Release Notes for Workspaces

Workspaces version:

2.1.2 Summary

In this release we have developed our new Inbound Airlock feature.

The Inbound Airlock is a brand new Workspaces feature which increases security and future proofs our import functionality. On upload, a workspace user can now use our new tab to select the files they want to import, these are then sent to an Airlock where they are malware scanned before being delivered to the workspace file or blob store.

We have also introduced an Inbox. The Workspace Inbox can be set as an upload destination and can be used as a holding pen for incoming files. In the future, contributors will be able to leave files here, and artefacts coming from other collaborations or workspaces will also land here.

These features are further described on other pages of our Knowledge Base.

We have also added a bunch of security and stability enhancements behind the scenes as well as fixing the bugs detailed below.

As ever, if you have any questions or feedback about our Workspaces, please do not hesitate to get in contact via our Service Desk.

Known Issues

Tile image on Mini-apps

In the current version, the image used as the tile on Mini-apps must be named "tile.png" (capitalising .PNG will mean that the tile does not show).

User shows as removed

You might see that some users show in the Summary tab Activity List as "Removed User" when they have not been removed. This is a bug which we will fix in the next release.

Files not deleted from the Inbox

When files are moved from the inbox into the workspace files or blobs, they are not automatically removed from the Inbox. This will be fixed in the next release.

Released Features

Status	Feature	Description	Reference
Story	Allow successful usage of RStan package in R Console (pandoc dependency) R3.5.3/3.6.3	We have made the package “rstan” available. See mc-stan.org for more information. It can be installed using the usual commands: “install.packages('rstan')”	XAP-3578
Bug	"server error" when attempting to save quick visualisation	Users can now save data table visualisations as a working file.	XAP-4391
Bug	No app_run audit event when running mini-app from workspace on Azure	This ticket makes sure that an audit event is shown when a mini app is run	XAP-10689
Bug	Azure: Typing quit() does not quit the R console immediately; you have to hit enter twice	The workspace user can now quit the R console by typing “q()” and return	XAP-10697
Bug	When a Mini-APP is used after 60 min and token has been refreshed you get 403 forbidden error	We have made a change so that mini apps can be left open for longer than an hour without the session timing out	XAP-10831
Bug	Deleting subfolder hierarchy you have not yet visited results in server error	We fixed a bug where deleting a workspace item in an unvisited subfolder caused an error.	XAP-11596
Task	Shiny – Verify Mini-App from UKCloud runs on Azure	We spent some time to verify that mini apps which are migrated from a UK Cloud hosted workspace will work in our Azure environment	XAP-12328
Story	Store uploaded files in an Airlock	This ticket is part of the Inbound Airlock feature. Please see the full description in other pages of the knowledgebase	XAP-12415
Story	Scan files in the Inbound Airlock for malware	This ticket is part of the Inbound Airlock. Please see the full description in other knowledgebase pages.	XAP-12416
Story	Perform actions on uploaded files – Copy file to workspace	This ticket is part of the new Inbound Airlock, see the other knowledgebase pages for more information	XAP-12418
Story	Preview files in my inbox	We have added an Inbox feature to Workspaces. New items can now be uploaded to the inbox before being moved into the workspace files and blobs for use. More information about the Inbox can be found in our knowledgebase.	XAP-12430
Bug	When you click "Export" in dataset "Export to CSV", you get server error if blob already exists	We changed an error message so that it is mooe useful to the user. This message will be shown when a user tries to export a dataset to CSV but the CSV already exists.	XAP-12476
Enhancement	In Workspace Portal Location Validation message is not showing properly	In the Tenant Admin view, the location of a workspace wasn’t always showing properly. We made a change so that the admin can now see the location of a workspace.	XAP-12478
Bug	Browser console error when saving plot from R-console	We solved a bug where a browser console error showed when a plot was stored via the R console.	XAP-12538
Bug	Clicking information icon on DTA module directs user to knowledgebase.aridhia.com and not knowledgebase.aridhia.io	Users of Workspaces 2.1 and above should use knowledgebase.aridhia.io; we updated a link in the workspace so that users are sent to the right place when they use it.	XAP-12539
Bug	SQL Editor Data dataset filter returns server error	When editing a SQL file, you can see your data tables on the sidebar. The search button here was broken, so we fixed it.	XAP-12541
Bug	"Add/Edit tags" button shows in sidebar if you click "Select All" on dataset and workfile list	Tags are not supported in the current version of Workspaces. We removed the button to add them to datasets.	XAP-12546
Bug	Time for Imported table event in Summary tab is not correct	We fixed a bug where some events were showing in the Activity tab with a timestamp in the wrong format.	XAP-12573
Enhancement	Include version of R in session_state audit event	Having introduced the ability to start R consoles in different versions of R, we now ensure that this information is captured in the Audit log.	XAP-12604
Bug	R console hangs on specific input	In testing, we found a bug where the R Console would hang when some specific input was entered. We have investigated and fixed the underlying cause.	XAP-12666
Task	Add AZURE Security Center vulnerability site to workspace VM's white list on the proxy server	Workspace VMs can now easily report vulnerabilities to Azure Security Centre.	XAP-12676
Enhancement	Improve visibility of T&Cs when users login	A small change was made to the sign in page to highlight our Terms and conditions of use and make them easier to find.	XAP-12697
Enhancement	Improve the workspace accept dialogue	We have made some changes to the Accept dialogue in the workspace list. Users can now see more information about the workspace which they are accepting their invite for.	XAP-12699
Enhancement	Improve the Outbound Airlock to make users aware of their actions	The dialogue for making an Airlock Request and Airlock Download have changed slightly to highlight the Terms and conditions of making this action.	XAP-12700
Bug	ggbio and biovizBase do not install in R 3.6.3 image	Users can now use the packages ggbio and biovizBase when running an R console on R 3.6.3	XAP-12762
Story	Inbound Airlock Destination Selection	We have made it possible for the user to select the destination folder when making an Inbound Airlock. The user can select a destination in their Files or Blobs or they can send their uploads to the Inbox to be filed later. More information about Inbound Airlock and the Inbox can be found on the knowledgebase	XAP-12768
Enhancement	Security: Show user's email to prevent social engineering attacks	With increasing workspace hubs and more users, we have made it easier for Admins to make sure that they are inviting the right users into their workspace. Both Tenant and Workspace Admins can now see a user’s e-mail address beside their name.	XAP-12799
Bug	Links to T&C in airlock should be https://knowledgebase.aridhia.io/article/terms-and-conditions/ and not https://knowledgebase.aridhia.io/terms-and-conditions/	We fixed a bug so that users are directed to the correct set of Terms and conditions when making an Airlock	XAP-12847
Bug	Links to T&C in accepting workspace invite be https://knowledgebase.aridhia.io/article/terms-and-conditions/ and not https://knowledgebase.aridhia.io/terms-and-conditions/	The link to Terms and conditions of use which is shown in the accept workspace dialogue, now redirects the user to the correct web page.	XAP-12858

2.1.1 Summary

This release of Workspaces has two headline features: the ability to import, copy and export metadata, as well as a change to the upload UI for all incoming files or data.

We have added the ability to import and export table metadata as well as copy it from other tables already in your workspace. On the metadata view, which was added in the previous release, new buttons have been added for these actions; you can use TDF files to add metadata to your data table and you can save table metadata in a TDF format. If you already have another table which has the same metadata then it is now really easy to copy this from one data table to another. More information about this feature can be found on our Knowledge Base.

We have also changed the upload interface so that you now see a new tab rather than a pop-out dialogue box; you'll see this when you use the "Upload File" option. You can drag and drop files into this tab or open a file browser to find them in your local system.

As well as the changes above, we've fixed a few bugs and made other small improvements which are listed below. Highlights include Adding XAP functions into the R console and making R version 3.6.3 available.

We are always happy to receive feedback about our platform – this can be sent to our Service Desk.

Known Issues

In testing, we weren't able to install ggbio or biovizBase when using R release 3.6.3. You should still be able to use these packages by selecting an earlier version of R.

Released Features

Status	Feature	Description	Reference
Task	R- Create build for UKCloud compatible R image	This change makes sure that user who have R scripts which are migrated from a legacy version of Workspaces (1.25 or earlier) will still work in the latest version. We now provide a 'legacy' version of R which can be selected from the sidebar of the R Console before starting the console.	XAP-12329
Enhancement	Add XAP functions in R	We have reintroduced the XAP functions to the workspace. You can find out more about the functions in the Knowledge Base.	XAP-10242
Story	Make R 3.6.3 available on workspaces 2.1.0+	We have added R 3.6.3 to the workspace. You can select this version from the dropdown in the sidebar of the R Console before clicking 'Start the Console'.	XAP-12330
Bug	IE11: After you have submitted the add workspace, the page goes blank	We have fixed a bug so that the workspace list displays correctly when accessed on Internet Explorer	XAP-12559
Story	Make user confirm that they are not uploading PII	As part of the new upload UI, user's must confirm that they are not uploading any Personally Identifiable Information into their Workspace.	XAP-12414
Story	Enable the Multi-Hub Scenario	We have enhanced the platform so that if you are a member of multiple workspaces in multiple Azure hubs but within one organisation, you can now access them all from the same list rather than having to switch context to find different workspaces.	XAP-12540
Task	Re-enable AML Pipelines on the Azure Beta UI	This fix makes sure that Azure Pipelines preview is available. To find out more about using this feature, please contact the Aridhia team.	XAP-12280
Story	Move upload dialogue to a workspace tab	This change moves the upload from a pop-out box to a new tab in the Workspace. This is more in line with other workspace processes. You can find more information about the upload process in the Knowledge Base. We will also make further changes to upload in the next few releases.	XAP-12413
Story	Check if Package gganimate is available on Azure	We have added the gganimate package so it can be used within the Workspace	XAP-10956
Enhancement	Add a "done" button to upload	We added a 'Done' button to the upload dialogue so that users can easily close it once they've done an upload.	XAP-11901
Bug	When you delete a dataset, the activity in summary tab does not tell you the name of the dataset you deleted	We made an improvement to the activity summary so when a dataset is deleted, the activity summary shows which table was deleted.	XAP-11936
Story	Import/Export/Copy metadata for a dataset	We have added the ability to import and export metadata from files as well as copy it from one table to another within a workspace. More information can be found on the Knowledge Base.	XAP-11964
Task	Set Azure B2C session timeout to 480 from default of 1440 minutes	We changed the automatic timeout for a user session to 8 hours. This is in line with the timeout in legacy versions of the platform and platform guidelines.	XAP-12166
Enhancement	Remove "… commented on…" from dataset list items	We tidied up the activity box in the side bar so that it doesn't show 'commented on' when someone creates a note about the dataset. This is consistent with the Files tab.	XAP-12189
Task	Blocked Service Desk link in Mini-apps	We fixed a bug which shows when mini apps don't open properly. You can now use the link to contact the service desk more easily when this happens.	XAP-12230
Enhancement	Ensure file types with upper or mixed file suffix are treated accordingly, e.g. .csv, .CSV, .cSv and .CsV suffixes should all be treated as CSV files	This change makes sure that all files with a '.csv' extension are treated as csv files regardless of the case of the name of the file.	XAP-12251
Bug	IE11: "Export to datafile" button click on dataset does not work	We fixed a bug when using the workspaces in IE11; the 'Export to datafile' button now works as expected.	XAP-12261
Enhancement	Include size and start/complete date-time for csv to dataset upload	We improved the report which is generated when a new dataset is imported. The report now contains the time the import started, the time it finished and the size of the table.	XAP-12270
Bug	You are not able to edit a workfile if you open it up as a draft	We made a change so that you can edit files which are saved in draft mode.	XAP-12281
Bug	Workspace first load issues	Sometimes, workspaces can be slow to load, we have added a spinner so that you know that your workspace is loading in the background and will show up on screen soon.	XAP-12288
Task	R – Fix File Paths to match UKCloud	We made a change to enable R scripts which were created in a legacy version of Workspaces (1.25 or earlier) to be run on version 2.11 or higher without having to be changed. In particular, we ensured that references to Scripts, Documents and Datafiles folders are compatible with the new file structure.	XAP-12326
Bug	In FILES and BLOBS when you add a Note and attach file to it – the Note doesn't show in Activity on RHS	We fixed a bug where Notes created on Files weren't showing on the Activity Feed.	XAP-12409
Enhancement	Desktop card should not show "Starting…" when a workspace VM has failed	We have improved the feedback when a VM start operation fails. The user will now see the VM in status 'Failed' when it doesn't start properly. The user will also have a new option to 'Retry' when the VM doesn't start.	XAP-12477
Story	Virus Scan Workspace Image file upload and delete if detected	We have added virus scanning to newly uploaded workspace images. When a user uploads a new workspace image, it will be checked to ensure that there are no virus. If our malware software finds a virus, this will be reported to the user in the summary tab and in the image upload dialogue. Administrators will also see an entry in the audit log.	XAP-1269
Bug	Handle Folder Names With URL Encoded Pattern	We have improved our folder naming so that it now supports URL encoded folder names. For example, you can now use special characters such as '#' or '&' in the name of your workspace folder.	XAP-11215
Bug	You don't see insight icon on Insights	This fix makes sure that all insights are labelled properly.	XAP-11844
Bug	If workspace goes into a failed mode, e.g. inviting member fails, the workspace no longer shows in workspace list	We have made a change to ensure that users can always access their workspaces, even if there is an issue which prevents new users from gaining access.	XAP-11568
Task	Add client-side validation to the workspace creation form's location dropdown	We made a small change to ensure that when a Tenant Administrator is setting up a new workspace, they must select which Azure region it is in. Note, this functionality is only usable when the organisation uses more than one Azure Region to host workspaces.	XAP-12256
Enhancement	Ensure users IP address is not removed from workspace storage firewall while uploading or downloading files	We made a change so that when users are uploading large amounts of data via the Workspace UI, their session is not cut short during the upload.	XAP-12113

2.1.0 Summary

Release 2.1.0 sees the first new functionality available in Workspaces on Azure: Data Ingest.

You can now use a wizard to transform csv files into data tables in your workspace; this functionality is restricted to csv files only at the moment. A new option is available in the side bar of a csv file called "Convert to Dataset". Clicking this will take you to a new tab where you can organise your data and save it to a dataset.

Whilst the file is processing, you have a new option to add metadata to the table; you can see this new functionality be using the Edit Metadata option in the sidebar. The option to add or edit metadata manually is also available through the lifetime of a dataset by using this option.

We've added a new page where you can add metadata to the columns of your dataset as well as describe it, define its source and give it a meaningful title.

Out next release (2.1.1) will also give you the ability to import this metadata from a file in your workspace, copy it form an existing table and export your dataset metadata into a file.

More information about these features can be found on our Knowledge Base.

Status	Feature	Description	Reference
Enhancement	Ensure primary key is enforced when importing a new dataset	We now enforce a primary key when a user is uploading data into their datasets. When the user is converting a flat file to a dataset, they have the option to select one of their suitable columns as a primary key or they can chose to let the workspace set an index column as the PK.	XAP-9927
Bug	When you try and upload a file that is 0kb or no content – the file does not get uploaded	Users are now able to upload files with no content to their workspace.	XAP-10285
Bug	Workfile "updated at" timestamp changes every time the workfile is read.	Small big fix which ensures that the correct timestamp is shown when a file is updated.	XAP-11483
Bug	R jail/pod is not freed up if user clicks "x" in R-tab	We fixed a bug where an R session was not closed in the background when the user used the "x" button to close their R-console. This bug should solve some R availability restrictions which were seen in previous releases.	XAP-11579
Enhancement	Remove BLOBS from R-console activity sidebar	Currently, the Blob store does not work in an integrated fashion with the R console in the workspace. We have chosen to remove Blobs from the side bar so as not to confuse the user who may have been given the false impression that they could use these artifacts in the same way as items in the file store. It is currently planned to improve the integration of the Blob store in an upcoming release.	XAP-11587
Bug	Using xap.knit only with workfilename as parameter does not create valid pdf file	We fixed a bug in the xap.knit function to make it work more smoothly with the file store.	XAP-11592
Bug	Audit download does not work in IE11	Previously, Administrators trying to download the workspace Audit log on IE11 were not able to. This issue ensures that the Audit log can be downloaded via IE11	XAP-11626
Bug	Cannot save plot in IE11	Solved an issue where users accessing their workspace on IE11 could not generate plots from R	XAP-11627
Bug	On summary page, file and dataset links in Airlock request is not working	Fixed a bug where some events did not show correctly in the Summary tab.	XAP-11673
Enhancement	xap-guacamole to more accurately handle session information, e.g. not reporting a connected user for a de-allocated VM	Previously, the workspace VM could get into a state where a user was shown as being logged into the VM when they were not (even when the VM was not active). This enhancement made a change which ensures that only users who are logged onto a VM are shown as being logged on.	XAP-11710
Bug	Adding an insight or note shows as a comment	We made a change to ensure that insights and notes are correctly denoted in the summary tab.	XAP-11725
Bug	If an Airlock task fails, the error message is not shown in the summary tab	We made a change to the summary tab so that failed Airlock events are now properly shown.	XAP-11792
Enhancement	Enhance B2C sign up form validating a user has added their given name and surname	Users must always supply a First name and Last name when signing up to the platform.	XAP-11795
Enhancement	Aridhia DRE / Workspaces logo needs adjusted	Due to our branding changes in release 2.0, we have made some updates to logos within the platform.	XAP-11802
Bug	Vertical and horizontal ellipsis not displayed correctly – Azure	We fixed a display bug in the r console.	XAP-11831
Bug	Remove "Last Analysed" from the Info panel in Datasets Sidebar	We have removed the "Last Analysed" line from the information panel in the sidebar of datasets. This information is now captured in the Audit log.	XAP-11841
Bug	Removing a comment results in a "Removed User commented" shown with a avatar user of "RU" (Removed User)	We fixed a bug where events in the workspace which were made by a user who is no longer a workspace member were showing in the UI as being made by "Removed User". Now, these events are still attributed to the user who made them.	XAP-11903
Bug	Cannot remove a comment from activity list after a refresh	Fixed a bug where the user could not delete their comment in the summary tab.	XAP-11904
Bug	Owner get duplicate welcome email after updating workspace	Fixed a bug where a workspace owner received an e-mail after their workspace was updated (for example when they changed the description).	XAP-11913
Story	Resolve b2c reply_url workspace limit by introducing OAuth Gateway	We have a made a technical change which allows a single tenant to have more than 45 workspaces in their hub.	XAP-11948
Story	Edit metadata of existing Datasets	We have added a new feature whereby a user can add, edit and delete metadata for any dataset which exists in their workspace. More information is available in the Summary section of these release notes or in our knowledgebase.	XAP-11960
Story	Schedule dataset for import	With release 2.1.0, Workspaces allow the user to convert their csv files to datasets. More information is available in the Summary section of these notes or in our Knowledgebase.	XAP-11961
Story	Display status of new dataset	When a new dataset is being created in the workspace, the user can now see a progress bar which shows how near completion the dataset. This functionality allows the user to be able to edit the metadata for their table whilst the table is still being created but ensures that they cannot access their data until the entire dataset is committed to the database.	XAP-11962
Story	Perform import of new dataset	This ticket supports the new Data Ingest feature. More information about this feature is available in the Summary part of these notes or on our knowledgebase.	XAP-11963
Story	Create report for Import	Our new Data Ingest feature allows users to convert data from a flat (csv) file into a dataset in their workspace. After each conversion, a report is generated which is available to the user; this is also generated when the ingest fails. The Data Ingest report can be accessed from the summary tab in the workspace or the activity tab of the dataset itself.	XAP-11965
Story	Select a file for data ingest	This ticket supports the new Data Ingest feature. More information about this feature can be found in our Knowledge Base.	XAP-11969
Enhancement	Adjust copyright statement to include 2020	Small adjustment to the login page so that the copyright notice is up to date. No user impact.	XAP-12049
Bug	Dataset import report should open within the workspace	When a new dataset is created using the new import functionality, a report is created. The user can now open and read this report within the context of their workspace.	XAP-12191
Bug	Filter (search) in file list is broken	We fixed a bug where users could not search for their files in the file list.	XAP-12227

1.25 Summary

Since the last release, we've continued our work on the new, improved user experience in the workspace. This is still not finished so you might see some stylistic inconsistencies between the elements at the moment.

In this 1.25 release of Workspaces, we have refreshed the look and feel of the user interface. Using the "Try new look & feel" button in your profile page turns these features on.

We've added some new layout options which should make the Workspace easier to navigate. You can now navigate between three predefined views:

The developer view lets you see three panels at once on the screen.
The tabbed layout moves you back to the more traditional view of the Workspace and lets you easily move between full screen tabs.
The focused layout helps you focus on the tab you're currently working in.

You can also move the tabs around and arrange them as best suits you.

As well as this, we have;

Updated the icons and labels in the navigation bar.
Added the ability to remove the labels which give you more screen space.
Updated the dataset list and files panels.

Please note that this is an early deployment of the new UI and therefore is not feature complete. Some actions, such as uploading a new dataset, are not yet supported and the user must go back to the classic look to carry out these actions.

Known Issues

The following issues are known, a fix will be delivered in the next fix pack:

When a user tries to export a dataset as a datafile (CSV) from the dataset list, an empty csv is generated in the datafile list.
When using the file editor, the user is not informed that if they navigate away from the page without saving then their changes will not be saved.
When the user is in the dataset list and tries to create a custom view, there is no response from the 'Create custom view' button.
When the user deletes a dataset from the dataset list, the confirmation message incorrectly informs them that they have removed a file rather than a dataset.

Released Features

Status	Feature	Description	Reference
Bug	Login form flashes briefly before the T&Cs are displayed	Resolves a bug at login where the login screen flashed briefly before the Terms and Conditions were shown.	XAP-8239
Bug	There is no focus styles on the navigation bar – keyboard navigation problem	Previously, when a user tabbed between elements in the UI, there was no visual indicator of where the focus was. This has been resolved so that the user can now see where their keyboard is focused.	XAP-9447
Bug	Bug – "ff" text is displayed sometimes outside the editor pane	Resolves a bug where the text "ff" was sometimes displayed in panels.	XAP-9530
Story	Workspace Ribbon framework	The new Workspace Ribbons now have the following features: Users can only see items that they have access to, based on their role. When the user uploads data or uses Airlock, this is shown as a full screen overlay. A new style is used consistently in all of the launchers. The actions (Airlock and Refresh) are only shown when they can be used and are only active when at least one item is selected. A full screen toggle button has been added which hides the Ribbon so that the user has more space to work on screen. In focused mode, only the selected panel is shown. In tabbed mode, all active panels are stacked and can be easily accessed. In developer mode, three panels are shown at once. By default, the file list and R console are shown on the right hand side of the screen. In order to gain more working space on screen, the user can a) hide the labels in the Ribbon b) hide the Ribbon.	XAP-9532
Story	Generic support for Workspace panels	The Workspace panels have been updated. All panels which were available in the old layout have been updated except Airlock and Data Upload which are now shown as overlays. Some panels which have editable data will now show a pop-out warning if the user tries to close the panel without saving any changes. Panels can be maximised in any view. The styling has been improved. New panels open relative to the currently active panel. Note: although Data Upload shows in an overlay, there is no functionality in the new layout; the user must revert to the classic layout to upload data.	XAP-9533
Story	Panel – Workspace File List	The Workspace File List has been updated: The breadcrumb navigation takes the user as high up the directory as the root folder, (Datafiles/Documents/Scripts). The list of files is ordered with folders first, then files. Pagination is now supported; there are a maximum of 20 items per page and a scroll bar will appear when necessary. A lock symbol is shown on locked files. The list of options in the tools menu is dependent on the user's rights and the item selected. The list can be refreshed using the icon in the Ribbon. The list can be filtered by name using the Omnisearch function. Sort functionality is available on `Name` and `Updated On`.	XAP-9534
Story	"Copy link" to resource from File List and Dataset List	An option is available in the tools menu on a file list which allows the user to copy the location of the file to the clipboard.	XAP-9535
Bug	Repeatedly clicking save on text editor deletes content.	Previously, when a user repeatedly clicked "Save" in a text editor, the content of the file could be lost. This behavior has now been resolved so that changes to the file are saved.	XAP-9751
Task	Change Panel Layout clicks to navigate by URL	Due to the layout enhancements, we've slightly changed the way that the URL is shown. This shouldn't have an impact on the user.	XAP-9852
Task	Set panel focus when child gets focus	When more than one panel is shown on screen at once and the user clicks an action (such as a checkbox) inside one of the inactive panels, that panel becomes active.	XAP-9853
Task	Improve File List pagination information	Within a file list, the following information is displayed at the bottom of the panel: The total number of files The number of files which are on display The number of files which are currently selected	XAP-9856
Task	Text Editor display in panel needs to be more responsive	We have made some improvements to the layout of the file editor. This includes ensuring that the content of the file is always properly displayed, maximising the editable area and moving the tags to the bottom of the page.	XAP-9857
Task	Dataset display in panel needs to be more responsive	We have made some layout improvements to the Data Table Editor; mostly to maximise the editable area on screen. Tags are now displayed at the bottom of the page.	XAP-9858
Task	Ensure that File and Dataset tabs always reflect the resource name	This change ensures that the name of a file or dataset is always properly displayed on screen. Note: renaming a resource which is open is currently not supported	XAP-9859
Task	Improve R console responsiveness and general look and feel in panel	The R console has been improved for responsiveness. The boundary of the panel has been more clearly defined and the user experience should be smoother.	XAP-9860
Task	Pass filters to Files and Mini-apps panels from Ribbon URLs	The items in a panel can be filtered by selecting one of the following options in the Ribbon: Query -> SQL scripts Scripts -> R script Scripts -> Python scripts Mini-apps -> Develop mini-apps	XAP-9861
Story	Panel – Dataset List	The Dataset list panel has been updated. New features include: The data list is ordered by file name. Support for pagination. There is now a maximum of 20 datasets per page and a scroll bar will appear when necessary. The Tools options available to the user are based on their user role. Refresh and Airlock functionality are supported via Ribbon Actions. The user can use the Omnisearch facility to filter their dataset by name. Navigation to another data list view does not leave the page, just changes the content of the table. Sort functionality available on `Name` and `Created On`.	XAP-9993
Enhancement	Disable/Hide pagination when appropriate on file list	An enhancement has been made to file lists so that the pagination options are only visible when they are relevant. For example, if the list is already filtered and only one or two items are shown, the pagination options will not be available.	XAP-9997
Bug	Scroll bars in R session panel does not allow JS to calculate height of panel	Within the R panel, the scroll bars have been adjusted so that the panel resizes properly.	XAP-10137
Bug	Harmonise Activity tab naming	The tab which was previously referred to as the "Summary" will now be known and shown as the "Activity" tab.	XAP-10151

1.24.2 Summary

This small bug fix release addresses an issue where users may unintentionally delete a new dataset.

This item fixes an issue where a user may create a new dataset in the dataset library then unintentionally delete the dataset by closing the tab. Users will now be prompted on tab closure to check if they want to save or discard their edits.

1.24 Summary

We've been working on a new look and feel for Workspaces, to modernise the web user experience and lay the foundations for a more flexible research environment. Bear with us: You may notice some style mismatches between screens as we migrate the service to the new user experience.

This 1.24 release of Workspaces primarily focuses on delivering a new fully featured text and code editor to replace the existing code editor, the new look and feel navigation bar as well as displaying/managing the workspace list as cards:

New text and code editor including syntax highlighting, code completion, code folding and keyboard shortcuts amongst many other useful features.
New look and feel navigation bar with Workspace filter/knowledge base search and profile picture.
New Workspace card view replacing the Workspace list.
Bug fixes and improvements.

We'll be releasing look and feel changes incrementally over the coming months and would love to get your feedback quickly. To see if there are new changes, you can go to your profile and click to 'Try New Look & Feel'. This will toggle your session to use the alternate styles. Look out for changes after the next release – note that you won't see any difference in the alternate view with this release!

Released features

Status	Feature	Description	Reference
Improvement	Improve Workspace Text and Code Editor	The new Workspace text and code editor includes the following features: Updated syntax highlighting for core file types: .R, .sql, .txt, .md, .Rmd, .Rnw (in the background we also support .py, .sh) Option to display the editor in a Dark Theme / Change the font size / Toggle display of line numbers Code Completion Auto-indentation Real-time error highlighting in script editor/console Bracket detection Code folding Keyboard shortcuts Unknown variable/keyword highlighting Block commenting Please send us your feedback on the editor – we are working on a knowledge base article detailing all the available functionality.	XAP-9084
Improvement	Replace Web Application Nav bar with new design	New look and feel Navigation Bar including: The current Workspace name. Search: either searches the knowledge base or filters the Workspace list. User menu: displaying user's name, tenancy and profile image. New notification count will also be displayed on the profile image. The menu also gives access to: Notifications Profile Privacy Terms and Conditions Feedback Sign-out	XAP-9082
Improvement	Display the Workspace list as cards	The Workspace list and side bar has now been replaced with a Workspace card view. Each Workspace is now represented by a card. The card displays: Workspace Name. Workspace Owner with profile image. The user's role within the Workspace. Workspace description with Rich Text markup. Tags – including adding/editing tags. Workspace Invitation controls. The Workspace also provides a quick drop down filter to quickly filter on: Show All Workspaces. Show invited Workspaces. Show Workspaces in error (Tenant Admin only) Search: either searches the knowledge base or filters the Workspace list. Tenant Administrators will also be able to manage Workspaces and users through the new top ribbon menu instead of the now deprecated side bar. A number of features have been removed: Activity stream in sidebar removed. No Support for viewing member list. No support for Workspace image display in card view.	XAP-9083
Enhancement	Default New File to type .R	Reflecting our users' current priorities, the New File dialog now defaults to file type: “R file (.r)” instead of “Structured Query Language file (.sql)”	XAP-7216
Enhancement	Create new files with extension supplied by user in New File dialog.	The New File dialog will now use the file extension provided by the user and select the file type in the drop down if it matches a supported file type.	XAP-7217
Improvement	R/Bioconductor: GWASTools available for installation via r.aridhia.net	A user of the R Console or R Shiny should be able to run “install.packages('GWASTools')”.	XAP-9331
Improvement	Allow scripts, documents & datafiles (once in the web UI) to be referenced by name	Files can now be referenced by name. This includes: Scripts, Documents, Datafiles and images. This should make it easier to share links to resources in the Workspace and include them in the Workspace homepage.	XAP-969
Improvement	Privacy Terms update	The Privacy Terms has been updated to reflect Aridhia's company address, link corrections and updating the details of the cookies used by the application.	XAP-9498
Bug fix	If a Workspace Admin clicks on a Workspace member, their account is shown as disabled when it is not disabled	When logged in as a Workspace Administrator and viewing a member user of a Workspace, the user's profile is no longer shown as “disabled”.	XAP-9280
Bug fix	DTE search gives you white screen	Resolving the issue that under certain circumstances the Data Table editor search would result in a white screen.	XAP-9307
Bug fix	Login Screen and Password reset screen text alignment wrong	The login and password reset screens are now correctly left aligned.	XAP-9309
Bug fix	Airlock Attach Dataset not listing views for selection	Database views can now be selected for Airlock.	XAP-8330

1.23 Summary

Today, we are happy to announce the release of Workspaces 1.23. This release primarily focuses on delivering enhancements to the Data Table Analytics, Data Table Editor and delivering new user interface improvements.

Files in the datafiles folder can be managed directly through the Workspace Web User Interface.
Five new analytical modules for the Data Table:
- Area Chart
- Heatmap
- Single Mean
- Compare Means
- Analysis of variance (ANOVA)
Data Table usability improvements:
- Improving the user experience when loading data
- Improved message and warning delivery
- Primary key creation
- Add multiple columns in a sequence
Streamlining analysis: Run R scripts straight from the code editor and run generated R
code in the R console straight from the Data Table
New templates for creating Mini-apps using the single Shiny app.R file format
Bug fixes and improvements

Released features

Status	Feature	Description	Reference
Improvement	Show Datafiles in the Web	A workspace provides three file systems – for scripts, documents and data files. To date, the datafiles folder was only accessible programmatically in R or via a Virtual Desktop. This new feature adds the ability to work with workspace datafiles in the same way as files that exist in the scripts and documents tabs over the web.A third “DATAFILES” tab has been added alongside “SCRIPTS” and “DOCUMENTS”. Datafiles will also be available for export via the airlock feature.	XAP-895
Bug fix	R session file access audit	With this release we have added even greater audit visibility of user activity in the R console. At hubs where the file system is Linux, additional file system events are auditable in the R console and R Shiny sessions: Read Create/Write Delete	XAP-6228
Bug fix	Workspace descriptions have poor formatting	This improves the formatting of the workspace Summary rich text display.	XAP-6443
Enhancement	Data Table Editor – Improve add column UI/UX	This enhancement improves the process for adding columns in the Data Table Editor. Users can now create multiple columns in one set of actions rather than as individual actions.When creating a new column in the Data Table Editor the user has the choice to 'Add and Close' to add a single column and close the dialog or 'Add and Next' to allow multiple columns to be added sequentially without the dialog closing.	XAP-6463
Enhancement	Data Table Editor: Create primary key sequence column	The Data Table Editor provides fine grained audit of cell-level edits. This enhancement adds a primary key column to a dataset which improves the performance of saving edits and is good practice in data management. A primary key provides a distinct 'index' value for a row in the dataset.When a dataset is loaded into the Data Table Editor, the presence of a primary key is checked for. If none is found, an auto incrementing sequence column will be automatically added to the dataset (default name 'id'). This will be set as the primary key column. Note: this feature adjusts data in the workspace. It does not change the existing data in other columns. It adds a new index column in a dataset according to database management best practice. The user is given an informational message of this change. The user can alter the table to remove the sequence using SQL if necessary. This change only applies when the dataset is stored in the workspace database. CSV files are not affected.	XAP-6501
Bug fix	workspace name ending with '_' (underscore) not accepting users	This bug fix addresses in issue in which workspaces with names with ending with an underscore could not accept user invitations.	XAP-6583
Enhancement	Audit all events undertaken by support in the management API tool	Aridhia service desk staff have access to the Management API: a support tool that interacts with component services that administers users and workspaces. This enhancement ensures that Management API support tool actions are now audited; list failed tasks retry failed tasks create users e.g. tenant admin create tenants The audit will include all actions and options that were supplied. The audit will be routed to the hub workspace destination and include the logged in user.	XAP-6662
Bug fix	Welcome to workspace email should include the SFTP server details for all users except Observers	The current content of emails sent to users when they are invited to a workspace contains information on uploading data via the web or SFTP.Emails will now be tailored to the specific role-based access level of the users. When a user is in the Observer role, that information is now omitted as they cannot upload data to the workspace. Contributors will receive different information from Administrators and Standard Users due to the variation in their available upload options. Note: this does not apply at RSRCH.	XAP-8148
Bug fix	Email from platform that your phone number have changed states that you get a DUO text message, but none received	This fix improves the wording and details of emails relating to the DUO Two-Factor Authentication service sent to users after a change of phone number. The new wording removes any ambiguity for the end user.	XAP-8155
Enhancement	Add single file Shiny template and make it default	This enhancement adds 2 new template options to the workspace 'New Mini-app' menu. This aligns with the current good practice of creating R Shiny apps with a single 'app.r' file. The following templates will now be available: Blank single file (New default) Example single file (New) Dynamic plot with ggplot Dynamic plot with ggvis Blank multi-file	XAP-8323
Enhancement	Streamlined 'Run script' button in files and R console	This is a usability enhancement. A 'Run file' button is now available when an R file is selected in the file list and when open in the editor.Additionally the R code snippet produced in Data Table Analytics will also display a 'Run in Console' button. In both cases, the R code will be executed in an open R console. If there is no R console session, a new one will be created. These additions provide a smoother and more intuitive workflow.	XAP-8324
Bug fix	Shiny app www folder permission denied when files uploaded individually.	This bug fix addresses an issue where a user would experience an error stating folder permission was denied when accessing mini-app sub-folder contents.	XAP-8438
Bug fix	DUO iframe sits awkwardly within login page.	This bug fix ensures the two-factor authentication alert presented at login (from Duo.com) is now centered on pages of varying pixel width.	XAP-8439
Enhancement	Reduce the options to save images directly in the workspace preview	This is a security related enhancement. The workspace browser now has reduced access to right click 'Save as' and also reduced ability to drag and drop on images. This provides another barrier to users trying to circumvent workspace best practice.	XAP-8464
Enhancement	DTA – Implement Kernel Pool	This enhancement improves the performance when Launching a Data Table Analytics session. A pool of analytics resources are waiting ready to be used as soon as a user requests one. Previously, the user might have had to wait a few seconds for the analytics resources to be available.	XAP-8521
Bug fix	DTE dataset can be corrupted on load	This fixes an existing bug when reloading a “changed” dataset in the Data Table Editor.Users were warned if the data had changed since it was last viewed in the Data Table Editor. The user could reload this changed data by pressing the reload button. However, if the data is sufficiently large, the reload action could conflict with the existing background loading process which was still in progress, resulting in 2 load actions corrupting the data displayed. This bug fix stops this corruption and reloads the data cleanly.	XAP-8525
Bug fix	Data Table analytics fails when a column has a leading space (really easy to do in a csv)	Due to this bug fix, Data Table Analytics no longer fails to execute when a CSV column header contains a leading space.	XAP-8588
Enhancement	Streamlining warnings and errors/directives in the DTE load sequence	This is a usability enhancement. The user experience of starting a Data Table session in the first release has been greatly improved, as previously a number of messages were presented to the user in short succession, interrupting or simply delaying the user's intended action. We have reviewed the requirement for these dialogues and streamlined the loading sequence.In most cases, the user should see an indicator that the data is loading, and then they may get some informational messages which they can quickly dismiss. These include messages for when the user may want to edit a draft dataset, or revert to an old version of the data. These messages do not interrupt the display of data. Editing data will automatically dismiss the messages. A user-interrupting modal dialog will still be presented if the user loses connection to the workspace.	XAP-8614
Enhancement	Hierarchical sorting of data table columns	This enhancement allows the Data Table Editor to sort data by multiple columns in a hierarchical order. Note: sorting does not change the underlying storage of the data so reloading the table will revert to the original order.	XAP-8618
Bug fix	Clicking on Modules dropdown after running module causes reset and re-run even if no new module is selected	This bug fix addresses an issue where clicking on the currently selected Data Table Analytics module no longer re-runs the module.	XAP-8633
Bug fix	IE11 – Cannot highlight text in note or in edit workspace meaning you cannot use bold, italic, bullets, numbers, links in your notes/summary	This ensures users of the Internet Explorer 11 browser can now select and highlight text for rich text editing such as: bold, italic, bullets, in the Workspace Summary and Workspace Notes.	XAP-8738
Bug fix	Data table analytics not aware of header change	This bug fix resolves an issue in which Data Table Analytics modules were producing an error if the header row was changed via the Data Table Editor menu and not saved. Modules can now be run in this instance (reflecting the data in the header row) without the error occurring.	XAP-8751
Bug fix	Data Table Analytics: Some modules cut off the parts of the 'descender' (g, y, p) of characters that extend below the base line	This bug fix resolves an issue in the configuration panel drop down fields for Data Table Analytics modules. Previously, the descender of characters such as y, g and p that extend below the baseline were cut off.	XAP-8755
Enhancement	Users should not be allowed to use save as 'Desktop image' from quick Visualisation	This is a security related enhancement.The option to save as 'Desktop image' has been removed from the Visualisation Save button menu. The save button is not available for users with the Observer role. The option to right-click on the Visualisation image in order to save-as is also now not available.	XAP-8765
Bug fix	Editing a workspace summary using Bullets or Numbers is not working	This bug fix resolves an issue in the display and handling of bullet points and numbering when editing a workspace Summary.	XAP-8846
Bug fix	Error when deriving a database view from a custom view	This bug fix addresses an issue where creating a database view from a custom view was sometimes producing an error.	XAP-9065

1.22 Summary

In the 1.21 version of Workspaces we released the Data Table Editor, a tool for reviewing and editing tabular data and data frames within the web workspace. In this 1.22 release we have now enhanced the Data Table Editor to introduce a preview of Data Table Analytics – which gives users the ability to execute some of the most popular statistical visualisations, tests and modelling through an extensible system of analytical modules.

Analytical modules produce various charts or statistical analysis such as linear regression analysis and bar charts in a simple point and click manner. Charts and visualisations can then be saved to the workspace file system, so you can collaborate with other workspace users.

Each module can be executed using a natural column selection interface from the data table as well as manually setting parameters. This release includes the first fifteen modules of the 'Medical Statistics Core' bundle that will be completed in the next release.

Data Table Analytics will make data science more accessible to all our platform users, but particularly to part-time, 'point and click' researchers, providing a key stepping stone for those who are making a transition towards a more programmatic approach to data science using R. To support these users, a fragment of R code is automatically generated as part of each visualisation or chart. This code can then be easily copied into a file or executed in the embedded workspace R Console.

As a preview feature, we would like to invite feedback from users on the performance and utility of the preview and would appreciate your cooperation in reporting any issues with performance or system error reports whilst we test the scalability of the underlying system. As this feature remains in preview, a known limitation is that text and table outputs cannot be saved to the workspace, but this will be addressed in the next release.

For that extra helping hand for new users, documentation is provided for each module in our knowledge base, including links to best practice from the statistics and R communities.

This release also includes some enhancements and bug fixes.

Please note that not all features will be deployed at all hubs. Please check with the hub product manager to confirm if a specific feature is available.

Released features

Status	Feature	Description	Reference
Enhancement	Workspace administrators can auto accept downloads when airlock is enabled	Currently, administrator workspace users can approve requests to export content from a workspace. The Airlock process allows users to transfer data to another workspace or download it to their local machine. In some cases (particularly for small projects with a single administrator) it is inconvenient and unnecessary to go through the individual steps of requesting, approving and then exporting the content. With this change, administrator users will now have the option to conveniently log their request and auto-approve it in one step. The option remains to request and approve separately. In either case, all individual Airlock steps are audited as standard.	XAP-5929
Improvement	Analytics Module – Density plot	This new Analytics Module provides a preview of a module in the Medical Statistics Core bundle which will generate Density plots. The Density Plot graphical output visualises the distribution of data over a continuous interval or time period. This chart is a variation of a Histogram that uses kernel smoothing to plot values and trends.	XAP-7784
Improvement	Analytics Module – Histogram	This new Analytics Module provides a preview of a module in the Medical Statistics Core bundle to generate histograms. This produces a graphical output of a histogram, which visualises the distribution of a single continuous variable by dividing the x axis into bins and counting the number of observations in each bin. Bins may be optionally split by a further categorical variable (e.g. gender). Number of bins and bin width can also be selected to change the visual aspect of the graph.	XAP-7785
Improvement	Analytics Module – Bar chart – Column Bar Chart	This new Analytics Module provides a preview of a module in the Medical Statistics Core bundle for generating a Column Bar chart. Column Bar Chart enables selection of a categorical variable and numerical variable for summarised data e.g. column means calculated. See frequency bar chart for pre-summarised data.	XAP-7786
Improvement	Analytics Module – Bar Chart – Frequency Bar Chart	This new Analytics Module provides a preview of a module in the Medical Statistics Core bundle for creating frequency bar charts. Creates a bar chart by selecting a categorical variable (X). This bar chart method is applicable for pre-summarised data, if your data contains summary statistics such as column means, look at using the summarised variation of bar chart.	XAP-7957
Improvement	Analytics Module – Box/Whisker plot	This new Analytics Module provides a preview of a module in the Medical Statistics Core bundle to generate Box and Whisker plot (Boxplot). This produces a graphical output of a Box and Whisker plot. Selecting variables will return the results of a five-number summary. Adding a categorical group variable visualises their distribution.	XAP-7787
Improvement	Analytics Module – Scatter plot	This new Analytics Module provides a preview of a module in the Medical Statistics Core bundle to generate Scatter plots. This produces a graphical output of a scatter diagram which plots two variables along an x and y axis by mapping distinct data points. It can be used to determine a correlation (or lack of) between the variables.	XAP-7788
Improvement	Analytics Module – Bubble chart	This new Analytics Module provides a preview of a module in the Medical Statistics Core bundle for generating bubble charts. This produces a graphical output of a bubble chart which shows the relationship between two variables, x and y (like a scatter plot) but the addition of a third variable dictates the relative visual size of each graphed data point.	XAP-7789
Improvement	Analytics Module – Line chart	This new Analytics Module provides a preview of a module in the Medical Statistics Core bundle for generating line charts.  This produces a graphical output of a Line chart which maps data points of two variables ordered along the x-axis. The data points are then joined by straight lines.	XAP-7790
Improvement	Analytics Module – Crosstab	This new Analytics Module provides a preview of a module in the Medical Statistics Core bundle creating a cross tabulation. This produces a graphical output of a contingency table or cross tab. Cross tabulation groups variables to understand the correlation between different variables and is displayed as a table. It is usually used in statistical analysis to find patterns, trends, and probabilities within raw data.	XAP-7801
Improvement	Analytics Module – Student's T-test (with visualisation)	This new Analytics Module provides a preview of a module in the Medical Statistics Core bundle for Student's t-test. This produces an output that details either a one or two-sample t-test, complete with accompanying density diagram/s.	XAP-7802
Improvement	Analytics Module – Mann-Whitney U test (with visualisation)	This new Analytics Module provides a preview of a module in the Medical Statistics Core bundle for the Mann-Whitney U test. This is used to output a Mann-Whitney U test, a nonparametric statistical test for determining how similar the sample means of two variable groups are.	XAP-7803
Improvement	Analytics Module – Pearson's chi-squared test	This new Analytics Module provides a preview of a module in the Medical Statistics Core bundle for Pearson's Chi-Squared test. This produces an output of a statistical test related to the frequency distribution or statistical independence of categorical data. The output includes p and df values.	XAP-7804
Improvement	Analytics Module – Correlation	This new Analytics Module provides a preview of a module in the Medical Statistics Core bundle for correlation. Generates a statistical model used to test for the correlation between two variables of a given dataset. This test is used to estimate a rank-based measure of association. This module outputs a scatter diagram and the relevant correlation coefficient value.	XAP-7805
Improvement	Analytics Module – Linear Regression	This new Analytics Module provides a preview of a module in the Medical Statistics Core bundle for linear regression modelling. The module outputs a linear regression model: is a linear approach to the relationship between a scalar response and one or more explanatory variables. It helps to predict the value of a given variable as it relates to another set of variables.	XAP-7807
Improvement	Analytics Module – Logistic Regression	This new Analytics Module produces a graphical output of a logistic regression analysis. This is similar to a linear regression model but would be used when the dependent variable only has limited values.	XAP-7808
Bug fix	Error when running module if column name has double quote or backslash characters	When running a Data Table analytics module, the UI would return an error message if the dataset column names being selected contained particular special characters. Selecting column names containing these special characters no longer produces an error message.	XAP-8512
Enhancement	Improved layout and messages on the web upload wizard when integrated with DSA	Uploading data to a Workspace is a multi-stage process with several options. For this reason, an upload 'wizard' interface is provided that steps through each stage. In some cases, a Workspace can be linked to a Data Staging Area, including a de-identification service and catalogue store. As a result, additional options are available to the user which can vary the upload process time. This change improves the layout of the upload wizard by streamlining content, presenting clearer choices and providing progress in a clearer format. A future release is expected to provide even more fine-grained feedback on longer-running upload processes.	XAP-8111
Bug fix	Workspace member user role not working after changed by workspace administrator	This is a security related bug fix that addresses an issue found in the Workspaces 1.21 release. For existing users only, in very rare circumstances, changes to their role were not applied and the user kept their old role. Automated testing has also been reinforced for this scenario. Now, when existing users have their workspace roles changed, it is reflected in the UI and their workspace access levels.	XAP-8493
Bug fix	Regression – Read more/less link doesn't work when a dataset has a note with more than 2 lines	This bug fix addresses a presentation issue with longer comments attached to datasets. The comments can now be expanded from and contracted to a 2-line preview, rather than always showing the entire comment in the user interface.	XAP-7924
Improvement	DTE – Dynamic dataset/csv filename injection to code output to allow code to be pasted and executed in R session.	This addresses an issue in which code copied to clipboard in the Data Table Editor (DTE) could not be successfully pasted and executed in an R session. An issue existed where the pasted code did not refer to the correct filepath. This has now been rectified. If you are using Internet Explorer, you might get a warning if you would allow the webpage to access your clipboard when you use 'Copy to clipboard'.  If you want to turn off this warning in Internet Explorer you can do the following: 1) Add the Workspaces host to your Trusted sites' host list: Internet Options / Security / Trusted sites / Sites / Add 2) Set 'Allow Programmatic clipboard access' to 'Enable' in your trusted sites: Internet Options / Security / Trusted sites / 'Custom level…' / Scripting / Allow Programmatic clipboard access	XAP-8352
Improvement	DTA – Jupyter enterprise gateway should be able to restart without causing significant user interruption	This is a resilience feature for the Data Table Analytics (DTA) facility. It prevents an analytics session ending if the underlying service fails. The user would only experience a slight delay in the service in this eventuality, rather than an outright failure. It also allows the underlying service to be upgraded without interrupting a user's session.	XAP-8517
Bug fix	UI should disable Run button if connection to data-table-editor API pod is disconnected	This enhancement addresses an issue where users could still select to 'Run' a DTA module even during a loss of connection. This would result in the module not running and displaying an error. Now when there is a connection loss, the 'Run' option is disabled until a connection has been re-established.	XAP-8522

1.21 Summary

This release primarily focuses on delivering enhancements to the Data Table Editor, delivering new user interface improvements and self-service functionality for tenant administrators.

This release also includes:

Improved self-service tenant administration functionality including changing workspace owner and the ability to suspend and re-enable user accounts.
Self-service administration of user telephone numbers and multi-factor authentication.
Support for workspace administrators to manage the firewall around Virtual Desktops via the portal.
An upgrade to R version 3.5.0 and compatible versions of Bioconductor packages (3.7) and pandoc (2.1.3) are also provided.
Security enhancements, bug fixes and improvements.
Flow of audit information from service components to improve scalability and performance.

Please note that not all features will be deployed at all hubs. Please check with the hub product manager to confirm if a specific feature is available.

Released features

Status	Feature	Description	Reference
Enhancement	Allow tenant administrators to suspend and re-enable user accounts	This enhancement has been introduced to improve administrative and security situations where user access to the platform and its services should be temporarily revoked. A new self-service function is provided for tenant administrators to suspend and re-enable user accounts. Suspension immediately revokes access to the services, ensuring that suspended users can no longer log in to any platform services. Users currently logged in will have their session terminated. Suspended users are not removed from workspaces but cannot be invited into new workspaces and their roles cannot be changed within existing workspace memberships. When a user account no longer needs to be suspended it can be re-enabled, at which point these users can access existing services. All suspension and re-enablement actions are audited in the workspace audit log and an email notification informs the user their account has been either suspended or re-enabled. Note that when a user's account is re-enabled they will need to re-configure their two-factor authentication security service using Duo.	XAP-4517
Improvement	Allow the owner of a workspace to be changed	With this improvement to tenant administration self-service, the owner of a workspace (such as the principal investigator on a research project) can be changed. This ensures that the right person is responsible and accountable for workspace activity and helps manage transitions in workspace ownership as teams change. All changes are audited.	XAP-4733
Bug fix	Files saved from a mini-app should be visible in the workspace	This is a maintenance bug fix to ensure that files generated and saved from a mini-app are stored correctly in the workspace file system and visible to users browsing files.	XAP-4839
Improvement	Increase the file size limit on file editing in web workspace	This performance and usability improvement increases the size of files that can be edited directly in the workspace. The new limit allows files up to 10MB to be edited. The editor is intended to manage code in both scripts and queries (R and SQL). This new limit will support thousands of lines of code.	XAP-5249
Bug fix	Address stylesheet referencing/filename bug	This is a maintenance bug fix to improve the handling of stylesheets used in the workspace web application and allow for customised styles used by partner sites.	XAP-5503
Enhancement	Add the option to not use header row after CSV load in the Data Table Editor	Not all CSV files have header information. Since headers are more common, the default functionality in the Data Table Editor is to use the first row as column headers. This usability enhancement gives the user the option not to use the first row as headers and rename those column headers in a suitable manner at a later date.	XAP-5687
Enhancement	Workspace virtual desktop firewall rules can be managed via Management API	Workspace virtual desktops are hosted in a distinct network and firewall rules prevent unauthorised inbound or outbound network traffic. This ensures that users can connect to their virtual desktop VMs and also that those VMs can access other VMs in the same workspace, as well as workspace resources such as the file system or the workspace database but not other systems. In some cases, a project should be able to access resources outside the Workspaces platform. For example, a project may need to download some data from a domain-specific source on the internet. This enhancement facilitates self-service management of the workspace firewall. In this release, the change affects consumers of the platform Management API, such as users of the RSRCH portal. Administrators of workspaces using the portal can open the network of their virtual desktops with up to 30 firewall rules within some constraints: The rules are from a pre-approved list of ports and protocols but can be to any external service. Only outbound connections are permitted; this means that a network connection must be initiated within the workspace and external clients cannot reach the workspace directly. All firewall changes are audited. All firewall changes are subject to monitoring and audit by hub administrators.	XAP-5726
Enhancement	Allow views to be exported as CSV files via Airlock	A view is useful mechanism to define a subset of data to export. With this enhancement, users can select a database view for export via Airlock. The Airlock process remains unchanged but views will now have an 'Airlock' button, allowing them to be added to the current Airlock export bundle.	XAP-5931
Enhancement	Implement search functionality in the Data Table Editor	This enhancement provides search functionality to the Data Table Editor. Entering text in the search box and pressing the return key will highlight matching cells. The number of results are shown next to the search box. Move from match to match by pressing the enter key. If results are on another page of the table, moving to the next term will change the page.	XAP-6084
Bug fix	Handle loading of the latest version of a CSV file for scripts/documents while a Data Table Editor session is still active	This usability bug fix tries to address situations where a user has been editing data using the Data Table Editor but has finished their session without saving the table. The Data Table Editor will maintain a live editing session so that the user can resume editing. If the user (or another user) edits the underlying file, creating a new version of the CSV, the Data Table Editor will now prompt the user to save the current edits to a different file using a 'Save As' process.	XAP-6240
Enhancement	Improve loading in the workfiles tab	This performance enhancement improves the loading of scripts and documents (also known as 'workfiles') by limiting the loading batches of 50 files at a time for display, rather than fetching details of all files in that folder. For folders with large numbers of files, this should result in significantly improved performance.This change has been implemented in the file browser and other interfaces where files are displayed, e.g. the Airlock file selection.	XAP-6367
Bug fix	Address IE10 Data Table Editor column header issue where drop-down menu is not right aligned	This bug fix addresses an issue in the Data Table Editor which was reported as specific to Internet Explorer 10. In order to access column-level functions, the user clicks a small control at the top right of the column header. The fix ensures that the control is displayed with the correct alignment.	XAP-6537
Bug fix	Address IE10 Data Table Editor column header issues where drop-down menu is not always shown	This bug fix addresses an issue in the Data Table Editor, which was reported as specific to Internet Explorer 10. In order to access column-level functions, the user clicks a small control at the top right of the column header. The fix ensures that the control is displayed as expected in the correct position for that browser.	XAP-6539
Enhancement	Upgrade to R 3.5.0 and corresponding Bioconductor	The version of R used in the R console and in the R Shiny mini-apps service has been upgraded to R 3.5.0. Related to this, the compatible versions of Bioconductor packages (3.7) and pandoc (2.1.3) are also provided.	XAP-6547
Bug fix	Reduce the window size to no rows results in Data Table Editor pagination showing minus numbers	This bug fix improves the way the Data Table Editor responds to browser window resizing. If the user makes the browser window very small, a warning to 'Resize the window to display table' will be rendered. Previously the user might have experienced broken pagination links.	XAP-6556
Enhancement	Allow user to change their own telephone number	This self-service enhancement allows a platform user to edit their own phone number via their profile page.If the user has enabled the two-factor authentication (2FA) security service on their smartphone, the phone number change will trigger an update to the 2FA provider, Duo.com, and the user will be prompted to update their device.	XAP-6592
Bug fix	Full screen toggle control disappears on other tabs when toggling on the R session tab	This bug fix addresses an issue with the R console reported in some browsers at high definition screen resolutions where the on-screen toggle for full-screen view was being hidden behind the application sidebar.	XAP-6619
Bug fix	User interface hangs when trying to load a folder with a dot (.) or other special characters in the folder name	This bug fix improves the creation of new folders in the workspace web interface where the name contains special characters. The fix also improves the handling of links to folders where special characters have to be encoded for inclusion in a link (URL).Please note that It is not permitted to create a folder name starting with a period or dot character '.' as this will raise an error message.	XAP-6632
Security enhancement	Missing X‐frame‐options header in PDF viewer	This item fixes a security issue raised during internal security scans. The component displaying workspace PDF files did not include the required HTTP security header to prevent attacks based on hijacking the frame (aka 'click jacking'). The framing headers are now consistent with the rest of the user interface and are set to prevent framing of the PDF viewer by any component other than the workspace application.	XAP-6636
Security enhancement	Review content security policies on error pages	This is a security related enhancement. Following an internal security scan of the web workspace, content security policies were added to static error pages to ensure consistency with dynamic parts of the application.	XAP-6639
Bug fix	Enter key does not work on the Data Table Editor 'Save As' dialog	This is a bug fix to ensure that in order to save from the Data Table Editor, the user can both click the 'Save' button and press the return key.	XAP-6647
Bug fix	Updating name of a dataset column with a different type and simpletype in the Data Table Editor can result in an error on save	This bug fix addresses an issue when renaming a column in the Data Table Editor indirectly caused an error related to the column type in the underlying database.	XAP-6673
Bug fix	Increasing the window size when on last page causes the Data Table Editor to show 'No rows found'	This bug fix address a problem with the Data Table Editor when resizing the browser window. When users were on the last page, resizing the screen resulted in 'No rows found' being displayed in error. In this situation the last rows of the table should be displayed, suitably paginated.	XAP-6684
Bug fix	SFTP transfer fails when trying to version a file that is no longer on disk	This is a maintenance bug fix improving the interaction between the workspace file management and the processing of uploads via SFTP. Under certain circumstances, the SFTP upload process would fail when transferring a file to the workspace if a file of the same name had previously existed. This change avoids an error due to the timing between the upload process and the file management process.	XAP-6687
Enhancement	Improve colour of selected mini-app tiles	This enhancement addresses a minor issue with the colour scheme of mini-apps tiles used in the workspace, improving the clarity of selected and non-selected tiles.	XAP-6696
Bug fix	Integration with Data Table Editor file versions/replay log	This bug fix ensures that when a user saves a data table back to file, a new version is created.	XAP-6772
Security enhancement	Set strict transport security	This is a security enhancement. A recent external penetration test raised a low risk concern that not all web traffic in the web workspace would be forced onto secure transport (HTTPS). In some cases, static images and stylesheets might be requested with plain HTTP. Further internal investigation identified a number of API endpoints that did not enforce secure transport. A normal user session started in HTTPS would ensure that traffic was using HTTPS but a malicious user could inspect the headers and request particular resources without HTTPS set. This enhancement ensures that all traffic for the web workspace has the correct header to enforce secure transport.	XAP-6865
Security enhancement	Input validation issues result in cell injection	This is a security fix. A recent external penetration test reported an issue where users editing data in the Data Table Editor could create cell content that indirectly could affect Excel users. Data Table Editor edits will appear in the audit log which can be downloaded by administrators, and subsequently loaded into Excel. A malicious user could insert a valid Excel function anticipating download of the audit. This might for example, construct a hidden link to a malware site. Improved validation and escaping of audit content removes the risk of this exploit.	XAP-6867
Enhancement	Reflected cross-site scripting on error message	This is a security enhancement. A recent external penetration test identified a low risk issue with the Data Table Editor. The way new cell content is validated might allow a user to execute malicious Javascript. This could only be exploited by an authorised user and would only impact their current session, however validation has been improved to remove the risk of this exploit.	XAP-6868
Enhancement	Rename 'numeric' field type to 'decimal'	In order to simplify the user experience around decimal fields, the Data Table Editor and the dataset preview feature will now use the term 'decimal' consistently rather than 'numeric' for those column types which can support decimal fractions.	XAP-6885
Bug fix	Dataset without specified varchar length prevents the Data Table Editor displaying data	This bug fix addresses an issue where a user might have a database table with character fields defined without specifying number of characters (i.e. `VARCHAR` rather than `VARCHAR(NNN)`. This specification will no longer be rejected by the Data Table Editor in error and the data should be displayed as expected.	XAP-6918
Security enhancement	Enhance content security policy configuration for duosecurity	This is a security enhancement. A recent external penetration test raised a concern with the content security policies related to integration between two-factor authentication and the workspaces web application. This policy now restricts content from the two-factor authentication security service provider Duo.com to specific fully qualified addresses, reducing the risk of malicious content being loaded in error.	XAP-6953
Security enhancement	Prevent SQL error if entering unfriendly resource names	This security bug fix is the result of a recent external penetration test which highlighted an issue in the Data Table Editor.If an error occurs in the normal use of the workspace Data Table Editor, it may be logged in the workspace audit log. The penetration test raised a concern that these errors disclosed too much about the underlying database in use and the type of validation that occurs. This fix reduces the risk that this error reporting process might be exploited by a malicious user.	XAP-6964
Bug fix	Opening, editing and then saving a CSV file in the Data Table Editor with carriage return results in a server error	This bug fix ensures that CSV files with carriage return characters are managed correctly in the Data Table Editor and can be saved back to file or database without error.	XAP-7142
Enhancement	Update the Data Table Editor search function to be case-insensitive	This enhancement ensures that search terms in the Data Table editor will match on cell values irrespective of case. Upper, lower and mixed case matches will match, improving the findability of cell values.	XAP-7192
Security enhancement	R console session history fix	This security bug fix ensures that when a user uses the R console, the system maintains a recent history for the current session. An issue was reported where a new session could be started, and the commands used in a previous history were available (by pressing the 'up arrow' key). These commands were specific to the current user but may have come from an unrelated workspace and therefore potentially disclose information. The fix ensures that the session history is also specific to the current workspace.	XAP-7316
Bug fix	The same validation of special characters should apply to both renaming and creating folders.	This maintenance bug fix addresses an inconsistency between renaming and creating folders with regards to which characters are allowable in folder names.	XAP-7428
Enhancement	Allow tenant administrators to delete workspaces	This enhancement makes it easier for tenant administrators to clean up unwanted workspaces using the integrated self-service user interface. Previously, deleting workspaces required a service desk request, however this enhancement adds this function to the self-service screens and automates the process of workspace deletion. The underlying process for deleting workspaces remains the same.	XAP-7436
Bug fix	R Shiny logs to be viewable regardless of mini-app name capitalisation	This bug fix addresses an issue where R Shiny debug logs were not visible to end users in the case where the mini-app name was capitalised. This fix includes workspaces which contain variants of capitalisation: e.g. 'all_lower' , 'ALL_UPPER', 'Cap_case' and 'camelCase'.	XAP-7633
Enhancement	Do not clear user's browser proxy exception upon logging into virtual desktops	Until this release, web access from a virtual desktop was routed through a proxy service, limiting access to a whitelist of external and internal sites. With the introduction of self-service management of firewalls for workspace virtual desktops, this would limit users accessing services that they have intentionally opened the firewall for. Firewall rules will prevent accessing other external services. As a result, the service will no longer ensure that proxy settings are reset every time users log into the virtual desktop.	XAP-7708
Bug fix	Users cannot see third line of comment content in the workspace summary tab	This bug fix addresses a display issue in the comments section of the workspace activity summary tab, where the third line of the comment text was obscured.	XAP-7709

1.20 Summary

Workspaces release 1.20 delivers new functionality to improve the flow of audit information from service components to improve scalability and performance.

Please note that not all features will be deployed at all hubs. Please check with the hub product manager to confirm if a specific feature is available.

Released features

Status	Feature	Description	Reference
Improvement	Audit scalability	The platform sub-system responsible for managing the flow of audit information from service components has been re-engineered for improved scalability and performance. The new system reduces bottlenecks that could cause delay in availability of audit information and improves the performance when a Workspace administrator downloads their audit log.	XAP-1518
Bug fix	Password reset field displays wrong form and token in error	This bug fix resolves an issue where the password reset screen displays the temporary token used to authorise the reset. The token is used in the link provided and in the URL displayed in the browser and is cross-checked with a time-bound valid token in the server. In some cases, the user followed the link in the reset email, but instead of being shown the form to reset the password, the user was shown a field requesting their username which displayed the token. The fix ensures that the correct form is shown.	XAP-4626
Enhancement	Upgrade to R 3.4.3	The version of R available in the R Console and used in R Shiny mini-apps has been upgraded to version 3.4.3. Related to this, the compatible versions of Bioconductor packages (3.6) and pandoc (2.1.3) are provided.	XAP-5349
Security Enhancement	SFTP session control and filtering for unauthorised access attempts	This is a security enhancement. At one of our hubs, multiple brute force attempts at unauthorised access to the workspace SFTP service have been observed. As a result, a configuration is being deployed to detect this kind of access and deny access from the originating internet address (IP) for a period of 30 minutes. The configuration will deny access where in a short period of time there are: Three attempts to authenticate a user account that doesn't exist, or Three attempts to authenticate a system account (root), or Five attempts to authenticate a user that does exist If users experience difficulties with this configuration, Aridhia's service desk team should be contacted.	XAP-5479
Enhancement	Do not use application cookies without user consent	This enhancement has been made in response to a customer security survey and to ensure compliance with European Union regulations on the use of web browser cookies. Cookies are essential to provide the functionality of the web workspace user interface. Only a session cookie is required and all other information is stored on the server. No 3rd party cookies are used. With this change, when a user access the web workspace for the first time, they will not have a session cookie set until they agree to the summary terms and conditions. Previously, a test cookie was set (to check whether the user's browser would accept cookies).	XAP-5564
Bug fix	Improve handling of connection error on workspace/DSA integration point	A workspace is integrated with a tenant-specific Data Staging Area. In this case, for the upload wizard functionality there is a direct connection between the user's browser and the DSA API endpoint for imports. In some configurations, network-based access rules are applied to that endpoint (for example, access is only permitted within a hospital network). This bug fix improves the error handling in the case where the user tries to upload to the DSA but connection is not possible. If the workspace has the DSA upgrade enabled, the upload wizard will attempt to connect to the DSA API responsible for import. In some cases, the user may not be able to connect to that API, for example because they are accessing the service from a network that is not permitted to connect to the DSA. When this occurs, a clearer error message will be displayed to the user.	XAP-5794
Task	Verify that the SFTP README content is appropriate for the new SFTP capability in 1.19.11	When a user logs into the workspace SFTP interface, a README file provides guidance on how uploads can be configured. The wording of the README has been revised and aligned with the Knowledge base guidance on best practices for uploading. See Guidance and best practices for uploading.	XAP-6198
Improvement	Move File sync to read only batch insert	This is a platform maintenance change to improve the interaction between the web workspace application and the workspace file system. The web component of the workspace service uses a synchronisation process to keep a model of the file system structure of the workspace. A review of the batch process following a related issue (XAP-6222) indicated that its security could be hardened by removing some indirect write operations and making it read-only. This change reduces the risk of unwarranted write operations by a system service account.	XAP-6276
Bug fix	Data upload of csv file without a header does not produce correct TDF file	The upload wizard for CSV files in the web workspace UI generates a specification file that defines the configuration used for the upload (known as a Table Definition File, or 'TDF'). This bug fix addresses an issue where the output TDF file was not recording that the CSV should be loaded without treating the first row as column headers.	XAP-6323
Bug fix	Edit Profile – Edit Photo Button does not work in SMS-IC	This bug fix addresses an issue with the look and feel at the SMS-IC instance of Workspaces where users were no longer able to edit their profile image.	XAP-6324
Bug fix	User profile pictures distorted when aspect ratio is not 1:1	This bug fix addresses an issue where users' profile image icons were being displayed incorrectly (either squashing or stretching the image) in the workspace members list and user profile.	XAP-6405
Bug fix	Data preview does not show same digits for real and double precision as the Data Table Editor	This bug fix addresses an inconsistency in the display of decimal numbers between the Data Table Editor and the preview of the workspace database. Floating point or real numbers are decimal numbers which are stored with limited precision in databases. For example, a number that is intended to be '-0.9' could be stored as '-0.899999' or similar in the database. The display system, such as the Data Table Editor, should display the data as intended.	XAP-6677
Bug fix	SFTP – Unable to log in using domainusername	This bug fix restores functionality whereby users were no longer able to log in to the workspace SFTP service using a combination of directory domain and username (in the form DOMAINusername).	XAP-6965
Bug fix	Password reset link in email fails when browser has not accepted cookies	This bug fix ensures that passwords can be reset when a user has not already agreed to storing the session cookie in their browser.	XAP-7201
Bug fix	Critical vulnerability in workspace New Folder creation	This bug fix addresses a security vulnerability in the folder creation process using the Workspace web user interface. This prevents a malicious user from injecting malicious code as part of the request.	XAP-7320

1.19.12 Summary

Workspaces release 1.19.12 delivers a significant new capability which addresses users' requirement to edit, modify and create new data tables from within their workspace. The first version of the Data Table Editor has been shipped as part of this release, with further iterations expected in coming months.

Please note that not all features will be deployed at all hubs. Please check with the hub product manager to confirm if a feature is available.

Released features

Status	Feature	Description	Reference
Improvement	Editing Data tables within the Web Workspace	The Data Table Editor is a new optional component in the web workspace which enables users to quickly and easily edit, modify and create new data tables in a fully audited process. The 1.19.12 release includes the first version of this new functionality. The Data Table Editor is designed to work with a specific data structure known as a 'data frame' whereby each row represents a study record and each column is an identifier, a variable or an outcome measure in that study. This allows users to manually prepare data, including: Editing data tables inline, in a point and click manner. Manually transcribing or modifying data by creating new tables directly into the workspace in cases where no alternative electronic data capture tool exists. Loading and editing existing data frames. Key features of this initial Data Table Editor release include: Access as an integrated web workspace functionality. Load existing data from workspace CSV files, database tables and views. Load table sizes up to 10,000 rows by 100 columns. Create data tables from scratch. Set column types (integer, decimal, text, Boolean, dates and times) with in-line validation. Add new rows and new columns to existing data tables. Undo or redo of actions (up to the memory limit of the user's browser). Save edited data table as workspace CSV file or database table. Move through paginated view of data table. Navigate table with keyboard (arrow and tab keys etc.) Hide, modify and delete columns. Future iterations are expected to feature analytical modules optimised for the biomedical field. More detail on using the Data Table Editor can be found at knowledgebase.aridhia.io/article/using-the-data-table-editor/	XAP-4724
Bug fix	If tenant admin highlights a workspace in their organisation, a 'workspace_access' event is logged in the workspace	This releases fixes an issue whereby tenant administrators triggered unwarranted audit events when browsing the list of workspaces they administer. The event was unnecessary as the tenant administrator was not accessing either the workspace or its data. This release ensures that workspace administrators will no longer see a 'workspace_access' event related to such tenant administration actions.	XAP-5396
Bug fix	If you upload a file with the same name at same time in two different SFTP folders for same workspace, one will not be processed	This is a platform maintenance fix. A bug was reported whereby a user could upload files, but only one file was processed. This was the case when files with the same name were uploaded to the /data folder and at more or less the same time to one of the /documents or /scripts folders. This issue was traced back to the way in which intermediate files were named in the ETL process and additional hardening ensures that files are handled correctly. As such, files arriving on the ETL export will have a random number suffix in addition to the already existing date timestamp suffix. This internal convention is opaque to the end user.	XAP-5816
Bug fix	Unexpected audit messages in demo workspace	This release fixes a bug reported on audit log contents where an internal demo workspace was recreated. An issue was reported at one of the workspace hubs whereby audit events were misattributed in cases where a workspace was deleted and then recreated with the same name. Until workspace deletion, events should be attributed to that workspace. After deletion, in some cases, audit events were being attributed to a new workspace of the same name. Additional guards were placed to ensure that events are no longer being misattributed. In addition, the audit log now provides information about the role users were in at the time of activity logged.	XAP-5860
Bug fix	Version menu does not refresh content of current version when moving from a previous version	This release fixes a bug in the interaction between the workspace web user interface and the sftp upload components which caused versions of files with the same filename to be mismanaged. The fix ensures that updates to files maintain the version history.	XAP-6012
Bug fix	Cannot save plot from R	This release fixes a bug within the R console reported at hubs following the 1.19.11 release deployment. Saving images from the R console no longer raises a server error.	XAP-6328
Bug fix	There is no audit event logged when uploading to the datafiles folder	This is a security-related system maintenance fix. A bug was found in release 1.19.11 whereby SFTP uploads to the /datafiles folder were not logged. This was traced to a misconfiguration of the monitoring and audit subsystems and a change in this release restores the expected behaviour.	XAP-5440
Improvement	Optimise workspace members dialog with server side paging	Workspace administrators can invite new members to a workspace using an 'invite' tool. This release speeds up the performance of this tool when searching or paging through the list of users. The search function works across first name, last name and department.	XAP-5496
Improvement	Document upload should allow up to 1GB files	This release ensures consistency between limits on uploading CSV files as data and uploading files to the /documents and /scripts workspace folders. Both routes cap the acceptable file size to 1GB.	XAP-5934
Bug fix	Password expiry emails not being sent	This release fixes a configuration issue where a convenience email was not being sent to users close to expiry of their passwords.	XAP-6131
Improvement	Point and click option to delete datasets	This feature enhancement make it easier for users to manage their data by bringing the option to delete datasets (database tables and views) directly into the workspace.Previously, deleting datasets required users to write a DELETE query in the SQL Editor. This enhancement allows users to easily delete assets using a delete button in the workspace right-hand sidebar. Upon selecting to delete an asset, the user is prompted to confirm the deletion of other database objects that depend on that which is being deleted.	XAP-4397
Bug fix	IE10: Editing workspace summary text lose newlines	This is a maintenance bug fix related to the way the IE10 browser handles edits to the workspace summary description. Due to limitations in the way the browser works, new lines of text were being lost. This release provides improved handling of the IE10 case in order to preserve this new content.	XAP-4622
Bug fix	Copying dataset through Airlock results in failure if integer column contains NULL values	This bug fix addresses an issue with data uploaded with field-level annotations specifying how to handle empty or null values in the source CSV files. If such files were subsequently exported from the workspace through the Airlock, the way the annotation was handled at that stage failed.In this release, this issue is fixed, ensuring that all values, data types, nulls and metadata are preserved.	XAP-4813
Bug fix	Incorrect password validation feedback	This is a security-related system maintenance fix. The 1.19.12 release provides improved handling of how password validation is shared between the workspaces web application and the underlying user directory. However, due to technical limitations in the directory service, it is not possible to address all validation errors. Users should therefore follow the guidance on safely resetting their passwords provided at knowledgebase.aridhia.io/article/recovering-and-resetting-your-workspaces-password/.	XAP-5116
Bug fix	Users with mixed case email will not be able to login	This is a security-related bug fix to internal platform integration. Changes in the centralisation of user information require an internal check of the user's email address. An issue arose whereby users could not log in to their workspaces if the email address on record in the workspaces services did not match the case of the user's email in the platform Management API. This issue has now been resolved.	XAP-5218
Bug fix	Incorrect options provided in data upload workflow when DSA upgrade is enabled	This item fixes three bugs related issues to the data upload workflow. This issue was reported by a tenant at one hub where their workspaces can be integrated with their tenant specific Healthcare Landing Zone (HLZ). The upload process has been changed to ensure that the presence of the integration is interpreted correctly and the correct options are provided to the user when uploading data.	XAP-5371
Bug fix	Next button in Workspace list takes you to an empty Workspace list	This release fixes a bug in the pagination of workspaces where, in some cases, the 'Next' navigation button did not take the user to the appropriate page.	XAP-5497
Security Enhancement	Potential path-based vulnerability in version API	This is a security fix. A customer-initiated security scan indicated that a static file that provides the current version of the workspaces internal API could be retrieved using path wild cards, e.g. /VERSION could be retrieved using /VERSION.gz. This was a low impact risk as no data was exposed, however the capability has been removed as a precautionary measure.	XAP-5524
Security Enhancement	Clickjacking – Framable Page risk in static content	This is a security related change to reduce the risk of the specific content in the web workspace (e.g. static terms and conditions) being maliciously embedded in a 3rd party site as part of an attack. The low impact risk was highlighted in a customer-initiated scan.	XAP-5527
Security Enhancement	Harden SSH ciphers and remove redundant puppet code	This is a security-related maintenance fix. Feedback from 3rd party penetration testing recommended removing ciphers in the user SFTP and service access interfaces (ssh) that are now considered weak. Reconfiguring automated component deployment ensures that the weak ciphers are no longer accepted for connections across the platform entrypoints.	XAP-5825
Bug fix	Newly created file with the same name as a file in scripts root dir will incorrectly assume that the file was moved from scripts	An issue was raised by customers at one of our hubs where files with similar names conflicted with an internal process and in some cases content was over-written as a result. This release formalises an interim patch release which addressed the issue and has already been deployed to the hub.	XAP-5910
Bug fix	workspace_deletion event didn't show up in api local audit file	This is a security-related system maintenance fix. When a workspace is deleted, an event will now be consistently logged to the platform audit log.	XAP-6063
Bug fix	Errors raised when processing SVG images	This is a maintenance fix. Internal monitoring of error logs raised an issue where SVG files were not being handled consistently as image files, which raised unnecessary error messages.	XAP-6128
Security Enhancement	Where the Application Server mount is unavailable or unstable the file sync may delete content	This is a maintenance fix. An issue arose in a hub where instabilities in the integration of the workspaces web application, the workspace file system and other networked systems could cause some files to be deleted in error. The instabilities reported were found in the file system component when operating under heavy network load. An investigation was undertaken, interim actions taken and this release implements a system change that removes the risk.	XAP-6222

1.19.11 Summary

Workspaces release 1.19.11 delivers new functionality to improve the performance of SFTP uploads and enable self-service provisioning of Data Staging Areas (where this feature is offered).

Please note that not all features will be deployed at all hubs. Please check with the hub product manager to confirm if a feature is available.

Released features

Status	Feature	Description	Reference
Improvement	Use central file system for SFTP and ETL file storage	To improve the performance of the SFTP-based workspace data upload functionality, internal changes have been made to the way data is stored and processed at the time of ingest. The previous system staged data in an interim location prior to processing, resulting in bottlenecks where a user was uploading large files or many files. The new design writes inbound data directly to a secure area of the underlying file server used by the workspace. When transferring large files, this provides significant performance advantages at the time data is received, as well as the time it is transferred to the secure workspace file system. Concurrent usage is also improved.At the same time, we have improved our testing framework and test runs to obtain better data about system performance. This should lead to future improvements and enable Aridhia's Workspaces team to work with customers to troubleshoot any problems that may arise. Please provide feedback on performance via support@aridhia.com	WORK-186 XAP-5044
New	Self-service provisioning of Data Staging Area resources	Workspaces Ecosystem customers may implement a Healthcare Landing Zone (HLZ) in order to bridge a hospital network and workspaces. Within the HLZ are two key resources: a Data Staging Area (DSA) which provides the ability to manage data for secondary use, and a De-identification Service, where sensitive information can be stored and retrieved if research participants need to be re-contacted for follow-up.Where integrated self-service provisioning is in operation, a Tenant Administrator may enable or disable the DSA functionality for workspaces in their organisation. Not all the Workspaces customers have implemented a Healthcare Landing Zone. In those cases, the option to upgrade a workspace with DSA functionality will not be available.	WORK-378 XAP-4665
Improvement	R 3.4.1 support	The version of R used in the R console and R Shiny was updated to R 3.4.1. Related packages in the CRAN mirror were updated for compatibility.	WORK-322 XAP-3571
Bug fix	Need a more powerful 'iconv' for the R console	The utility 'iconv' converts text from one encoding to another. For example, text from a Windows-encoded file might need to be converted to the international standard UTF8. The version of 'iconv' available to R packages on the R console is the open source 'gconv'. This was reconfigured to ensure proper functioning.	WORK-328 XAP-4818
Bug fix	R console time is out of sync with the rest of the platform	A system configuration issue was addressed where the system time reported on the R console was not in sync with times on other platform components.	WORK-354 XAP-4396
Improvement	Confusing 'export to datafile' button in datasets view	Some users reported that the option to export from the database to the workspace 'datafiles' files folder might be misleading, and that clarification that it is not an export out of the workspace (which is provided by the 'Airlock' function) was required. A warning message was added to the Export dialogue to clarify what the function does and indicating the option to use the Airlock function.	WORK-351 XAP-4393
Improvement	Link to online help uses the Knowledge Base	When the user clicks the menu link to get 'Workspaces help' they are now taken to the improved user guides at knowledgebase.aridhia.io.	XAP-4756
Bug fix	Non-scrolling page in dataset upload	When uploading data via the web workspace functionality, the user is given a screen to define metadata and processing instructions for each field in the inbound file. Improved scrolling addressed an issue where some fields could not be displayed when the user's browser window size meant that it was unable to scroll to the fields below the bottom of the display.	WORK-370 XAP-4516
Bug fix	Keep workspace context when clicking workspace summary links	Links in the workspace summary page were taking users to a new tab, where they might lose workspace context (such as a running R console). This has been fixed to ensure that users stay in context.	XAP-4465
Bug fix	Improved memory handling on audit download	In some cases, the process to generate a download from the workspace audit was causing server memory errors. This has been partially addressed to reduce the risk of disruption to users. Further work is planned in 1.19.12.	XAP-4545
Bug fix	'Date' attribute defaulting back to 'text' when uploading csv via UI	When uploading data, a user can change different data types for columns from those provided by the CSV parsing system. When the encoding is changed, the CSV file is re-parsed since the column delimiters might be affected by the encoding. A bug fix ensures that if the columns have not changed, user choices should be retained.	XAP-4956
Security enhancement	The image preview endpoint is restricted to image content types	In an earlier release, an issue was fixed where authorised users could call an internal URL to download their workspace files without audit. This has now been further enhanced to ensure that the URL endpoint is used as intended: the URL will only permit audited access to image files (gif, jpeg, png, svg, bmp, icon).The choice of image file types supported is based the W3C standard for mime types and best practice of web-safe image types, since this internal URL is intended only to display images in browsers during a valid workspace session and is not presented directly to the end user.	XAP-4195
Security enhancement	Audit event added for PDF preview	Following a review of the item described above, the internal URL used to display a PDF file during a valid workspace session was given an additional audit event, in case a user subverted its use to attempt to stream PDF data outside the browser.	XAP-4596
Security enhancement	Observer users should not be able to attempt to execute SQL using a keyboard shortcut	An Observer user should not be allowed to run any SQL queries, but can view/open the SQL workfiles. When an Observer accesses an SQL workfile, the Run file button is disabled by default. This has been reinforced by preventing a user from executing the SQL using an existing (but not displayed) keyboard shortcut that was not disabled for Observers. Underlying database permissions already restricted the impact of this attempted execution. Previously, when an Observer executed SQL using the shortcut to retrieve results, no data was returned. Similarly, no data could be added or deleted by this route.	XAP-4812
Improvement	Show more details on error dialogs when provisioning errors occur	When tenant administrators provision workspaces, errors can sometimes occur. In order to facilitate support and resolution of the underlying issues, the error dialogue has been improved to include more detail about the context of the error.	XAP-4316