What's New With 3.7.0
This release has a major focus on security, authentication, containers, testing and automation. Below you can find the major changes and updates for this release and our full release notes.
Container Updates
Our ContentBox docker image has been updated to support this release and we have added two new areas of improvements for containerization:
Portable Datasource
You can now create a config/runtime.properties.cfm
file with your database information and ContentBox will leverage it dynamically. No more registering of datasources on the CFML engines if you do not need to. This can allow you to leverage dynamic datasources for multiple environments and container deployments.
Author Sessions Cache & Distribution
In a world now of containers and distributed computing, we have added the ability for logged in sessions to be tracked by the ColdBox Cache Storages and CacheBox. This means that you can leverage in-memory sessions or distribute to any Cache provider CacheBox can talk to and distribute your sessions easily. It will also allow you to use the geek settings to monitor and manage the session objects of your users. You can even clear them all, expire them or choose a-la-carte.
The new cache provider region is called
sessions
and you can find its definition in theconfig/CacheBox.cfc
file.
Make sure that your config.Coldbox.cfc
file contains in configure
function
Security Updates
Two Factor Authentication
This is one of our biggest features for ContentBox is our two factor authentication framework. That's right, we built a two factor module framework that will allow you to build or use any two factor or multi-factor authentication mechanism. We have included one in the core which is Email verification.
Please refer to the developing two factor authentication providers in order to get an in-depth look of how to build your own two factor authentication provider modules.
Two Factor Events
The following are the new interception points for two factor authentication
cbadmin_onTwoFactorSettingsPanel
- Shows on the two factor global settings panelcbadmin_onAuthorTwoFactorOptions
- Shows on the options for two factor auth in the author editorcbadmin_onAuthorTwoFactorSaveOptions
- Fires when the options are being savedcbadmin_beforeTwoFactorForm
- Shows at the beginning of two factor form challengecbadmin_afterTwoFactorForm
- Shows after the two factor form challengecbadmin_onInvalidTwoFactor
- Fires when an invalid challenge has been madecbadmin_onValidTwoFactor
- Fires when a valid challeng has been made
Global Settings
An admin can force two factor authentication for all users in the system and even provided a trusted device registry so ContentBox can track their devices and challenge only after a few days.
User Settings
The user can also setup two factor authentication for their account if so desired.
Login Options
An administrator now can control login options and enhance the logging experience of their users.
Permission Groups
We have introduced the ability to create and organize permissions not only in roles but in our new permission groups. This will allow you to create more complex and robust permission schemas and be able to assign multiple permission groups to users. The entire permissions tab for authors has been revamped to allow you better visualization of rules and permissions.
Improved Rate Limiting
The rate limiting module has been revamped to help with Denial of Service attacks or even just pesky scrapers. You can now configure more options for fine-tuning including relocation URLs, custom messages and improved logging.
Password Enhancements
There have been many updates on both the UI and the security of user passwords.
Password Meter
We have introduced the concept of a visual password meter, which can guide users when changing, resetting or setting passwords:
Password Length Options
You can now also as an admin decide on the minimum length of user passwords.
Password Reset Options
As an administrator, you can now reset user passwords a-la-carte or for every single user in the system. This will issue a notification to the user with instructions on resetting their system password. User password reset workflow has now been improved with our new password reset screens instead of bulky double email validation mechanisms.
New Interception Events
Here are the new interception events you can listen on for password reset workflows:
cbadmin_onGlobalPasswordReset
cbadmin_onPasswordReset
cbadmin_onInvalidPasswordReset
Author Updates
New Author Wizard
We have introduced a new approach to creating authors in ContentBox. You will now be presented with the new author wizard which will allow you to pre-fill author details in a secure manner. A notification will be sent to the new author's email address with a password setup token so they can secure their account.
Improved Author Listings
The author listings have been improved with tons of new filters, reporting and even sorting options. Go admin like a mad man!
Improved Author Snapshot
The Author Profile Snapshot has been updated to include a better UI, better visualization and a new action toolbar for direct Author actions and Author exporting.
Content Updates
Markdown Support++
We introduced markdown support for all content in many versions before. This update includes a brand new markdown engine with table support, code syntax highlighting and much more. We also made several settings and author specific details available as markdown content. In other words, viva markdown!
Markdown Editors
We have also updated our markdown UI editor and it can be used everywhere in the admin were markdown is allowed.
Publishing Workflows
We have added a new two-step workflow for publishing any piece of content. This will allow you better visibility when working with drafts or live content. The new flow will also assist users that do not have any publishing capabilities.
Content Hierarchy Navigation History
We have improved the navigation of the content store and the sitemap by taping into the browser history API and providing history support for hierarchy navigation. Never again loose your place in the hierarchy.
Full Release Notes
Bugs
New Features
Improvements
Last updated
Was this helpful?