Release v3.1.12

Summary Description Resolution
Any doc can’t be added – Failed to load resource: the server responded with a status of 502 (proxy error) 1: Login as user that have permissions to cases/complaints
2: Click on “Case Files”
3: Open some case.
4: Click on Documents sub link
5: Add new correspondence document,
Expected result: correspondence document is successfully added.
Actual result: Failed to load resource: the server responded with a status of 502 (proxy error)
New object(case/complaint) can’t be created 1: Login as user that have permissions to open Cases
2: Click on New/Case
3: Insert all required data and click Save, Expected result: case is successfully created., Actual result: Case is not created.
FOIA – Exception on login in FOIA, [$injector:modulerr]$injector/modulerr?p0=ArkCase&p1=GOOGLE_ANALYTICS_ENABLED 1:Login to FOIA as Admin
2:Navigate to Admin/Security/Functional Access Control
3:Add groups to authorized
4: Logout
5: Login to FOIA as Admin or any other user,
Expected result: user successfully logins.
Actual result: blank page is displayed, exception in dev tools: [$injector:modulerr]$injector/modulerr?p0=ArkCase&p1=GOOGLE_ANALYTICS_ENABLED
Relocate the notes from bottom of Viewer content well to a tab like ArkCase Core Relocate the notes from bottom of Viewer content well to a tab like ArkCase Core Fixed
When user update request, there is no notification that request was succesfully updated 1: Login as user that have permissions to open Requests
2: Click on Requests module
3: Update some information of request and click Save button,
Expected result: Notification is displayed informing that action is successful
Actual result: the request is updated but there is no notification that was successfully updated.
DocRepo: add a navigator tab, tree view, content well Update the navigator tabs to include a Document Repository module (or whichever label is in the mockups). The document-repository-module privilege is necessary to see this module. Give this privilege to all application roles.

When the tab is selected, populate the tree view by the usual calls to Solr. The tree view nodes should be per AJ’s mockup. If there are any document repositories, open the first one in the list.

The content well should (obviously) conform to the mockups.

The document-repository-module privilege is needed to list document repositories and view the details for a specific document repository.

DocRepo: “New Document Repository” option in the “new-bar” Add a “Document Repository” option to the “new” menu. (Or use whichever label is in the mockups).

Add a privilege “document-repository-manager”. Map this privilege to the administrator role. This privilege is necessary to see the “Document Repository” option.

When “Document Repository” is clicked, open an Angular form, with the fields per the mockups… If AJ hasn’t mocked-up this page yet, ask him for a mockup, and take your best guess until then, based on the existing mockups. The form should include an assignee field (default value is the current user), and an owning group field (let the user choose from the groups the selected assignee belongs to). These two fields are required, and of course the document repository name is required.

Create a service (MVC controller, service, DAO) to save the DocumentRepository. document-repository-manager is necessary to call this service. The Save action on the Angular form would call this service. After saving a new document repository, it should have an AcmContainer and a root AcmFolder. In Alfresco, the folder would be under the “Document Repositories” top-level folder, with the same name as the repository.

In the data access control rules, grant read to all participant types, plus “*”.

DocRepo: DocumentRepository entity class and table Create an acm-document-repository-plugin Maven module.

Create a DocumentRepository entity class, to implement Serializable, AcmAssignedObject, AcmEntity, AcmContainerEntity, AcmNotifiableEntity, AcmStatefulEntity. This will be a new top-level object, like CaseFile and Complaint.

Let’s have a separate field called “nameToUpper”, something like that, and automatically set the value to all-upper-case of the actual name field. Then put the unique constraint on that column… then we don’t have to worry about how different databases support case sensitivity.

It should have properties corresponding to the screen mockups, and to support the above interfaces.

Create a DocumentRepositoryToSolrTransformer transformer, so updated DocumentRepository instances are sent to Solr. Let’s have the object_type be DOC_REPO. The transformer should set the data access control fields: “getSearchAccessControlFields().setAccessControlFields(solr, in);”

Fix the Tags module Search Results Fix the Tags module Search Results

1. Fix the text in the column headers (See attached SS)
2. Add the export button functionality for the results (See attached SS)

Ensure all REST URLs are protected by functional access control First, let’s list all REST services and the current required privilege, if any. Then, let’s decide what privilege changes need to be made, and apply those changes.

Find all classes with @RequestMapping. In each of those classes, find all methods with @RequestMapping. Collect all these URLs into a list:

* GET /api/v1/plugin/admin/plainform/targets
* GET /api/v1/plugin/admin/templates
* etc., etc.

You can disregard the v1 / latest in the class-level RequestMapping.

Next, for each URL, find the matching bean in the spring-config-acm-plugins folder (if any), and add the required privilege to the list – highlight the ones with no privilege at all:

* GET /api/v1/plugin/admin/plainform/targets – adminPrivilege
* GET /api/v1/plugin/admin/templates – adminPrivilege
* GET /api/v1/functionalaccess/roles – NONE
* etc., etc.

Attach this list to the ticket; and then we will write a list of changes to be made.

Fix two Audit Event Descriptions Fix two Audit Event Descriptions Fixed
FOIA Ext – New Request in Application Error FOIA Ext – New Request in Application Error


1. Login to the application
2. Click on New Request
3. Fill out all the fields and click Create Request button, wait 3-5 seconds nothing happens, click the Create Request button again
4. Error – 2 request are finally create.

The button needs to grey out and show processing, so the button can be clicked a second time.

Reports are missing in Choose reports drop down in Report Configuration under Admin 1: Login as admin
2: Click on Admin module
3: Under Reports click on Report Configuration,
Expected result: In drop down list are displayed reports: Case summary, Complaint report and complaint disposition count
Actual result: Reports are missing and also groups for authorized and unauthorized are missing also
Configurable STOMP Client (Browser) credentials We need to make {{client-login}} and {{client-passcode}} attributes configurable, so we can set the credentials that ArkCase is using to login to ActiveMQ on behalf of connected client (browser) Fixed
A6 – Security: Encrypt the Snowbound URL query string This is another security finding from Bactes. In Bactes, the URL to Snowbound can contain publicly identifiable information (first name, last name, medical conditions). This issue is the Bactes security finding A6: “It was discovered that user information, passwords, session information, and PHI/PII was being passed through URL parameters which could potentially be stored.”

For the solution, we want to encrypt the URL query string, using a JavaScript symmetric encryption library (I believe the URL to load Snowbound is built in our Angular code), and a shared secret. Thus, the Snowbound URL would look like this: https://acm-arkcase/arkcase/VirtualViewerJavaHTML5?ajdsfkjdsaflksadflksgfkwjehgwergksjf … where the part after the ? is encrypted.

On the Snowbound side, add a servlet filter for GET requests, that attempts to decrypt the query string using the shared secret. I believe if the query string is not actually encrypted, the decryption would throw an exception; if so, if that exception happens then the filter just leaves the original query string in place.

The shared secret can be configurable, set in some ArkCase propery or Angular config file, and also in the Snowbound context.xml.

LDAP authentication support on OpenCMIS Fileshare repository OpenCMIS Fileshare repository (part of [Apache Chemistry|]) currently supports only users predefined in configuration files, but we need to be able to authenticate there using LDAP directory Fixed
AFDP-3174 Document upload to alternative CMIS repository support ECM file service should allow document upload to alternative CMIS repositories Fixed
AFDP-3174 Extend EcmFIle document wrapper model {{EcmFile}} document wrapper model should be extended with CMIS configuration identifier so it will uniquely identify the document (CMIS backend + storage location {{versionSeriesId}}) Fixed
AFDP-3174 Administration console section for CMIS configurations New section to be added to administration console, similar to what we have for LDAP.
Probably we should create new node (maybe {{Document Management}} top-level node with {{Storage Configuration}} sub-node?).

It should support FreeMarker templates (same as for LDAP), the final list of variables to be provided with AFDP-3175.

Templates to be stored under {{$HOME/.arkcase/acm/cmis/templates}} and generated configurations under {{$HOME/.arkcase/acm/cmis}} directory. Probably only properties files will be used (no XML bean configurations)

AFDP-3174 Extend CMIS configuration to support multiple CMIS backends Current CMIS backend configuration should be extended in a similar way we support multiple LDAP configurations.

Additional fields:
– unique identifier
– “versioningState” (NONE=long-term storage, NONE, MINOR,MAJOR=Alfresco, Documentum…)

Multiple CMIS configurations (backends) support ArkCase should support more than one CMIS configuration, so it can use more than one CMIS backend at a time. Each CMIS backend should be uniquely identified and that identifier should be added to {{EcmFile}} document wrapper model. Fixed
Upgrade Alfresco to Version 5.1.2 and Alfresco RMA to Version Upgrade Alfresco to Version 5.1.2 and Alfresco RM in your local and make sure it works. Then we will work on moving all ArkCase environments to these new versions. Fixed
Approval Routing – Minor Changes Approval Routing – Minor Changes

– Need the Approver Column to be users full name

Add the Time and Cost Modules back to FOIA and Correspondence Application Add the Time and Cost Modules back to FOIA and Correspondence Application Fixed
Search module – persons 1.Log into the application.
2. Click on search in the sidebar.
3. Enter your search query in the box and click search.

Searched persons results does not have parent and the person link name does not redirect.

Search module 1.Log into the application.
2. Click on search in the sidebar.
3. Enter your search query in the box and click search.

Searched note results does not have parent and the note link name does not redirect.