Changes Report

Last modified by Vincent Massol on 2017/05/31

Visual Diff

You can now view how a page has changed visually from one version to another. The changes are computed on the rendered page content. You can click on the ellipsis to expand the context (to see the parts that have not changed). See the documentation for more information.

Multiple login attacks protection

A new Authentication Security Module has been integrated to prevent attacks on user accounts. This module allows to perform different strategies in case of repeated authentication failures.
For now two strategies are provided:
- to ask user to answer a CAPTCHA challenge (default strategy)
- to disable user account (in which case an administrator would have to activate it back)

The strategy is triggered whenever a user repeatedly failed to login in a given time window. The number of failed attempts and the duration of the time window are configurable in Administration > Authentication. Default values are 3 failed attempts in 5 minutes would trigger a CAPTCHA challenge for users.

Enable/Disable user account

it is now possible to disable a user account and to enable it back from his/her profile. A disabled user is able to login but cannot perform any action once logged-in.

Color Picker

The color picker used by the Flamingo Theme Application can now be re-used thanks to a new Velocity macro:

#set ($colorPickerParams = {
'name': 'color',
'value': '#85d4a9'
})
#colorPicker($colorPickerParams)

Checkout the Color Picker documentation for more information.

Improved Date Picker

The Date picker used to edit date properties has been improved. The new version is better integrated with the Bootstrap-based Flamingo skin and its UI adapts better to the provided date format configuration (e.g. by hiding UI elements that don't make sense). Checkout the Date Time Picker documentation for more information.

Date Time Picker

A new Velocity macro is available to create a date & time picker:

#set ($dateTimePickerParams = {
'name': 'date',
'data-format': 'dd/MM/yyyy HH:mm:ss'
})
#dateTimePicker($dateTimePickerParams)

Checkout the Date Time Picker documentation for more information.

Attachment Picker Widget

A new widget is available to help users select or upload attachments. Here's how you can use it:

{{velocity}}
{{html clean="false"}}
#set ($attachmentPickerParams = {
  'name': 'attachment',
  'value': '[email protected]',
  'data-upload-allowed': $services.security.authorization.hasAccess('edit'),
  'data-accept': 'image/,.mp4,.pdf',
  'multiple': 'multiple',
  'placeholder': 'Select attachment'
})
#attachmentPicker($attachmentPickerParams)
{{/html}}
{{/velocity}}

Checkout the Suggest Widget documentation for more information.

Merge on save

Continuing the work started on XWiki 11.1 to warn users when performing conflicting edits on the same page, we finally implemented a merge on save mechanism.

This means that in case of conflict edition (two users saving the same document at the same time), instead of always displaying a window to the user asking what to do, we first try to perform a merge of both document. If the changes concerned two very different parts of the document (two different sections, an edit performed on an object against an edit of the content, etc) the user won't notice that a merge has been performed.

Now, some conflicts might still occur if both users tried to edit the same part of the document. In that case, a new window is displayed asking the user what to do.
The user will now have three different choices:

Merge the document and fix conflict with his/her own changes: this means that as much as possible, we try to merge the changes. Only for the part that are conflicting, we only kept the changes from the last user. This is the recommended choice.
Force save the document: this means no merge at all will be performed. Only the changes performed by the last user will be saved. It basically discards the changes made by the previous user.
Reload the editor: this choice might be taken very carefully as it might cause a loss of data. It means that the current changes performed on the document will be completely lost and the editor will be reloaded with the last changes.

The conflict window now display the changes that will be performed for each choices. Be careful with the parts in red since it shows what part of the document will be lost during the operation. Note that it's also possible to select two specific versions of the document to perform a comparison before making a choice.

Custom conflict resolution in Extension Manager

We improved the Extension Manager conflict resolution to allow making specific choices for fixing some conflicts.

The conflicts that can be fixed with custom choices are displayed directly in the changes display by an orange bar. A blue area is reserved for the conflict resolution.
This blue area displays some text, and a select with several choices. The displayed text in the blue area is what will be used for fixing the conflict, you can see the text changing for each choice.

The conflict choices are the following:

current version (default): the conflict is fixed by getting the current changes
before your changes: the conflict is fixed by getting what was there before you starting to edit. Both latest version saved and your current changes would be lost for this conflict,
latest version saved: the change made on the latest version saved (the one you are conflicting with) are taken to fix the conflict
custom version: with this option, a text area is displayed to allow you to enter any new value to fix the conflict. Multiple lines can be entered.

If the choice text displays something in red, it is because no content is actually available for the chosen version to fix the conflict: usually it means the content in conflict will be removed with the choice made.

Independent Conflict Resolution

We introduced few releases ago a mechanism to detect and handle conflict edition (i.e. when two users save changes on the same page) during page edition.
Starting with this release, the conflict edition window allows one more choice: to fix each conflict individually.
This new choice is marked as advanced since it's not something easy to handle.

When choosing the new option, the UI is updated to display the changes between the latest version saved and the current version the user is trying to save. At each place a conflict occurred, the changes display an orange bar and a blue area is reserved for the conflict resolution.
This blue area displays some text, and a select with several choices. The displayed text in the blue area is what will be used for fixing the conflict, you can see the text changing for each choice.

The conflict choices are the following:

current version (default): the conflict is fixed by getting the current changes
before your changes: the conflict is fixed by getting what was there before you starting to edit. Both latest version saved and your current changes would be lost for this conflict,
latest version saved: the change made on the latest version saved (the one you are conflicting with) are taken to fix the conflict
custom version: with this option, a text area is displayed to allow you to enter any new value to fix the conflict. Multiple lines can be entered.

Replace Author when Deleting Users

Starting with this version deleting a user from the Administration requires 2 steps:

You have to disable the user first. Disabling the user prevents them from logging in and it doesn't break the scripts that they last modified. This is the recommended way to "remove" an user account from your organization.
If you really need to completely remove the user account then you can delete it. However, you should choose another user account with similar access rights to replace the delete one as page author of existing pages, otherwise, any scripts inside those existing pages will lose their rights and stop working.

Password Security Policy

It is now possible to chose some password policy rules that are applied when passwords are chosen (for registration) or when they are changed (by users or administrators).
The password policy rules are available in the Administration > Users & Rights > Registration.

You might find more details on the User Management.

Rename AWM Application

Starting with this version you can rename/move an application created with App Within Minutes by renaming/moving its home page. Be aware though that the application code is going to be regenerated if you rename the application, which means that code customizations will be overwritten as a consequence.

Checkout the App Within Minutes documentation for more information.

Partial Wiki XAR Export

You can now do a partial export of your wiki from the wiki administration by selecting the pages you wish to export from a tree.

Orphaned Dependencies Cleanup

A new step has been added to the Distribution Wizard right after the Flavor step. Its job is to make sure no orphaned dependency (extension installed as dependency but which don't have any backward dependency left) is left in the installed extensions. The step suggests to uninstall the invalid ones by default and make the others top level extensions (i.e. taken into account by the upgrade job). Among other things, it fixes long standing problems caused by deprecated extensions no longer included in the Standard Flavor, like the Watchlist UI.

Improved view of XClasses in Object editor

It is easier now to find the XWiki Class of interest by using the new suggest box that replaces the old select element. The old way of searching is still available so the user still can explore the full list of available classes.

Exclude top level application pages from the Navigation Panel

The top level application pages are now excluded by default from the Navigation Panel. This allows the Navigation Panel to focus more on your own content pages.

Warning conflict when editing a page

The edition of document is now protected against edition conflicts. It means that a user might now obtain a warning conflict window, in case another user saved the document in the meantime. This window prevents from erasing the changes made by the first user having saved.

Page Picker for Macro Parameters

Macro parameters that expect a page reference can now use the Page Picker to help the users select the page without having to know the reference syntax. You can see this in action when inserting the Include, Display, Table of Contents, Dashboard and Context macros from the WYSIWYG editor.

Attachment Picker for Macro Parameters

Macro parameters that expect an attachment reference can now use the Attachment Picker to help the users select or upload a file without having to know the reference syntax. You can see this in action when inserting the Office Macro from the WYSIWYG editor.

Inline editing for wiki macros

When developing a wiki macro, you can now insert the content of that macro by using a dedicated macro:

This new way of inserting the wiki macro content makes it by default editable directly in the WYSIWYG editor. If you want to test it, you can, for example, create the following wiki macro and try it:

{{velocity}}
{{box}}
{{wikimacrocontent/}}
{{/box}}

The content's size is $xcontext.macro.content.length() characters.
{{/velocity}}

Allow to force save in case of editing conflict

Starting with XWiki 11.2RC1 we introduced a mechanism for detecting edit conflict during the edition of a page.

We introduced in this release a new window in case of editing conflict. You now have two main choices:

force save the page: in that case you will override saved while you were editing the page; they are not really lost though since they might be retrieved in the previous version of the page.
reload the editor: in that case your changes will be lost and the editor will be reloaded with the last version saved.

We display the diff between the version you're trying to save and the last version that has been saved, so you can copy some changes made and reapply them if you like. Note that you can also simply cancel the save and go back to the editor to make changes before trying again to save. You can click on the arrow of each action to have a quick description of what it actually means.

Live Table Actions use the Icon Theme

The default Actions column from the Live Table is now using the configured Icon Theme for the action icons. See the Live Table macro documentation for more information.

Easily edit the app title

The title of an application created with App Within Minutes can now be edited from the last step of the application wizard. The application title is displayed on the application home page, on the applications panel and live table, on the breadcrumb, etc. See the App Within Minutes documentation for more information.

User Directory Configuration Live Preview

The User Directory configuration has a new setting to show/hide disabled users. Disabled users are hidden by default. The users live table is now updated automatically when the configuration is modified.

Macro Parameter Groups

The WYSIWYG editor is now able to group macro parameters as indicated in the macro descriptor. Currently only the Include Macro has grouped parameters. There can be two types of macro parameter groups:

groups of related parameters (e.g. reference and type in the case of the Include Macro)
groups of alternative parameters (only one parameter in the group should be set); this type of groups are displayed using tabs (e.g. "Resource" and "Page" in the case of the Include Macro)

See the CKEditor Integration documentation for more information.

Macro Parameter Pickers

The WYSIWYG editor is now able to load pickers for macro parameters based on their type. The binding between macro parameter types and the associated pickers is done on the server side (check the templates/html_displayer folder inside the XWiki WAR). For instance, if you have a wiki-based rendering macro, you can set the type of a macro parameter to "org.xwiki.model.reference.DocumentReference" in order to get a document picker when inserting or editing your macro from the WYSIWYG editor. Check the CKEditor Integration documentation for more information.

Inline editing of title for Box Macro

The title of the Box macro is now editable directly in the WYSIWYG editor, as it already was for its content.

Page Count for Data Types

The Data Types live table now shows the number of pages that use each data type.

Default Class Sheet Shows Object Count

The default class sheet now shows the number of objects (of the current type) found on each page.

Simplified Page Rename

The Rename Page dialog has been simplified:

the "Preserve Children" option is visible only if the page to rename has child pages.
the "Update Links" option is now visible only to advanced users. For simple users the back-links are always updated.

Allow to disable authentication security mechanism

In order to avoid any problem in the future with the Authentication Security that we recently introduced, we created a dedicated UI to easily disable/enable this mechanism. Note that disabling the authentication security will also clear the information about login failures, which might unlock users in case of problems.

Improved Date Filter

The look & feel of the live table date filter has been improved. You can check it on the Page Index.

Warning when Deleting Users with Script Right

Wiki administrators are now warned when they are about to delete users that have Script or Programming Rights, if there are pages that were last modified by these users. Check out the Administration Application documentation for more information.

Wikimacro Content Type

It is now possible to specify the content type of a wikimacro when creating it. A new field Macro Content Type is available for this purpose.
Before 11.5RC1 release, a field Macro Content Type was existing and have been renamed Macro content availability in this release.

The Macro content type field will be used in the future to propose the right editor depending on the content type. It currently proposes two values: WIKI to specify that the content should be edited with an editor for wiki content, or UNKNOWN to specify it should be edited with a plain text editor.
Note that it also accepts any kind of custom Java values, such as java.util.List<java.lang.String>.

If left blank, the default value would be UNKWOWN. This is also the value for macro created before 11.5RC1.

Additional information when a delete operation fails

When an error happens while deleting a page, detailed information are displayed to help understand the problem.

Display nice error message in case of path too long

In a few cases, an error might happen when creating a page, if its full path is too long. The full path is defined by the title of the page and the title of all parent pages. We now provide an UI for this error to explain what happens: the fix is generally to reduce the size of the title of the page, or to put it under another hierarchy.

Line numbers in code macro

A new parameter has been introduced to enable line number display in the code macro. See Code Macro for more details.

Allow to create Static List class with value suggestion

It is now possible to create a Static List class that will display a suggest picker for the values that are entered.
Note that the displayer is only available when using the input display type.

Create Template Provider from the Class UI

Until now, the place to create a template provider was Administration->Content->Page Templates and most of the time the need was to work together with a template created for a class. It is possible now to create the template provider from the class UI, just as the sheet and template are created. The only condition is to first create the template, in order to use it (otherwise it doesn't make sense to have a template provider for the class).

New tip to autocomplete links

New tip about typing the [ character when editing in WYSIWYG to get autocompletion for links.

ckeditor-macro-select

Macro Category Count

When inserting a macro through the WYSIWYG Editor the macro selector now shows the number of macros available in each category.

Display page reference in the information viewer

You can now retrieve quickly the page reference of any page by going to the Information tab. The reference is by default displayed to the local wiki, but you can switch it to get a global reference for all wiki in a farm. The right button allow you to quickly copy it to the clipboard.

Improved Database List Field

The Database List field that you can use when creating an application with AppWithinMinutes has been improved. It is now displayed by default using an input suggest picker that adapts to single and multiple selection. You can still change the display type if you want. If you choose the "Select" display type then you can also control its size.

Tags: