Skip to content

Releases: cofoundry-cms/cofoundry

0.12.0

05 Apr 13:02
@HeyJoel HeyJoel
v0.12.0
2b1ba88
Compare
Choose a tag to compare
0.12.0 Latest
Latest

Features

  • #543 Migrate to .NET 8
  • #335 Support for webp and SVG image assets
  • #537 DomainRepository: Patch: Better handling of nulls

Bug fixes

  • #519 Concurrency issue in HtmlSanitizer
  • #542 Not able to see pagination on asset picker pop up

Docs

  • #316 Image Save Location
  • #539 Null exception when calling app.UseCofoundry();
Assets 2

0.11.4

18 May 20:20
@HeyJoel HeyJoel
v0.11.4
dcb6f06
Compare
Choose a tag to compare
0.11.4

Bug fixes

  • #538 UpdateDocumentAssetCommand: throwing permission error when executing with elevated permissions/system user execution context as BackgroundTask
Assets 2

0.11.3

06 Nov 17:39
@HeyJoel HeyJoel
v0.11.3
a71dc4b
Compare
Choose a tag to compare
0.11.3

Bug fixes

  • #518 Used package (Underscore@1.8.3) in Web Admin contains known vulnerabilities
Assets 2

0.11.2

03 Nov 08:06
@HeyJoel HeyJoel
v0.11.2
adeff5a
Compare
Choose a tag to compare
0.11.2

Bug fixes

  • #517 Remove google fonts to be GDPR compliant
Assets 2

v0.11.1

02 Aug 08:38
@HeyJoel HeyJoel
v0.11.1
7b49785
Compare
Choose a tag to compare
v0.11.1

Bug fixes

  • #516 Add Page: Custom entity page triggers unresolvable validation error
Assets 2

0.11.0

02 Aug 07:12
@HeyJoel HeyJoel
v0.11.0
42dd946
Compare
Choose a tag to compare
0.11.0

Features

  • #486 .NET6 Migration

Bug fixes

  • #515 Admin Panel: Developer exception page no longer shows
  • #508 Error Logging Plugin: Limit overflow on long fields

Docs

  • #506 Document how to add TinyMCE Plugins
Assets 2

0.10.3

09 May 19:34
@HeyJoel HeyJoel
v0.10.3
4b94bf9
Compare
Choose a tag to compare
0.10.3

Bug fixes

  • #513 REDIRECT TO SIGN-IN flag not saving
  • #510 Admin Role appears able to edit Super Administrator
Assets 2

0.10.2

04 Apr 12:53
@HeyJoel HeyJoel
v0.10.2
763303a
Compare
Choose a tag to compare
0.10.2

Bug fixes

  • #507 Internal Server Error when attempting Delete
Assets 2

0.10.1

28 Mar 15:06
@HeyJoel HeyJoel
v0.10.1
f1e7a17
Compare
Choose a tag to compare
0.10.1

Features

  • #505 ApiResponseHelper: Ability to execute a command and return a custom action result

Bug fixes

  • #504 WebUserSessionService: GetUserIdByUserAreaCodeAsync should return null outside of a web request
  • #503 ApiResponseHelper: RunWithResultAsync returns 404 instead of 400 on error
Assets 2

0.10.0

11 Mar 11:54
@HeyJoel HeyJoel
v0.10.0
118d6a2
Compare
Choose a tag to compare
0.10.0

Features

Pages and Directories

  • #187 Pages / Directories: Restrict by User Area
  • #200 Pages / Directories: Increase maximum url slug length
  • #464 Page Directories: "Name" property is superfluous
  • #465 Pages / Directories: Naming of FullUrl inconsistent
  • #288 Page & Custom Entity: Add update date
  • #463 Page Directories: extract ChangePageUrlCommand from UpdatePageDirectoryCommand
  • #462 Improve Page Message Publishing: Including changed urls and propagate directory changes
  • #461 Page Directories: Publish Command Messages

User Areas

  • #467 Users: Name should not be required
  • #496 Users: Add "DisplayName"
  • #495 UserMicroSummary: Remove FirstName, LastName, Email fields
  • #490 Users: Deactivate
  • #485 Users: Confirm Account
  • #479 Self-service Password Reset: Rename to "Account Recovery" and audit/tidy
  • #470 User Area Admin: Misc improvements

Configuration

  • #493 AuthenticationSettings: Move to UserSettings.Authentication
  • #477 UserArea: Make unique validation of emails optional
  • #476 User Areas: Configurable Email and Username validation
  • #468 Email Uniqueness: Support IDNs and improve uniqueness handling
  • #499 Roles: Improve initialization

API Improvements

  • #82 UserRepository, LoginService and missing queries/command
  • #473 IAdvancedContentRepositoryUserRepository: Move "Current" out to own child repository
  • #489 Rework the auth controller helpers, replacing with a solution based on the content repository
  • #488 User Auth: Replace ILoginService with Queries and Commands
  • #482 UserLoginInfoAuthenticationResult: Replace Error enum with a ValidationError with standardized error codes
  • #487 Change uses of the term "Login" and "Logout" to "SignIn" and "SignOut"
  • #281 Add message/event publishing for Users
  • #474 Remove UserAccountDetails projection

Security

  • #494 Users: Soft-deletes should anonymize data
  • #492 UserLoginLog: Rename to UserAthentication and move rate limit settings to user settings
  • #491 Users: Add duration padding to the execution of commands and queries succeptible to time-based enumeration attacks
  • #480 User Admin: Force password reset
  • #478 Users: Security stamp / session invalidation
  • #469 User Areas: Configurable password policies
  • #454 Migrate to ASP.NET Core Identity IPasswordHasher

Mail Templates

  • #215 Allow admin mail templates to be easily overridden

Misc

  • #405 Show friendly enumeration item names
  • #415 Improved handling of AuthenticationFailedException in ApiResponseHelper.RunCommandAsync
  • #497 ContentRepository: Add overloads to patch update commands
  • #483 IDomainRepository.WithExecutionContext: Support passing in IUserContext
  • #472 IUploadedFile: Improve the public API and document
  • #484 Domain.Data: Specifiy DateTime properties as DateTimeKind.Utc
  • #481 Remove obsolete APIs (pre v0.10)

Bugs

  • #409 Improved error handling for serialization errors
  • #458 Page Template has two Regions but Admin says it has none

Docs

  • #162 Provide better documentation for authentication
  • #190 User Areas: Samples and better documentation of creating user management screens
  • #200 Add guide for setting up email via plugins
  • #423 Configuring data protection system
  • #419 Nested Transactions

Breaking changes

Term Changes (system wide)

  • Term "PasswordReset" (self-service forgot-password style) changed to "AccountRecovery" to avoid confusion with passwords being reset by an administration user.
  • Term "Login/Logged In" changed to "Sign in/signed in"

Models

  • CustomEntityDetails.FullPath is now CustomEntityDetails.FullUrlPath
  • IPageRoute.FullPath is now IPageRoute.FullUrlPath
  • PageRoute.FullPath is now PageRoute.FullUrlPath
  • CustomEntityPage.FullPath is now CustomEntityPage.FullUrlPath
  • PageSummary.FullPath is now PageSummary.FullUrlPath
  • CurrentUserViewHelperContext.IsLoggedInis now CurrentUserViewHelperContext.IsSignedIn

Queries

  • GetUserLoginInfoIfAuthenticatedQuery now returns UserLoginInfoAuthenticationResult instead of UserLoginInfo directly and now includes checks for max login attempt validation.
  • Role queries such as GetRoleByIdQuery now return null if an id is specified but no role is found. The original behavior returned the anonymous role, which was unintentional; specifying null as the Id however still returns the anonymous role as intended.
  • GetEntityDependencySummaryByRelatedEntity is now GetEntityDependencySummaryByRelatedEntityId (naming consistency)
  • IsEmailUniqueQuery is now IsUserEmailAddressUniqueQuery
  • GetUserLoginInfoIfAuthenticatedQuery is now AuthenticateUserCredentialsQuery
  • GetUpdateCommandQuery is now GetPatchableCommandQuery
  • GetUpdateCommandByIdQuery is now GetPatchableCommandByIdQuery

Commands

  • AddCofoundryUserCommand has been removed and replaced with the more generic AddUserWithTemporaryPassword.
  • Url updating parts of UpdatePageDirectoryCommand replaced with dedicated UpdatePageUrlCommand
  • CompleteUserPasswordResetCommand is now CompleteUserPasswordResetRequestCommand
  • InitiatePasswordResetRequestCommand is now InitiateUserPasswordResetRequestCommand
  • CompleteUserAccountRecoveryByEmailCommand.SendNotification has been removed and replaced with a config setting Cofoundry:Users:Password:SendNotificationOnUpdate
  • UpdateUnauthenticatedUserPasswordCommand is now UpdateUserPasswordByCredentialsCommand
  • UpdateCurrentUserAccountCommand is now UpdateCurrentUserCommand

Content Repository

  • IAdvancedContentreporsitory.Users().AddUserCommandAsync is now IAdvancedContentreporsitory.Users().AddUserWithTemporaryPasswordAsync
  • ContentRepository.Users().AddUserWithTemporaryPasswordAsync() is now ContentRepository.Users().AddWithTemporaryPasswordAsync()
  • ContentRepository.Users().UpdateUserAsync() is now ContentRepository.Users().UpdateAsync()
  • ContentRepository.Users().DeleteUserAsync() is now ContentRepository.Users().DeleteAsync()
  • IAdvancedRepository.Users().IsEmailUniqueAsync is now IAdvancedRepository.Users().IsEmailAddressUniqueAsync
  • IContentRepository.CustomEntities().GetByDefinitionCode(string).AsRenderSummary() is now AsRenderSummaries()

Auth

  • IAuthConfiguration has been updated to make it easier to override specific parts of the configuration. See the class for more details.
  • CofoundryAuthenticationConstants.FormatAuthenticationScheme is now AuthenticationSchemes.UserArea
  • IUserAreaDefinition.IsDefaultAuthSchema is now IUserAreaDefinition.IsDefaultAuthScheme (typo)
  • AuthenticationFailedException has been removed as it is unused. If an action is not permitted use NotPermittedException instead.

Misc

  • IUserAreaDefinitionRepository.GetByCode renamed IUserAreaDefinitionRepository.GetRequiredByCode to be consistent with other definition repositories
  • Much of Cofoundry.Web.Identity has changed, but should still be familiar. If you're using these do check ...
Read more
Assets 2