Communications
- Feature
As a course participant i will receive the calendar event in the confirmation e-mail of my registration to a course.
This is a change, today the calendar invite is an attachment to the invitation e-mail. This has now changed so that the calendar invite instead are sent as an attachment to the confirmation e-mail.
- Feature
Upon request, you should as a course admin be able to assign tags for courses based on which sub-division the course is relevant for.
This is so that a third-party application can use these tags in their API to connect the right sub-division to their respective calendars.
We do not intend to use this way tagging courses to place certain courses into course categories, but rather to showcase for which sub-divisions these courses are relevant for.
- Feature
- Feature
Recently we have had a few hacking attempts on our platform. Quick overview of the hacking attempts: hacker mainly tries to exploit publicly available endpoints by querying them with a moderate number of requests. Typically, from a couple of minutes to an hour.
We have created an action to mitigate these attempts. Here is the action plan:
- Change the request signature algorithm
- Explore the possibility to obfuscate the request signature algorithm
- Review hacking attempts logs to assess the impact
- Implement a rate limiter (per IP per endpoint per API key) to prevent brute force attacks
- Implement a WAF (Web Application Firewall) to filter out malicious requests – ModSecurity for nginx is a good choice
- Revise a Content Security Policy (CSP) to prevent XSS attacks
- Revise a public endpoints code to prevent SQL injection
- Make the input validation for elastic search queries more strict to prevent garbage input
- Add ModSecurity metrics to the monitoring system and setup alerts
- Explore the possibility to implement a honeypot to distract hackers
- Discuss the possibility to block / grey-list IPs that show suspicious activity
- Feature
We added a checkbox that allows a person to disable receiving activity invitations and communication messages. Also, we added a couple of filters to the Person list page, so the admin will be able to find the persons who didn’t accept all the consents in the system and who checked the “Prevent messages” checkbox
- Feature
Before the change, Super Admins and course leaders were able to control who should see the course, and who should be invited to the course (so-called “Target audience”). People who’ve been added to the course target audience were able to get course invitations if Admins/leaders decided to send them out. Now we’re adding an ability to differentiate people between who should be able to register to the course and who should be invited there. It gives your leaders an opportunity to send out course invitations to a smaller group.
The feature is added on My Page only. System Course Super Admins, Course Super Admins, and Course Admins are able to see the new block “Who should be invited to the course” inside the course “Target audience” step/tab. The block contains the following options:
- “Course level” (if it was chosen during the course creation process)
- “Same audience as in the target audience”
- “Set up the audience” – the logic of this block is exactly the same as for the “Set up the audience” block of “Who should be able to register” part of the course setup
Also, a new counter to see how many people are going to receive the invitations is added below the setup.
The ACL is the following:
- System Course Super Admins, Course Super Admins, and Course Admins are able to define the audience that should be invited to the course. Additionally, Course Admins get the ability to send out course invitations.
- Course Editors and Super Admins from the Back-Office are able to create courses where the invitation audience is always the same as the target audience only.
- Course Contributors are not able to use the new functionality.
- Feature
In order to improve user experience, we’re changing the way how the system works with the bulk actions for sending out reminders from the Back-Office. Now you don’t have to wait until the real sending is over, since it can take some time. Instead, the system creates a job to send out all reminders and adds them to the sending queue. If the adding is successful, the system will show a success message to the Back-Office Admin who performed the sending.
- Feature
Previously, it was only possible to use URLs to images in text editors in the back-office. A very new opportunity has been added for course description and system email signature in back-office – administrators can upload an image file and use it in text editors right away.
How to use: On back-office course description or settings “Signature” page, open “Insert an image” modal window, find a new button “Browse server”, select a file from your PC and upload it to the server. Then you can use uploaded image and it will be inserted directly to the text.
- Feature
Course and Person leaders who are able to send out emails, now are getting the ability to send out an email copy to themselfs. The feature is available for the following functionality:
- Sending out invitation emails for a course (My Page for Course leaders)
- Sending out a manual email to a chosen participants in a list of participants (My Page for Course leaders)
- Sending out a manual email to a chosen persons in a list of persons (My Page for Person leaders)
How to use:
- Go to My Page as e.g, a course leader
- Open a course card, and navigate to the list of participants
- Choose few people from the list, and click “Send email” button at the top
- In a lightbox, define the email body text, and click a new checkbox “Send a copy to my email”
- Feature
A new feature is released for course leaders who are able to manage course participants details. Now it becomes possible to set up a separate admin discount for a participant. The discount is applicable for all course products the participants will get via the course invoice.
How to use:
- Go to My Page as a course leader with the rights no lower than Course Editor
- Open a course card, and navigate to the list of participants
- Open details of one participant
- Navigate to the “Admin discount” block
- You can turn on the admin discount, and apply a value of discount in percents (should be more then 0, and less or equal 100)
- In case you aplly 100% admin discount, the system will not generate the course invoice for this participant
- Feature
We added a calendar file to the “Course invitation“ email. This calendar file allows the email receiver to add the course event to his/her personal calendar (like Google Calendar or Outlook). It can help people quickly remember when the course starts and not miss it.
- Feature
Now, you can format the text in the “Send E-mail” pop-ups. You can find them on the person list or course participants list. It is possible to make the text bold, italic, underlined or crossed. Also, you can add hyperlinks and bulleted or numbered lists.
- Feature
Starting from this release, course leaders will be able to edit not just the email body, but also the subject line of the course invitation email.
- Course Super Admin, Course Admin, Course Editor will be able to see and edit the email subject, and use placeholders for participant name and surname in order to make the invitation more customized. New field will appear above the existing invitation email body editor.
- Course Contributor will be able to read-only the subject of the course invitation.
- Bug fix
Fixed sending course invitation e-mails in BackOffice. Admin was not able to send or was sending the wrong amount of invitations in an already created course for the selected user group.
- Bug fix
When the Administrator has chosen the option in BackOffice to resign members and inform users about deactivating members via e-mail, the members were not resigned and receive no e-mails. The issue related to the deactivating members was fixed.
- Bug fix
The system should send notifications with reminders to participants with approved status before the offline activity started, but the emails were not received.
We looked thoroughly through this case and found out that the mailing failed due to the inappropriate template that was used for the reminders.
We fixed the template and now the system sends the reminders to all approved participants for the offline courses that are published.
- Bug fix
We have faced the case that SMS communications were not delivered to the members’ phone numbers.
As we managed to find out it was an infrastructure issue.
We fixed it and as for now, everything works properly and SMS communications are being received.
- Bug fix
In some cases, the emails based on the templates were displayed incorrectly in Outlook.
- Bug fix
The system doesn’t allow to send reminders for party paid invoices via Multikanal. The issue is fixed in this release.
- Bug fix
In some cases, the emails based on the templates have been sent to the overall list of participants, ignoring the filters applied.
- Bug fix
The sender information on the two-factor authentication was changed from ‘Organization name’ to ‘Medlemssyst’.
We have implemented the necessary changes and this case was fixed.
So, currently, the SMS sender corresponds to the Organization name.
- Bug fix
If Administrator in BackOffice add placeholders to the e-mail it was added quotes/brackets to the text body of the e-mail. The issue has been caused by the different approaches used for coding the symbols and fixed in the this release.
- Bug fix
While sending e-mails both from BackOffice and MyPage in the Choo system, the attachment was not sent to the message. The issue has been caused by a non-obvious error in code structure that appeared while developing the feature “File uploader on the registration wizard” and has been fixed in this release.
- Bug fix
Local leader was able to send the email notification using the Min Side extra functions up to 6 people only.
- Bug fix
Previously CiS system didn’t allow to send more than 100 reminders for Multikanal delivery. This limitation was caused by the peculiarities of processing requests that the system sent to the Multikanal. This approach has been updated and uploaded to a live server.
- Bug fix
Changes in the project setup have to lead to the turning off of e-mail functionality. The project settings were reviewed and the team has developed an updated approach. The fix was uploaded to the live server.
- Bug fix
Fixed sending SMS when a user has chosen resetting the password by mobile number.