (SSO), you may opt to bypass MFA by going to '''Global Settings''' > '''Integrations''' tab > '''Single Sign-On''' > Edit a configuration > Under the "Authentication" section, toggle on '''Bypass Multi-Factor Authentication (MFA) when logging in with Single Sign-On (SSO)'''.
 
<!-- 144811 - Apply MFA to all systems -->
 
<!-- 144811 - Apply MFA to all systems -->
  
 
===Minor Updates===
 
===Minor Updates===
 +
====Enhancements to System Security Summary====
 +
Added the ability to create notes on items flagged as potential problems in the '''System Security Summary'''. For example, a note can be added to explain why an item has been flagged and when or how it will be fixed in the future. Only the last note is displayed in the list, but you can see the full note history inside the notes modal window when you add a note. To see this feature, go to''' Menu Icon''' > '''Global Settings''' > '''System''' tab > '''System Security Summary''' > Click the '''Add Notes''' icon button located to the right of each flagged item. In addition, another tab was added to the''' System Security Summary''' and the '''System Summary''' called '''Global Administrators''' which lists all the '''Global Administrators''' in the system. We highly recommend you review the list of '''Global Administrators''' that have user access in your system regularly and remove access as needed.
 +
<!-- 138108 - Notes in System Summary -->
 +
<!-- 139980 - Easily see all users flagged as global admins -->
 +
 +
[[File:2023-03-ticket-138108-1.png|thumb|none|800px|Add an explanatory note to items flagged in the <strong>System Summary</strong>.]]
 +
 +
[[File:2023-03-ticket-139980-1.png|thumb|none|800px|Easily see who has <strong>Global Administrator</strong> access and regularly review this list to remove access as needed.]]
 +
 
====Added Reference Search to Reports====
 
====Added Reference Search to Reports====
 
Added the ability to check to see if a report has been referenced via a URL or used in ReportProperty syntax. Specifically the following is checked: Custom Fields, Template/Role Formulas, Submit Buttons, SmartCheck validations, Workflows, Shortcuts, Portals. To see this feature, go to '''Menu Icon''' > '''Reports''' > Edit a report > Click the '''Search Reference''' icon button in the action bar.
 
Added the ability to check to see if a report has been referenced via a URL or used in ReportProperty syntax. Specifically the following is checked: Custom Fields, Template/Role Formulas, Submit Buttons, SmartCheck validations, Workflows, Shortcuts, Portals. To see this feature, go to '''Menu Icon''' > '''Reports''' > Edit a report > Click the '''Search Reference''' icon button in the action bar.
 
<!-- 109038 - Search reference for Reports -->
 
<!-- 109038 - Search reference for Reports -->
 +
 +
[[File:2023-03-ticket-109038-1.png|thumb|none|800px|Easily identify some areas where a report is in use.]]
  
 
====Added Primary Contact to Group Emails====
 
====Added Primary Contact to Group Emails====
 
Added the ability to easily send a group email to the primary contact from a Level 1, 2, or 3 list view. The primary contact when selected from Level 2 or Level 3, refers to the primary contact associated with the L2 or L3's root L1 record Branch standard field.
 
Added the ability to easily send a group email to the primary contact from a Level 1, 2, or 3 list view. The primary contact when selected from Level 2 or Level 3, refers to the primary contact associated with the L2 or L3's root L1 record Branch standard field.
 
<!-- 127215 - Group Email Recipients -->
 
<!-- 127215 - Group Email Recipients -->
 +
[[File:2023-03-ticket-127215-1.png|thumb|none|800px|Easily send a group email to the primary contact from a Level 1, 2, or 3 list view.]]
  
 
====Added New Address Type Standard Field====
 
====Added New Address Type Standard Field====
Line 43: Line 58:
 
====Updated Autoloader Send Email Notification Options====
 
====Updated Autoloader Send Email Notification Options====
 
The email notification options within the Autoloader process have been updated. We also added the ability to send a notification email to the user who initiated the autoloader once the process is complete, regardless of success or failure. To see these revised settings, go to''' Menu Icon''' > '''Autoloaders''' > Edit an autoloader > '''Process''' tab > New settings are under the '''Send Email Notification '''section.
 
The email notification options within the Autoloader process have been updated. We also added the ability to send a notification email to the user who initiated the autoloader once the process is complete, regardless of success or failure. To see these revised settings, go to''' Menu Icon''' > '''Autoloaders''' > Edit an autoloader > '''Process''' tab > New settings are under the '''Send Email Notification '''section.
 +
 +
<u>'''Note:'''</u> The '''Email To''' field accepts a comma separated list of email addresses.
  
 
[[File:137877 - Autoloader Email Options.png|thumb|none|800px|Updated email notification settings for the Autoloader.]]
 
[[File:137877 - Autoloader Email Options.png|thumb|none|800px|Updated email notification settings for the Autoloader.]]
Line 55: Line 72:
 
Added additional check for invitations to warn users if they attempt to send out a duplicate invitation.
 
Added additional check for invitations to warn users if they attempt to send out a duplicate invitation.
 
<!-- 143738 - No duplication check on Invitations -->
 
<!-- 143738 - No duplication check on Invitations -->
 +
 +
====Added Notification for Account Email Address Changes====
 +
Added a new notification sent to users when they change their email in the system for security purposes.
 +
<!-- 146068 - Notify users when their email is changed in the system -->
  
 
==On-Demand System Upgrades==
 
==On-Demand System Upgrades==
Line 67: Line 88:
  
 
===Minor Updates===
 
===Minor Updates===
====Updated Menu Access for Hashtag Library====
+
====Added Ability to Batch Update User Roles and Organization Categories====
Updated the hashtag library so that role-based permissions may be set so that users can access the library directly from the main menu. To set this up, go to '''Menu Icon''' > '''Global Settings''' > '''Security''' tab > '''System Feature Summary''' > '''Menu''' tab > Add desired roles to '''Hashtag Library – Menu Access'''. Roles added to this setting will see a link to the hashtag library under the '''Tools''' section of the main menu.
+
Added ability to batch add roles to multiple users and add categories to multiple organizations. To see this feature, go to '''Menu Icon''' > '''People''' or '''Organizations''' > Select the desired users/organizations > Click the Batch Update button > Select the Roles or Categories option from the left-hand menu > Select the desired roles/categories you want to add.
 +
 
 +
[[File:2023-03-ticket-142287-1.png|thumb|none|800px|Easily add a Role/Category to multiple users/organizations using batch update.]]
 +
 
 +
<u>'''Note:'''</u> You can only add roles and categories and not remove roles and categories. You will also not be able to add roles flagged as internal to external users and vice versa.
 +
<!-- 142287 - Add ability to batch update organization categories and user roles -->
 +
 
 +
====Updated Hashtag Library Availability====
 +
Added role-based permission to allow users to access the hashtag library from the menu. To give role access to the hashtag library, go to '''Menu Icon''' > '''Global Settings''' > '''Security''' tab > '''System Feature Summary''' > '''Menu''' tab > Add desired roles to '''Hashtag Library – Menu Access'''. Roles added to this setting will see a link to the hashtag library under the '''Tools''' section of the main menu and have access to the library.
 
<!-- 137932 - Move the Hashtag Library -->
 
<!-- 137932 - Move the Hashtag Library -->
  
==Beta Previews==
+
[[File:2023-03-ticket-137932-1.png|thumb|none|800px|New role-based access to the Hashtag Library. Users with permission may access the Hashtag Library using a link under the menu icon.]]
No features are available for beta preview this upgrade.
 
  
 
==Notes for Admins==
 
==Notes for Admins==
====Added Ability to Batch Update User Roles and Organization Categories====
+
====Added Support for AI Integration====
Added ability to batch assign roles to multiple users and assign categories to multiple organizations. To see this feature, go to '''Menu Icon''' > '''People''' or '''Organizations''' > Select the desired users/organizations > Click the '''Batch Update''' button > Select the '''Roles''' or '''Categories''' option from the left-hand menu > Select the desired roles/categories to assign.
+
Added ability for users to add their own API Integration key for a third-party AI integration. There is a cost associated with this feature and we will be sharing more information in the near future. To prepare for future enhancements regarding this feature, a Help section has been added to the '''Variable Syntax Checker''' found under '''Tools''' > '''Configuration Mode'''.
<!-- 142287 - Add ability to batch update organization categories and user roles -->
+
<!-- 145641 - OpenAI (ChatGPT) integration Key -->
  
 
====Added SmartField Configurations to System Performance Summary====
 
====Added SmartField Configurations to System Performance Summary====
Added additional checks to the '''System Performance Summary''' to flag SmartFields that have been configured to reference fields that have SmartFields syntax within a list syntax.  
+
Added additional checks to the '''System Performance Summary''' to flag SmartFields that have been configured to reference fields that have SmartFields syntax within a list syntax.
 
<!-- 132760 - Flag SmartFields configuration in the performance audit -->
 
<!-- 132760 - Flag SmartFields configuration in the performance audit -->
 
====Enhancements to System Security Summary====
 
Added the ability to create notes on items in the '''System Security Summary'''. To see this feature, go to '''Menu Icon''' > '''Global Settings''' > '''System''' tab > '''System Security Summary''' > Click the '''Add Notes''' icon button located to the right of each line item. In addition, another tab was added to the '''System Security Summary''' called '''Global Administrators''' which lists all the Global Administrators in the system.
 
<!-- 138108 - Notes in System Summary -->
 
<!-- 139980 - Easily see all users flagged as global admins -->
 
  
 
====Updated Logos on External Pages====
 
====Updated Logos on External Pages====
Updated the size of logos in the headers of external pages to have a maximum height of 56px with no extra left-hand side padding.
+
Updated the size of logos in the headers of external pages to have a maximum height of 56px.
Fixed the logo images on external pages to get a maximum height of 56px, and removed the left-hand side spacing on them.
+
<!-- 135957 - Make logos in the header clear and aligned -->
  
====Updated UI for API Page and Response Codes====
+
====Updated API Page Response Codes====
Updated the look of the API page for better visual contrast. Additionally, API response codes were changed to reflect industry standards. An HTTP 429 response code will be shown when the API call limit is reached.
+
An HTTP 429 response code will be shown when the API call limit is reached.
<!-- 137469 - update look of API Page -->
 
 
<!-- 145883 - York API - 429 response code not received after 1000/hour limit -->
 
<!-- 145883 - York API - 429 response code not received after 1000/hour limit -->
  
====Added Additional Checks from Security Reports====
+
====Updated SmartCheck Validation====
Added additional checks to mitigate security risks from recent pentests.
+
Updated the error dialog in Smartcheck Validation under the source tab to improve error messaging. Read our [https://wiki.smartsimple.com/wiki/SmartCheck_Validation#Examples SmartCheck Validation examples section] for some sample validation statements.
<!-- 145648 - Pen Test findings & Mitigation Assistance Request -->
+
<!-- 140930 - SmartCheck Errors are not very helpful and always present. -->
<!-- 145662 - Netcraft pentest vulnerabilities 2023-02-03 -->
 
<!-- 145030 - Global Settings - Import & Export Wizard - Security and general issues -->
 
  
 
====Deprecated Setting for Menu Icon Header Font====
 
====Deprecated Setting for Menu Icon Header Font====
 
Deprecated the '''Menu Icon Header Font''' setting which was never supported in the current header.
 
Deprecated the '''Menu Icon Header Font''' setting which was never supported in the current header.
 
<!-- 139780 - Deprecate the Menu icon Header font setting -->
 
<!-- 139780 - Deprecate the Menu icon Header font setting -->
 +
 +
====Password Reset Emails on Non-Production Environments====
 +
In addition to MFA emails being sent from non-production environments, password reset emails will also be sent from non-production environments. If you wish to add role restrictions for access to your backup environment, the setting is located at '''Menu''' icon > '''Global Settings''' > '''Security '''tab > '''System Feature Permissions''' > '''Feature''' tab > '''Restrict Login to Backup Environment to these Roles'''. When testing MFA and password reset emails on non-production environments, always use a test user and test email.
 +
 +
==Service Packs==
 +
===June 8th 2023 (202306.01)===
 +
====Fixes====
 +
* Fixed an issue with the '''Special - MSWord Merge''' custom field where some data was not displaying properly if exported from a list view.
 +
 +
<!-- 147020 - Exporting word merge field through list view doesn't resolve variable within merge field -->
 +
* Fixed an issue with the '''List View – Mixed Record Type''' portal section where sorting by the '''Type''' column was ordering the rows by the type name rather than the caption.
 +
 +
<!-- 148359 - Mixed List View sorting by type name instead of caption-->
 +
* Fixed an issue with the list view search where the results were not returning exact matches if predefined options were used.
 +
 +
<!-- 148636 - searching for country -->
 +
* Fixed an issue where new workflow tasks could not be added if the '''From Address''' contained many SSlogic conditions.
 +
 +
<!-- 149006 - Can't Add a new Workflow Task -->
 +
* Fixed an issue where the language switcher did not appear on the upper right-hand corner for signup pages using a verification service.
 +
 +
<!-- 149080 - language switcher missing on signup page -->
 +
 +
 +
====Other Changes====
 +
* Updated the Gort Automation process. In the case of a process error, the process lock will be automatically removed to allow the process to run again without the need for manual intervention. Also, a new maximum limit of 2 hours has been set for the runtime length of any single Gort process to improve the recovery time from processes that did not terminate correctly. This limit does not apply to the autoloader.<br /><u>'''Note:'''</u> The maximum limit can be adjusted for clients subscribed to the Private Cloud offering by submitting a request to our Support team.
 +
<!-- 146876 - create automated recovery for Gort-->
 +
 +
* Updated the rich text editor.
 +
 +
<!-- 149329 - Vulnerable Javascript Dependency - CKEditor -->
 +
* Updated various areas of the system for improved security.
 +
 +
<!-- 148909 - Security Vulnerabilities -->
 +
<!-- 148837 - Security Vulnerability - Cross-site scripting (DOM-based) - s_viewxmlpage.jsp -->
 +
<!-- 145460 - Fortify Scan Issues 2022-11 -->
 +
 +
===May 18th 2023 (202305.02)===
 +
====Fixes====
 +
* Fixed an issue with the copy feature not working correctly after T2P under specific conditions.
 +
 +
<!-- 149108 - Copy Options not working on prod/backup after T2P -->
 +
* Fixed an issue with list view export where negative numbers were being converted to text fields rather than number fields in Excel.
 +
 +
<!-- 148199 - Excel Download of Payments: Negative #s Shown as text -->
 +
====Other Changes====
 +
* Updated the request timeout limit from 30 seconds to 90 seconds for sending SOAP request to external APIs.
 +
<!-- 147263 - field not getting updated with SOAP response (Field ID:1331755) -->
 +
 +
* Updated translations for English (UK) and Spanish.
 +
 +
<!-- 148928 - In UK English, translation file (Colour is missing the U) -->
 +
<!-- 148314 - Instant Message header not translated to Spanish -->
 +
===May 11th 2023 (202305.01)===
 +
====Fixes====
 +
* Fixed an issue affecting clients using T2P that caused scheduled reports to run outside of schedule.
 +
 +
<!-- 147847 - Scheduled Reports Running Daily instead of Weekly -->
 +
* Fixed an issue where scheduled reports were not being displayed under the '''Scheduled Exports''' tab if the report was using the classic scheduler.
 +
 +
<!-- 147525 - Schedule reports not listed as Activated when using old scheduler -->
 +
* Fixed an issue where the '''Global Administrators''' tab was not displaying on the '''System Security Summary''' page under certain conditions.
 +
 +
<!-- 147583 - Sys Admin tab missing from security summary -->
 +
====Other Changes====
 +
* Added the ability to generate user tokens to be used for bearer authentication in SmartConnect API authorization. To view this feature, go to '''Global Settings''' > '''Integrations''' tab > '''SmartConnect API''' > '''API Users''' tab > Edit a user account.
 +
 +
* Added a limit to the image dimensions when rendering PDFs. If an image in a PDF exceeds approximately 50 megapixels (which is over twice the resolution of 4K Ultra HD), it will not be rendered and a message will be displayed in the PDF. Uploading images scanned at 150 or 300 DPI is recommended.
 +
 +
<!-- 148882 - Limit the size of images when rendering PDF-->
 +
<!-- 143075 - Basic Authentication for API -->
 +
* Added the ability to instantly push and unpack records using the new '''Data Exchange (DEX3)'''.
 +
 +
<!-- 145426 - Dex3 - Tweaks from December 2022 Discussion -->
 +
* Updated the cookies policy translations for Spanish, Portuguese, French (Canada), Danish, Gaelic, Catalan, and Japanese.
 +
 +
<!-- 148094 - Cookie Policy Translation (Spanish) -->
 +
* Deprecated the Janus Machine Learning feature.
 +
 +
<!-- 148005 - Janus machine learning deprecation -->
 +
===April 20th 2023 (202304.02)===
 +
====Fixes====
 +
* Fixed an issue with HTML tags displaying in custom field captions.
 +
 +
<!-- 148131 - HTML Tags are Displaying in Application and Grant Report Forms -->
 +
* Fixed an issue with email broadcast previews not rendering as expected. For security reasons, the email broadcast preview screen will now contain a link to open emails containing HTML in a new window.
 +
 +
<!-- 147578 - Email Broadcast Preview not displaying -->
 +
* Fixed an issue where the workflow initiator was receiving emails under specific conditions.
 +
 +
<!-- 147125 - L1 WF Emails with no Level 1 owner going to wrong person. -->
 +
* Fixed an issue with user accounts not having access to the '''Organization Hierarchy''' page. This issue occurred when the user’s organization was flagged as container.
 +
 +
<!-- 147657 - European Climate Foundation: Organization Hierarchy not showing -->
 +
====Other Changes====
 +
* Updated the default '''From Address''' behavior. If the default '''From Address''' is empty or cleared, the system will compile the '''From Address''' from the instance email domain settings if SMTP relay is configured. Otherwise, the system will set the default from address to ''donotreply@smartsimplemailer.com''. The default from address can be found by going to '''Menu Icon''' > '''Global Settings''' > '''Communications''' > '''Email Options and Security''' > Toggle on '''Enable Default From Address'''.
 +
 +
<!-- 146932 - MFA verification code email not being received -->
 +
 +
 +
===April 13th 2023 (202304.01)===
 +
====Fixes====
 +
* Fixed an issue where opening an Level 2 event on a calendar would return a permission error under specific conditions.
 +
 +
<!-- 132878 - Internal Staff: My Calendar access -->
 +
* Fixed an issue where annotations were locked if a status had a status trigger attached to it.
 +
 +
<!-- 146996 - Annotation Mode issue -->
 +
* Fixed an issue with the autoloader throwing a file extension error for decrypted files.
 +
 +
<!-- 145693 - Encrypted file extension error -->
 +
* Fixed an issue where users were temporarily unable to download files from SmartFolders or access email broadcasts after a password reset.
 +
 +
<!-- 145933 - user session different behaviour after password reset -->
 +
====Other====
 +
* Added variable syntax support for <code>@state.name@</code> and <code>@province.name@</code> which will return the full name of the state/province instead of the abbreviation. Also added support for the <code>@rolecaption@</code> variable within invitation templates which will return the role caption instead of the role name.
 +
 +
<!-- 146952 - Be able to display the state/province full name via a variable. -->
 +
<!-- 146290 - Telethon - Invitation Templates Role caption -->
 +
* Added ability to edit the sender email address used to send mail on behalf of the default '''From Address'''. To see this feature, go to '''Global Settings''' > '''Communications''' tab > '''Email Options and Security''' > Toggle on '''Enable Send Email On Behalf Of''' > Edit the address in the '''On Behalf Of Email''' field.
 +
 +
<!-- 147121 - Users receiving system emails with mismatch between URL and on behalf of -->
 +
* Updated '''Message Queue''' to include emails sent containing autoloader logs.
 +
 +
<!-- 146374 - Deloitte Product - Autoloader Emails not routing through the Message Queue -->
 +
* Updated charts so that the average value displayed is rounded to two decimal places for improved readability.
 +
 +
<!-- 139907 - QA Issue: Charts which compare against other records are generally unreadable -->
 +
* Updated the word counts on text fields to exclude guillemets ( « » ). These double chevrons are used as quotation marks in a number of languages and are therefore no longer counted as words.
 +
 +
<!-- 146037 - Word Count Issue -->
 +
* Updated Spanish translations.
 +
 +
<!-- 136206 - Translation Problems -->
 +
* Updated various system areas for improved security.
 +
 +
<!-- 147433 - APR2023- Burpsuite Security Scan results -->
 +
<!-- 145551 - Randomness or entropy analysis of 2 Factor Authentication secret key and other security issues -->
 +
===March 30th 2023 (202303.05)===
 +
====Fixes====
 +
* Fixed an issue with the open button on Level 2 contact association list views.
 +
 +
<!-- 147004 - Permission issues with Service area contact list users -->
 +
* Fixed an issue with API queries for validation on a set criteria.
 +
<!-- 147308 - SmartConnect API query ignores the 'providerid' criteria -->
 +
 +
 +
 +
===March 23rd 2023 (202303.04)===
 +
====Fixes====
 +
* Fixed an issue with portal report charts not displaying if they had a negative value.
 +
 +
<!-- 146975 - Portal charts not displaying -->
 +
* Fixed an issue with invitations to improve performance when there are many invitation records.
 +
 +
<!-- 147080 - Invitations don't load when there are many records -->
 +
====Other====
 +
* Updated the word parsing feature found on the '''Upload - Single File Storage''' and '''Upload – Multiple File Storage''' fields to be able to parse an entire text document and store it in a single field. To use this feature, go to the configuration settings for the desired field and toggle on '''Enable Word Parsing'''. Inside the '''Field Mappings''' input, enter <code>[fieldname]=documnettext;</code> where fieldname is the name of the field where you want to store the text to. Additionally, if you only wish to parse the document body text without any header or footer information, enter <code>[fieldname]=documentbody;</code> instead.
 +
 +
<!-- 147088 - Word Parser - Read entire document into text field -->
 +
* Updated the permissions for the sub-company tab in the left navigation of the organization record so that the tab will only appear to users if the company contains sub-companies and if the user has at least a view permission for the sub-companies.
 +
 +
<!-- 145707 - External user was able to edit the 'Individuals' container org -->
 +
 +
 +
===March 16th 2023 (202303.03)===
 +
====Fixes====
 +
* Fixed an issue where the '''Pronouns''' standard field was not displaying on user signup pages.
 +
 +
<!-- 146843 - Standard field not displaying on sign-up page-->
 +
* Fixed an issue with the button that opens the record in a modal window on Level 2 Provider list view on the Level 1 record.
 +
 +
<!-- 145668 - UTA L2 Provider List Views: Modular/New Window is opening the L1 instead of L2 -->
 +
====Other====
 +
* Updated behavior of the variable processor when processing custom fields to optimize efficiency.
 +
 +
<!-- 146994 - Variable Processor performance issues -->
 +
* Updated workflow emails to allow support for activation link syntax.
 +
 +
<!-- 147069 - Activationlink variable not resolving -->
 +
* Updated API for conditional versioning support on '''Universal Tracking Applications'''.
 +
 +
<!-- 144997 - Question about versioning in smartsimple -->
 +
* Updated translations for French (Canada), Spanish, and Catalan.
 +
 +
<!-- 147013 - March translations for French, Spanish, Catalan
 +
146657 - Confirmation message after adding meeting members not fully translated
 +
146658 - Translation and visibility issues on Download Files feature -->
 +
 +
 +
===March 10th 2023 (202303.02)===
 +
====Fixes====
 +
* Fixed an issue with emails not being sent from the record.
 +
 +
<!-- 146834 - Unable to send decline letter emails to applicants -->

Latest revision as of 10:00, 1 June 2023

General Details

Upgrade Dates

Public Cloud Production release date: March 9 2023
Public Cloud Backup release date: February 23 2023

Private Cloud Production (Managed Upgrades) release date: March 23 2023
Private Cloud Backup (Managed Upgrades) release date: March 9 2023

Overview

Watch this video to get a general overview of the new features in this release.


To watch this video in full screen, please click on the full screen button on the bottom right.

Global System Upgrades

The new features listed below are enhancements to the SmartSimple system and will be immediately available to SmartSimple users upon the application of the upgrade to their server:

Major Updates

Multi-Factor Authentication Enabled by Default

Main Article: Multi-Factor Authentication

Multi-Factor Authentication (MFA) using verification codes sent by email will be enabled for all systems to improve security. If you have already enabled MFA in your SmartSimple Cloud system and have assigned roles to a single-use verification code sent by email, this enhancement will NOT change your existing settings. You may change your MFA preferences after the upgrade but we recommend you adjust your settings prior to the upgrade. If you did not set up MFA prior to the upgrade, the 'Everyone' role will be added to the setting called Roles with Verification Code via SMS and Email.

The MFA setting above will be updated to "Everyone" if this Role setting is empty.

Time-based One-Time Password (TOTP) settings will NOT be affected. In addition, the setting Enable Trusted Device will also be toggled on by default. This allows users to choose whether they want the system to remember their device the next time they log in. Remembered devices can also be set to expire after a specific number of days by using the Expire Devices After setting. Note: Backup environments will be allowed to send out MFA emails. If your backup environment is not sending out emails, check to see if you have set up a default email address. To do this, go to Menu Icon > Global Settings > Communications tab > Email Options and Security > Toggle on Enable Default From Address. In the From Address field, you would typically enter something like donotreply@smartsimplemailer.com. If this field is empty, as part of this upgrade, we will be populating it with the email address used for new users (located at Menu Icon > Global Settings > Security tab > Password and Activation Policies > Activation Emails tab > From Address).

If you are using an SMTP relay and/or have a dedicated instance, make sure you have set up a default email address that matches your domain. Additionally, if you are using the SMTP relay with an IP restriction for sending emails, ensure the IP of your environments is in your IP list (backup, testing, production). If you need to help with identifying the IPs of your environments or have questions, reach out to our support team.

If you are using Single Sign-On (SSO), you may opt to bypass MFA by going to Global Settings > Integrations tab > Single Sign-On > Edit a configuration > Under the "Authentication" section, toggle on Bypass Multi-Factor Authentication (MFA) when logging in with Single Sign-On (SSO).

Minor Updates

Enhancements to System Security Summary

Added the ability to create notes on items flagged as potential problems in the System Security Summary. For example, a note can be added to explain why an item has been flagged and when or how it will be fixed in the future. Only the last note is displayed in the list, but you can see the full note history inside the notes modal window when you add a note. To see this feature, go to Menu Icon > Global Settings > System tab > System Security Summary > Click the Add Notes icon button located to the right of each flagged item. In addition, another tab was added to the System Security Summary and the System Summary called Global Administrators which lists all the Global Administrators in the system. We highly recommend you review the list of Global Administrators that have user access in your system regularly and remove access as needed.

Add an explanatory note to items flagged in the System Summary.
Easily see who has Global Administrator access and regularly review this list to remove access as needed.

Added Reference Search to Reports

Added the ability to check to see if a report has been referenced via a URL or used in ReportProperty syntax. Specifically the following is checked: Custom Fields, Template/Role Formulas, Submit Buttons, SmartCheck validations, Workflows, Shortcuts, Portals. To see this feature, go to Menu Icon > Reports > Edit a report > Click the Search Reference icon button in the action bar.

Easily identify some areas where a report is in use.

Added Primary Contact to Group Emails

Added the ability to easily send a group email to the primary contact from a Level 1, 2, or 3 list view. The primary contact when selected from Level 2 or Level 3, refers to the primary contact associated with the L2 or L3's root L1 record Branch standard field.

Easily send a group email to the primary contact from a Level 1, 2, or 3 list view.

Added New Address Type Standard Field

Added ability to control the edit permission of the address type dropdown when using the multiple address feature through a new standard field. To use this feature, go to Global Settings > Users or Organizations tab > Address Types > Edit an address type > Click the Standard Field tab in the left navigation > Edit the Address Type standard field > Permissions & Availability tab. This controls which users or organizations can change the Address Type dropdown in the address book.

Updated Autoloader Send Email Notification Options

The email notification options within the Autoloader process have been updated. We also added the ability to send a notification email to the user who initiated the autoloader once the process is complete, regardless of success or failure. To see these revised settings, go to Menu Icon > Autoloaders > Edit an autoloader > Process tab > New settings are under the Send Email Notification section.

Note: The Email To field accepts a comma separated list of email addresses.

Updated email notification settings for the Autoloader.

Updated Inputs to be Search and Select

Converted several dropdowns within the autoloader and report configuration pages to be search and select type inputs. The search and select type inputs make it easier to find and select desired values. To see this feature, go to Menu Icon > Autoloaders > Edit an autoloader > File Layout tab. When a field dropdown is selected, there is now a search box to find the field you are looking for.

A search and select has been added to the dropdown within the autoloader and report configuration pages.

Added Check for Duplicate Invitations

Added additional check for invitations to warn users if they attempt to send out a duplicate invitation.

Added Notification for Account Email Address Changes

Added a new notification sent to users when they change their email in the system for security purposes.

On-Demand System Upgrades

The following features are available immediately with the application of the upgrade, but must first be enabled or configured by a Global Administrator:

Major Updates

Updated File Uploader Interface

Introducing a new file uploader (Beta). Enable the new file uploader and let us know your thoughts. To enable this setting, go to Menu Icon > Global Settings > Branding tab > Toggle on Enable New File Uploader (Beta).

The new interface of the file uploader will show the upload progress of selected files.

Minor Updates

Added Ability to Batch Update User Roles and Organization Categories

Added ability to batch add roles to multiple users and add categories to multiple organizations. To see this feature, go to Menu Icon > People or Organizations > Select the desired users/organizations > Click the Batch Update button > Select the Roles or Categories option from the left-hand menu > Select the desired roles/categories you want to add.

Easily add a Role/Category to multiple users/organizations using batch update.

Note: You can only add roles and categories and not remove roles and categories. You will also not be able to add roles flagged as internal to external users and vice versa.

Updated Hashtag Library Availability

Added role-based permission to allow users to access the hashtag library from the menu. To give role access to the hashtag library, go to Menu Icon > Global Settings > Security tab > System Feature Summary > Menu tab > Add desired roles to Hashtag Library – Menu Access. Roles added to this setting will see a link to the hashtag library under the Tools section of the main menu and have access to the library.

New role-based access to the Hashtag Library. Users with permission may access the Hashtag Library using a link under the menu icon.

Notes for Admins

Added Support for AI Integration

Added ability for users to add their own API Integration key for a third-party AI integration. There is a cost associated with this feature and we will be sharing more information in the near future. To prepare for future enhancements regarding this feature, a Help section has been added to the Variable Syntax Checker found under Tools > Configuration Mode.

Added SmartField Configurations to System Performance Summary

Added additional checks to the System Performance Summary to flag SmartFields that have been configured to reference fields that have SmartFields syntax within a list syntax.

Updated Logos on External Pages

Updated the size of logos in the headers of external pages to have a maximum height of 56px.

Updated API Page Response Codes

An HTTP 429 response code will be shown when the API call limit is reached.

Updated SmartCheck Validation

Updated the error dialog in Smartcheck Validation under the source tab to improve error messaging. Read our SmartCheck Validation examples section for some sample validation statements.

Deprecated Setting for Menu Icon Header Font

Deprecated the Menu Icon Header Font setting which was never supported in the current header.

Password Reset Emails on Non-Production Environments

In addition to MFA emails being sent from non-production environments, password reset emails will also be sent from non-production environments. If you wish to add role restrictions for access to your backup environment, the setting is located at Menu icon > Global Settings > Security tab > System Feature Permissions > Feature tab > Restrict Login to Backup Environment to these Roles. When testing MFA and password reset emails on non-production environments, always use a test user and test email.

Service Packs

June 8th 2023 (202306.01)

Fixes

  • Fixed an issue with the Special - MSWord Merge custom field where some data was not displaying properly if exported from a list view.
  • Fixed an issue with the List View – Mixed Record Type portal section where sorting by the Type column was ordering the rows by the type name rather than the caption.
  • Fixed an issue with the list view search where the results were not returning exact matches if predefined options were used.
  • Fixed an issue where new workflow tasks could not be added if the From Address contained many SSlogic conditions.
  • Fixed an issue where the language switcher did not appear on the upper right-hand corner for signup pages using a verification service.


Other Changes

  • Updated the Gort Automation process. In the case of a process error, the process lock will be automatically removed to allow the process to run again without the need for manual intervention. Also, a new maximum limit of 2 hours has been set for the runtime length of any single Gort process to improve the recovery time from processes that did not terminate correctly. This limit does not apply to the autoloader.
    Note: The maximum limit can be adjusted for clients subscribed to the Private Cloud offering by submitting a request to our Support team.
  • Updated the rich text editor.
  • Updated various areas of the system for improved security.


May 18th 2023 (202305.02)

Fixes

  • Fixed an issue with the copy feature not working correctly after T2P under specific conditions.
  • Fixed an issue with list view export where negative numbers were being converted to text fields rather than number fields in Excel.

Other Changes

  • Updated the request timeout limit from 30 seconds to 90 seconds for sending SOAP request to external APIs.
  • Updated translations for English (UK) and Spanish.

May 11th 2023 (202305.01)

Fixes

  • Fixed an issue affecting clients using T2P that caused scheduled reports to run outside of schedule.
  • Fixed an issue where scheduled reports were not being displayed under the Scheduled Exports tab if the report was using the classic scheduler.
  • Fixed an issue where the Global Administrators tab was not displaying on the System Security Summary page under certain conditions.

Other Changes

  • Added the ability to generate user tokens to be used for bearer authentication in SmartConnect API authorization. To view this feature, go to Global Settings > Integrations tab > SmartConnect API > API Users tab > Edit a user account.
  • Added a limit to the image dimensions when rendering PDFs. If an image in a PDF exceeds approximately 50 megapixels (which is over twice the resolution of 4K Ultra HD), it will not be rendered and a message will be displayed in the PDF. Uploading images scanned at 150 or 300 DPI is recommended.
  • Added the ability to instantly push and unpack records using the new Data Exchange (DEX3).
  • Updated the cookies policy translations for Spanish, Portuguese, French (Canada), Danish, Gaelic, Catalan, and Japanese.
  • Deprecated the Janus Machine Learning feature.

April 20th 2023 (202304.02)

Fixes

  • Fixed an issue with HTML tags displaying in custom field captions.
  • Fixed an issue with email broadcast previews not rendering as expected. For security reasons, the email broadcast preview screen will now contain a link to open emails containing HTML in a new window.
  • Fixed an issue where the workflow initiator was receiving emails under specific conditions.
  • Fixed an issue with user accounts not having access to the Organization Hierarchy page. This issue occurred when the user’s organization was flagged as container.

Other Changes

  • Updated the default From Address behavior. If the default From Address is empty or cleared, the system will compile the From Address from the instance email domain settings if SMTP relay is configured. Otherwise, the system will set the default from address to donotreply@smartsimplemailer.com. The default from address can be found by going to Menu Icon > Global Settings > Communications > Email Options and Security > Toggle on Enable Default From Address.


April 13th 2023 (202304.01)

Fixes

  • Fixed an issue where opening an Level 2 event on a calendar would return a permission error under specific conditions.
  • Fixed an issue where annotations were locked if a status had a status trigger attached to it.
  • Fixed an issue with the autoloader throwing a file extension error for decrypted files.
  • Fixed an issue where users were temporarily unable to download files from SmartFolders or access email broadcasts after a password reset.

Other

  • Added variable syntax support for @state.name@ and @province.name@ which will return the full name of the state/province instead of the abbreviation. Also added support for the @rolecaption@ variable within invitation templates which will return the role caption instead of the role name.
  • Added ability to edit the sender email address used to send mail on behalf of the default From Address. To see this feature, go to Global Settings > Communications tab > Email Options and Security > Toggle on Enable Send Email On Behalf Of > Edit the address in the On Behalf Of Email field.
  • Updated Message Queue to include emails sent containing autoloader logs.
  • Updated charts so that the average value displayed is rounded to two decimal places for improved readability.
  • Updated the word counts on text fields to exclude guillemets ( « » ). These double chevrons are used as quotation marks in a number of languages and are therefore no longer counted as words.
  • Updated Spanish translations.
  • Updated various system areas for improved security.

March 30th 2023 (202303.05)

Fixes

  • Fixed an issue with the open button on Level 2 contact association list views.
  • Fixed an issue with API queries for validation on a set criteria.


March 23rd 2023 (202303.04)

Fixes

  • Fixed an issue with portal report charts not displaying if they had a negative value.
  • Fixed an issue with invitations to improve performance when there are many invitation records.

Other

  • Updated the word parsing feature found on the Upload - Single File Storage and Upload – Multiple File Storage fields to be able to parse an entire text document and store it in a single field. To use this feature, go to the configuration settings for the desired field and toggle on Enable Word Parsing. Inside the Field Mappings input, enter [fieldname]=documnettext; where fieldname is the name of the field where you want to store the text to. Additionally, if you only wish to parse the document body text without any header or footer information, enter [fieldname]=documentbody; instead.
  • Updated the permissions for the sub-company tab in the left navigation of the organization record so that the tab will only appear to users if the company contains sub-companies and if the user has at least a view permission for the sub-companies.


March 16th 2023 (202303.03)

Fixes

  • Fixed an issue where the Pronouns standard field was not displaying on user signup pages.
  • Fixed an issue with the button that opens the record in a modal window on Level 2 Provider list view on the Level 1 record.

Other

  • Updated behavior of the variable processor when processing custom fields to optimize efficiency.
  • Updated workflow emails to allow support for activation link syntax.
  • Updated API for conditional versioning support on Universal Tracking Applications.
  • Updated translations for French (Canada), Spanish, and Catalan.


March 10th 2023 (202303.02)

Fixes

  • Fixed an issue with emails not being sent from the record.