New interfaces

Members

New card with communication tools

A Member's ttCard has been redesigned with a more modern and consistent interface with the profile page.

It now includes all the means to get in touch with this member (represented by an icon)

Initials of members who do not have a photo

Members without a photo now have an avatar based on their initials.

The initials are calculated from the 1st letter of the first name, and the 1st letter of the last name. They can therefore be on one or two letters.

The color is chosen :

• from the date of creation of the member
• and from a list of dedicated colors

Cards

All cards now have rounded corners by default.

A few examples:

Content selection interface

The interface for selecting content has been improved to offer better ergonomics.

Filters and search are grouped in the top bar. The search is proposed within the filters.

The entire line of a publication is clickable to select the content.

Note that it is possible to return to the old version via the following property pubchooser.use-jplatform10-pubchooser: false

New vocabulary

Types of publication

• The type Document is renamed to Document (Store)
• Type DB Document is renamed to Document
• The type Web Page is renamed to Web Page (Store)
• The DB Web Page type is renamed to Web Page

Transversal groups

The terms Global Group, Global Groups, Common Group(s) are abandoned and replaced by the term Transverse group.

Actions of unified insertion

The first 3 actions of the insertion have been renamed in order to clarify their scope.

New features

Search

Filter over a specific period of time

In the search interface, the Dates filter now allows you to choose a specific period (in addition to predefined periods):

Improved sorting of members

The member search now offers a sorting by surname and first name that better takes into account the accented characters of certain languages (especially German)

Reindexation of members is necessary.

Workflow: notify the manager

A new action is added in the definition of a workflow: it allows to warn the manager of the editor of the publication.

Workflow: responsible role

When defining a role in a space one can now choose as validator the responsible of the author of the publication :

A manager can modify a content of a member of his team when this content is in a state for which there is an outgoing transition managed by a "manager" role.

Category cleanup

Some branches of categories (especially those of keywords) are open to many contributors. They are therefore subject, over time, to having categories inA manager can modify a content of a member of his team when this content is in a state for which there is an outgoing transition managed by a "manager" role. duplicate. These duplicates bother both contributors (which category to choose when publishing) and readers (which category to choose when searching).

A new tool to clean up the child categories of a given branch is available in the administration area

When it comes to category cleanup, the category branch containing the site's keywords is selected by default.

You can choose the level of similarity between categories. Below 100%, several similarity calculation algorithms are proposed.

Clusters of similar categories are displayed. The interface allows you to merge the categories of a cluster or hide a cluster.

When doing a merge, one chooses the cluster categories that will be merged and the name that will be given to the merge category. Publications attached to the merged categories are automatically attached to the merge category.

Cart : modifying common portlet attributes

When the cart is only composed of portlet or portal, the common attributes (skin, appearance, spacing, alignments, caches, ...) can be changed en masse

Technical News

Exporting categories in the same format as importing them

The functionality to import a category tree has been around for a long time. It waits for an input file .txt .

The category export feature also exists, but was not in the same format (.csv), which prevented import/export on the same file.

Now, it is possible to export and then re-import a branch of categories.

Research usage statistics update

Several modifications concerning the taking into account of research for the analysis of uses :

• Taking into account the research actions carried out from the application
• Addition in the usage statistics of the exact phrase search

Change in the storage mode of attachments linked to the incoming mail

The documents imported on the platform when managing incoming mails are now created with the same type as in a repository.

Thus, by default, images will be saved with the type Media and other documents with the type DBFileDocument.

Thumbnails: same format as the original image

Thumbnails are now generated in the original image format, if supported (jpg, , gif, or png).

This default behavior is defined by the tag.thumbnail.format: auto

A format can be specified:

• in a specific template in which the use of an explicit format would be relevant, via the attribute format="jpg|png|gif" of the thumbnail tag,
• globally for all the previews generated by the site, with the property tag.thumbnail.format: jpg|png|gif. In this case, only the use of the format JPEG is recommended to guarantee a balance between quality and weight of the generated previews.

WebDAV disabled by default

The default configuration of JPlatform has been changed: WebDAV is deactivated as standard.

• If you use WebDAV, you don't have to do anything because your file already custom.prop contains the feature activation.
• If you do not use WebDAV, we invite you to take advantage of this migration to verify that WebDAV is disabled.

Corresponding property channel.webdav.enabled: false

Advanced Setup and Development

JPortal

Possibility to modify the footer of the skin

Skins now support the integration of the field (Skins footer skinFooter ) which allows to add HTML in the footer of a skin via a dedicated field.

Added access to certain fields / information in the portlet

When editing a portlet via JPortal you now have access in the Advanced tab to the following attributes

• Rights
• Editor
• Workspace
• Id of the portlet

First level search

First level portlet search now searches by portlet type, not by portlet instance

Portlet Publications List (ex Iteration Request)

Renaming in Publication List

In order to be more understandable, the portlets Query/Foreach, Query/Foreach Cards and Detailed Query/Foreach have been renamed to

• Publication list
• Cards publication list
• Detailed publication list

Request or list of publications

You can now more simply point directly to certain publications in the portlet by choosing to enter

• If you want to request content
• If you wish to list specific content (formerly available through the First publications field)

By the way, some advanced fields have been moved to the Advanced field.

Basic search enabled by default

Searching in publications stored in the database is enabled by default.

Sort on the default publication date (pdate)

The Publication List portlet is by default configured by publication date.

Carrousel template

The Carousel template of the Portlet List of publications has been completely redone. It uses the same rendering as the new Carrousel portlet.

Carrousel portlet

This portlet allows to display a list of publications as a carousel.

Fields present:

• Scrolling speed of the carousel
• Show/Hide Navigation Arrows
• Show/Hide Pagination
• Show/hide publication title
• Number of contents to be shown simultaneously
• Number of lines in the title

Portlet Publication

This portlet is used to display the full display of a publication.
If the publication includes several templates, it is possible to choose the template of the publication.

Fields present :

• link to a publication
• selected template
• Show/hide the publication display header (Publication Actions)
• Show/hide publication footer (Comments, votes)

Cards

New JNews templates

A new template displaying publications as cards is available. It comes from the JNews module.

CardData : possible overloading of the image

The tag CardData now allows the use of a specific image through a new attribute image.

If left empty, the behavior does not change and uses the data-imageData.

Rounded corners

It is possible to disengage the rounded corners on cards by overloading the less variable (via custom.less)

@card-rounded-corners: true;

Tags

Tag Carousel <jalios:dataCarousel>

This tag displays publications in carousel format. It offers the same rendering as the Carousel portlet.

Breadcrumb> Breadcrumb Tag

This tag produces a breadcrumb of a set of items. The rendering is the same as in the Explorer, JTask and conversation spaces module.

Exemple d'utilisation : 

<% 
  List<BreadcrumbItem> items = new ArrayList<>(); 
  items.add(new 
  BreadcrumbItem().label("Home").url("debug/debugBreadcrumb.jsp").attributes(new 
  DataAttribute().addData("data-jalios-test", true)));
        items.add(new BreadcrumbItem().label("Page 1").url("debug/debugBreadcrumb.jsp? 
        test=test").active(true));
  %>
<jalios:breadcrumb items="<%= items %>" />

Tag Photos de member <jalios:memberphoto>

The alt attribute of the tag MemberPhoto is now overloadable.

If left empty, the behaviour does not change and uses the full name of the member.

Topbar

Two new properties allow to manage the size of the logo in the topbar

• jcms.topbar.logo-width
• jcms.topbar.logo-height

ACL

For certain functionalities, not related to security, it is customary in JPlatform and its modules to offer the following functionality:

• by default, without explicit configuration, access to the functionality is accessible to all,
• if an ACL is created and explicitly references the resource concerned, then the functionality is accessible only to the users benefiting from the ACL.
• (in all cases anonymous access is denied)

JPlatform 10 SP4 simplifies the implementation of this approach with the method AccessControlManager.checkAccessIfAclExists(Member, String, Map<String, Object>)

Example to control access to the Publish menu of the Topbar

  private static final AccessControlManager ACL_MGR = AccessControlManager.getInstance();

  public boolean canUsePublishMenu(Member mbr) {
    return ACL_MGR.checkAccessIfAclExists(mbr, TopbarManager.ACL_CAN_USE_PUBLISH_MENU, null);
  }

Application Catalogue

You can remove all the information related to departments in the application catalog by adding this property

appstore.departments.enabled: false

Member

Added a connection tracking service

The service ConnectionEventManager allows you to obtain a member's login information over a given period of time.

Right to upload a photo

Members with ACL admin/users/member or admin/users/dbmember can now upload member photos even if the property member.photo.upload is set to false.

Color of initials

The rendering of a member's initials (used if he has no photo) is done in pure CSS/HTML.

The colors are defined by the property member.photo.initials.colors.

The accepted values are :

1. the name of a Jalios colour (see the enum Color.java),
2. or a hexadecimal color code (respect of possible graphic charts, ...)

Example: only colors from the JPlatform color palette

member.photo.initials.colors: GREEN_LIGHT, BLUE_LIGHT, GREEN, BLUE, PINK_DARK

Example: only custom colors

member.photo.initials.colors: #FF0000, #00FF00, #0000FF

Example: mixed Jalios and custom colors

member.photo.initials.colors: GREEN_LIGHT, #FF0000, BLUE, #00FF00

This feature cannot be disabled

OpenAPI REST: new end-point for updating a member's photo

The new endpoint /rest/data/Member/updatephoto/{login} allows you to update a member's photo.

Document

Image data in a FileDocument now invokes preview generation for the document concerned (except for image documents that continue to return the image itself).

The default dimensions used to generate the preview can be configured with the following properties

file-document.data-image-thumbnail.width: 960 
file-document.data-image-thumbnail.height: 540

This new behavior can be disengaged with the property file-document.data-image-thumbnail.enabled: false

Location

All those that Comparator allow sorting JStore data by title/name now use as standard a sort depending on the user's locale in order to offer a sort more in line with the expectations of international users

• Data.DataNameComparator
• Publication.TitleComparator
• Member.NameComparator
• Member.FirstNameComparator
• Group.NameComparator
• Workspace.NameComparator
• Category.DataNameComparator
• PortletSkinnable PortletSkinableTitleComparator
• PortletSkinnable ContentTitleComparator

Security

Alert on sensitive operations (delegation, change of login or e-mail)

Security alerts are now sent to users when certain sensitive operations are performed with/on their account.

In particular

• Delegation: connection with their account by another user (administrator or user authorized to use the delegation to this member)
• Change of username or email address

Here is an example of an alert received by a user when using the delagation

Configuration :

Like all alerts, a default configuration is possible by the administrator, and each user can configure the parameters for receiving alerts (channels, activation, ...)

The alerts issued include the following information

• The date of the operation
• The author of the operation, activated by default, can be deactivated via the property security-alert.display-details.member: false 
• The IP address of the author of the operation, deactivated by default, can be activated via the property security-alert.display-details.ip: true

This information can be omitted entirely via the property security-alert.display-details: false

Each alert can also be configured, thanks to properties using the technical name of the alert, such as consultable in the files fr/en.prop (auth-delegation, profile-login-modified, profile-email-modified, , , ...) :

• deactivation : the alert emission can be deactivated via the property alert.name.security.{name}.enabled: true|false
• level : the level of the alert can be modified via the property alert.name.security.{name}.level: info|action|warning , by default all alerts are at Warning level.

Uploading some files, including SVG, disabled by default

• html, htm, shtml, body, jsv , js -> uploaded as .txt
• swf, svg, svgz -> uploaded as .bin

It is strongly recommended to keep this standard configuration.
However, if you wish to reactivate these formats, you can do so by re-associating each extension with its original extension.
Example to re-authorize the SVG format.

file-document.invalid-extension.svg: svg

Again: reactivating these file formats is not recommended if the file repository is open wide and you want to guarantee the security of your platform.

In this case, you are strongly invited to consider implementing a more detailed security policy by specific
development.

For example by allowing the deposit of these sensitive files only to certain trusted contributors.

Login cannot be changed (disabled by default)

A new option is available to prohibit the modification of the login by the user himself.
When the property member.rights.allow-login-change: false is set, only an administrator or a user authorized to edit members via the dedicated ACL, will be allowed to modify a member's login.

Email address cannot be changed (disabled by default)

A new option is available to prohibit the modification of the e-mail address by the user himself.
When the property member.rights.allow-mail-change: false is set, only an administrator or a user authorized to edit members via the dedicated ACL, will be allowed to modify a member's email address.

Unique e-mail address

A new check is performed on members when creating or updating them in order to forbid the use of an e-mail address already used by another user.

Reinforced BCrypt adjustment

In order to better protect the site against brute force attacks, the default configuration of the BCrypt hash algorithm has been reinforced.
The possible setting on the algo was 10, it has been increased to 12 :

channel.bcrypt.log2rounds: 12

Users must change/re-register their password to benefit from this additional security.

For more information on possible configurations, see Quelle protection existe-t-il contre les attaques brute-force sur le login ?

JSync: using a shared secret

In order to avoid attacks by the JSyncServlet, all the requests arriving on this servlet must contain a secret parameter containing a shared secret (a String) common between the leader and all the replicas.

This secret is stored in the property jsync.shared-secret.

At startup, if this property is empty:

• If we are on a leader, then a secret is generated and the property is updated with this secret.
• If we are on a replica, then we switch to fail safe and an error message is logged in the console