Improvements

The issues mentioned under the section improvements are considered as new functionality, user experience improvements and bug fixes.

‍

Added new placeholder for student feedback - EV-265

A new placeholder is made available for use in notifications to allow sending the lecturer(s) feedback to students via a notification. The used templated field name is [feedback_to_students].

Configuration

A  notification template can be configured for sending the feedback to the students.

‍

Added a condensed person report  - EV-256

The condensed person report is a new report accessible to all users. The report will provide information on the staff members of a faculty/department and their evaluation results compared to the median and the deviation from the median.

Based on authorisation (access right) and assignment to a faculty a user can retrieve the report. Since the 'report' result is based on right and context the report will be available for all users and only after executing the report the result will be generated, either a message 'not allowed' or the 'report with data'.

The report is available in the top-bar menu.

A form appears that allows providing some additional details:

• Template: the reporting template to be used (see later for configuration of the template)
• Filter: the filter to be used for filtering the 'evaluated persons'
• Value: the filter value, e.g.
  • Filter = Faculty
  • Filter value = Science faculty
• Download: button to download the report result in Excel or CSV format

The result will be a list of staff members that meet the criteria AND the logged in user has rights to access the information for.

The result structure is:

• Person
  • Evaluations the person has been evaluated for
    • Evaluation result per question defined in the evaluation template

‍

Configuration steps‍

1 - Define a role with the report right

The role is optional, but is used to define what right has to be assigned to a role to enable viewing of the report results. The right can be added to a new role, but can also be added to an already existing role.

Open the Workflow menu option and select the Member types sub-menu.

• Select the Periodic evaluations and create a new role Report viewer
• Use the security button to assign the right Access to all reports

2 - Assign the authorisation

Open the Admin menu option and select the Relations sub-menu.
Select the Periodic evaluations and assign the created rol of Report viewer to the relevant persons.

3 - Define the report template‍

Open the Templates menu option and select the Reports sub-menu.
Select the Periodic evaluations and define/modify the template for the condensed lecturer report.

The next step is the configuration of the report template. This is just the standard configuration where the questions to be used in the report are defined.

The checkbox Only show your own evaluations has to be checked and defines the condensed report is grouped on a person level and thus the condensed lecturer report.

‍
4 - Test the report
Test if the report is shown correctly.
As an administrator you have access to the report and its data, so first test as 'yourself' to validate if data is shown in the expected format.
The next step is to login as one of the users you've given rights and test if the report shows data when executed as that user.

‍

Performance improvement storing generic response data at question level - EV-277

The above mentioned condensed person report is using 'generic' information on question responses, such as the mean and median result. This information was not available immediately, but has to be calculated based on the given responses (answers). To improve the performance of the personal report, the generic defined data is calculated and saved when closing the evaluation. The generic information is now available at question level and there is no need to traverse all answers and calculate at the spot when the personal condensed report is generated.

‍

API extended with service to retrieve 'my portal tasks' - EV-274

A new endpoint has been defined to retrieve users portal tasks, or in a more functional manner retrieve the outstanding and finished evaluations for a logged in student.

This service is intended as a generic service, and in its first iteration it will be used by the TimeEdit portal that is currently in development. The portal foundation is realised,. The next step is delivering student (and staff) related widgets, such as a widget providing insight in the students evaluations.

‍

Security

An integral part of our develop and build processes is automatic scanning for known security vulnerabilities. The vulnerabilities will be fixed based on their impact, which means that in some cases an immediate hot-fix will be applied, and in other cases the vulnerability will be fixed in the current or next Sprint (release). The security section provides an overview of the vulnerabilities mitigated.

This release mitigates the following vulnerabilities:

• CVE-2019-1010266 (moderate)
• CVE-2018-16487 (high)
• CVE-2020-28500 (5.3)
• CVE-2021-23337 (7.2)
• CVE-2018-3721 (6.5)
• CVE-2019-10744 (9.1)
• CVE-2024-56332 (5.3)
• CVE-2022-37620 (8.7)
• CVE-2024-52798 (moderate)
• CVE-2024-43799 (2.3)
• CVE-2024-43800 (2.3)
• CVE-2024-37890 (8.7)
• CVE-2024-49203 (8.8)
• CVE-2024-47535(6.8)
• CVE-2024-12801(2.4)

Most of the fixed CVE's are from using an older library that has been replaced. The CVE's were still marked active and not solved since they were marked as a 'false positive'. This means the library has functionality that is only vulnerable when this is used in the application. In this case the vulnerable functionality was not used in Evaluation.

For more information on reported vulnerabilities, see the central database of vulnerabilities.

‍

‍For more guidance on configuration and setup of Evaluation, use the relevant Evaluation manual.

‍