Safety Engine Admin portal Changelog

This document covers the changes to the Safety Engine Admin portal (https://safety-engine.com)

25.08.0

  • SE-1329: Roles are no longer hard-coded, but can be defined per contract along with their permissions
  • SE-1303: Sub-contracts can now be defined to group projects
  • SE-847: Event log is now available to track events on projects and contracts
  • SE-887: Retention policies can now be defined for contracts to control how long data is kept
  • SE-1299: The "job" and "company" fields for users can now be made mandatory, optional, or hidden

  • SE-1488: Contracts can now define AD mapping rules to automatically assign user roles based on their Azure AD groups and attributes

  • SE-1642: Projects can now define warnings/disclaimers to be shown on forms where users might need to be aware of certain conditions

  • SE-1364: Users can now request deletion of their data. This will show up under the contract and can be processed by contract admins
  • SE-1635: Added file type help text for forms where files are uploaded
  • SE-1415: Azure AD tenants can now be tied to contracts, to make sure users signing in are properly connected to contract
  • SE-1317: Makes it possible to require MFA to be provided on every login
  • SE-1358: Makes it possible to deactivate project members in addition to removing them
  • SE-1403: The "Active users" tab of the contract page now has a filtering field for users
  • SE-1576: Users will now receive notifications when a forced password reset is in effect
  • SE-1561: When creating a registration key, the fields will be pre-filled with the current maximum values, so you can easily create a new key with the same settings

  • SE-1761: Contract admins can now limit which projects can access which training modules

  • SE-1535: The "Has access" column is no longer editable

  • SE-1581: Added missing warning when bulk adding files
  • Fixes issue where lockouts due to incorrect passwords were too aggressive, causing users to be locked out too quickly
  • SE-1579: Fixes cases where forms would incorrectly show "Incomplete translation" when the form was actually complete

25.05.0

  • SE-1428: Fixes issue where contract owner could not change the password policies for the contract
  • SE-1213: Makes sure users are notified when their passwords expire
  • SE-1550: Fixes issue where registration keys were not automatically displayed as inactive after expiring
  • SE-1552 & SE-1553: Prevent "0" from being accepted as a value for registration key expiry
  • SE-1441 & SE-1635: Added file type help text for forms where files are uploaded
  • SE-1445: Add datepicker component to date fields that previously didn't have it
  • SE-1325: Fixes issue where sometimes, you wouldn't be able to switch tabs on the files list
  • SE-1430: Added author filtering to news list
  • SE-1436: Fixes issue where bulk news could be sent to closed projects
  • SE-1500: Hides the "Integrations" tab under project admin. It is no longer used
  • SE-1516: Fixes unhandled error in check-ins
  • SE-1235: FĂ­xes issue where users would not show up in drop-down field, preventing them from being added to the project
  • SE-1181: Include contract owners in the total user count for contract
  • SE-1371: Fixes issue where SSO users were notified about changing their passwords
  • SE-1180: Fixes issue where the app would react incorrectly to various error codes
  • SE-1315: Fixes issue where game-specific data wasn't included in Excel output
  • SE-1332: Fixes issue where Check-in QR code wasn't print friendly
  • SE-1228: User can now request deletion
  • SE-1327: Replaced SMS gateway operator from Twilio to Compaya

25.01.0

  • Added deletion requests to the app. When users request deletion, it will show up under the contract
  • Fixed issue where Check-in QR code did not contain the correct encoded value
  • Fixed issue where SSO users were impacted by password-level restrictions like forced password reset
  • Fixed issue where agreements would show up duplicated
  • Fixed issue where SSO users would be presented with agreements in the in-app browser sign-in flow
  • Fixed issue where resolving SSO user names were not robust enough

24.12.1

  • Added ability to disable individual modules of SafetyEngine from the admin portal, so they won't show up in the app
  • Added "Long password" policy in addition to "Strong password" policy
  • Added the option to set a privacy disclaimer per project, which will be shown to users whenever they enter data
  • Added registration whitelists to make sure only allowed email domains can be used when signing up
  • Added ability to delete any data object
  • Added customizable privacy notices
  • Added file names to form response exports
  • Allow for automatically removing users from projects after a custom period of inactivity
  • Fixes issue where form response export included a column for buttons
  • Added validation of phone numbers and emails when editing users from the users list
  • Fixed timezone awareness on One-Time passwords

24.12.0

  • Added "Long password policy" in addition to "Strong password policy"

24.11.0

  • Added ability for project admins to define a Privacy Disclaimer to be displayed on all forms (See relevant user manual entry)
  • Added ability for contract admins and project admins to define user inactivity rules (See relevant user manual entry)
  • Prevents app users from deferring password changes when security requirements mandate it
  • Added the option to display registration codes as scannable QR codes (See relevant user manual entry)
  • Added the ability to delete any project data point from the lists
  • Added ability for contract admins to have custom agreements added to their account
  • Added confirmation message when evicting users from project
  • Improved performance when signing in through SSO
  • Expanded the data export when exporting data for data subjects to include all related data point
  • Extended Form response Excel export to include file names as well (for file fields)
  • Fixes regressions related to case-insensitive usernames (emails)
  • Fixes issue where form validation was missing when editing users' phone numbers
  • Fixes issue where OTP validity timestamps were not displayed correctly

24.10.0

  • Introduced the Contract Administrator role to have users help manage contract-level operations
  • Allows contract admins to force users to reset passwords for local accounts
  • Allows for marking form fields as required or not
  • Allows registration keys to timeout or have limited amount of usages
  • Updated training statuses to store completing timestamp rather than date only
  • User lockout notifications will now be sent by SMS if users doesn't have an email registered
  • Fixes issue where training completion time was not shown correctly
  • Improved structure of email notifications to better avoid being flagged as spam
  • Reconfigured web-server to be able to deliver file downloads in a distributed, light-weight manner allowing for thousands of concurrent downloaders
  • Fixes error where empty form responses from the app was not treated correctly
  • Renamed the "Player Activity" table to "Training Status"