/
Changelog 10.0

Changelog 10.0

Key

Subject

Description

Key

Subject

Description

ERA-9009

Users can be excluded from participating in a process activity

As a modeler of a workflow model, I would like to be able to configure which users, groups and roles are excluded from participation in an activity, in order to implement business processes that have such requirements (for instance, processes where it has to be ensured that two different persons have to perform a certain action).

Acceptance criteria:

  • BPM-Scripting allows management (creating, changing) of a list of users that are excluded from participating in an activity

  • The exclude list may contain users, groups and roles

  • The exclude list applies only to the activity for which it was defined

  • Users, groups and roles that are in exclude-list cannot participate in the activity, even if

    • they are in the list of performers of the activity

    • they are substitutes of performers

ERA-9010

Exclusions-configuration of a process activity is visible in REST-API

As an API user, I would like to know who was excluded from participation in an activity, in order to know why they did not receive a task resulting from that activity.

Acceptance criteria:

  • The existing endpoint /bpm/process/{processId}/activity/{activityId}/inboxitem is extended to also contain the users, groups and roles that were excluded from participation in a workitem

    • The endpoint already contains "perfomer"

    • This part of the response is extended to "exclusions" (resulting in performer.exclusions, same structure as in the scripting API)

    • performer and performer.exclusions contain the organisation members as configured (i.e., the groups and roles are not expanded)

ERA-9227

Remove deprecated script API method "createEntry" in "History" class

BPM-Scripting API call "$.history.createEntry" was deprecated by a new method "$.history.addEntry".
The new method is available since version 8 LTS. Thus, the deprecated method may be removed with version 10.0.

ERA-9301

Read-only fields in scripting-API behave as such

As a modeler that writes scripts for process models, I would like to get clearer feedback from scripting-API which properties can be changed, and which are read-only, without having to check documentation for each field. Currently, the changes of all properties are possible in script, but the changes of the read-only properties are not persisted.

Acceptance criteria:

  • All read-only properties in BPM Scripting-API are covered with the change

  • If script attempts to write data in a read-only field, an exception is thrown

ERA-9503

HttpRequest object has a timeout property

As a model developer, I would like to set the timeout for an HTTP call by setting the timeout property of the HttpRequest object to the appropriate value.

Acceptance criteria:

  • Timeout (in miliseconds) can be set on a HttpRequest 

  • If timeout is not set, the default value from server settings is used (com.os.ecm.messaging.LocalSidecarPreferences.SocketTimeout)

  • The timeout of a HttpRequest can be set to larger value than the timeout of the server, but then the timeout of the server will be trigger first

ERA-9530

New objecttype right 'Share' provides control over who can share documents in a system

As a project modeler, I would like to control who can share an object type, in order to have better control over document access in a system. Currently, sharing right is bound to edit-right, thus everyone who can edit a document can also share it with other users.

Acceptance criteria:

  • A new object type right "share" is provided in role management

  • It is possible to set clauses on the right 

  • The existing setting on object type "sharing allowed" remains (this decides if sharing of type is allowed at all - if sharing of objecttype is not allowed, it does not matter what rights/roles define)

  • Core service allows/forbids document sharing based on the object type and rights settings

ERA-9576

Additional icons are available for document and folder types

As a modeler, I would like to have more icons available for object types in a yuuvis RAD system, in order that users can better distinguish between them and associate them more easily with the designed purpose of an object type.

Acceptance criteria:

  • Documents and folder get icons that depicts general purpose document/folder, but so that the whole english alphabet is covered (currently, only P, W, X are available for documents / C, M, P, V for folders)

  • Two types of icons from https://pictogrammers.com/library/mdi/category/alpha-numeric/   are added so that modeler has more visual options (for instance one type for folders and other for documents)

    • Circle (filled circle version)

    • Box-outline (box around a letter)

  • The icons are added to a separate group in the dialog that provides icon configuration in the designer

ERA-9583

It can be seen in which processes an object is being used

As a user, I want to see whether an object is used in an active process, in order to understand better the state of the object and processes relevant for it. 

Acceptance criteria:

  • The existing endpoint in bpm-service for querying of processes is extended to accept objectId as an optional query parameter 

    • The query can be combined with existing filtering options (such as running, finished, suspended, etc. )

    • A process administrator can query and filter all processes 

    • A user can query and filter only his/her processes

    • The endpoint returns the same process metadata as before

  • The query works as follows :

    • Only direct references are shown. For instance

      • if a folder F is referenced by a process P, and processes are queried whether F is used in a process, then the endpoint will return P.

      • but if a document D from a folder F is used in a process P, and processes are queried whether D is used in a process, then the endpoint will not return P.

ERA-9633

Names of deadlines and delays can be localized

As a workflow user, I would like to have better understanding of process history when the process contains deadlines and delays. Currently, the history entries are technical and not translated into my language.

Acceptance criteria:

  • Name of a delay/deadline can be localized in schema

ERA-9671

Localized names of deadlines and delays are provided in task history

As a workflow user, I would like to have better understanding of process history when the process contains deadlines and delays. Currently, the history entries are technical and not translated into my language.

Acceptance criteria:

  • Task-history endpoint is extended to provide localized values for deadlines and delays

ERA-9694

Username of users that cannot be deleted is changed to unique value

As a system administrator, I would like to be able to reuse usernames that are no longer in active use, in order to be able to synchronize system with external identity providers.

Currently, if a user has made changes on a document, it cannot be completely removed from a yuuvis RAD system (to preserve history of changes on objects). So, if a user X is active in system, leaves company and is deleted from company's identity provider, the username X becomes available in the identity provider system. Administrator can assign it to a new user, but then the synchronization with yuuvis RAD fails, since username is occupied and cannot be reused.

Acceptance criteria:

  • If a user cannot be deleted from a yuuvis RAD system, its username is changed to a unique value: username_ID

  • This applies both to users deleted via LDAP-Sync operation and those deleted in management studio

ERA-9700

The form editor shows technical names of fields and datafields

As a system modeler, I would like to see technical names of fields in form editor instead of neutral names, in order to be able to track fields over multiple user interface views more easily. For instance, in object-field overview, the technical names are shown. 

Acceptance criteria:

  • Technical names are shown in form editor instead of neutral names, both for object- and process-forms

ERA-9742

Users that are excluded from participating in a process activity are listed in API

As an API user, I would like to know who was excluded from participation in an activity, in order to know why they did not receive a task resulting from that activity.

Acceptance criteria:

  • Endpoint /bpm/process/processId/activity/activityId/performer is adjusted so that response also contains

    • The configured includes and excludes

    • The current/last editor

    • The list of candidates (potential users that are seeing the activity in their inbox and are able to take over the item) with a visibility reason (such as "belongs to a role", or "substitute of")

ERA-9772

Users that are excluded from participating in a process activity are shown in management studio

As an administrator, I would like to know who was excluded from participation in an activity, in order to know why they did not receive a task resulting from that activity.

Acceptance criteria:

  • management studio shows the initial configuration of a workitem (list of configured participants and list of excluded participants)

  • management studio shows the effective configuration of a workitem, after excluded participants have been removed from participating in the workitem

ERA-9785

Organization-Objects can be searched by Object-ID

As a workflow developer, I would like to find an existing organization object by its ID, in order to use it in my scripts (for instance, to set it as a performer).

Acceptance criteria

  • The method $.org.getObjectById() allows search of organization structure

  • It accepts a (string) ID and returns an organization object with that ID

ERA-9796

Endpoint to set performers and exclusions

As an API user, I would like to have consistent use of HTTP methods, according to standards established by RESTful API, in order to build applications more easily. In particular, the existing endpoint to manipulate performers of a workitem uses PUT both to update an existing performer configuration (correct) and to replace the exisiting performer configuration (here, a POST would be better). Also, the PUT and POST methods should be extended to allow setting of all performer exclusion parameters that are available elsewhere in the API.

Acceptance criteria:

  • The use of HTTP methods on the endpoint is corrected

    • PUT adds organisation objects to performers and/or exclusions

    • POST replaces the existing performer and exclusions configuration with a new one

  • The endpoints allow changing both of performers and of exclusions

    • Change the request body from an array of performers, to a structure that contains both performers and exclusions

ERA-9800

Project definition with more object types than allowed cannot be deployed

As an administrator, I would like to be informed that I am attempting to deploy a project definition with more object types than allowed by licensing module, and that this is not allowed by the system.

Acceptance criteria:

  • An error is shown in validation if the number of object types exceeds the number allowed by the licensing module in core-service

 

ERA-9803

BPM scripting API has "Datafield" class

Acceptance criteria:

  • "Datafield" has the same semantics as "Variables" except for lists

    • It removes "value" semantics from lists

    • This is also in line with expected behavior in javascript 

  • One script can use either "Variable" or "Datafield" class but not both (other scripts in the same process model can use any of them)

  • "Datafield" class is documented in internal Scripting-API documentation

ERA-9822

Performance of displaying of an object-field-configuration is improved

As a modeler, I would like that the view that contains field properties is loaded fast, in order to be able to switch views faster and consequently work faster. Currently, if an object type contains lots of fields, it takes several seconds to load the view.

Acceptance criteria:

  • Performance of displaying of an object-field-configuration is improved

ERA-9927

Script engine runs in strict mode

As a script developer, I would like that script engine runs in the strict mode in order to eliminate silent errors in scripts.

Acceptance criteria:

  • JavaScript engine in core-service runs in strict mode

OKTO-5953

The setup of the rendition-plus is asking whether to activate the use of the OCR-Service for the text extraction

After the update of libraries to avoid security check issues:

As an administrator, I will be able to activate the use of the OCR-Service for text extraction during the setup so that I do not have to configure it afterward.

Acceptance criteria:

  • The setup is asking whether to activate the use of OCR-Service

  • If activated the parameter ocr-engine=finereader is set in the file config.properties in the folder <service-manager path?>\webapps\osrenditioncache\WEB-INF\classes\config\ 

    • better: ocr-engine=enabled

    • old setting 'finereader' is migrated to 'enabled'

    • removed are the out-commented lines with the unused values 'extern' and 'cuneiform'

 

TUK-3125

In the search dialog, the order of the object type groups can be changed

As a user, I want to be supported by a feature that prevents me every time scrolling down the search dialog to those object type groups that I can't see so that I can use their object types.

Acceptance criteria:

  • When hovering over an object ype group a backward and forward symbol is offered in the header.

  • In the first group only the backward symbol and in the last group only the forward symbol is offered.

  • A click on the backward symbol moves the group one position backward and a click on the forward one position forward.

  • The new order of the groups is remembered locally

  • If changes in the schema cause deviation with the remembered groups the locally saved setting is removed.

  • If the language is changed the locally saved setting is not read but not removed. If the language is set back the remembered setting is used again.

TUK-3243

The action 'Share' is only offered if the user has the new object permission 'share' but no more for the object permission 'edit'. (A-Team)

As a user with the object permission 'share', I want to get the object action 'Share' so that I can share the document with other users if necessary.

Acceptance criteria:

  • client: The action 'Share' is only offered if the user has the new object permission 'share' but no more for the object permission 'edit'.

  • management-studio Organization view: The table of permissions of a user shows the new column 'SHARE'.

TUK-3374

It is possible to open a document file of the Microsoft Office format for viewing and editing via the O365 services

As a user, I want to be able to start the editing of a Microsoft Office based document file on the O365 platform so that I can work with other users on it.

Acceptance criteria:

  • A Microsoft Office document of a focused object can be viewed by the O365 dashlet.

  • In this case, the user has edit permission on this object an 'Edit'/'Bearbeiten' button is offered in the O365 dashlet. After pushing it a new browser tab is opened and the file is offered in the O365 user interface for editing.

  • The object is locked during editing.

  • If the O365 tab in the browser with the edited document file is closed and it was the last user in that edit session the client fetches this event and reloads the object details.

  • The history entry for update content is localized on client-side.

  • In the prepare view the preview is supported as well, no editing is possible here.

TUK-3415

In the object details header an icon is indicating whether this object is or was part of an process

As a user, I want to see an indication of a focused object whether it is part of a process file in an active process so that I do not have to investigate with more effort.

Acceptance criteria:

  • The endpoint DmsService.getItem() – /dms/id response contains the information about the affected processes if the parameter processcount=true is added to the request URL:

} ... "processcount": 2 }

  • If the processcount is gt 0, an icon is offered that indicates the situation.

    • The standard icon for processes in the inbox is offered similarly to the follow-up one.

    • When hovering over the tooltip the  BPMService GET endpoint ../processes is requested for the object and the tooltip shows information about the amount of once-started processes, and if the user does have access to the processes the model names are shown followed by the localized starttime and if given the endtime as well.

      • Example for requesting the process information for the given object:

        http://10.10.3.112:7321/api/bpm/processes?objectid=5DFF33226F254C57B961D4735B093932&page=0&size=20

 

TUK-3496

The Office 365 services are part of the setup

As an administrator, I want to be able to use the Office 365 services after the installation so that the users can preview Office files rendered by Microsoft Office sources, and to edit them on the Microsoft Office platform if the users possess an account for it.

Acceptance criteria:

  • After the installation - new and update - the Office 365 services are installed but they will not start until the setting for its sessions is changed from '0' to '1'.

  • In the configuration file gateway-prod.yml (or custom named) the following settings are extended during the new installation, but in case of an update this has to be added manually:

    routing.endpoints: ...   - name: 'dashlet365'     url: 'http://client/dashlet365'   - name: 'office365'     url: 'http://office365'

  • The Dashlet-Service is available as web resource and is therefore controlled by the client-service as well and not seen in the list of services in the service admin UI.

  • The O365-Service is shown with the label OFFICE365 in the service admin UI.

    • Default port is 7880

    • A Swagger UI is not offered

    • The following parameters have to be configured in the configuration file office365-prod.yml:

tenant:   id: Tenant-ID   secret: Tenant-Secret   provider-url: https://provider.prod.enaio.io/   host-url: https://host.prod.enaio.io/   working-dir: C:\\data\\office   recovery:     enable: true

TUK-3622

A MS Office file including its versions can be previewed in the versions state including the compare mode

As a user, I want the versions view to support me with a preview of two versions containing document files of the format Microsoft Office that is based on the Microsoft O365 integration.

Acceptance criteria:

  • The version view shows a preview of older versions. No editing of older versions is offered, maybe better no editing in general.

TUK-3627

The three labels for the list in the 'Hit list' widget can be configured

As a user, I want to be able to determine the object properties which should be shown as object title and description so that I can see this important information.

Acceptance criteria:

  • In the configuration dialog of the list widget the following form fields are added:

    • 'First label'/'Erste Beschriftung' with 'created' as the default for the selectable object properties as they are listed for 'Sorted by'

      • if nothing is selected the default should still be 'created'

    • 'Second label'/'Zweite Beschriftung' with 'Title' as the default

      • if nothing is selected the default should still be 'Title'

    • 'Third label'/'Dritte Beschriftung' with 'Description' as the default

      • if nothing is selected the default should still be 'Description'

  • If the selected property is

    • of type organization like 'Creator' or 'Editor' the title of the user is shown with 'lastname, firstname' instead of the login name.

    • of type date, datetime, or number its localized value is shown

    • of type boolean, the corresponding checkbox for true and false are shown, and for undefined noch checkbox is shown.

  • The default property for sorting is 'Edited' and the sorting is descanding.

  • After the change of the selection, the corresponding values are shown in the list for the objects

TUK-3641

The client supports the use of the O365 Dashlet without manual configuration and handles events well

As an administrator, I don't want to configure the client to use the O365 Dashlet if it is up and running so that I don't have to care about it.

Acceptance criteria:

  • The client checks when the configured required service (part of the "viewers" section of the delivered main.json: "requiredservice" : "dashlet365") is running and uses the necessary viewer configuration directly.

    • It is possible to overwrite the internal configuration for the mimetypes via extend.json (see ticket section 'Ergänzung').

  • A used context-path is handled well.

  • The linked documents are working as well.

  • To be documented: Microsoft Office files that are email attachments are always shown via PDF rendition but not via the Microsoft O365 capability.

TUK-3662

When the core-service the first time starts up a trial license based on a just generated GUID is created and activated

As the system responsible, I want the core-service when starting up to prepare an initial license file so that the system can be used as a trial system with a limited number of users so that the system directly can be used without contacting OS. 

Acceptance criteria:

  • The core-service is extended with a service for the license management that is described below:

  • This action takes place only if the database is empty and no license is saved.

  • The created license file

    • is based on a GUID that is generated while starting up.

      • the clusterID of the system is taken into account as well. 

    • the following parameters are set

      • the activation date is that when generating the file

      • the expiration is that when generating the file plus 3 months

      • the number of named users 1 is that for the initial root user

      • the number of concurrent users is 5

    • the file is not encrypted but a signature is included that is generated with the public key and that includes the content of the license file.

TUK-3664

The license management is offered by the core-service

As the system responsible, I want the core-service to offer a license service that controls the number of named and concurrent licenses as well as an expiration date so that the system can only be used as contracted.

As a programmer, I want to be able to get the parameters of the activated license file, download the license file, and upload and activate a new license file via REST-WS endpoints.

Acceptance:

  • an internal license service is available that

    • save a license file in the database including validation

    • creates an initial license if no license is activated yet with the following parameters

      • type: PROVISIONAL

      • expirationDate is set plus 1 month

      • MaxUserNamed: 1 (assigned to root)

      • MaxUserConcurrent: 5 

      • MaxTypes: 10  (object-types)

      • StorageEncryption:  off

    • prevents server startup if a license is technically invalid caused by manipulation, and writes a log entry

    • if the expirationDate is reached and the core-service starts up only the root user can log in, and a maximum number of 5 object types is set

  • A new LicenseService offers REST-WS endpoints for showing the license conditions, downloading the active license file, and uploading a new one.

TUK-3665

A named user license can be assigned to a user via management studio

As an administrator, I will be able to assign and remove a named license to a specific user so that I can follow the requirements of my organization.

Acceptance criteria:

  • In the actions menu of a user that is not root the action 'Assign named license/Named-Lizenz zuordnen' or 'Remove named license/Named-Lizenz entfernen' is offered. 

    • The action dialog should have the following question: 'Do you want to assign a named license to this user?/Wollen Sie eine Named-Lizenz diesem Benutzer zuordnen?' or 'Do you want to remove the named license of this user?/Wollen Sie die Named-Lizenz von diesem Benutzer entfernen?'

    • New endpoints for assigning and removing a named license are available.

      • An error is reported if the named license for the root user is tried to remove.

    • If no more named license is available a notification is given:  'It is not possible to assign a named license because the available ones are assigned.'/'Es ist nicht möglich, eine Named-Lizenz zuzuordnen, da die verfügbaren zugeordnet sind.'

  • In the header of the user object, a symbol indicates if a license is assigned to the user.

    • This info is available in the user object.

    • A tooltip 'A named license is assigned'/'Eine Named-Lizenz wurde zugeordnet'

  • In the list of organization objects, a symbol indicates if a license is assigned to the user.

  • After the installation and update, the user root has a named license assigned.

TUK-3666

The REST-WS interface offers a view that shows the license information, download the saved license file, and upload a new one

As an administrator, I will be able to get information about the activated license, download this license file to send it to my sales contact and upload and activate a new license file.

Acceptance critereria:

  • In the Monitoring view of the REST-WS interface, the information about the activated license can be seen.

  • The activated license file can be downloaded from the Monitoring view.

  • A new license file can be uploaded from the Monitoring view.

    • After positive validation, the new license is activated

    • If the validation is negative, a specific notification is given. Possible negative cases:

      • The format is not correct, the key-value pairs are incorrect, e.g. wrong key or wrong possible value.

      • The content has been changed so that the contained signature does not match.

      • It is not allowed to activate a file with the license type PROVISIONAL.

TUK-3668

The client informs a concurrent user if no login is possible because no further concurrent license is available

As a user, I want to be informed about the situation that no more concurrent licenses are available if I cannot log in this case.

Acceptance criteria:

  • In this case, the client tells the user:

    • EN: "The login was not possible because no concurrent license is available. Please, wait until another user has logged out."

    • DE: "Die Anmeldung war nicht möglich, da keine weitere Concurrent-Lizenz verfügbar ist. Bitte warten Sie, bis ein anderer Benutzer sich abgemeldet hat."

  • The support of SSO is not part of this story

TUK-3670

The gateway login page informs a concurrent user if no login is possible because no further license is available

As an administrator, who logs into the management-studio or the REST-WS interface I want to be informed about the situation that no more concurrent licenses are available if I cannot log in in this case.

Acceptance criteria:

  • Besides the error code 401 that is returned if the user name or password is not correct, the gateway gives the error code 429 to the client if no further concurrent license is available. The gateway login page tells the user:

    • EN: "The login was not possible because no concurrent license is available. Please, wait until another user has logged out."