Safety Engine Admin portal Changelog

This document covers the changes to the Safety Engine Admin portal (https://safety-engine.com)

Sprint 12 (2025-01-06 - 2025-01-26)

  • Added deletion requests to the app. When users request deletion, it will show up under the contract
  • Fixed issue where Check-in QR code did not contain the correct encoded value
  • Fixed issue where SSO users were impacted by password-level restrictions like forced password reset
  • Fixed issue where agreements would show up duplicated
  • Fixed issue where SSO users would be presented with agreements in the in-app browser sign-in flow
  • Fixed issue where resolving SSO user names were not robust enough

Sprint 11 (2024-12-02 - 2024-12-22)

  • Added ability to disable individual modules of SafetyEngine from the admin portal, so they won't show up in the app
  • Added "Long password" policy in addition to "Strong password" policy
  • Added the option to set a privacy disclaimer per project, which will be shown to users whenever they enter data
  • Added registration whitelists to make sure only allowed email domains can be used when signing up
  • Added ability to delete any data object
  • Added customizable privacy notices
  • Added file names to form response exports
  • Allow for automatically removing users from projects after a custom period of inactivity
  • Fixes issue where form response export included a column for buttons
  • Added validation of phone numbers and emails when editing users from the users list
  • Fixed timezone awareness on One-Time passwords

Sprint 10 (2024-11-11 - 2024-12-01)

  • Added "Long password policy" in addition to "Strong password policy"

Sprint 9 (2024-10-21 - 2024-11-10)

  • Added ability for project admins to define a Privacy Disclaimer to be displayed on all forms (See relevant user manual entry)
  • Added ability for contract admins and project admins to define user inactivity rules (See relevant user manual entry)
  • Prevents app users from deferring password changes when security requirements mandate it
  • Added the option to display registration codes as scannable QR codes (See relevant user manual entry)
  • Added the ability to delete any project data point from the lists
  • Added ability for contract admins to have custom agreements added to their account
  • Added confirmation message when evicting users from project
  • Improved performance when signing in through SSO
  • Expanded the data export when exporting data for data subjects to include all related data point
  • Extended Form response Excel export to include file names as well (for file fields)
  • Fixes regressions related to case-insensitive usernames (emails)
  • Fixes issue where form validation was missing when editing users' phone numbers
  • Fixes issue where OTP validity timestamps were not displayed correctly

Sprint 8 (2024-09-30 - 2024-10-20)

  • Introduced the Contract Administrator role to have users help manage contract-level operations
  • Allows contract admins to force users to reset passwords for local accounts
  • Allows for marking form fields as required or not
  • Allows registration keys to timeout or have limited amount of usages
  • Updated training statuses to store completing timestamp rather than date only
  • User lockout notifications will now be sent by SMS if users doesn't have an email registered
  • Fixes issue where training completion time was not shown correctly
  • Improved structure of email notifications to better avoid being flagged as spam
  • Reconfigured web-server to be able to deliver file downloads in a distributed, light-weight manner allowing for thousands of concurrent downloaders
  • Fixes error where empty form responses from the app was not treated correctly
  • Renamed the "Player Activity" table to "Training Status"