Since the last release, we've continued our work on the new, improved user experience in the workspace. This is still not finished so you might see some stylistic inconsistencies between the elements at the moment.
In this 1.25 release of Workspaces, we have refreshed the look and feel of the user interface. Using the "Try new look & feel" button in your profile page turns these features on.
We've added some new layout options which should make the Workspace easier to navigate. You can now navigate between three predefined views:
- The developer view lets you see three panels at once on the screen.
- The tabbed layout moves you back to the more traditional view of the Workspace and lets you easily move between full screen tabs.
- The focused layout helps you focus on the tab you're currently working in.
You can also move the tabs around and arrange them as best suits you.
As well as this, we have;
- Updated the icons and labels in the navigation bar.
- Added the ability to remove the labels which give you more screen space.
- Updated the dataset list and files panels.
Please note that this is an early deployment of the new UI and therefore is not feature complete. Some actions, such as uploading a new dataset, are not yet supported and the user must go back to the classic look to carry out these actions.
The following issues are known, a fix will be delivered in the next fix pack:
- When a user tries to export a dataset as a datafile (CSV) from the dataset list, an empty csv is generated in the datafile list.
- When using the file editor, the user is not informed that if they navigate away from the page without saving then their changes will not be saved.
- When the user is in the dataset list and tries to create a custom view, there is no response from the 'Create custom view' button.
- When the user deletes a dataset from the dataset list, the confirmation message incorrectly informs them that they have removed a file rather than a dataset.
|Bug||Login form flashes briefly before the T&Cs are displayed||Resolves a bug at login where the login screen flashed briefly before the Terms and Conditions were shown.||XAP-8239|
|Bug||There is no focus styles on the navigation bar – keyboard navigation problem||Previously, when a user tabbed between elements in the UI, there was no visual indicator of where the focus was. This has been resolved so that the user can now see where their keyboard is focused.||XAP-9447|
|Bug||Bug – "ff" text is displayed sometimes outside the editor pane||Resolves a bug where the text "ff" was sometimes displayed in panels.||XAP-9530|
|Story||Workspace Ribbon framework||The new Workspace Ribbons now have the following features:
|Story||Generic support for Workspace panels||The Workspace panels have been updated.
Note: although Data Upload shows in an overlay, there is no functionality in the new layout; the user must revert to the classic layout to upload data.
|Story||Panel – Workspace File List||The Workspace File List has been updated:
|Story||"Copy link" to resource from File List and Dataset List||An option is available in the tools menu on a file list which allows the user to copy the location of the file to the clipboard.||XAP-9535|
|Bug||Repeatedly clicking save on text editor deletes content.||Previously, when a user repeatedly clicked "Save" in a text editor, the content of the file could be lost. This behavior has now been resolved so that changes to the file are saved.||XAP-9751|
|Task||Change Panel Layout clicks to navigate by URL||Due to the layout enhancements, we've slightly changed the way that the URL is shown. This shouldn't have an impact on the user.||XAP-9852|
|Task||Set panel focus when child gets focus||When more than one panel is shown on screen at once and the user clicks an action (such as a checkbox) inside one of the inactive panels, that panel becomes active.||XAP-9853|
|Task||Improve File List pagination information||Within a file list, the following information is displayed at the bottom of the panel:
|Task||Text Editor display in panel needs to be more responsive||We have made some improvements to the layout of the file editor. This includes ensuring that the content of the file is always properly displayed, maximising the editable area and moving the tags to the bottom of the page.||XAP-9857|
|Task||Dataset display in panel needs to be more responsive||We have made some layout improvements to the Data Table Editor; mostly to maximise the editable area on screen. Tags are now displayed at the bottom of the page.||XAP-9858|
|Task||Ensure that File and Dataset tabs always reflect the resource name||This change ensures that the name of a file or dataset is always properly displayed on screen.
Note: renaming a resource which is open is currently not supported
|Task||Improve R console responsiveness and general look and feel in panel||The R console has been improved for responsiveness. The boundary of the panel has been more clearly defined and the user experience should be smoother.||XAP-9860|
|Task||Pass filters to Files and Mini-apps panels from Ribbon URLs||The items in a panel can be filtered by selecting one of the following options in the Ribbon:
|Story||Panel – Dataset List||The Dataset list panel has been updated.
New features include:
|Enhancement||Disable/Hide pagination when appropriate on file list||An enhancement has been made to file lists so that the pagination options are only visible when they are relevant. For example, if the list is already filtered and only one or two items are shown, the pagination options will not be available.||XAP-9997|
|Bug||Scroll bars in R session panel does not allow JS to calculate height of panel||Within the R panel, the scroll bars have been adjusted so that the panel resizes properly.||XAP-10137|
|Bug||Harmonise Activity tab naming||The tab which was previously referred to as the "Summary" will now be known and shown as the "Activity" tab.||XAP-10151|
This small bug fix release addresses an issue where users may unintentionally delete a new dataset.
This item fixes an issue where a user may create a new dataset in the dataset library then unintentionally delete the dataset by closing the tab. Users will now be prompted on tab closure to check if they want to save or discard their edits.
We've been working on a new look and feel for Workspaces, to modernise the web user experience and lay the foundations for a more flexible research environment. Bear with us: You may notice some style mismatches between screens as we migrate the service to the new user experience.
This 1.24 release of Workspaces primarily focuses on delivering a new fully featured text and code editor to replace the existing code editor, the new look and feel navigation bar as well as displaying/managing the workspace list as cards:
- New text and code editor including syntax highlighting, code completion, code folding and keyboard shortcuts amongst many other useful features.
- New look and feel navigation bar with Workspace filter/knowledge base search and profile picture.
- New Workspace card view replacing the Workspace list.
- Bug fixes and improvements.
We'll be releasing look and feel changes incrementally over the coming months and would love to get your feedback quickly. To see if there are new changes, you can go to your profile and click to 'Try New Look & Feel'. This will toggle your session to use the alternate styles. Look out for changes after the next release – note that you won't see any difference in the alternate view with this release!
|Improvement||Improve Workspace Text and Code Editor||The new Workspace text and code editor includes the following features:
Please send us your feedback on the editor – we are working on a knowledge base article detailing all the available functionality.
|Improvement||Replace Web Application Nav bar with new design||New look and feel Navigation Bar including:
|Improvement||Display the Workspace list as cards||The Workspace list and side bar has now been replaced with a Workspace card view. Each Workspace is now represented by a card. The card displays:
The Workspace also provides a quick drop down filter to quickly filter on:
Search: either searches the knowledge base or filters the Workspace list.
Tenant Administrators will also be able to manage Workspaces and users through the new top ribbon menu instead of the now deprecated side bar. A number of features have been removed:
|Enhancement||Default New File to type .R||Reflecting our users' current priorities, the New File dialog now defaults to file type: "R file (*.r)" instead of "Structured Query Language file (*.sql)"||XAP-7216|
|Enhancement||Create new files with extension supplied by user in New File dialog.||The New File dialog will now use the file extension provided by the user and select the file type in the drop down if it matches a supported file type.||XAP-7217|
|Improvement||R/Bioconductor: GWASTools available for installation via r.aridhia.net||A user of the R Console or R Shiny should be able to run "install.packages('GWASTools')".||XAP-9331|
|Improvement||Allow scripts, documents & datafiles (once in the web UI) to be referenced by name||Files can now be referenced by name.
This includes: Scripts, Documents, Datafiles and images. This should make it easier to share links to resources in the Workspace and include them in the Workspace homepage.
|Improvement||Privacy Terms update||The Privacy Terms has been updated to reflect Aridhia's company address, link corrections and updating the details of the cookies used by the application.||XAP-9498|
|Bug fix||If a Workspace Admin clicks on a Workspace member, their account is shown as disabled when it is not disabled||When logged in as a Workspace Administrator and viewing a member user of a Workspace, the user's profile is no longer shown as "disabled".||XAP-9280|
|Bug fix||DTE search gives you white screen||Resolving the issue that under certain circumstances the Data Table editor search would result in a white screen.||XAP-9307|
|Bug fix||Login Screen and Password reset screen text alignment wrong||The login and password reset screens are now correctly left aligned.||XAP-9309|
|Bug fix||Airlock Attach Dataset not listing views for selection||Database views can now be selected for Airlock.||XAP-8330|
Today, we are happy to announce the release of Workspaces 1.23. This release primarily focuses on delivering enhancements to the Data Table Analytics, Data Table Editor and delivering new user interface improvements.
- Files in the datafiles folder can be managed directly through the Workspace Web User Interface.
- Five new analytical modules for the Data Table:
- Area Chart
- Single Mean
- Compare Means
- Analysis of variance (ANOVA)
- Data Table usability improvements:
- Improving the user experience when loading data
- Improved message and warning delivery
- Primary key creation
- Add multiple columns in a sequence
- Streamlining analysis: Run R scripts straight from the code editor and run generated R
- code in the R console straight from the Data Table
- New templates for creating Mini-apps using the single Shiny app.R file format
- Bug fixes and improvements
|Improvement||Show Datafiles in the Web||A workspace provides three file systems – for scripts, documents and data files. To date, the datafiles folder was only accessible programmatically in R or via a Virtual Desktop. This new feature adds the ability to work with workspace datafiles in the same way as files that exist in the scripts and documents tabs over the web.A third "DATAFILES" tab has been added alongside "SCRIPTS" and "DOCUMENTS". Datafiles will also be available for export via the airlock feature.||XAP-895|
|Bug fix||R session file access audit||With this release we have added even greater audit visibility of user activity in the R console. At hubs where the file system is Linux, additional file system events are auditable in the R console and R Shiny sessions:
|Bug fix||Workspace descriptions have poor formatting||This improves the formatting of the workspace Summary rich text display.||XAP-6443|
|Enhancement||Data Table Editor – Improve add column UI/UX||This enhancement improves the process for adding columns in the Data Table Editor. Users can now create multiple columns in one set of actions rather than as individual actions.When creating a new column in the Data Table Editor the user has the choice to 'Add and Close' to add a single column and close the dialog or 'Add and Next' to allow multiple columns to be added sequentially without the dialog closing.||XAP-6463|
|Enhancement||Data Table Editor: Create primary key sequence column||The Data Table Editor provides fine grained audit of cell-level edits. This enhancement adds a primary key column to a dataset which improves the performance of saving edits and is good practice in data management. A primary key provides a distinct 'index' value for a row in the dataset.When a dataset is loaded into the Data Table Editor, the presence of a primary key is checked for. If none is found, an auto incrementing sequence column will be automatically added to the dataset (default name 'id'). This will be set as the primary key column.
Note: this feature adjusts data in the workspace. It does not change the existing data in other columns. It adds a new index column in a dataset according to database management best practice. The user is given an informational message of this change. The user can alter the table to remove the sequence using SQL if necessary.
This change only applies when the dataset is stored in the workspace database. CSV files are not affected.
|Bug fix||workspace name ending with '_' (underscore) not accepting users||This bug fix addresses in issue in which workspaces with names with ending with an underscore could not accept user invitations.||XAP-6583|
|Enhancement||Audit all events undertaken by support in the management API tool||Aridhia service desk staff have access to the Management API: a support tool that interacts with component services that administers users and workspaces.
This enhancement ensures that Management API support tool actions are now audited;
The audit will include all actions and options that were supplied.
The audit will be routed to the hub workspace destination and include the logged in user.
|Bug fix||Welcome to workspace email should include the SFTP server details for all users except Observers||The current content of emails sent to users when they are invited to a workspace contains information on uploading data via the web or SFTP.Emails will now be tailored to the specific role-based access level of the users.
When a user is in the Observer role, that information is now omitted as they cannot upload data to the workspace.
Contributors will receive different information from Administrators and Standard Users due to the variation in their available upload options.
Note: this does not apply at RSRCH.
|Bug fix||Email from platform that your phone number have changed states that you get a DUO text message, but none received||This fix improves the wording and details of emails relating to the DUO Two-Factor Authentication service sent to users after a change of phone number. The new wording removes any ambiguity for the end user.||XAP-8155|
|Enhancement||Add single file Shiny template and make it default||This enhancement adds 2 new template options to the workspace 'New Mini-app' menu. This aligns with the current good practice of creating R Shiny apps with a single 'app.r' file.
The following templates will now be available:
|Enhancement||Streamlined 'Run script' button in files and R console||This is a usability enhancement. A 'Run file' button is now available when an R file is selected in the file list and when open in the editor.Additionally the R code snippet produced in Data Table Analytics will also display a 'Run in Console' button.
In both cases, the R code will be executed in an open R console. If there is no R console session, a new one will be created. These additions provide a smoother and more intuitive workflow.
|Bug fix||Shiny app www folder permission denied when files uploaded individually.||This bug fix addresses an issue where a user would experience an error stating folder permission was denied when accessing mini-app sub-folder contents.||XAP-8438|
|Bug fix||DUO iframe sits awkwardly within login page.||This bug fix ensures the two-factor authentication alert presented at login (from Duo.com) is now centered on pages of varying pixel width.||XAP-8439|
|Enhancement||Reduce the options to save images directly in the workspace preview||This is a security related enhancement. The workspace browser now has reduced access to right click 'Save as' and also reduced ability to drag and drop on images. This provides another barrier to users trying to circumvent workspace best practice.||XAP-8464|
|Enhancement||DTA – Implement Kernel Pool||This enhancement improves the performance when Launching a Data Table Analytics session. A pool of analytics resources are waiting ready to be used as soon as a user requests one. Previously, the user might have had to wait a few seconds for the analytics resources to be available.||XAP-8521|
|Bug fix||DTE dataset can be corrupted on load||This fixes an existing bug when reloading a "changed" dataset in the Data Table Editor.Users were warned if the data had changed since it was last viewed in the Data Table Editor.
The user could reload this changed data by pressing the reload button. However, if the data is sufficiently large, the reload action could conflict with the existing background loading process which was still in progress, resulting in 2 load actions corrupting the data displayed.
This bug fix stops this corruption and reloads the data cleanly.
|Bug fix||Data Table analytics fails when a column has a leading space (really easy to do in a csv)||Due to this bug fix, Data Table Analytics no longer fails to execute when a CSV column header contains a leading space.||XAP-8588|
|Enhancement||Streamlining warnings and errors/directives in the DTE load sequence||This is a usability enhancement. The user experience of starting a Data Table session in the first release has been greatly improved, as previously a number of messages were presented to the user in short succession, interrupting or simply delaying the user's intended action. We have reviewed the requirement for these dialogues and streamlined the loading sequence.In most cases, the user should see an indicator that the data is loading, and then they may get some informational messages which they can quickly dismiss. These include messages for when the user may want to edit a draft dataset, or revert to an old version of the data.
These messages do not interrupt the display of data. Editing data will automatically dismiss the messages. A user-interrupting modal dialog will still be presented if the user loses connection to the workspace.
|Enhancement||Hierarchical sorting of data table columns||This enhancement allows the Data Table Editor to sort data by multiple columns in a hierarchical order. Note: sorting does not change the underlying storage of the data so reloading the table will revert to the original order.||XAP-8618|
|Bug fix||Clicking on Modules dropdown after running module causes reset and re-run even if no new module is selected||This bug fix addresses an issue where clicking on the currently selected Data Table Analytics module no longer re-runs the module.||XAP-8633|
|Bug fix||IE11 – Cannot highlight text in note or in edit workspace meaning you cannot use bold, italic, bullets, numbers, links in your notes/summary||This ensures users of the Internet Explorer 11 browser can now select and highlight text for rich text editing such as: bold, italic, bullets, in the Workspace Summary and Workspace Notes.||XAP-8738|
|Bug fix||Data table analytics not aware of header change||This bug fix resolves an issue in which Data Table Analytics modules were producing an error if the header row was changed via the Data Table Editor menu and not saved. Modules can now be run in this instance (reflecting the data in the header row) without the error occurring.||XAP-8751|
|Bug fix||Data Table Analytics: Some modules cut off the parts of the 'descender' (g, y, p) of characters that extend below the base line||This bug fix resolves an issue in the configuration panel drop down fields for Data Table Analytics modules. Previously, the descender of characters such as y, g and p that extend below the baseline were cut off.||XAP-8755|
|Enhancement||Users should not be allowed to use save as 'Desktop image' from quick Visualisation||This is a security related enhancement.The option to save as 'Desktop image' has been removed from the Visualisation Save button menu. The save button is not available for users with the Observer role. The option to right-click on the Visualisation image in order to save-as is also now not available.||XAP-8765|
|Bug fix||Editing a workspace summary using Bullets or Numbers is not working||This bug fix resolves an issue in the display and handling of bullet points and numbering when editing a workspace Summary.||XAP-8846|
|Bug fix||Error when deriving a database view from a custom view||This bug fix addresses an issue where creating a database view from a custom view was sometimes producing an error.||XAP-9065|
In the 1.21 version of Workspaces we released the Data Table Editor, a tool for reviewing and editing tabular data and data frames within the web workspace. In this 1.22 release we have now enhanced the Data Table Editor to introduce a preview of Data Table Analytics – which gives users the ability to execute some of the most popular statistical visualisations, tests and modelling through an extensible system of analytical modules.
Analytical modules produce various charts or statistical analysis such as linear regression analysis and bar charts in a simple point and click manner. Charts and visualisations can then be saved to the workspace file system, so you can collaborate with other workspace users.
Each module can be executed using a natural column selection interface from the data table as well as manually setting parameters. This release includes the first fifteen modules of the 'Medical Statistics Core' bundle that will be completed in the next release.
Data Table Analytics will make data science more accessible to all our platform users, but particularly to part-time, 'point and click' researchers, providing a key stepping stone for those who are making a transition towards a more programmatic approach to data science using R. To support these users, a fragment of R code is automatically generated as part of each visualisation or chart. This code can then be easily copied into a file or executed in the embedded workspace R Console.
As a preview feature, we would like to invite feedback from users on the performance and utility of the preview and would appreciate your cooperation in reporting any issues with performance or system error reports whilst we test the scalability of the underlying system. As this feature remains in preview, a known limitation is that text and table outputs cannot be saved to the workspace, but this will be addressed in the next release.
For that extra helping hand for new users, documentation is provided for each module in our knowledge base, including links to best practice from the statistics and R communities.
This release also includes some enhancements and bug fixes.
Please note that not all features will be deployed at all hubs. Please check with the hub product manager to confirm if a specific feature is available.
|Enhancement||Workspace administrators can auto accept downloads when airlock is enabled||Currently, administrator workspace users can approve requests to export content from a workspace. The Airlock process allows users to transfer data to another workspace or download it to their local machine. In some cases (particularly for small projects with a single administrator) it is inconvenient and unnecessary to go through the individual steps of requesting, approving and then exporting the content. With this change, administrator users will now have the option to conveniently log their request and auto-approve it in one step. The option remains to request and approve separately. In either case, all individual Airlock steps are audited as standard.||XAP-5929|
|Improvement||Analytics Module – Density plot||This new Analytics Module provides a preview of a module in the Medical Statistics Core bundle which will generate Density plots. The Density Plot graphical output visualises the distribution of data over a continuous interval or time period. This chart is a variation of a Histogram that uses kernel smoothing to plot values and trends.||XAP-7784|
|Improvement||Analytics Module – Histogram||This new Analytics Module provides a preview of a module in the Medical Statistics Core bundle to generate histograms. This produces a graphical output of a histogram, which visualises the distribution of a single continuous variable by dividing the x axis into bins and counting the number of observations in each bin. Bins may be optionally split by a further categorical variable (e.g. gender). Number of bins and bin width can also be selected to change the visual aspect of the graph.||XAP-7785|
|Improvement||Analytics Module – Bar chart – Column Bar Chart||This new Analytics Module provides a preview of a module in the Medical Statistics Core bundle for generating a Column Bar chart. Column Bar Chart enables selection of a categorical variable and numerical variable for summarised data e.g. column means calculated. See frequency bar chart for pre-summarised data.||XAP-7786|
|Improvement||Analytics Module – Bar Chart – Frequency Bar Chart||This new Analytics Module provides a preview of a module in the Medical Statistics Core bundle for creating frequency bar charts. Creates a bar chart by selecting a categorical variable (X). This bar chart method is applicable for pre-summarised data, if your data contains summary statistics such as column means, look at using the summarised variation of bar chart.||XAP-7957|
|Improvement||Analytics Module – Box/Whisker plot||This new Analytics Module provides a preview of a module in the Medical Statistics Core bundle to generate Box and Whisker plot (Boxplot). This produces a graphical output of a Box and Whisker plot. Selecting variables will return the results of a five-number summary. Adding a categorical group variable visualises their distribution.||XAP-7787|
|Improvement||Analytics Module – Scatter plot||This new Analytics Module provides a preview of a module in the Medical Statistics Core bundle to generate Scatter plots. This produces a graphical output of a scatter diagram which plots two variables along an x and y axis by mapping distinct data points. It can be used to determine a correlation (or lack of) between the variables.||XAP-7788|
|Improvement||Analytics Module – Bubble chart||This new Analytics Module provides a preview of a module in the Medical Statistics Core bundle for generating bubble charts. This produces a graphical output of a bubble chart which shows the relationship between two variables, x and y (like a scatter plot) but the addition of a third variable dictates the relative visual size of each graphed data point.||XAP-7789|
|Improvement||Analytics Module – Line chart||This new Analytics Module provides a preview of a module in the Medical Statistics Core bundle for generating line charts. This produces a graphical output of a Line chart which maps data points of two variables ordered along the x-axis. The data points are then joined by straight lines.||XAP-7790|
|Improvement||Analytics Module – Crosstab||This new Analytics Module provides a preview of a module in the Medical Statistics Core bundle creating a cross tabulation. This produces a graphical output of a contingency table or cross tab. Cross tabulation groups variables to understand the correlation between different variables and is displayed as a table. It is usually used in statistical analysis to find patterns, trends, and probabilities within raw data.||XAP-7801|
|Improvement||Analytics Module – Student's T-test (with visualisation)||This new Analytics Module provides a preview of a module in the Medical Statistics Core bundle for Student's t-test. This produces an output that details either a one or two-sample t-test, complete with accompanying density diagram/s.||XAP-7802|
|Improvement||Analytics Module – Mann-Whitney U test (with visualisation)||This new Analytics Module provides a preview of a module in the Medical Statistics Core bundle for the Mann-Whitney U test. This is used to output a Mann-Whitney U test, a nonparametric statistical test for determining how similar the sample means of two variable groups are.||XAP-7803|
|Improvement||Analytics Module – Pearson's chi-squared test||This new Analytics Module provides a preview of a module in the Medical Statistics Core bundle for Pearson's Chi-Squared test. This produces an output of a statistical test related to the frequency distribution or statistical independence of categorical data. The output includes p and df values.||XAP-7804|
|Improvement||Analytics Module – Correlation||This new Analytics Module provides a preview of a module in the Medical Statistics Core bundle for correlation. Generates a statistical model used to test for the correlation between two variables of a given dataset. This test is used to estimate a rank-based measure of association. This module outputs a scatter diagram and the relevant correlation coefficient value.||XAP-7805|
|Improvement||Analytics Module – Linear Regression||This new Analytics Module provides a preview of a module in the Medical Statistics Core bundle for linear regression modelling. The module outputs a linear regression model: is a linear approach to the relationship between a scalar response and one or more explanatory variables. It helps to predict the value of a given variable as it relates to another set of variables.||XAP-7807|
|Improvement||Analytics Module – Logistic Regression||This new Analytics Module produces a graphical output of a logistic regression analysis. This is similar to a linear regression model but would be used when the dependent variable only has limited values.||XAP-7808|
|Bug fix||Error when running module if column name has double quote or backslash characters||When running a Data Table analytics module, the UI would return an error message if the dataset column names being selected contained particular special characters. Selecting column names containing these special characters no longer produces an error message.||XAP-8512|
|Enhancement||Improved layout and messages on the web upload wizard when integrated with DSA||Uploading data to a Workspace is a multi-stage process with several options. For this reason, an upload 'wizard' interface is provided that steps through each stage. In some cases, a Workspace can be linked to a Data Staging Area, including a de-identification service and catalogue store. As a result, additional options are available to the user which can vary the upload process time. This change improves the layout of the upload wizard by streamlining content, presenting clearer choices and providing progress in a clearer format. A future release is expected to provide even more fine-grained feedback on longer-running upload processes.||XAP-8111|
|Bug fix||Workspace member user role not working after changed by workspace administrator||This is a security related bug fix that addresses an issue found in the Workspaces 1.21 release. For existing users only, in very rare circumstances, changes to their role were not applied and the user kept their old role. Automated testing has also been reinforced for this scenario. Now, when existing users have their workspace roles changed, it is reflected in the UI and their workspace access levels.||XAP-8493|
|Bug fix||Regression – Read more/less link doesn't work when a dataset has a note with more than 2 lines||This bug fix addresses a presentation issue with longer comments attached to datasets. The comments can now be expanded from and contracted to a 2-line preview, rather than always showing the entire comment in the user interface.||XAP-7924|
|Improvement||DTE – Dynamic dataset/csv filename injection to code output to allow code to be pasted and executed in R session.||This addresses an issue in which code copied to clipboard in the Data Table Editor (DTE) could not be successfully pasted and executed in an R session. An issue existed where the pasted code did not refer to the correct filepath. This has now been rectified.
If you are using Internet Explorer, you might get a warning if you would allow the webpage to access your clipboard when you use 'Copy to clipboard'.
If you want to turn off this warning in Internet Explorer you can do the following:
1) Add the Workspaces host to your Trusted sites' host list: Internet Options / Security / Trusted sites / Sites / Add
2) Set 'Allow Programmatic clipboard access' to 'Enable' in your trusted sites: Internet Options / Security / Trusted sites / 'Custom level…' / Scripting / Allow Programmatic clipboard access
|Improvement||DTA – Jupyter enterprise gateway should be able to restart without causing significant user interruption||This is a resilience feature for the Data Table Analytics (DTA) facility. It prevents an analytics session ending if the underlying service fails. The user would only experience a slight delay in the service in this eventuality, rather than an outright failure. It also allows the underlying service to be upgraded without interrupting a user's session.||XAP-8517|
|Bug fix||UI should disable Run button if connection to data-table-editor API pod is disconnected||This enhancement addresses an issue where users could still select to 'Run' a DTA module even during a loss of connection. This would result in the module not running and displaying an error. Now when there is a connection loss, the 'Run' option is disabled until a connection has been re-established.||XAP-8522|
This release primarily focuses on delivering enhancements to the Data Table Editor, delivering new user interface improvements and self-service functionality for tenant administrators.
This release also includes:
- Improved self-service tenant administration functionality including changing workspace owner and the ability to suspend and re-enable user accounts.
- Self-service administration of user telephone numbers and multi-factor authentication.
- Support for workspace administrators to manage the firewall around Virtual Desktops via the portal.
- An upgrade to R version 3.5.0 and compatible versions of Bioconductor packages (3.7) and pandoc (2.1.3) are also provided.
- Security enhancements, bug fixes and improvements.
- Flow of audit information from service components to improve scalability and performance.
Please note that not all features will be deployed at all hubs. Please check with the hub product manager to confirm if a specific feature is available.
|Enhancement||Allow tenant administrators to suspend and re-enable user accounts||This enhancement has been introduced to improve administrative and security situations where user access to the platform and its services should be temporarily revoked. A new self-service function is provided for tenant administrators to suspend and re-enable user accounts. Suspension immediately revokes access to the services, ensuring that suspended users can no longer log in to any platform services. Users currently logged in will have their session terminated.
Suspended users are not removed from workspaces but cannot be invited into new workspaces and their roles cannot be changed within existing workspace memberships.
When a user account no longer needs to be suspended it can be re-enabled, at which point these users can access existing services.
All suspension and re-enablement actions are audited in the workspace audit log and an email notification informs the user their account has been either suspended or re-enabled.
Note that when a user's account is re-enabled they will need to re-configure their two-factor authentication security service using Duo.
|Improvement||Allow the owner of a workspace to be changed||With this improvement to tenant administration self-service, the owner of a workspace (such as the principal investigator on a research project) can be changed. This ensures that the right person is responsible and accountable for workspace activity and helps manage transitions in workspace ownership as teams change. All changes are audited.||XAP-4733|
|Bug fix||Files saved from a mini-app should be visible in the workspace||This is a maintenance bug fix to ensure that files generated and saved from a mini-app are stored correctly in the workspace file system and visible to users browsing files.||XAP-4839|
|Improvement||Increase the file size limit on file editing in web workspace||This performance and usability improvement increases the size of files that can be edited directly in the workspace. The new limit allows files up to 10MB to be edited. The editor is intended to manage code in both scripts and queries (R and SQL). This new limit will support thousands of lines of code.||XAP-5249|
|Bug fix||Address stylesheet referencing/filename bug||This is a maintenance bug fix to improve the handling of stylesheets used in the workspace web application and allow for customised styles used by partner sites.||XAP-5503|
|Enhancement||Add the option to not use header row after CSV load in the Data Table Editor||Not all CSV files have header information. Since headers are more common, the default functionality in the Data Table Editor is to use the first row as column headers. This usability enhancement gives the user the option not to use the first row as headers and rename those column headers in a suitable manner at a later date.||XAP-5687|
|Enhancement||Workspace virtual desktop firewall rules can be managed via Management API||Workspace virtual desktops are hosted in a distinct network and firewall rules prevent unauthorised inbound or outbound network traffic. This ensures that users can connect to their virtual desktop VMs and also that those VMs can access other VMs in the same workspace, as well as workspace resources such as the file system or the workspace database but not other systems. In some cases, a project should be able to access resources outside the Workspaces platform. For example, a project may need to download some data from a domain-specific source on the internet.
This enhancement facilitates self-service management of the workspace firewall. In this release, the change affects consumers of the platform Management API, such as users of the RSRCH portal. Administrators of workspaces using the portal can open the network of their virtual desktops with up to 30 firewall rules within some constraints:
|Enhancement||Allow views to be exported as CSV files via Airlock||A view is useful mechanism to define a subset of data to export. With this enhancement, users can select a database view for export via Airlock. The Airlock process remains unchanged but views will now have an 'Airlock' button, allowing them to be added to the current Airlock export bundle.||XAP-5931|
|Enhancement||Implement search functionality in the Data Table Editor||This enhancement provides search functionality to the Data Table Editor. Entering text in the search box and pressing the return key will highlight matching cells. The number of results are shown next to the search box. Move from match to match by pressing the enter key. If results are on another page of the table, moving to the next term will change the page.||XAP-6084|
|Bug fix||Handle loading of the latest version of a CSV file for scripts/documents while a Data Table Editor session is still active||This usability bug fix tries to address situations where a user has been editing data using the Data Table Editor but has finished their session without saving the table. The Data Table Editor will maintain a live editing session so that the user can resume editing. If the user (or another user) edits the underlying file, creating a new version of the CSV, the Data Table Editor will now prompt the user to save the current edits to a different file using a 'Save As' process.||XAP-6240|
|Enhancement||Improve loading in the workfiles tab||This performance enhancement improves the loading of scripts and documents (also known as 'workfiles') by limiting the loading batches of 50 files at a time for display, rather than fetching details of all files in that folder. For folders with large numbers of files, this should result in significantly improved performance.This change has been implemented in the file browser and other interfaces where files are displayed, e.g. the Airlock file selection.||XAP-6367|
|Bug fix||Address IE10 Data Table Editor column header issue where drop-down menu is not right aligned||This bug fix addresses an issue in the Data Table Editor which was reported as specific to Internet Explorer 10. In order to access column-level functions, the user clicks a small control at the top right of the column header. The fix ensures that the control is displayed with the correct alignment.||XAP-6537|
|Bug fix||Address IE10 Data Table Editor column header issues where drop-down menu is not always shown||This bug fix addresses an issue in the Data Table Editor, which was reported as specific to Internet Explorer 10. In order to access column-level functions, the user clicks a small control at the top right of the column header. The fix ensures that the control is displayed as expected in the correct position for that browser.||XAP-6539|
|Enhancement||Upgrade to R 3.5.0 and corresponding Bioconductor||The version of R used in the R console and in the R Shiny mini-apps service has been upgraded to R 3.5.0. Related to this, the compatible versions of Bioconductor packages (3.7) and pandoc (2.1.3) are also provided.||XAP-6547|
|Bug fix||Reduce the window size to no rows results in Data Table Editor pagination showing minus numbers||This bug fix improves the way the Data Table Editor responds to browser window resizing. If the user makes the browser window very small, a warning to 'Resize the window to display table' will be rendered. Previously the user might have experienced broken pagination links.||XAP-6556|
|Enhancement||Allow user to change their own telephone number||This self-service enhancement allows a platform user to edit their own phone number via their profile page.If the user has enabled the two-factor authentication (2FA) security service on their smartphone, the phone number change will trigger an update to the 2FA provider, Duo.com, and the user will be prompted to update their device.||XAP-6592|
|Bug fix||Full screen toggle control disappears on other tabs when toggling on the R session tab||This bug fix addresses an issue with the R console reported in some browsers at high definition screen resolutions where the on-screen toggle for full-screen view was being hidden behind the application sidebar.||XAP-6619|
|Bug fix||User interface hangs when trying to load a folder with a dot (.) or other special characters in the folder name||This bug fix improves the creation of new folders in the workspace web interface where the name contains special characters. The fix also improves the handling of links to folders where special characters have to be encoded for inclusion in a link (URL).Please note that It is not permitted to create a folder name starting with a period or dot character '.' as this will raise an error message.||XAP-6632|
|Security enhancement||Missing X‐frame‐options header in PDF viewer||This item fixes a security issue raised during internal security scans. The component displaying workspace PDF files did not include the required HTTP security header to prevent attacks based on hijacking the frame (aka 'click jacking'). The framing headers are now consistent with the rest of the user interface and are set to prevent framing of the PDF viewer by any component other than the workspace application.||XAP-6636|
|Security enhancement||Review content security policies on error pages||This is a security related enhancement. Following an internal security scan of the web workspace, content security policies were added to static error pages to ensure consistency with dynamic parts of the application.||XAP-6639|
|Bug fix||Enter key does not work on the Data Table Editor 'Save As' dialog||This is a bug fix to ensure that in order to save from the Data Table Editor, the user can both click the 'Save' button and press the return key.||XAP-6647|
|Bug fix||Updating name of a dataset column with a different type and simpletype in the Data Table Editor can result in an error on save||This bug fix addresses an issue when renaming a column in the Data Table Editor indirectly caused an error related to the column type in the underlying database.||XAP-6673|
|Bug fix||Increasing the window size when on last page causes the Data Table Editor to show 'No rows found'||This bug fix address a problem with the Data Table Editor when resizing the browser window. When users were on the last page, resizing the screen resulted in 'No rows found' being displayed in error. In this situation the last rows of the table should be displayed, suitably paginated.||XAP-6684|
|Bug fix||SFTP transfer fails when trying to version a file that is no longer on disk||This is a maintenance bug fix improving the interaction between the workspace file management and the processing of uploads via SFTP. Under certain circumstances, the SFTP upload process would fail when transferring a file to the workspace if a file of the same name had previously existed. This change avoids an error due to the timing between the upload process and the file management process.||XAP-6687|
|Enhancement||Improve colour of selected mini-app tiles||This enhancement addresses a minor issue with the colour scheme of mini-apps tiles used in the workspace, improving the clarity of selected and non-selected tiles.||XAP-6696|
|Bug fix||Integration with Data Table Editor file versions/replay log||This bug fix ensures that when a user saves a data table back to file, a new version is created.||XAP-6772|
|Security enhancement||Set strict transport security||This is a security enhancement. A recent external penetration test raised a low risk concern that not all web traffic in the web workspace would be forced onto secure transport (HTTPS). In some cases, static images and stylesheets might be requested with plain HTTP. Further internal investigation identified a number of API endpoints that did not enforce secure transport. A normal user session started in HTTPS would ensure that traffic was using HTTPS but a malicious user could inspect the headers and request particular resources without HTTPS set. This enhancement ensures that all traffic for the web workspace has the correct header to enforce secure transport.||XAP-6865|
|Security enhancement||Input validation issues result in cell injection||This is a security fix. A recent external penetration test reported an issue where users editing data in the Data Table Editor could create cell content that indirectly could affect Excel users. Data Table Editor edits will appear in the audit log which can be downloaded by administrators, and subsequently loaded into Excel. A malicious user could insert a valid Excel function anticipating download of the audit. This might for example, construct a hidden link to a malware site. Improved validation and escaping of audit content removes the risk of this exploit.||XAP-6867|
|Enhancement||Rename 'numeric' field type to 'decimal'||In order to simplify the user experience around decimal fields, the Data Table Editor and the dataset preview feature will now use the term 'decimal' consistently rather than 'numeric' for those column types which can support decimal fractions.||XAP-6885|
|Bug fix||Dataset without specified varchar length prevents the Data Table Editor displaying data||This bug fix addresses an issue where a user might have a database table with character fields defined without specifying number of characters (i.e. `VARCHAR` rather than `VARCHAR(NNN)`. This specification will no longer be rejected by the Data Table Editor in error and the data should be displayed as expected.||XAP-6918|
|Security enhancement||Enhance content security policy configuration for duosecurity||This is a security enhancement. A recent external penetration test raised a concern with the content security policies related to integration between two-factor authentication and the workspaces web application. This policy now restricts content from the two-factor authentication security service provider Duo.com to specific fully qualified addresses, reducing the risk of malicious content being loaded in error.||XAP-6953|
|Security enhancement||Prevent SQL error if entering unfriendly resource names||This security bug fix is the result of a recent external penetration test which highlighted an issue in the Data Table Editor.If an error occurs in the normal use of the workspace Data Table Editor, it may be logged in the workspace audit log. The penetration test raised a concern that these errors disclosed too much about the underlying database in use and the type of validation that occurs. This fix reduces the risk that this error reporting process might be exploited by a malicious user.||XAP-6964|
|Bug fix||Opening, editing and then saving a CSV file in the Data Table Editor with carriage return results in a server error||This bug fix ensures that CSV files with carriage return characters are managed correctly in the Data Table Editor and can be saved back to file or database without error.||XAP-7142|
|Enhancement||Update the Data Table Editor search function to be case-insensitive||This enhancement ensures that search terms in the Data Table editor will match on cell values irrespective of case. Upper, lower and mixed case matches will match, improving the findability of cell values.||XAP-7192|
|Security enhancement||R console session history fix||This security bug fix ensures that when a user uses the R console, the system maintains a recent history for the current session. An issue was reported where a new session could be started, and the commands used in a previous history were available (by pressing the 'up arrow' key). These commands were specific to the current user but may have come from an unrelated workspace and therefore potentially disclose information. The fix ensures that the session history is also specific to the current workspace.||XAP-7316|
|Bug fix||The same validation of special characters should apply to both renaming and creating folders.||This maintenance bug fix addresses an inconsistency between renaming and creating folders with regards to which characters are allowable in folder names.||XAP-7428|
|Enhancement||Allow tenant administrators to delete workspaces||This enhancement makes it easier for tenant administrators to clean up unwanted workspaces using the integrated self-service user interface. Previously, deleting workspaces required a service desk request, however this enhancement adds this function to the self-service screens and automates the process of workspace deletion. The underlying process for deleting workspaces remains the same.||XAP-7436|
|Bug fix||R Shiny logs to be viewable regardless of mini-app name capitalisation||This bug fix addresses an issue where R Shiny debug logs were not visible to end users in the case where the mini-app name was capitalised. This fix includes workspaces which contain variants of capitalisation: e.g. 'all_lower' , 'ALL_UPPER', 'Cap_case' and 'camelCase'.||XAP-7633|
|Enhancement||Do not clear user's browser proxy exception upon logging into virtual desktops||Until this release, web access from a virtual desktop was routed through a proxy service, limiting access to a whitelist of external and internal sites. With the introduction of self-service management of firewalls for workspace virtual desktops, this would limit users accessing services that they have intentionally opened the firewall for. Firewall rules will prevent accessing other external services. As a result, the service will no longer ensure that proxy settings are reset every time users log into the virtual desktop.||XAP-7708|
|Bug fix||Users cannot see third line of comment content in the workspace summary tab||This bug fix addresses a display issue in the comments section of the workspace activity summary tab, where the third line of the comment text was obscured.||XAP-7709|
Workspaces release 1.20 delivers new functionality to improve the flow of audit information from service components to improve scalability and performance.
Please note that not all features will be deployed at all hubs. Please check with the hub product manager to confirm if a specific feature is available.
|Improvement||Audit scalability||The platform sub-system responsible for managing the flow of audit information from service components has been re-engineered for improved scalability and performance. The new system reduces bottlenecks that could cause delay in availability of audit information and improves the performance when a Workspace administrator downloads their audit log.||XAP-1518|
|Bug fix||Password reset field displays wrong form and token in error||This bug fix resolves an issue where the password reset screen displays the temporary token used to authorise the reset. The token is used in the link provided and in the URL displayed in the browser and is cross-checked with a time-bound valid token in the server.
In some cases, the user followed the link in the reset email, but instead of being shown the form to reset the password, the user was shown a field requesting their username which displayed the token. The fix ensures that the correct form is shown.
|Enhancement||Upgrade to R 3.4.3||The version of R available in the R Console and used in R Shiny mini-apps has been upgraded to version 3.4.3. Related to this, the compatible versions of Bioconductor packages (3.6) and pandoc (2.1.3) are provided.||XAP-5349|
|Security Enhancement||SFTP session control and filtering for unauthorised access attempts||
This is a security enhancement. At one of our hubs, multiple brute force attempts at unauthorised access to the workspace SFTP service have been observed. As a result, a configuration is being deployed to detect this kind of access and deny access from the originating internet address (IP) for a period of 30 minutes. The configuration will deny access where in a short period of time there are:
If users experience difficulties with this configuration, Aridhia's service desk team should be contacted.
|Enhancement||Do not use application cookies without user consent||This enhancement has been made in response to a customer security survey and to ensure compliance with European Union regulations on the use of web browser cookies. Cookies are essential to provide the functionality of the web workspace user interface. Only a session cookie is required and all other information is stored on the server. No 3rd party cookies are used. With this change, when a user access the web workspace for the first time, they will not have a session cookie set until they agree to the summary terms and conditions. Previously, a test cookie was set (to check whether the user's browser would accept cookies).||XAP-5564|
|Bug fix||Improve handling of connection error on workspace/DSA integration point||A workspace is integrated with a tenant-specific Data Staging Area. In this case, for the upload wizard functionality there is a direct connection between the user's browser and the DSA API endpoint for imports. In some configurations, network-based access rules are applied to that endpoint (for example, access is only permitted within a hospital network). This bug fix improves the error handling in the case where the user tries to upload to the DSA but connection is not possible.
If the workspace has the DSA upgrade enabled, the upload wizard will attempt to connect to the DSA API responsible for import. In some cases, the user may not be able to connect to that API, for example because they are accessing the service from a network that is not permitted to connect to the DSA. When this occurs, a clearer error message will be displayed to the user.
|Task||Verify that the SFTP README content is appropriate for the new SFTP capability in 1.19.11||When a user logs into the workspace SFTP interface, a README file provides guidance on how uploads can be configured. The wording of the README has been revised and aligned with the Knowledge base guidance on best practices for uploading. See Guidance and best practices for uploading.||XAP-6198|
|Improvement||Move File sync to read only batch insert||This is a platform maintenance change to improve the interaction between the web workspace application and the workspace file system. The web component of the workspace service uses a synchronisation process to keep a model of the file system structure of the workspace. A review of the batch process following a related issue (XAP-6222) indicated that its security could be hardened by removing some indirect write operations and making it read-only. This change reduces the risk of unwarranted write operations by a system service account.||XAP-6276|
|Bug fix||Data upload of csv file without a header does not produce correct TDF file||The upload wizard for CSV files in the web workspace UI generates a specification file that defines the configuration used for the upload (known as a Table Definition File, or 'TDF'). This bug fix addresses an issue where the output TDF file was not recording that the CSV should be loaded without treating the first row as column headers.||XAP-6323|
|Bug fix||Edit Profile – Edit Photo Button does not work in SMS-IC||This bug fix addresses an issue with the look and feel at the SMS-IC instance of Workspaces where users were no longer able to edit their profile image.||XAP-6324|
|Bug fix||User profile pictures distorted when aspect ratio is not 1:1||This bug fix addresses an issue where users' profile image icons were being displayed incorrectly (either squashing or stretching the image) in the workspace members list and user profile.||XAP-6405|
|Bug fix||Data preview does not show same digits for real and double precision as the Data Table Editor||This bug fix addresses an inconsistency in the display of decimal numbers between the Data Table Editor and the preview of the workspace database. Floating point or real numbers are decimal numbers which are stored with limited precision in databases. For example, a number that is intended to be '-0.9' could be stored as '-0.899999' or similar in the database. The display system, such as the Data Table Editor, should display the data as intended.||XAP-6677|
|Bug fix||SFTP – Unable to log in using domainusername||This bug fix restores functionality whereby users were no longer able to log in to the workspace SFTP service using a combination of directory domain and username (in the form DOMAINusername).||XAP-6965|
|Bug fix||Password reset link in email fails when browser has not accepted cookies||This bug fix ensures that passwords can be reset when a user has not already agreed to storing the session cookie in their browser.||XAP-7201|
|Bug fix||Critical vulnerability in workspace New Folder creation||This bug fix addresses a security vulnerability in the folder creation process using the Workspace web user interface. This prevents a malicious user from injecting malicious code as part of the request.||XAP-7320|
Workspaces release 1.19.12 delivers a significant new capability which addresses users' requirement to edit, modify and create new data tables from within their workspace. The first version of the Data Table Editor has been shipped as part of this release, with further iterations expected in coming months.
Please note that not all features will be deployed at all hubs. Please check with the hub product manager to confirm if a feature is available.
|Improvement||Editing Data tables within the Web Workspace||The Data Table Editor is a new optional component in the web workspace which enables users to quickly and easily edit, modify and create new data tables in a fully audited process. The 1.19.12 release includes the first version of this new functionality.
The Data Table Editor is designed to work with a specific data structure known as a 'data frame' whereby each row represents a study record and each column is an identifier, a variable or an outcome measure in that study. This allows users to manually prepare data, including:
Key features of this initial Data Table Editor release include:
Future iterations are expected to feature analytical modules optimised for the biomedical field.
More detail on using the Data Table Editor can be found at knowledgebase.aridhia.io/article/using-the-data-table-editor/
|Bug fix||If tenant admin highlights a workspace in their organisation, a 'workspace_access' event is logged in the workspace||This releases fixes an issue whereby tenant administrators triggered unwarranted audit events when browsing the list of workspaces they administer. The event was unnecessary as the tenant administrator was not accessing either the workspace or its data. This release ensures that workspace administrators will no longer see a 'workspace_access' event related to such tenant administration actions.||XAP-5396|
|Bug fix||If you upload a file with the same name at same time in two different SFTP folders for same workspace, one will not be processed||This is a platform maintenance fix. A bug was reported whereby a user could upload files, but only one file was processed. This was the case when files with the same name were uploaded to the /data folder and at more or less the same time to one of the /documents or /scripts folders. This issue was traced back to the way in which intermediate files were named in the ETL process and additional hardening ensures that files are handled correctly. As such, files arriving on the ETL export will have a random number suffix in addition to the already existing date timestamp suffix. This internal convention is opaque to the end user.||XAP-5816|
|Bug fix||Unexpected audit messages in demo workspace||This release fixes a bug reported on audit log contents where an internal demo workspace was recreated. An issue was reported at one of the workspace hubs whereby audit events were misattributed in cases where a workspace was deleted and then recreated with the same name. Until workspace deletion, events should be attributed to that workspace. After deletion, in some cases, audit events were being attributed to a new workspace of the same name. Additional guards were placed to ensure that events are no longer being misattributed. In addition, the audit log now provides information about the role users were in at the time of activity logged.||XAP-5860|
|Bug fix||Version menu does not refresh content of current version when moving from a previous version||This release fixes a bug in the interaction between the workspace web user interface and the sftp upload components which caused versions of files with the same filename to be mismanaged. The fix ensures that updates to files maintain the version history.||XAP-6012|
|Bug fix||Cannot save plot from R||This release fixes a bug within the R console reported at hubs following the 1.19.11 release deployment. Saving images from the R console no longer raises a server error.||XAP-6328|
|Bug fix||There is no audit event logged when uploading to the datafiles folder||This is a security-related system maintenance fix. A bug was found in release 1.19.11 whereby SFTP uploads to the /datafiles folder were not logged. This was traced to a misconfiguration of the monitoring and audit subsystems and a change in this release restores the expected behaviour.||XAP-5440|
|Improvement||Optimise workspace members dialog with server side paging||Workspace administrators can invite new members to a workspace using an 'invite' tool. This release speeds up the performance of this tool when searching or paging through the list of users. The search function works across first name, last name and department.||XAP-5496|
|Improvement||Document upload should allow up to 1GB files||This release ensures consistency between limits on uploading CSV files as data and uploading files to the /documents and /scripts workspace folders. Both routes cap the acceptable file size to 1GB.||XAP-5934|
|Bug fix||Password expiry emails not being sent||This release fixes a configuration issue where a convenience email was not being sent to users close to expiry of their passwords.||XAP-6131|
|Improvement||Point and click option to delete datasets||This feature enhancement make it easier for users to manage their data by bringing the option to delete datasets (database tables and views) directly into the workspace.Previously, deleting datasets required users to write a DELETE query in the SQL Editor. This enhancement allows users to easily delete assets using a delete button in the workspace right-hand sidebar. Upon selecting to delete an asset, the user is prompted to confirm the deletion of other database objects that depend on that which is being deleted.||XAP-4397|
|Bug fix||IE10: Editing workspace summary text lose newlines||This is a maintenance bug fix related to the way the IE10 browser handles edits to the workspace summary description. Due to limitations in the way the browser works, new lines of text were being lost. This release provides improved handling of the IE10 case in order to preserve this new content.||XAP-4622|
|Bug fix||Copying dataset through Airlock results in failure if integer column contains NULL values||This bug fix addresses an issue with data uploaded with field-level annotations specifying how to handle empty or null values in the source CSV files. If such files were subsequently exported from the workspace through the Airlock, the way the annotation was handled at that stage failed.In this release, this issue is fixed, ensuring that all values, data types, nulls and metadata are preserved.||XAP-4813|
|Bug fix||Incorrect password validation feedback||This is a security-related system maintenance fix. The 1.19.12 release provides improved handling of how password validation is shared between the workspaces web application and the underlying user directory. However, due to technical limitations in the directory service, it is not possible to address all validation errors. Users should therefore follow the guidance on safely resetting their passwords provided at knowledgebase.aridhia.io/article/recovering-and-resetting-your-workspaces-password/.||XAP-5116|
|Bug fix||Users with mixed case email will not be able to login||This is a security-related bug fix to internal platform integration. Changes in the centralisation of user information require an internal check of the user's email address. An issue arose whereby users could not log in to their workspaces if the email address on record in the workspaces services did not match the case of the user's email in the platform Management API. This issue has now been resolved.||XAP-5218|
|Bug fix||Incorrect options provided in data upload workflow when DSA upgrade is enabled||This item fixes three bugs related issues to the data upload workflow. This issue was reported by a tenant at one hub where their workspaces can be integrated with their tenant specific Healthcare Landing Zone (HLZ). The upload process has been changed to ensure that the presence of the integration is interpreted correctly and the correct options are provided to the user when uploading data.||XAP-5371|
|Bug fix||Next button in Workspace list takes you to an empty Workspace list||This release fixes a bug in the pagination of workspaces where, in some cases, the 'Next' navigation button did not take the user to the appropriate page.||XAP-5497|
|Security Enhancement||Potential path-based vulnerability in version API||This is a security fix. A customer-initiated security scan indicated that a static file that provides the current version of the workspaces internal API could be retrieved using path wild cards, e.g. /VERSION could be retrieved using /VERSION.gz. This was a low impact risk as no data was exposed, however the capability has been removed as a precautionary measure.||XAP-5524|
|Security Enhancement||Clickjacking – Framable Page risk in static content||This is a security related change to reduce the risk of the specific content in the web workspace (e.g. static terms and conditions) being maliciously embedded in a 3rd party site as part of an attack. The low impact risk was highlighted in a customer-initiated scan.||XAP-5527|
|Security Enhancement||Harden SSH ciphers and remove redundant puppet code||This is a security-related maintenance fix. Feedback from 3rd party penetration testing recommended removing ciphers in the user SFTP and service access interfaces (ssh) that are now considered weak. Reconfiguring automated component deployment ensures that the weak ciphers are no longer accepted for connections across the platform entrypoints.||XAP-5825|
|Bug fix||Newly created file with the same name as a file in scripts root dir will incorrectly assume that the file was moved from scripts||An issue was raised by customers at one of our hubs where files with similar names conflicted with an internal process and in some cases content was over-written as a result. This release formalises an interim patch release which addressed the issue and has already been deployed to the hub.||XAP-5910|
|Bug fix||workspace_deletion event didn't show up in api local audit file||This is a security-related system maintenance fix. When a workspace is deleted, an event will now be consistently logged to the platform audit log.||XAP-6063|
|Bug fix||Errors raised when processing SVG images||This is a maintenance fix. Internal monitoring of error logs raised an issue where SVG files were not being handled consistently as image files, which raised unnecessary error messages.||XAP-6128|
|Security Enhancement||Where the Application Server mount is unavailable or unstable the file sync may delete content||This is a maintenance fix. An issue arose in a hub where instabilities in the integration of the workspaces web application, the workspace file system and other networked systems could cause some files to be deleted in error. The instabilities reported were found in the file system component when operating under heavy network load. An investigation was undertaken, interim actions taken and this release implements a system change that removes the risk.||XAP-6222|
Workspaces release 1.19.11 delivers new functionality to improve the performance of SFTP uploads and enable self-service provisioning of Data Staging Areas (where this feature is offered).
Please note that not all features will be deployed at all hubs. Please check with the hub product manager to confirm if a feature is available.
|Improvement||Use central file system for SFTP and ETL file storage||To improve the performance of the SFTP-based workspace data upload functionality, internal changes have been made to the way data is stored and processed at the time of ingest. The previous system staged data in an interim location prior to processing, resulting in bottlenecks where a user was uploading large files or many files. The new design writes inbound data directly to a secure area of the underlying file server used by the workspace. When transferring large files, this provides significant performance advantages at the time data is received, as well as the time it is transferred to the secure workspace file system. Concurrent usage is also improved.At the same time, we have improved our testing framework and test runs to obtain better data about system performance. This should lead to future improvements and enable Aridhia's Workspaces team to work with customers to troubleshoot any problems that may arise.
Please provide feedback on performance via email@example.com
|New||Self-service provisioning of Data Staging Area resources||Workspaces Ecosystem customers may implement a Healthcare Landing Zone (HLZ) in order to bridge a hospital network and workspaces. Within the HLZ are two key resources: a Data Staging Area (DSA) which provides the ability to manage data for secondary use, and a De-identification Service, where sensitive information can be stored and retrieved if research participants need to be re-contacted for follow-up.Where integrated self-service provisioning is in operation, a Tenant Administrator may enable or disable the DSA functionality for workspaces in their organisation.
Not all the Workspaces customers have implemented a Healthcare Landing Zone. In those cases, the option to upgrade a workspace with DSA functionality will not be available.
|Improvement||R 3.4.1 support||The version of R used in the R console and R Shiny was updated to R 3.4.1. Related packages in the CRAN mirror were updated for compatibility.||WORK-322
|Bug fix||Need a more powerful 'iconv' for the R console||The utility 'iconv' converts text from one encoding to another. For example, text from a Windows-encoded file might need to be converted to the international standard UTF8. The version of 'iconv' available to R packages on the R console is the open source 'gconv'. This was reconfigured to ensure proper functioning.||WORK-328
|Bug fix||R console time is out of sync with the rest of the platform||A system configuration issue was addressed where the system time reported on the R console was not in sync with times on other platform components.||WORK-354
|Improvement||Confusing 'export to datafile' button in datasets view||Some users reported that the option to export from the database to the workspace 'datafiles' files folder might be misleading, and that clarification that it is not an export out of the workspace (which is provided by the 'Airlock' function) was required. A warning message was added to the Export dialogue to clarify what the function does and indicating the option to use the Airlock function.||WORK-351
|Improvement||Link to online help uses the Knowledge Base||When the user clicks the menu link to get 'Workspaces help' they are now taken to the improved user guides at knowledgebase.aridhia.io.||XAP-4756|
|Bug fix||Non-scrolling page in dataset upload||When uploading data via the web workspace functionality, the user is given a screen to define metadata and processing instructions for each field in the inbound file. Improved scrolling addressed an issue where some fields could not be displayed when the user's browser window size meant that it was unable to scroll to the fields below the bottom of the display.||WORK-370
|Bug fix||Keep workspace context when clicking workspace summary links||Links in the workspace summary page were taking users to a new tab, where they might lose workspace context (such as a running R console). This has been fixed to ensure that users stay in context.||XAP-4465|
|Bug fix||Improved memory handling on audit download||In some cases, the process to generate a download from the workspace audit was causing server memory errors. This has been partially addressed to reduce the risk of disruption to users. Further work is planned in 1.19.12.||XAP-4545|
|Bug fix||'Date' attribute defaulting back to 'text' when uploading csv via UI||When uploading data, a user can change different data types for columns from those provided by the CSV parsing system. When the encoding is changed, the CSV file is re-parsed since the column delimiters might be affected by the encoding. A bug fix ensures that if the columns have not changed, user choices should be retained.||XAP-4956|
|Security enhancement||The image preview endpoint is restricted to image content types||In an earlier release, an issue was fixed where authorised users could call an internal URL to download their workspace files without audit. This has now been further enhanced to ensure that the URL endpoint is used as intended: the URL will only permit audited access to image files (gif, jpeg, png, svg, bmp, icon).The choice of image file types supported is based the W3C standard for mime types and best practice of web-safe image types, since this internal URL is intended only to display images in browsers during a valid workspace session and is not presented directly to the end user.||XAP-4195|
|Security enhancement||Audit event added for PDF preview||Following a review of the item described above, the internal URL used to display a PDF file during a valid workspace session was given an additional audit event, in case a user subverted its use to attempt to stream PDF data outside the browser.||XAP-4596|
|Security enhancement||Observer users should not be able to attempt to execute SQL using a keyboard shortcut||An Observer user should not be allowed to run any SQL queries, but can view/open the SQL workfiles. When an Observer accesses an SQL workfile, the Run file button is disabled by default. This has been reinforced by preventing a user from executing the SQL using an existing (but not displayed) keyboard shortcut that was not disabled for Observers. Underlying database permissions already restricted the impact of this attempted execution. Previously, when an Observer executed SQL using the shortcut to retrieve results, no data was returned. Similarly, no data could be added or deleted by this route.||XAP-4812|
|Improvement||Show more details on error dialogs when provisioning errors occur||When tenant administrators provision workspaces, errors can sometimes occur. In order to facilitate support and resolution of the underlying issues, the error dialogue has been improved to include more detail about the context of the error.||XAP-4316|