May 2024 - Dashboard Release Notes

In this release (May 24, 2024_05) we have introduced improvements to the way you can configure OpenID Connect via a dedicated screen - with support for multiple providers.

As a result of this change, we recommend migrating to this new method of configuration as soon as possible, as the older configuration method (via the Global Variables screen) will be removed in an upcoming release.

In our next release (June 24, 2024_06), the dashboard will run on Java 11 meaning that Java 8 will no longer be supported. This change only impacts native Linux installations, where you will need to supply an updated JDK for the dashboard to operate. Windows and Docker environments include Java, and therefore no changes are required for those deployment types.

Functionality has been introduced to allow multiple Identity Providers (IDPs) to be configured in the dashboard - either through the UI or by the external API.

Each IDP has its own unique identifier which can be used as a query parameter in the URL, to resolve the correct IDP to be used. The IDP Identifier field only accepts alphanumeric values. All IDP entries will be saved to the new table in the database - MIS_IDENTITY_PROVIDERS (see Schema Changes section).

If there is only one IDP entry in the database, the users do not need to specify the correct identifier in the URL; the dashboard will automatically resolve to using the defined IDP providing it has been enabled.

If there are multiple IDP entries saved in the database, the users will be expected to specify the Identifier of the Identity Provider they wish to use.

The expected dashboard URL structure is as follows

http://localhost:8224/pi/?idp=identifierValue

UI:

A new tab has been added to the Settings screen, allowing users to create OAuth configuration for multiple providers.

Open

API:

Eight new API endpoints have been added to help manage the new Identity Provider configurations. These endpoints are documented in our SwaggerHub page and are listed below:

• GET /identityProviders - Gets all Identity Providers

• POST /identityProviders - Creates a new Identity Provider

• GET /identityProviders/{id} - Gets a specific Identity Provider

• DELETE /identityProviders/{id} - Deletes a specific Identity Provider

• PUT /identityProviders/{id} - Modifies an Identity Provider

• POST /identityProviders/bulk - Creates multiple Identity Providers

• DELETE /identityProviders/bulk - Deletes multiple Identity Providers

• DELETE /identityProviders/all - Deletes all Identity Providers

Things to note:

• An ‘identifier’ field will have to be supplied when creating a new Identity Provider configuration - this must be a unique, simple alphanumeric string

• The Key Value field can be set via POST and updated via PUT but will not be shown. In the UI, Key Value is hidden

• This new multiple IDP implementation does not affect the OAuth configuration in the Dashboard Settings, only those saved to the new Database table MIS_IDENTITY_PROVIDERS.

An option has been added to the dashboard to save a mobile layout for the category.

Three new options have been added to the Layout Button Menu referring to the management of the mobile layout for the viewed category:

Open

Save as Mobile Layout

• requires ‘Can save layouts’ permission

• button is enabled when no mobile layout exists OR the existing mobile layout is different to your personal/user layout

• when clicked, mobile layout is saved as a copy of your personal/user layout for the category

Display Mobile Layout

• requires ‘Can modify layouts’ permission

• button is enabled when mobile layout exists AND the existing mobile layout is different to your personal/user layout

• when clicked, mobile layout will be converted to your personal/user layout for the category to be viewed in the desktop mode

Delete Mobile Layout

• requires ‘Can modify layouts’ permission

• button is enabled when mobile layout exists

• when clicked, mobile layout for the viewed category will be removed

With the introduction of the mobile layout, the priority of the layout display is as below:

When user has ‘Can modify layouts’ permission

Desktop View: 1. Personal/User Layout; 2. Default Layout; 3. Empty Layout

Mobile View: 1. Personal/User Layout; 2. Mobile Layout; 3. Default Layout; 4. Empty Layout

When user doesn’t have ‘Can modify layouts’ permission

Desktop View: Default Layout

Mobile View: 1. Mobile Layout; 2. Default Layout

‘Current Layout’ header has also been added to the layout dropdown menu that record the current viewed layout type for the category ('Default' or ‘Personal’).

As part of the October 2023 release, we added the ability to restrict what drill levels can be accessed via the use of two new URL parameters (drillStart and drillEnd) and the ability to use placeholder filters (!$!). These placeholder filters allow you to have the initial view of a chart start at a drill level other than the first one without applying any filtering to it. This feature was designed to be used only for single-chart embedding.

This functionality has now been extended to work with embedded Categories as well with the drillStart/drillEnd restrictions applying to all drillable charts within the Category. The setup is roughly the same as for a single chart but the URL of a Category is slightly more complicated and there are a few things worth knowing about how this features interacts with other aspects of an embedded Category.

You can now copy an iFrame link to embed a category for the chart info panel, just as you can to embed a chart.

You can now supply a configurable timeout value in seconds to the renderer, causing the request to fail upon exceeding this timeout. The value is set in the config tool, under the ‘renderer’ tab, as shown below:

It is also set via a docker environment variable called ‘RENDERER_TIMEOUT_IN_SECONDS' - under the 'renderer’ service.

The default value will be 900 seconds (15 minutes). You can configure this to be however long you’d like and you can include decimal values.

This will affect:

1. Single chart downloads

2. Single report downloads

3. Scheduled charts

4. Scheduled reports

And an appropriate error message will be displayed to the user upon hitting this timeout.

The timeout specifically affects how long it takes for the chromium browser within the renderer to reach the desired chart/report URL.

We have now introduced an option which allows you to exclude specified columns from excel exports of data tables:

The column will continue to show in the chart visualisation despite being excluded from the excel export. This works for all table types.

There are a couple of known issues with this at the moment:

1. If you have totals for a column which you are excluding - it will exclude the total values (both for grand totals and sub dimension breaks) - but not the actual total row itself, so you will end up with blank total rows. It is recommended that you do not have totals for columns which you wish to exclude form export.

2. If you have 2 or more columns under a cross tab value, and exclude the left most column, the cross tab value will be wiped out from the header. You can work around this by changing the order of the columns so that you never exclude the left most column.

JSON format logging is coming to the dashboard!

This will allow easier management of large volumes of log data making it easier to search, filter, read etc. Right now you can turn it on for the following components:

• server(pi),

• renderer.

It can be turned on via the appropriate environment variable or through the configuration UI. You also now have the option to disable the server(pi) access logger if you don’t wish to have that level of detail, when JSON logging is enabled the access logs will also be in JSON format.

GZIP compression and caching has been added to additional JavaScript assets that were not compressed previously. This is intended to provide a significant performance boost for people operating on slower connections.J

Previously, when switching from vertical to horizontal view on a mobile device, this would cause the dashboard to switch to the desktop view instead.

Now, it will retain the mobile layout regardless of the orientation. This is unless you select the browser’s built in ‘show desktop site’ button - in which case, the desktop version will be shown.

The request to view the desktop site view will be fully respected in horizontal orientation. In vertical orientation, however, it will use the mobile view layout but the desktop view navigation bar settings. This is because in vertical orientation, the devices width will simply be too small to fit in the content.

Previously, upon entering an Object Start Quote or an Object End Quote for a Data Connection, which has a default value (such as Snowflake which has a default value of “) - if you were to set these to be blank, it would not save correctly and would reset back to the default value.

Now, it will retain any value you have entered.

Materialized Views were not previously being shown as an option when configuring a Data Connections tables, this has now been resolved

Tomcat has been upgraded from 8.5.97 to 8.5.100 to resolve a certificate bug.

As part of our standard security procedures, we have upgraded Spring Framework and AWS SDK libraries to resolve reported vulnerabilities including CVE-2024-22259.

New table created

• mis_identity_providers

pi#2228

30649