New interfaces
Members
New card with communication tools
A Member's ttCard has been redesigned with a more modern and consistent interface with the profile page.
It now includes all the means to get in touch with this member (represented by an icon)
Initials of members who do not have a photo
Members without a photo now have an avatar based on their initials.
The initials are calculated from the 1st letter of the first name, and the 1st letter of the last name. They can therefore be on one or two letters.
The color is chosen :
- from the date of creation of the member
- and from a list of dedicated colors
Cards
All cards now have rounded corners by default.
A few examples:
Content selection interface
The interface for selecting content has been improved to offer better ergonomics.
Filters and search are grouped in the top bar. The search is proposed within the filters.
The entire line of a publication is clickable to select the content.
Note that it is possible to return to the old version via the following property pubchooser.use-jplatform10-pubchooser: false
New vocabulary
Types of publication
- The type Document is renamed to Document (Store)
- Type DB Document is renamed to Document
- The type Web Page is renamed to Web Page (Store)
- The DB Web Page type is renamed to Web Page
Transversal groups
The terms Global Group, Global Groups, Common Group(s) are abandoned and replaced by the term Transverse group.
Actions of unified insertion
The first 3 actions of the insertion have been renamed in order to clarify their scope.
New features
Search
Filter over a specific period of time
In the search interface, the Dates filter now allows you to choose a specific period (in addition to predefined periods):
Improved sorting of members
The member search now offers a sorting by surname and first name that better takes into account the accented characters of certain languages (especially German)
Reindexation of members is necessary.
Workflow: notify the manager
A new action is added in the definition of a workflow: it allows to warn the manager of the editor of the publication.
Workflow: responsible role
When defining a role in a space one can now choose as validator the responsible of the author of the publication :
A manager can modify a content of a member of his team when this content is in a state for which there is an outgoing transition managed by a "manager" role.
Category cleanup
Some branches of categories (especially those of keywords) are open to many contributors. They are therefore subject, over time, to having categories inA manager can modify a content of a member of his team when this content is in a state for which there is an outgoing transition managed by a "manager" role. duplicate. These duplicates bother both contributors (which category to choose when publishing) and readers (which category to choose when searching).
A new tool to clean up the child categories of a given branch is available in the administration area
When it comes to category cleanup, the category branch containing the site's keywords is selected by default.
You can choose the level of similarity between categories. Below 100%, several similarity calculation algorithms are proposed.
Clusters of similar categories are displayed. The interface allows you to merge the categories of a cluster or hide a cluster.
When doing a merge, one chooses the cluster categories that will be merged and the name that will be given to the merge category. Publications attached to the merged categories are automatically attached to the merge category.
Cart : modifying common portlet attributes
When the cart is only composed of portlet or portal, the common attributes (skin, appearance, spacing, alignments, caches, ...) can be changed en masse
Technical News
Exporting categories in the same format as importing them
The functionality to import a category tree has been around for a long time. It waits for an input file .txt .
The category export feature also exists, but was not in the same format (.csv), which prevented import/export on the same file.
Now, it is possible to export and then re-import a branch of categories.
Research usage statistics update
Several modifications concerning the taking into account of research for the analysis of uses :
- Taking into account the research actions carried out from the application
- Addition in the usage statistics of the exact phrase search
Change in the storage mode of attachments linked to the incoming mail
The documents imported on the platform when managing incoming mails are now created with the same type as in a repository.
Thus, by default, images will be saved with the type Media and other documents with the type DBFileDocument.
Thumbnails: same format as the original image
Thumbnails are now generated in the original image format, if supported (jpg, , gif, or png).
This default behavior is defined by the tag.thumbnail.format: auto
A format can be specified:
- in a specific template in which the use of an explicit format would be relevant, via the attribute
format="jpg|png|gif"of the thumbnail tag, - globally for all the previews generated by the site, with the property
tag.thumbnail.format: jpg|png|gif. In this case, only the use of the formatJPEGis recommended to guarantee a balance between quality and weight of the generated previews.
WebDAV disabled by default
The default configuration of JPlatform has been changed: WebDAV is deactivated as standard.
- If you use WebDAV, you don't have to do anything because your file already
custom.propcontains the feature activation. - If you do not use WebDAV, we invite you to take advantage of this migration to verify that WebDAV is disabled.
Corresponding property channel.webdav.enabled: false
Advanced Setup and Development
JPortal
Possibility to modify the footer of the skin
Skins now support the integration of the field (Skins footer skinFooter ) which allows to add HTML in the footer of a skin via a dedicated field.
Added access to certain fields / information in the portlet
When editing a portlet via JPortal you now have access in the Advanced tab to the following attributes
- Rights
- Editor
- Workspace
- Id of the portlet
First level search
First level portlet search now searches by portlet type, not by portlet instance
Portlet Publications List (ex Iteration Request)
Renaming in Publication List
In order to be more understandable, the portlets Query/Foreach, Query/Foreach Cards and Detailed Query/Foreach have been renamed to
- Publication list
- Cards publication list
- Detailed publication list
Request or list of publications
You can now more simply point directly to certain publications in the portlet by choosing to enter
- If you want to request content
- If you wish to list specific content (formerly available through the First publications field)
By the way, some advanced fields have been moved to the Advanced field.
Basic search enabled by default
Searching in publications stored in the database is enabled by default.
Sort on the default publication date (pdate)
The Publication List portlet is by default configured by publication date.
Carrousel template
The Carousel template of the Portlet List of publications has been completely redone. It uses the same rendering as the new Carrousel portlet.
Carrousel portlet
This portlet allows to display a list of publications as a carousel.
Fields present:
- Scrolling speed of the carousel
- Show/Hide Navigation Arrows
- Show/Hide Pagination
- Show/hide publication title
- Number of contents to be shown simultaneously
- Number of lines in the title
Portlet Publication
This portlet is used to display the full display of a publication.
If the publication includes several templates, it is possible to choose the template of the publication.
Fields present :
- link to a publication
- selected template
- Show/hide the publication display header (Publication Actions)
- Show/hide publication footer (Comments, votes)
Cards
New JNews templates
A new template displaying publications as cards is available. It comes from the JNews module.
CardData : possible overloading of the image
The tag CardData now allows the use of a specific image through a new attribute image.
If left empty, the behavior does not change and uses the data-imageData.
Rounded corners
It is possible to disengage the rounded corners on cards by overloading the less variable (via custom.less)
Tags
Tag Carousel <jalios:dataCarousel>
This tag displays publications in carousel format. It offers the same rendering as the Carousel portlet.
Breadcrumb> Breadcrumb Tag
This tag produces a breadcrumb of a set of items. The rendering is the same as in the Explorer, JTask and conversation spaces module.
Exemple d'utilisation :
<%
List<BreadcrumbItem> items = new ArrayList<>();
items.add(new
BreadcrumbItem().label("Home").url("debug/debugBreadcrumb.jsp").attributes(new
DataAttribute().addData("data-jalios-test", true)));
items.add(new BreadcrumbItem().label("Page 1").url("debug/debugBreadcrumb.jsp?
test=test").active(true));
%>
<jalios:breadcrumb items="<%= items %>" />Tag Photos de member <jalios:memberphoto>
The alt attribute of the tag MemberPhoto is now overloadable.
If left empty, the behaviour does not change and uses the full name of the member.
Topbar
Two new properties allow to manage the size of the logo in the topbar
jcms.topbar.logo-widthjcms.topbar.logo-height
ACL
For certain functionalities, not related to security, it is customary in JPlatform and its modules to offer the following functionality:
- by default, without explicit configuration, access to the functionality is accessible to all,
- if an ACL is created and explicitly references the resource concerned, then the functionality is accessible only to the users benefiting from the ACL.
- (in all cases anonymous access is denied)
JPlatform 10 SP4 simplifies the implementation of this approach with the method AccessControlManager.checkAccessIfAclExists(Member, String, Map<String, Object>)
Example to control access to the Publish menu of the Topbar
private static final AccessControlManager ACL_MGR = AccessControlManager.getInstance();
public boolean canUsePublishMenu(Member mbr) {
return ACL_MGR.checkAccessIfAclExists(mbr, TopbarManager.ACL_CAN_USE_PUBLISH_MENU, null);
}Application Catalogue
You can remove all the information related to departments in the application catalog by adding this property
appstore.departments.enabled: falseMember
Added a connection tracking service
The service ConnectionEventManager allows you to obtain a member's login information over a given period of time.
Right to upload a photo
Members with ACL admin/users/member or admin/users/dbmember can now upload member photos even if the property member.photo.upload is set to false.
Color of initials
The rendering of a member's initials (used if he has no photo) is done in pure CSS/HTML.
The colors are defined by the property member.photo.initials.colors.
The accepted values are :
- the name of a Jalios colour (see the enum
Color.java), - or a hexadecimal color code (respect of possible graphic charts, ...)
Example: only colors from the JPlatform color palette
member.photo.initials.colors: GREEN_LIGHT, BLUE_LIGHT, GREEN, BLUE, PINK_DARK
Example: only custom colors
member.photo.initials.colors: #FF0000, #00FF00, #0000FF
Example: mixed Jalios and custom colors
member.photo.initials.colors: GREEN_LIGHT, #FF0000, BLUE, #00FF00
This feature cannot be disabled
OpenAPI REST: new end-point for updating a member's photo
The new endpoint /rest/data/Member/updatephoto/{login} allows you to update a member's photo.
Document
Image data in a FileDocument now invokes preview generation for the document concerned (except for image documents that continue to return the image itself).
The default dimensions used to generate the preview can be configured with the following properties
file-document.data-image-thumbnail.width: 960
file-document.data-image-thumbnail.height: 540This new behavior can be disengaged with the property file-document.data-image-thumbnail.enabled: false
Location
All those that Comparator allow sorting JStore data by title/name now use as standard a sort depending on the user's locale in order to offer a sort more in line with the expectations of international users
Data.DataNameComparatorPublication.TitleComparatorMember.NameComparatorMember.FirstNameComparatorGroup.NameComparatorWorkspace.NameComparatorCategory.DataNameComparatorPortletSkinnable PortletSkinableTitleComparatorPortletSkinnable ContentTitleComparator
Security
Alert on sensitive operations (delegation, change of login or e-mail)
Security alerts are now sent to users when certain sensitive operations are performed with/on their account.
In particular
- Delegation: connection with their account by another user (administrator or user authorized to use the delegation to this member)
- Change of username or email address
Here is an example of an alert received by a user when using the delagation
Configuration :
Like all alerts, a default configuration is possible by the administrator, and each user can configure the parameters for receiving alerts (channels, activation, ...)
The alerts issued include the following information
- The date of the operation
- The author of the operation, activated by default, can be deactivated via the property
security-alert.display-details.member: false - The IP address of the author of the operation, deactivated by default, can be activated via the property
security-alert.display-details.ip: true
This information can be omitted entirely via the property security-alert.display-details: false
Each alert can also be configured, thanks to properties using the technical name of the alert, such as consultable in the files fr/en.prop (auth-delegation, profile-login-modified, profile-email-modified, , , ...) :
- deactivation : the alert emission can be deactivated via the property
alert.name.security.{name}.enabled: true|false - level : the level of the alert can be modified via the property
alert.name.security.{name}.level: info|action|warning, by default all alerts are at Warning level.
Uploading some files, including SVG, disabled by default
⚠ For security reasons the following file formats are "disabled"
the upload is allowed, but the file will be saved in an alternative neutral format.
html,htm,shtml,body,jsv,js-> uploaded as.txtswf,svg,svgz-> uploaded as.bin
It is strongly recommended to keep this standard configuration.
However, if you wish to reactivate these formats, you can do so by re-associating each extension with its original extension.
Example to re-authorize the SVG format.
file-document.invalid-extension.svg: svgAgain: reactivating these file formats is not recommended if the file repository is open wide and you want to guarantee the security of your platform.
In this case, you are strongly invited to consider implementing a more detailed security policy by specific
development.
For example by allowing the deposit of these sensitive files only to certain trusted contributors.
Login cannot be changed (disabled by default)
A new option is available to prohibit the modification of the login by the user himself.
When the property member.rights.allow-login-change: false is set, only an administrator or a user authorized to edit members via the dedicated ACL, will be allowed to modify a member's login.
Email address cannot be changed (disabled by default)
A new option is available to prohibit the modification of the e-mail address by the user himself.
When the property member.rights.allow-mail-change: false is set, only an administrator or a user authorized to edit members via the dedicated ACL, will be allowed to modify a member's email address.
Unique e-mail address
A new check is performed on members when creating or updating them in order to forbid the use of an e-mail address already used by another user.
Reinforced BCrypt adjustment
In order to better protect the site against brute force attacks, the default configuration of the BCrypt hash algorithm has been reinforced.
The possible setting on the algo was 10, it has been increased to 12 :
channel.bcrypt.log2rounds: 12
Users must change/re-register their password to benefit from this additional security.
For more information on possible configurations, see Quelle protection existe-t-il contre les attaques brute-force sur le login ?
JSync: using a shared secret
In order to avoid attacks by the JSyncServlet, all the requests arriving on this servlet must contain a secret parameter containing a shared secret (a String) common between the leader and all the replicas.
This secret is stored in the property jsync.shared-secret.
At startup, if this property is empty:
- If we are on a leader, then a secret is generated and the property is updated with this secret.
- If we are on a replica, then we switch to fail safe and an error message is logged in the console
