Improvements

The issues mentioned under the section improvements are considered as new functionality, user experience improvements and bug fixes.
Issues marked as Hotfix have been developed during this Sprint release, but are hotfixed and technically added to the previous release or direct to production based on the impact of the issue.

‍

Details of a request in the request log is not shown - CUR-1849 (Hotfix)

The request log provides an overview of all integration messages exchanged from and to Curriculum. When clicking a single line, a modal should open providing all the message details. The modal however wasn't shown on click anymore. This has been (hot)fixed to enable proper access to the request log details.

‍

In case a module is a copy from another module, the originating module should be available - CUR-1842

When creating a new module based on a copy of an already existing module, a reference (module code) to the originating module is added to the new module. The custom-field used is originalId (technical name) and is made available to be selected and added to module reports. Furthermore, the field can be shown on the general tab, so it's immediately clear if and what the originating module is.

When creating a new year, the originalId is not copied, to prevent providing copy information that was only relevant in the previous year when the copy was made.

‍

As an administrator I want better insight and management options for configuration changes applied - CUR-1613

When testing new configuration options these are mostly first implemented and tested in an acceptance environment. Once the configuration is tested and approved, the configuration will be migrated (re-done) in the production environment. The audit trail provided an overview of all configuration changes made, with the option to filter the changes made between defined dates. In case a huge number of changes were made during this date interval, and multiple users were migrating the configuration to production the overview could get lost.

A change has been made to the audit trail to offer better support handling changes:

1. The audit trail offers a direct link to the object affected during the change, e.g. direct open the page that has been changed
   The direct link cannot be added to all changes, but for the most used change-types they are available
2. A checkbox is added to enable marking a change has been handled, for instance in Production
3. A filter is added to the search to show all handled, or not handled changes

A pro-tip could be to keep your audit-trail clean and once a configuration migration has been done and tested on production it could be a wise idea to remove the 'old' audit-trail from the acceptance environment using the Script 'Clear audit logs'.

‍

Characters should not be replaced with encoded characters in plain text descriptions - CUR-1855 (Hotfix)

In case a descriptive text has been marked as 'plain text' some characters were changed into HTML encoding. E.g, > was translated to > and shown as such in the plain text.
This has been fixed by excluding plain text descriptions from any form of encoding characters.

‍

The subject matrix should provide a filter that only shows the modules with directly relation to a subject - CUR-1833

In case a subject (learning outcome / skill) is assigned to a module, based on configuration the module/subject combination can be assigned to specific programs. This means the module can have subjects that are just defined, and subjects that are defined and related to one or more programs. If a module has different subjects, they can be assigned to different programs.

The standard behaviour of the subject-matrix is that all modules and their subjects are shown if the module is part of the program. The new added filter allows for filtering to only show the modules that have a defined relation with the program at subject level.

‍

The subject management screen for module should show the information clearer - CUR-1835

In the above mentioned improvement the module / subject assignment to one or more programs is mentioned. The visualisation of the subject management screen with the fields configured to show the subject -> study relation showed all information for the different columns on a single line. The visualisation is improved to show the information in a more user-friendly manner, by showing information on a single line and providing tooltips on description information that exceeded the column width.

Description page should not show the text for simplified Chinese twice - CUR-1883

In case both traditional and simplified Chinese are configured as supported languages for descriptive texts, the texts were shown twice for simplified Chinese. This has been fixed by using a more strict language code matching pattern, so the information is in all cases shown only once as it should be.

‍

Deleted offerings, related activities-series and lecturers should not be used in workload calculations - CUR-1896

In case an offering is removed (logical deletion) from a module, and that offering had assigned activity-series and lecturers on the activity-series the workload calculation for that module also included these hours. This has been fixed, so removed offerings are now excluded from the calculations.

‍

Column headers should not be mixed-up in the organisation report - CUR-1888

A bug was found where the header columns of the organisation report were not shown above the right (corresponding) column. This causes the data shown in the correct header not having the right header. This has been fixed, so the header and data shown are inline again.

‍

The activity-series-report template should show the correct defined report-templates - CUR-1892

The activity-series-report template configuration provides, like all other report-based templates, the option to select an available predefined report template with the relevant columns and filtering in place. In this case, the report templates from an incorrect data type were shown. This has been fixed, so the correct templates are shown as selectable options.

‍

Date and date-time fields should be editable - CUR-1876 (Hotfix)

A bug was introduced that prevented to edit date and date-time fields. This has been (hot)fixed, so these fields can be edited again.

‍

The scheduled-activity report template should support showing the sum of the duration per activity-series - CUR-1311

The report showed a column that calculated the hours per activity-series. The request was to add a 'sum' value at the bottom of that column.

We not only did at that sum option, but created a second column to visualize both the calculation of all hours for the activity (existing) and the calculation of the hours per student.
The big difference is:

• the 'total hours' formula contains the number of groups, so 4 activities of 2 hour for 4 groups = 4 * 2 * 4 = 32 hours.
• the 'student hours' doesn't use the number of groups, so 4 activities of 2 hour for 4 groups = 4 * 2 = 8 hours.

Both columns are visible and show the total hours.

Configuration:

• Navigate to the custom-page of the scheduled-activity-report
• Select the tab Fields
• Add the field named Total student duration

‍

Hyperlinks in notification are not clickable for the recipient - CUR-1792

In case a hyperlink was added to a notification, after sending the notification to the recipient the link was no longer clickable. This has been fixed, to the link can not only be defined, but is also clickable for the recipient.

‍

Prevent admins to define a calculation with the same filter twice - CUR-1706

We noticed that in case a calculation rule was defined with the same filter, the screen was refreshed and a change was made to either one of the two, the other one disappeared. This was caused since the condition should only appear once in a rule, and the logic didn't cater for this edge case. The improvement applied is that in case a second calculation rule is defined with the same condition, the user is warned it cannot be saved and the condition should be defined/changed.

A simple fix, but a fun story to find out what was actually happening behind the scenes.

‍

URL clicked should be used as the final URL even if SSO login is required - CUR-1816

In case a URL to a page in Curriculum is sent as a hyperlink and the user clicks it, the user should end up on that page. In case the user was not logged in (yet), the user first has to login. In case the login was based on standard SSO, the link information was lost and the user ended up at the dashboard. This has been fixed, so the user will end up on the page set in the link, even after SSO login.

‍

As a program coordinator I want to have insight in the used assessment types - CUR-1836

A new template (assessments-matrix) has been added to provide a matrix based overview of the assessment types used in a program, including the quantity of the different types.

It is a first iteration of the template, where we would love to get feedback on functionality (filtering, sorting, sum, ...) that might be of value for this report.

‍

‍

The weekly availability pattern and incidental availabilities should be on separate pages - CUR-1735

The weekly availability pattern was extended with a 'pretty well hidden' option to add specific unavailabilities, for instance a training or conference on specific dates.

To improve readability and prepare for some upcoming changes around the ad-hoc unavailabilities the page is split into two different pages:

• availability-preferences (formerly know as schedule-preferences) template to define you weekly pattern
• availability-request template to define you ad-hoc unavailabilities

Both pages are available to be used in Tabs and in Workflow, opening up the path to allow users to do an ad-hoc unavailability request and include an approval step. The support for this case will be improved in the upcoming sprints.

‍

Integration

The issues mentioned under the section integration are considered as extension, improvements or bug fixes related to the Curriculum API, OOAPI and/or CSV import functionality.

‍

Person updates should be immediately effective when updating via the API - CUR-1865 (Hotfix)

By adding the option to manage additional attributes on person level, e.g. skills, qualification, the audit-trail and change approval functionality was added too. This could have a side effect that in case a manual change was applied to a person that has not yet been approved and the API got an updated for that person the change was not applied due to the pending change.

Since the change overview and approval was not shown correctly for persons, it was not clear if there were pending changes to understand why a specific change was not applied.

This has lead to three changes:

1. Enable access to the change log at person level
2. Enable the option to approve pending changes
3. Add an option to the person configuration to enable the API to bypass and immediately approve changes applied using the API

Especially the last option should be set in case users are automatically provisioned and person information can and is still managed manually in production environments.

Configuration

• Navigate to the person custom types (general tab)
• Set the option Approve automatically to true

‍

The minimal supported length for an external ID should be 72 - CUR-1857

As part of the integration between the different TimeEdit products the minimal supported size for externalId's in Curriculum has been set to 72 for the objects that had a smaller supported length. This to stay in line with the supported length in the other products which is set to 72.

‍

Activity import using CSV should not overwrite activity-series in previous years - CUR-1867

In case activity-series are uploaded using CSV and the used externalId was equal to an already earlier used one, the activity-serie was moved and not created as a new one. Which could be considered 'as designed', since the same externalId was used. But still a change has been applied to prevent this from happening.

When loading data not only the externalID is used, but also the year the data is loaded for. By changing the uniqueness check to this combination including year, a CSV import will create a new activity-serie in the year the upload is done for.

‍

Roles no longer active / ignored should not be present in a message - CUR-1810

The standard message didn't filter out any inactive / ignored roles. This meant the roles were part of the message, including the persons related to that role. Since most of the integration process the roles (relations) based on their type, this issue has not been noticed before. This has been fixed, so inactive/ignored roles (relations) are no longer part of the messages

‍

API service name for schedule-preferences is changed- CUR-1735

Due to the nature and extend of the usage of the users weekly pattern and other availabilities, the end-point schedule-preferences is renamed to availability-preferences (as part of the earlier mentioned improvement on separating the weekly availability pattern and incidental (un)availabilities.

‍

Security

An integral part of our develop and build processes is automatic scanning for known security vulnerabilities. The vulnerabilities will be fixed based on their impact, which means that in some cases an immediate hot-fix will be applied, and in other cases the vulnerability will be fixed in the current or next Sprint (release). The security section provides an overview of the vulnerabilities mitigated.

This release no vulnerabilities were reported, so a quiet sprint on that area

For more information on reported vulnerabilities, see the central database of vulnerabilities.

‍

HTML injection in comment reply field - CUR-1841 (Hotfix)

As part of our regular security audit, performed by an external specialised party, only a small issue has been found.

There was a possibility to inject HTML in a comment reply field when asking a user for advise, which is considered a vulnerability for content spoofing. We directly solved this issue, even though it was classified as minor.

‍

‍For more guidance on configuration and setup of Curriculum, use the relevant Curriculum manual.