v0.11.1

Bug fixes

• #516 Add Page: Custom entity page triggers unresolvable validation error

0.11.0

Features

• #486 .NET6 Migration

Bug fixes

• #515 Admin Panel: Developer exception page no longer shows
• #508 Error Logging Plugin: Limit overflow on long fields

Docs

• #506 Document how to add TinyMCE Plugins

0.10.3

Bug fixes

• #513 REDIRECT TO SIGN-IN flag not saving
• #510 Admin Role appears able to edit Super Administrator

0.10.2

Bug fixes

• #507 Internal Server Error when attempting Delete

0.10.1

Features

• #505 ApiResponseHelper: Ability to execute a command and return a custom action result

Bug fixes

• #504 WebUserSessionService: GetUserIdByUserAreaCodeAsync should return null outside of a web request
• #503 ApiResponseHelper: RunWithResultAsync returns 404 instead of 400 on error

0.10.0

Features

Pages and Directories

• #187 Pages / Directories: Restrict by User Area
• #200 Pages / Directories: Increase maximum url slug length
• #464 Page Directories: "Name" property is superfluous
• #465 Pages / Directories: Naming of FullUrl inconsistent
• #288 Page & Custom Entity: Add update date
• #463 Page Directories: extract ChangePageUrlCommand from UpdatePageDirectoryCommand
• #462 Improve Page Message Publishing: Including changed urls and propagate directory changes
• #461 Page Directories: Publish Command Messages

User Areas

• #467 Users: Name should not be required
• #496 Users: Add "DisplayName"
• #495 UserMicroSummary: Remove FirstName, LastName, Email fields
• #490 Users: Deactivate
• #485 Users: Confirm Account
• #479 Self-service Password Reset: Rename to "Account Recovery" and audit/tidy
• #470 User Area Admin: Misc improvements

Configuration

• #493 AuthenticationSettings: Move to UserSettings.Authentication
• #477 UserArea: Make unique validation of emails optional
• #476 User Areas: Configurable Email and Username validation
• #468 Email Uniqueness: Support IDNs and improve uniqueness handling
• #499 Roles: Improve initialization

API Improvements

• #82 UserRepository, LoginService and missing queries/command
• #473 IAdvancedContentRepositoryUserRepository: Move "Current" out to own child repository
• #489 Rework the auth controller helpers, replacing with a solution based on the content repository
• #488 User Auth: Replace ILoginService with Queries and Commands
• #482 UserLoginInfoAuthenticationResult: Replace Error enum with a ValidationError with standardized error codes
• #487 Change uses of the term "Login" and "Logout" to "SignIn" and "SignOut"
• #281 Add message/event publishing for Users
• #474 Remove UserAccountDetails projection

Security

• #494 Users: Soft-deletes should anonymize data
• #492 UserLoginLog: Rename to UserAthentication and move rate limit settings to user settings
• #491 Users: Add duration padding to the execution of commands and queries succeptible to time-based enumeration attacks
• #480 User Admin: Force password reset
• #478 Users: Security stamp / session invalidation
• #469 User Areas: Configurable password policies
• #454 Migrate to ASP.NET Core Identity IPasswordHasher

Mail Templates

• #215 Allow admin mail templates to be easily overridden

Misc

• #405 Show friendly enumeration item names
• #415 Improved handling of AuthenticationFailedException in ApiResponseHelper.RunCommandAsync
• #497 ContentRepository: Add overloads to patch update commands
• #483 IDomainRepository.WithExecutionContext: Support passing in IUserContext
• #472 IUploadedFile: Improve the public API and document
• #484 Domain.Data: Specifiy DateTime properties as DateTimeKind.Utc
• #481 Remove obsolete APIs (pre v0.10)

Bugs

• #409 Improved error handling for serialization errors
• #458 Page Template has two Regions but Admin says it has none

Docs

• #162 Provide better documentation for authentication
• #190 User Areas: Samples and better documentation of creating user management screens
• #200 Add guide for setting up email via plugins
• #423 Configuring data protection system
• #419 Nested Transactions

Breaking changes

Term Changes (system wide)

• Term "PasswordReset" (self-service forgot-password style) changed to "AccountRecovery" to avoid confusion with passwords being reset by an administration user.
• Term "Login/Logged In" changed to "Sign in/signed in"

Models

• CustomEntityDetails.FullPath is now CustomEntityDetails.FullUrlPath
• IPageRoute.FullPath is now IPageRoute.FullUrlPath
• PageRoute.FullPath is now PageRoute.FullUrlPath
• CustomEntityPage.FullPath is now CustomEntityPage.FullUrlPath
• PageSummary.FullPath is now PageSummary.FullUrlPath
• CurrentUserViewHelperContext.IsLoggedInis now CurrentUserViewHelperContext.IsSignedIn

Queries

• GetUserLoginInfoIfAuthenticatedQuery now returns UserLoginInfoAuthenticationResult instead of UserLoginInfo directly and now includes checks for max login attempt validation.
• Role queries such as GetRoleByIdQuery now return null if an id is specified but no role is found. The original behavior returned the anonymous role, which was unintentional; specifying null as the Id however still returns the anonymous role as intended.
• GetEntityDependencySummaryByRelatedEntity is now GetEntityDependencySummaryByRelatedEntityId (naming consistency)
• IsEmailUniqueQuery is now IsUserEmailAddressUniqueQuery
• GetUserLoginInfoIfAuthenticatedQuery is now AuthenticateUserCredentialsQuery
• GetUpdateCommandQuery is now GetPatchableCommandQuery
• GetUpdateCommandByIdQuery is now GetPatchableCommandByIdQuery

Commands

• AddCofoundryUserCommand has been removed and replaced with the more generic AddUserWithTemporaryPassword.
• Url updating parts of UpdatePageDirectoryCommand replaced with dedicated UpdatePageUrlCommand
• CompleteUserPasswordResetCommand is now CompleteUserPasswordResetRequestCommand
• InitiatePasswordResetRequestCommand is now InitiateUserPasswordResetRequestCommand
• CompleteUserAccountRecoveryByEmailCommand.SendNotification has been removed and replaced with a config setting Cofoundry:Users:Password:SendNotificationOnUpdate
• UpdateUnauthenticatedUserPasswordCommand is now UpdateUserPasswordByCredentialsCommand
• UpdateCurrentUserAccountCommand is now UpdateCurrentUserCommand

Content Repository

• IAdvancedContentreporsitory.Users().AddUserCommandAsync is now IAdvancedContentreporsitory.Users().AddUserWithTemporaryPasswordAsync
• ContentRepository.Users().AddUserWithTemporaryPasswordAsync() is now ContentRepository.Users().AddWithTemporaryPasswordAsync()
• ContentRepository.Users().UpdateUserAsync() is now ContentRepository.Users().UpdateAsync()
• ContentRepository.Users().DeleteUserAsync() is now ContentRepository.Users().DeleteAsync()
• IAdvancedRepository.Users().IsEmailUniqueAsync is now IAdvancedRepository.Users().IsEmailAddressUniqueAsync
• IContentRepository.CustomEntities().GetByDefinitionCode(string).AsRenderSummary() is now AsRenderSummaries()

Auth

• IAuthConfiguration has been updated to make it easier to override specific parts of the configuration. See the class for more details.
• CofoundryAuthenticationConstants.FormatAuthenticationScheme is now AuthenticationSchemes.UserArea
• IUserAreaDefinition.IsDefaultAuthSchema is now IUserAreaDefinition.IsDefaultAuthScheme (typo)
• AuthenticationFailedException has been removed as it is unused. If an action is not permitted use NotPermittedException instead.

Misc

• IUserAreaDefinitionRepository.GetByCode renamed IUserAreaDefinitionRepository.GetRequiredByCode to be consistent with other definition repositories
• Much of Cofoundry.Web.Identity has changed, but should still be familiar. If you're using these do check ...

0.9.2

Bug Fixes

• #458 Comments in Page Template files break region detection

0.9.1

Bug Fixes

• #401 VisualEditorActionResult.ExecuteResultAsync fails with "Synchronous operations are disallowed"

0.9.0

Features

• #325 Support multiple nested data model type options (NestedDataModelMultiTypeCollectionAttribute)
• #181 Dynamic data model: Default values
• #397 IApiResponseHelper should use IJsonSerializerSettingsFactory
• #338 Annotate a field as non editable in a Custom Entity
• #311 Admin panel: Add field/picker for date and time
• #312 Admin panel: Add field for decimal/double/float
• #388 ImageCollection does not support tag filtering or preview dimensions
• #392
  ImageUpload: Resize images client side if they exceed limits
• #377 TinyMCE: source editor monospaced font, full screen display bug
• #381 Admin: Panel should fill width if there are no actions
• #390 InMemoryObjectCache: Allow configuraiton of cache lifetimes
• #387 ContentRepository: Missing GetCustomEntityRenderSummariesByUrlSlugQuery

Bug fixes

• #379 Admin: Search Filter prevents links in the header from being clicked.
• #389 PageTemplateRegistrationException: Duplicate template region
• #373 Visual Editor does not load when Application Insights is configured
• #364 Visual Editor does not work when no layout file is specified
• #330 Way to disable Html Sanitizer on RawHtmlDataModel Region/Blocks
• #320 Option List using IListOptionApiSource: Issues with API location and formatting
• #380 Admin: Text in tables is not selectable
• #342 Data Annotations in Nested Data Models not validating
• #344 Data model annotations for image size are ignored when uploading image during a page edit

Breaking changes

• IApiController methods now returns JsonResult instead of IActionResult
• IApiController methods no longer require a Controller parameter
• The UI editor associated with the [Date] annotation now captures UTC time instead of local time. To capture local time use the [DateLocal] data annotation instead.
• Razor comments blocks are now removed when parsing PageTemplate files

Other notable changes

• The front-end build for the admin panel has been rewritten to use Gulp, it's now less verbose and easier to use in plugins and custom modules, although it is still a non-documented feature and liable to change in an upcoming refresh of the admin panel framework.
• Column titles can now be customized in the display table rendered for a [CustomEntityMultiTypeCollection] data annotation.

See the announcement blog post for full details.

0.8.0

Features

• #261 Add simple data api for basic all-in-one data access
• #382 TransactionScopeManager: change default isolation from Serializable to ReadCommitted

Bug fixes

• #383 FError loading page template detail page