Rems Versions Save

Additions

• (Experimental) Voting options are expanded to have types, i.e. reviewer and handler voting. Use :enable-voting. (#3257)
• Email templates (:t.email/...) and event translations (:t.applications.events/...) now support named format parameters, and default english localizations have been updated for reference. While REMS moves towards fully supporting named parameters, all translations with index parameters should continue to work. Localizations with many parameters (like emails) have been burdensome to maintain with index parameters, so transitioning into named parameters is highly encouraged. (#3241)
• Processing states have been added. Now, in addition to the main states (draft, submitted, returned, approved, ...), the application tracks new "processing states" (i.e, "sub-states"). They can be added to facilitate for example standard bookkeeping of an application or technical integrations. The handler can change an application's processing state, when at least one has been configured in the application's workflow by the owner. Use :enable-processing-states. (#3259)

Changes

• Form fields in workflow admin pages are re-structured to show most often needed fields first.

Fixes

• Fix issue with user roles after deletion. This was introduced in the previous release that optimizes cache updates. (#3243)
• Mark form as optional in catalogue item creation. Also consider categories optional unless the catalogue tree is enabled. (#3244)

NB: This release removes the experimental application PDF export API. The non-experimental PDF export API is preferred instead. (#3098)

Additions

• By default administration pages show only "own organization" items. (#2046)
• The command-line use of REMS has been sped up. There are new commands dev-setup and perf-setup that dev_db.sh uses to start faster (a combination of migrate and data).
• Application expiration can be configured with :application-expiration-process-limit to process a subset of applications instead of everything at once. (#3225)
• Show organization in create workflow Forms dropdown (#3230)
• When copying an item, reset the organization, if it's not owned by the user. (#2880)
• Added malware scanning support. When :malware-scanner-path is set REMS will scan uploaded attachments and licenses with the executable at the provided path. Enabling :enable-malware-scanner-logging will pass the scanner executables output on STDERR to the REMS application log. (#2905)

Changes

• Application expiration now logs more, and more often. (#3225)
• Catalogue page has been sped up with optimizations. The API supports not joining organization data if not required (join-organization=false).
• Adding a user to blacklist does not reload the full cache anymore. This should make it faster. Also the user is directed to Applications page after delete, not to Catalogue.
• Deleting a (draft) application is now faster because it does not reload the full cache, only update it.
• Editing workflows (e.g. handlers) should now be faster because it does not reload the full cache, only update it.

Fixes

• Big improvements in performance from small improvements in how applications and events are processed and cached. REMS should be able to handle a 100k event DB without breaking a sweat. (#2783)
• Administration dropdown buttons should now respond to clicks more widely, and not only by directly clicking text. (#3167)
• Catalogue item unarchive should no longer fail when form does not exist. (#3217)
• Current page updates correctly. (#3218)
• Fixed faulty check in application expiration that prevents sending expiration notifications for applications, and expiring those applications. (#3225)

Fixes

• DUO codes in draft saved event no longer cause schema validation error when :enable-duo config is false.

NB: This release contains migrations!

Fixes

• A bug in event selection prevented migration (introduced in v2.34) from applying properly. This release contains a fixed version of that migration.

NB: This release contains migrations! NB: :application/public is renamed to :event/public (in application_event table eventdata column). NB: :expires-on is renamed to :application/expires-on (in application_event table eventdata column). NB: :last-activity is redundant and removed from the event (in application_event table eventdata column).

Changes

• "Show related events" has been removed from events. (#3156)
• Handler can now redact other handlers attachments. (#3190)
• The tables take advantage of a new paging feature. Especially, the handler Actions page and its handled applications table uses paging and only fetches handled applications when so requested. The first 50 rows are only fetched by default. Paging can be also configured per table, if the default is not good (page size 50 rows). (#3191)
• If reminder email is configured for the, expirer bot, it will delete an old draft application if and only if the reminder email is sent and the specified amount of time has passed. Previously it would just delete if the application was very old (esp. when enabling expiry for the first time).
• Allow leaving :form field away from catalogue item creation API calls. Previously the value was optional but now the key too.
• Application action buttons now wait until request has completed. This should prevent duplicate concurrent requests caused by repeated clicking. (#3204)

Additions

• (Experimental) Workflow can be configured to enable voting for the approval. Currently all handlers can vote (including bots). Use :enable-voting. (#3174)
• There is now a Danish language translation (#3176). We are considering supporting a limited set of languages officially, and improving support for community maintained translations (see #3179).
• Added experimental support for named format parameters in translations. (#3183)
• Added extended logging option (:enable-extended-logging), for additionally logging the content of mutating operations. (#3184)
• Cache reloading can be configured using the new :buzy-hours config. REMS will then try to avoid reloading during the specified time spans. (#3194)
• Application expiration respects :buzy hours config too.
• The handling users can now see whether an event is shown to the applicant from a small eye icon in the event history. (#3156)
• Event now shows which attachments were redacted when viewing as handling user. (#3190)
• Workflow has new option to anonymize handling users. When enabled, applying users may only see "Handler" in events where handling user's name would appear. Event emails to applying users similarly show only anonymized name where handling user's name would appear. Application API also returns only anonymized name to applying users. Anonymized name is customizable with translation key :t.roles/anonymous-handler, which defaults to :t.roles/handler.

Fixes

• Email template parameters for :application-expiration-notification event are now documented. The parameters are different from standard event email parameters, which may have caused confusion.

Additions

• PDF output can be customized a little. This enables changing the font, which should fix missing diacritics. (#3158)
• Workflows can now disable commands dynamically by application state, user role, or both. Rules can be set in workflow administration page under disable commands field. (#3131)
• Plugins can be written to extend REMS functionality in select extension points. So far there is support for plugins written in Clojure embedded in Markdown files. See docs/plugins.md for details. (#3133)

Fixes

• Label and header fields have URLs made into links. (#3155)

NB: GET /entitlements.csv is deprecated and will be removed in a future release. Please use GET /api/entitlements/export-csv instead. NB: Experimental application PDF export API is deprecated, and will be removed in a future release. The non-experimental PDF export API is preferred instead. (#3098)

Changes

• Application editing performance is improved. (#3106)
• Show form errors column only when some form has errors. (#3107)
• Latest event is now shown in the minimized application state. (#3119)
• Administration menu has been fine-tuned. Reports also shows only if the user can access it.
• The administration pages can now scale wider than before.
• The administration tables use a dropdown button for the modification actions. This allows more space for the table contents as there will be less buttons visible. Some of the buttons are only visible if the user has the permission. (#2814)
• The catalogue items page (in administration) is now sorted by the item creation time by default. Newly created items will now appear at the top instead of somewhere in the alphabetical order. The sort can still be changed by clicking on the column headers.
• The catalogue page margins have been adjusted to be more consistent. Also some of the default texts have been removed. They can still be added by extra translations.
• Catalogue "more info" is now styled as a link instead of a button.
• Actions page columns have been tuned, e.g. description, resource and applicant, so that they wrap nicely. (#3121, #3122)
• Accessibility tooling has been upgraded, the report improved, and serious issues fixed.
• Prefer and set language cookie so a db request is spared. (#3136)
• Logging has been adjusted:
  • Don't add static resources to audit log. (#3136)
  • Provide entry logging earlier (req >), even before user or roles are fetched.
  • Log a short request id for every request.
  • Log the simultaneous request count (rqc:).
  • Reduce duplicate logging from each line (user, request method).
  • Print the time it took to serve the request (ms).

Additions

• User attributes can now be retrieved from ID token and user_info endpoint. (#3028)
• User attributes are now formatted better (a boolean becomes a checkbox, etc.) (#3103)
• Most handler, reviewer, decider emails can be disabled with :enable-handler-emails false. (#3116) This does not include the invitation emails, which will always be sent, to be able to invite users. This also does not include any reminder emails that you can separately enable if you wish.
• Any individual email can be disabled by setting its translation to empty string "" (#3117).
• Handler, reviewer and decider can now redact application attachments. (#2491)
  • Redacted attachment exists in REMS like any other attachment, but it's file contents are permanently removed, and filename is shown to other non-handler users as redacted.
  • Attachments in field answers cannot be redacted, but the applicant can edit them as usual when application is draft or returned.
  • Handler can redact attachments also from other users.
  • Non-handler users can redact only their own attachments.
  • In decider workflow handler is not allowed to redact decider attachments.
• Database connection pool can be configured, see :hikaricp-extra-params in config-defaults.edn.
• The debug log level prints details of when the scheduled pollers run, e.g. email and event notification.
• Search bar automatically trims the whitespace form the left side, which is useful for copied values.
• The event notification can be configured to not send the application data with :send-application? false

Fixes

• Autosaving does not cause the focus to jump anymore (#3112)
• Fix form table default sort order to be internal name (was title). (#3107)
• Editing form of a catalogue item could fail due to categories.
• While clicking a button, link or menu item, a wrong color was sometimes displayed.
• Heading focus outline uses the correct blue color.

Changes

• The location of the success message of a submit has been changed from the top of the page to the Actions block. (#2836) This is more consistent with the other actions that provide feedback in the same location. (#2836)
• The application Applicants block has a simple version for the case of a single applicant. (#2836)
• The Decide action button has been changed to primary action, as it usually is for a person in the :decider role. (#2836)

Additions

• Visibility of the PDF and ZIP download actions can now be configured with :show-pdf-action and :show-attachment-zip-action (#3001)
• The Resources block can be hidden from the application view with :show-resources-section. This can be useful if there are few catalogue items. (#3000)
• The application title field, in the application state block is now shown only if the application description is not blank. (#2836)
• Orphan attachments could sometimes be saved, though not in use. They are now removed when an application is submitted. (#3041)
• Extra pages have been enhanced: (#2983, #2589, #3069)
  • They can be shown in top menu, footer, both or not at all with :show-menu and :show-footer
  • You can decide if you want the standard heading or not with :heading.
  • If localization of the file or link is not required, you can define the attributes at top level.
  • Who can see which extras can be tuned with :roles such as :logged-in, :applicant or :handler.
  • See config-defaults.edn for more details.

Fixes

• The previous applications block is now shown only if there are some. (#2836)
• The application Actions block is now successfully hidden, if there are no actions available (#2836)
• The component guide page had accumulated some small errors that are now fixed. (#2836)
• The component guide links to component source code works again. (#3080)
• Saving application no longer crashes when a resource requires DUO:0000024 (MOR) code. This could occur when applicant had not entered a value for the date restriction field. (#3086)

Changes

• Some API methods have been unified with the rest by using the command pattern: (#3036)
  • Categories have a new POST /create and a PUT /edit endpoint like the others.
  • User settings have a new PUT /edit endpoint.
  • User has a PUT /edit endpoint, /create remains "create or update".
  • The changes should be backwards-compatible as the old endpoints remain.
  • The non-standard endpoints have been been deprecated and will be removed later.
• The text for saving has been changed "Alice saved a draft." -> "Alice updated the application.". This will be clearer in the future when autosave is enabled (#3045)
• When continuing an old application, the applicant will be shown a warning about problematic fields. (#3045)
• Data Use Ontology (DUO) is no longer shown in application UI if none of the resources contain DUO codes. (#3048)
• Mondo codes have been updated to version v2022-09-06. (#3031)

Additions

• There is an experimental autosave mode that can be enabled. The application is automatically saved soon after the applicant makes a change.
  • Enable it with :enable-autosave true.
  • You may also want to turn on save compaction at the same time with :enable-save-compaction true to show less save events in the event history.
  • In the future, autosave may become the default mode. (#2767)
  • Applications don't yet automatically get reloaded, should another person be viewing the same application. This is a potential future feature. (see #2622, #2244)
• Data Use Ontology (DUO) codes are now rendered in application pdf. Rendered pdf styles have also been tuned for more consistent look. (#2857)
• Organization owners are now allowed to edit their own organizations owners. (#2828)

Fixes

• License, create/edit license and create/edit catalogue item administrator views have been updated to display localized fields the same way other administrator views do. (#1334)
• Don't needlessly complain about the config keys that are passed automatically from system properties and the environment. (#2935)
• Application warning and error links were not functioning correctly for attachment fields. This is now fixed. (#2955)
• DUO fields are no longer editable in the UI when application is not in editable state. (#2997)
• Organization edit now requires user to be either owner or organization owner of the organization. (#2828)
• Organization owner is no longer allowed to toggle enable/disable and archive organization actions. These are available only to owner user. (#2828)
• Test/demo data creation now uses configured languages. Mismatch between configured languages and data localizations may cause issues in certain UI components. (#2334)
• Multiselect field is now correctly rendered in application pdf again. More than one selected value resulted in empty field value. (#3059)