Skip to content

Version 0.9.1.49
Compare
Choose a tag to compare
@davidpofo davidpofo released this 13 Jan 00:32
v0.9.1.49
427495f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

v.0.9.1.49 (January 12, 2021)

IMPORTANT

ADMIN NOTE: New users registering in your GovReady instance PRIOR TO THIS VERSION may not see any Compliance Apps when starting a project. This bug has been fixed, but ADMINS MUST ADD PERMISSION "guidedmodules | app source | can view app source" TO EACH USER TO FIX PERMISSIONS FOR EXISTING USERS. SEE DJANGO ADMIN CUSTOMER ACTION "add_viewappsource_permission" TO ADD SELECTIVELY ADD THIS PERMISSION TO USERS.

For statements created before this release, you can call the django-simple-history populate command to generate an initial change for preexisting model instances:
python manage.py populate_history --auto and/or python3 manage.py populate_history --auto depending on your python link

Feature changes

  • Add default Organizational Defined Parameter values.
  • Track batch imports of components (via OSCAL) into component library for tracking and management purposes; enable deletes of batch imports.
  • Support defining multiple allowed hosts via the local/environment.json file.
  • Allow administrators to change component name and description in Component Library.
  • Existing projects can be moved between existing portfolios.
  • Edit existing portfolio's title and description.
  • Delete existing portfolio.
  • Add default Organizational Defined Parameter values.
  • Add an autocomplete in component library to look up controls across multiple catalogs for writing a control implementation statement.

UI changes

  • New dialog in Component Library for importing components in OSCAL JSON format
  • New screens for tracking and deleting batch imports of components (via OSCAL) into component library.
  • Add "Edit" button in Component Library for Administrators to rename a component.
  • Add "Move Project" action button on project page to move project to a different portfolio.
  • Add "Edit Portofolio" links on portfolio page for editing portfolio details and deleting portfolio.
  • Conditionally show button to delete portfolio if portfolio is empty and user has permission to change portfolio.
  • Support a Select2 autocomplete dropdown selection box in the component library to assign a control when authoring a new component control implementation statement for a component in the library.
  • You can now click the history button in a given statement's panel in the controls selected implementation statement page or component library.
  • Added error messages for any files that fail validation for Comment Attachment uploads

Data changes

  • Add default Organizational Defined Parameter values.
  • Add validators argument to the file field in the Attachment model.
  • Add history field in the Statement model. This is the source for the new HistoricalStatement table that captures all Statement history.

Developer changes

  • New controls.models.ImportRecord model for tracking batch imports of components (via OSCAL) into component library.
  • New routes and views related for tracking batch imports of components (via OSCAL) into component library.
  • Fix OSCAL component import to use "statement" JSON property.
  • Support defining multiple allowed hosts via the local/environment.json file via new allowed_hosts environment parameter.
  • Added route controls/api/controlsselect/ and view api_controls_select to get list of controls.
  • Modified view save_smt to just save prototype statement when statement is being created in the component library.
  • Modified template templates/components/element_detail_tabs.html to use jQuery select2 for autocomplete and search of catalog of controls to add a control to a component.
  • Update hidden sid_class field with catalog human readable name. Add hidden field form_source to identufy to save smt view that we are receiving form submission from component library.
  • Add 'label' value to oscal.Catalog.cx.get_flattened_controls_all_as_dict.
  • Introducing model history tracking with django-simple-history.
  • Update various Python libraries.
  • Added file extension, size and type validation for Comment Attachment uploads.
  • Introducing request profiling with pyinstrument.
  • Add default controls.models.OrgParams class to support basic, default generation of orgizational defined parameters.

Bug fixes

  • Fix missing "part" field on Component's component statement form and incorrectly displaying the "remarks" field (#1232)
  • Fix display of OSCAL into correct tab on system's component's page
  • When generating OSCAL component files, emit statement elements with ids that correlate with the control catalog.
  • New non-admin users did not have the permission to view appsource. Added permission after the new user is created with the SignupForm from allauth.account.forms.

v.0.9.1.48.1 (December 17, 2020)

Bug fixes

  • Fix handling of static files. Create new static-root directory outside of siteapp into which to collect static files.
  • Remove bad path reference to select2 javascript libraries in component library page.
Assets 2
Loading