Release date: 01.05.2022

 

 

Table of Contents

New Authentication system

Introduction

Since version 4.4.0 a new authentication and authorization system is introduced that provides higher security and more flexibility. To name just a few supported features: 

• Single-Sign On and Single-Sign Out for browser applications, including OpenID Connect, OAuth 2.0 and SAML support.

• Identity Brokering - Authenticate with external OpenID Connect or SAML Identity Providers.

• Social Login - Enable login with Google, GitHub, Facebook, Twitter, and other social networks if needed

• User Federation - Sync users from LDAP and Active Directory servers.

• Kerberos bridge - Automatically authenticate users that are logged-in to a Kerberos server.

• Two-factor Authentication - Support for TOTP/HOTP via Google Authenticator, FreeOTP or Microsoft Authenticator.

• Customization of Login flows - optional user self-registration, recover password, verify email, require password update, etc.

• Revocation policies for access Tokens

All SaaS customers will be authenticated via single authentication service at https://auth.bim.cloud.

There are no significant changes from user point of view, so a standard application URL can be accessed as usual and no changes are required. 

In some cases users might be asked to confirm their account via activation e-mail.

User changes

Users and Passwords migration

Also all user accounts will be migrated to the new system. If your account password was not compatible and not possible to migrate, you will have to change you password via e-mail. 

Forgot password

If you are using an internal account and cannot login, please select "forgot password" option as below:

You will be prompted to enter e-mail address associated with your account:

 

A verification e-mail should arrive at you inbox shortly. Please click the confirmation link and enter a new password. 

Two Factor Authentication (OTP)

A two factor authentication can be enabled for any account. It can be used both for internal and external authentication providers like ADFS.

For detailed description on how this works, please refer to this chapter: Two Factor Authentication (2FA/MFA)

Please not that this type of authentication might not be enabled in your system

Security Defenses

Login attempts are protected with the following options:

• Brute Force Detection

• Temporary user lockout (standard)

• Permanent User Lockout (optional)

• Max Login Failures counter

• Quick Login Check  - if password check happens to quickly, e.q. once every second, a user will be locked out

Default password policy

By default authentication system is using the following password policy:

• minimum 8 characters

• does not include email address

• does not include user name

Any password policy can be set in the system with further requirements like:

• password expiry

• not recently used rule

• password blacklists

• password matching pattern

• special characters rule

• upper case rule

• lowercase rule

• digits rule

• and more...

Admin changes

Basic administrative functions are available as they were, in the main application Administration Console.

Some more advanced functions and settings are available only under dedicated authentication portal. 

Managing users and Groups

One of the changes related to user authentication is that now a user can have multiple providers linked to their account. 

A user will be able to log in using any of the allowed providers. This setting can be set individually per user. If a user is registered from a specific provider they will have that provider set as allowed. 

Please note that in many cases an internal provider should be disabled for users that normally authenticate through external system, e.g. ADFS. This will prevent a situation where a user can login with their "private" internal password. 

Managing System Permissions

Roles are now removed from the system and replaced by System Permissions. 

 

API changes

All services now require JWT token to accept the user request. 

Using Tokens

JWT token must be passed on in a x-authorization header

Using Version ID

Most services require version id to be passed on in x-hdc-version-id header

 

User related changes

 

Match Drawing Viewport

Issue [HDC-3959] 

In some cases a user will end up with drawings that are misaligned in some way:

• Drawing that was imported with "true north" parameters, so the building is positioned as in real world, but difficult to read. 
  Typically we would like to look at the building with an entrance at the bottom of the screen.

• Two drawings that do not match - e.g. an overlay drawing with a detailed background drawing. 
  In this case we would like to align one to another. 

Number of these issues can be fixed by Rotate and Match function in few simple steps. 

First, enter drawing edit mode and select a proper drawing that you want to work with. Then select Rotate and Match function on the Adjust toolbar:

This operation can be applied to any part of the composite drawing. Please note that it does not apply to entire drawing (all parts) at once.

 

In this example we will Match Overlay drawing to background drawing that is positioned correctly. 

The Overlay Drawing is wrongly:

• rotated

• scaled

• positioned

Start the Rotate and Match function and follow the instructions. Select a first point of reference element: that is an distinctive element on the Overlay drawing that we want to change. 

For example, select a wall. You will match the same or corresponding element in the target position on a background drawing. 

The image below show a first step completed with a wall selected using a snap function on the source drawing:

 

Now add a second line representing target - where the first line (and drawing) should end up:

When ready, select the Accept button:

Drawing will be adjusted and reloaded. 

Re-adjusting or Resetting applied transformation

If the result is not correct there are two options as follows: You can re-adjust the drawing by simply repeating the operation once more or you can start with re-setting the stored transformation to none. 

To reset the transformation, please open Rotate and Match Drawing function and select Reset Viewport Transformation function:

Confirm the reset function and the drawing will be reverted to its original state:

Please note that original state is only kept temporary. If you change the drawing to different one, current state after rotation will be saved as the original one.

 

 

Access basic version operations from Master Archive UI

Issue [HDC-4025] 

Basic version (Draft) operations can now be accessed under Version information panel.

Operations include:

• When a version from Master Archive is opened, a user can create a new draft. System version is switched to this draft automatically after the draft is created. 

• When a Draft is selected a user can 

  • Discard the draft. A draft will be deleted and the system will be switched to default version. 

  • Publish the Draft (with option to set as default system version)

A new draft form now includes version selection buttons. Previously, a Draft was created from a selected version in AV manager. 

This led to mistakes, when a Draft was created from a wrong version. Now, by default, a system Default version will be used. 

A user that wants to create a Draft from different version, should explicitly change this value on this form. 

 

Option to show both key and value in dictionary list

Issue [HDC-4024] 

Users now have option to display both key and value for dictionary (lookup) fields. This is a new parameter added to User Profile (General tab).

When option is turned on, dictionary item's Key will be displayed on Object's Edit form. 

Color palette available also for filter tools

Issue [HDC-4005] 

Advanced color picker is now available for tool-sets used by filters, layers etc. 

Create object set from selected linked vectors on drawing

Issue [HDC-4036] 

New menu option Add to OS  was added to spot's context menu in View mode of drawing.

By selecting one or more spots on a drawing and choosing this new option from context menu you can add object/s linked to spot to Object Set.

If you are in document mode (that is you have Document class chosen in Grid) then all linked objects (regardless of class) will be added to Object Set (if there are more than one object linked to spot).
But if you are in Infoscope mode (for example having Room tab selected in Grid) than only objects of room class will be added to Object Set.

 

 

Select (check) objects in grid view based on selected spots in viewer

Issue [HDC-4018] 

User can now mark one or several vectors in View mode, right click on them and click on option Select in Grid.

If used, then selected vector get filled check-boxes in the Grid.
 

Function  Highlight have two options now:

• Highlight list (highlights all objects currently in grid list)

• Highlight selected (highlights only objects with filled checkbox)

 

Please note that current implementation will work correctly only when objects of same class are chosen and are visible to user.
Also objects should be on same page of grid list (page size can be easily adjusted in User profile if needed).

 

Show boolean field as checkbox

Issue [HDC-4033] 

Value for boolean fields will now be displayed in a form of a "checkbox" both in main GridView and in Properties panel.

 

More compact and readable Presentation panel

Issue [HDC-4039] 

Sometimes after applying presentation, tool's labels are not fully readable as they do not fit Presentation panel.
This may look like this:

 

We have made some small adjustments so more text will fit (smaller color blocks / column and count column).

There is also an option to hide area / count columns if not needed.

 

Adjustable hover color for spots

Issue [HDC-4043] 

We have added two new parameters that will allow to define color for hover operations. One color will be defined for spots without links and second for spots with links.

Graphic tool can be assigned to each of those two parameter in System Settings\General Settings\Main viewer/editor settings section.

 

• Spot Highlight - tool selected here will be used to color spot with link on hover operation.

• Spot with links Highlight - tool selected here will be used to color spot without link on hover operation.
  
  

Print system improvements

Issue [HDC-XXXX] 

A significant improvement was implemented for special cases where a vector based PDF is imported into the system. So far the printout used a processed version

of the document that in many cased produced results that offered weak contrast.

The reason for this was that a background image was converted into raster format that does not scale well in PDF viewers.

When compressed to smaller view window, it becomes "weak" and hard to read.

To resolve this issue, a new print mechanism was implemented for such case from ground up. Now an original vector content is used on printouts preserving

all original details and behavior, but combined with templates and other content like macros. 

In some cases new printout will be also more than 50% smaller in size and produced faster.

 

Below is a comparison between new and old printout system (for vector PDF background):

Document / Photo view in popup object properties

Issue [HDC-XXXX] 

Additional compact document view window is added as a side panel to object properties popup:

The main purpose of this function is to give an ability to view further details about a given object without changing a global context (whats selected in a grid, tree etc).

For example, while browsing tree structure user selects a floor. Next either a document representing this floor is loaded or a user selects another object from Grid View like space or doors. 

This allows user to review a floor layout but what happens if we want to view more details regarding Space or equipment like Doors, Windows? Previously a user would have to change entire context by selecting such object in the tree view.

Now, with the help of extended object properties one can view both metadata of the object and document content like photographs, manuals or other drawings without changing the main context. 

These documents can also be viewed in the main interface but this is a useful shorthand.

Accessing side document panel

To open or close a side document panel, use the list icon toggle button on the bottom right corner of the popup properties window.

(Guide: Working with Popup Properties on Drawing)

Side document panel

Content of the side document panel is dependent on both linked documents and a perspective set used to filter out specific data.

Although the primary use case of this panel is to show documents like manuals or object photos, it can be configure to show any class of objects, e.g. equipment in the room.

 

Available menu options:

• Add new object - document and objects can be added directly in this view

• Edit object - edit metadata of the selected object

• Delete - delete selected object

• View / Navigate - Navigate to selected object in main interface

• Expand / Show - open current document in a popup window  for full screen viewing. 

A right click expandable menu can be used to view other options like adding new content or attachments. 

To save space, visible object columns can be customized in Layout Manager to select only most important fields (Administrator function only).

User last visited objects

Issue [HDC-3896] 

New user log was implemented to show which objects the user has recently accessed. 
It can be opened from left-top  section (above Tree) of main interface using Visited objects button.

Visited object window:

Buttons:

• Most Popular - sorts by objects that were visited most frequently

• Documents only - narrows list to show only objects with content

• Filter - filters list by typed in value (based on Object Name column only)

• Clear - clears typed in filter

• Go to object - navigates to object using current perspectives

If version in which object was selected is different then your current one then you will have an option to switch version, navigate in current version or cancel navigation.

If version in which object was selected is not available for you (most likely draft was discarded) then you will have the choice to cancel navigation or attempt navigation in current version.

 

Filter-bar as alternative option for defining filters in GridView

Issue [HDC-3898] 

Alternative way of adding filters to Grid was added, called Filter bar.

It can be activated from Object menu in GRID in main interface.

When it's activated additional row with filters is added to grid that allows to easily manage filters, by selecting desired operator from menu:

 

When filter is applied it can be removed by selecting context menu on cell with field name and selecting Clear column filter:

or all filters can be removed (along with filter bar) by using Toogle Filter bar button, It can be pressed again to activate filter bar again. 

 

Sorting in search result for excel report

Issue [HDC-3702] 

Sorting set in Advanced Search search results and in Grid will now be passed to reports generated. 

Choose a column for sort and sort direction (ascending or descending) and then click on a Report button to choose from report format. 
Sorting will be passed to generated report. 

Also new button Sort by object's location was added that will overwrite any other sort chosen and will sort objects in created report using PATH column with object location. 

 

When sort is applied in Grid column, it will be passed to exported report as well but only for Current tab (single class).

 

Audit trail improvements

Issue [HDC-3661] and [HDC-3662] 

New option to run audit trail search in a selected subtree has been added. Search results will be narrowed to objects modified that are linked in selected subtree only.
In Audit Trail window use Context Object option to open Object Picker tool and select desired Perspective and Object.

Each record that is a result to selected query in audit trail window will also consist of previous state of object. Each change in comparison to previous state of object's will be marked in red so it's easy to see what changed.

So the result that was found using given query is data from row number 2. But row number 1 is also given back as a previous state of object before change. Fields that did change are marked in red in second row. 

 

Data Exchange changes

New status "Skipped" for imported objects

Issue [HDC-3875]

If imported objects is matched in database and it's metadata is not changed it will given new status skipped 

 in Object tab of import log.
Before, such objects were not put into object's import tab at all (even if content or link did changed), they were just noted down in Details tab as a sum of skipped objects. 

Please note that for now if content is change or link is added but metadata of imported object is not changed then the object will be given new status skipped with proper information what change in details windows for each object.

 

 

Setting imported objects Security Scheme and drawings scale via metadata matching

Issue [HDC-3794]

Data Exchange manager can flag two chosen fields for each object class to set Security scheme for imported objects and scale value for drawings based on imported metadata.

 

To do the configuration go to TDXM and select External Information Domain\Objects Classes. 
Choose Security Scheme Field and Scale Metadata Fields flags for as many classes as you want.

Security Scheme Field - Imported value must match numeric ID of existing Security Scheme.
If so, then imported object will have this Security Scheme assigned. Value of this field can only have numeric value like "12" without any other text (it can be of float or text type tho).

If you also use import option "Inherit Parent Object's Security Scheme" than it will have priority over id from metadata.

 

Scale Metadata Fields - class field used for setting scale metadata value for imported drawing.

• scale can be taken from both Text and Dictionary fields,

• for dictionaries fields - dictionary item value is taken,

• regardless of field type, field entry must start with "1:" - value after this will be taken and set as scale for new drawing,

• if value of chosen field does not start with "1:" then Default Scale will be set.
  
  

Value taken from metadata to set drawing's scale is more important then the one from the TAF file.

 

New import option Default Scale 

Issue [HDC-3794]

New import option was added to import dialog: Default Scale.

Chosen default scale value will be used for all imported drawings if there is no value to take from scale-metadata field or TAF file. If left empty, system default 1 will be used instead.

 

New import option for DocumentNavet import to change class of matched object

Issue [HDC-1876]

New import option Convert class of objects matched by Guid Field for DocumentNavet type of import has been added. 

When used, if imported document is matched by Guid Field (present already in database) and it's class is different in incoming package (than in actual state of database) then document class will change along with any other update.
Both document subclasses must be added in External Domain configuration.

After conversion it will still be same object (same hdid) but with different class after import.

 

Currently the change is cross-version. That is, once object's class is changed it will be changed in all versions of database. As if it always was of this new class.

API param

New param is available to use with WebService to start import /api/tdxm/import/NavetHDoc/<package_Id>
That is:  isConvertClassesForMatchedDocuments (of boolean type).

Administrative related changes

User Permissions replacing Roles

So far only option to control functions available to user was through system roles. There were only a few roles and as a result there was not option to control fine grained permissions.

As of this version a new concept of User permissions is introduced. Read more about User Permissions.

 

Ability to select object metadata columns based on view and layout

Issue [HDC-2629, HDC-3938]

A new functionality in Layouts administrative panel has been added to enable System Administrator to define what specific fields per object class will be visible by default.

Managing Layouts

You can define as many layouts as needed. Each layout contains the following information:

• Perspective sets available in all views

• For some views, also class and selected fields (Supported for GridView and Popup Grid View)

Each layout can be assigned to specific users or groups. You can also use single default layout that will be applicable to all users. 

Please note that hiding fields using layouts is not a security feature. For securing access to specific metadata fields, please refer to Field Level Security (FLS).

Managing Views

Views list is built in and it cannot be modified:

• Main TreeView - represents tree like structure in the main Archive UI.

• Main Object properties Panel - represents object properties list view.

• Main GridView - represents main tabular object view.

• Main DocView - represents main document viewer.

• Popup Grid View - represents additional grid view available in popup properties.

Perspective Sets

Perspective sets should be assigned to these views in each layout:

• Main TreeView - one or more perspective sets to be used for tree structure.

• Main Object properties Panel - Not applicable.

• Main GridView - one or more perspective sets to be used for the main grid view.

• Main DocView - single perspective set to be used by Viewer (to determine how to display complex objects like Rental Units).

• Popup Grid View - single perspective to display additional content in popup grid view.

Limited list of Class fields

 

At the moment limited class fields feature is supported only for Main GridView and Popup Grid View. It will have no effect for other Views.

Limited set of class fields is highly recommended to be assigned to Popup Grid View as this is a very compact view not well suited to showing too many columns.

Steps to create a custom fields list:

• Select Layout and View in top lists

• Open Fields Tab

• Select a class from drop-down list

• For a selected class, a list of avail;able fields is shown on the left

• Selected fields are shown on the right

• Select fields as desired and use Add/Remove buttons to move items between the lists. 
  
  

Default configuration - by default if a class in a given view and layout does not have any fields selected, all fields will be used. 

Once at least single field is added to Selected fields list, then only fields from this list will be used.

 

Example below shows Main Grid View will full set of columns and a Popup Grid View with a minimal, limited set:

 

Please remember that after changes are done in Layouts panel, they will be visible to users after they log in to system next time.

 

Presentation and Dynamic Label Sets

Issue [HDC-3892]