Open

We are pleased to present our latest offering of pi - our November 2021 release! This page helps summarise and familiarise you with the changes we have made, and is supported (where applicable) with useful videos to help explain the changes we have delivered.

Here’s what we’ll cover;

Added

Role level variables and role level restrictions have been added to the system. This means that the system now has a more flexible way to provide variables and restrictions to a user.

• previously, if 10 users shared the same variable you would need to add that variable to each individual user

• now, you can create a role with a variable and if this role is then assigned to 10 users, they would all have this variable

• the same concept also applies to role restrictions

Please look at Role Level Variables for more information.

Video

We’ve created a short video to explain this in a bit more detail.

2 new magic variables have been added:

• LANGUAGE_LOCALE - locale from language selection on the login screen (these selectable options are configured from dashboard installation on the server machine)

• LOCALE - locale of a user's browser, which generally is used for date formatting (this reflects whatever locale a user set on their browser)

Changed

Patched Release 2021-11-25.1 - updated Log4J2 library to version 2.15.0 in response to security vulnerability (CVE-2021-44228).

Patched Release 2021-11-25.2 - updated Log4J2 library to version 2.16.0 in response to security vulnerability (CVE-2021-45046)

Patched Release 2021-11-25.4 - updated Log4J2 library to version 2.17.0 in response to security vulnerability (CVE-2021-45105)

There will only be 1 version of log4j in the dashboard installation files, showing the latest version

Files are located here:

• C:\Program Files\Installation_location\Dashboard\tomcat\webapps\panLicenceManager\WEB-INF\lib

• C:\Program Files\Installation_location\Dashboard\tomcat\webapps\panMISDashboardResources\WEB-INF\lib

A ‘value’ field in the MIS_VARIABLES table has been changed from varchar(4000) to long text in order to accommodate longer text inputs.

maxSize restrictions have been removed from the following interactable domain objects:

• MisChartColumn.operandTwo

• MisColumn.columnName

• MisDataSourceItem.driverClassPath

• MisDefinedChart.helpText

• MisDefinedChart.chartLevelStyles

• MisFilterColumn.operandOne

• MisFilterColumn.operandTwo

• MisHierarchy.accessibilityMessage

• MisHierarchy.htmlCardStyleSheet

• MisHierarchy.customSql

• MisHierarchy.svgUrl

• MisHierarchyColumn.urlLink

• MisLayoutText.text

• MisParameter.hierarchyId

• MisParameter.orderingIndex

• MisPreferredLayout.layoutXml

• MisReportFilter.defaultValue

• MisReportLayout.layout

• MisReportMedia.positioningStyle

• MisReportMedia.formattingStyle

• MisReportMedia.text

• MisReportMedia.imagePath

• MisSchedule.emailMessage

• MisScheduleAttachment.webServiceUrl

• MisScheduleJob.error

• MisSecurityUser.clientPassword

• MisSecurityUser.encryptedPassword

• MisTable.tableName

• MisTable.whereClause

• MisTable.tablePriority

• MisTableJoin.joinSql

• MisUserRestriction.orderingIndex

• MisVariable.value

As a precautionary measure, we have removed the Apache Drill and Firebolt JDBC drivers from Tomcat until we have hear back from them to clarify if they carry the Log4j2 vulnerabilities or not.

Workaround - if you are currently using these, after upgrading you will need to add them yourself under tomcat/custom_jdbc_drivers and ensure their safety.

Fixed

We have made changes to how dark themes are used in the dashboard. In order to display text correctly in labels when using a dark theme we recommend:

1. Setting white text on the css classes shown in the following screenshot, they are designed for such customisation

2. Making sure the data colour and system background colour are dark colours, so that regardless if text is not contained fully in the data block it will still display correctly

Open

The following screenshot shows how labels look on a Doughnut chart displayed on a dark theme.

You can find more information on using dark themes here.

Crosstab tables that have special characters in the header row, e.g. *, %, £ or white spaces, will load and be displayed correctly.

When a user creates a chart and receives the message ‘Content Unavailable’ they will still be able to access the Chart Editor screen by clicking the ‘Edit Chart’ icon in the top-right corner of the cell.

The dashboard was updating/ removing the password for Data Connection ID 21 after migrating to a newer version of the dashboard. This happened because the dashboard was assuming that Data Connection ID 21 was a MariaDB.

When selecting recipients for reports, the users that are displayed in this section will depend on both the user and role permissions.

For a user to appear in the list of recipients, they must have the ‘Can Be An Email Recipient’ privilege or be attached to a role that has this privilege.

When ‘Display Value as Percentage by Column’ is selected in ‘Attributes’ for a Crosstab table, the column totals will be calculated correctly as percentage values.

Errors were occurring during a large amount of API calls. A fix has been added to this release to address this.

When trying to import large data connections, where the json file was over 5 megabytes, the browser took too long to draw the UI. A change has been added to improve performance meaning that the browser won’t crash in such cases.

If a report contained a chart that had been created with free hand sql, the chart was not displayed in the report if the selected user didn’t have the ‘Can Edit Chart SQL’ permission. Users will now be able to view the chart in a report when they don’t have this permission.

If a schedule task is not available to a user because the schedule is owned by a category that the user doesn’t have access to, they would see records with blank names on the Report Monitoring screen. These records were related to the schedules that were not available to the user, a change has been introduced so that users will no longer see these records.

When using OpenID custom connector, the login screen was not displaying the login button.

When using an external database, trying to connect with a username that was different to root was not working. Problems were also occurring if the schema had a different name.

The renderer was using the internal port as a Dashboard URL to run its services which in some instances caused issues due to proxy and cookie configuration in the dashboard. To address this, the internal port has been removed from the configuration and instead, the renderer will be using the Dashboard URL to run its services.

Keeping An Eye On pi