Overview

We are adding a new option to the Data Export endpoint which allow you to set the export format to ESRI SHP (Shape) file instead of the standard CSV export. 

Who does this affect?

This change will affect API users of the Export endpoint who require ESRI shape file output. 

Details

The following endpoint:

POST /api/export 

can now be used to specify the export type as ESRI SHP. Note that due to length constraints in the SHP format for field data, attributes values may be truncated in the exported files.

The endpoint now accepts two different request models:

ShapefileExportWebRequestModel requests made with this model will return files as SHP.

CsvExportWebRequestModel requests made with this model will return data as a CSV.

Both these models extend the ExportWebRequestModelBase model.

Note the the SHP format consists of multiple (3) files that will be returned on the Export File endpoint as a zipped bundle. 

GET /api/export/{id}/file

Expected Release Date

13th January 2022

Overview

We are adding a new feature that will allow administrators to specify the specific method of authentication (such as Microsoft Online SSO) to use in order to access Customer Projects. 

Who does this affect?

This change will affect administrators who want to restrict their users to using a specified authentication method over the current choice of email/password or SSO options including Google and Microsoft. Note that these policies may only be configured using Alloy Forge so please contact the Support Team to change the way in which users access your project. 

Details

This change has introduced a new concept called "Customer Security Policy". In simple terms, this is an object contained in the Customer document that is meant to include information about customer choices in terms of security related "settings".

Currently the security policy only includes the accepted authentication method property. If set, a user can only create a customer session for a specific customer if that session is created through one of the accepted authentication methods. Normally a customer session is created by switching a master session to a customer session. This means the master session will need to have been created through one of the accepted authentication methods.

If the user utilises an authentication method not on the accepted list, an error message will be presented and the user returned to the logon screen to retry. 

The security policies may be set using the following Forge endpoints:

GET api/customer/{id}/security-policy - Gets the customer security policy for a specific customer

* PUT api/customer/{id}/security-policy - Edits the customer security policy for a specific customer

Expected Release Date

13th January 2022

Overview

We are making a change to the password policy to ensure at least one special character is present when setting an Alloy password. This will increase password complexity in order to prevent unauthorised access to your Alloy account.

Who will this affect?

Current passwords will remain valid even if they do not contain a special character, so this won't impact existing users immediately after release.

However, this will apply to existing users when they change or reset their passwords. The change will also affect new users setting up an Alloy account for the first time.

Details

New user passwords, and existing users changing or resetting passwords, will need to include at least one special character. A special character is a character that is not an alphabetic or numeric character, e.g. @&*[].

Expected Release Date

28th October 2021

Overview

AQS expressions now support the ability to run queries with conditions on an item level count.

Who will be affected?

All existing users will be able to take advantage of this feature through the newly added AQS Count node.

Details

An item level count allows to have a condition on the number of items connected through a link attribute being equal, greater than, etc. to the value of another attribute on the same item.

Example Use Case

As an example, we can consider a query that wants to fetch the title and subtitle of all projects that are over capacity. That is all projects that have a number of tasks greater than or equal to their capacity, contained in attribute attributes_projectsCapacity_60464441c14e5d000ad7e47.

{
  "type": "Query",
  "properties": {
    "attributes": [
      "attributes_itemsTitle",
      "attributes_itemsSubtitle"
    ],
    "collectionCode": [
      "Live"
    ],
    "dodiCode": "designs_projects"
  },
  "children": [
    {
      "type": "GreaterThan",
      "properties": {
        "inclusive": true
      },
      "children": [
        {
          "type": "Count",
          "properties": {
            "groupBy": "attributes_projectsTasks"
          }
        },
        {
          "type": "Attribute",
          "properties": {
            "attributeCode": "attributes_projectsCapacity_60464441c14e5d000ad7e479"
          }
        }
      ]
    }
  ]
}

Prior to this change, users could only compare a count node against a static Number node.

Expected Release Date

June 24th 2021

Overview

In order to improve the accessibility of Alloy Meshes, we will be adding support for Open API JSON and endpoint documentation. Following a detailed review of the exposed endpoints and data models, we will also be acting to implement the following deprecations to provide better consistency between naming and conventions with the Alloy Core, Extended and Forge API's. Finally, we will be making changes to the way in which the security token is passed to the Meshes to improve security. 

Security token to be removed from query string

We will no longer be accepting the token parameter which represents an Alloy API token on the query string, this should be passed via the HTTP headers in all future requests using the same key of token.

Example CURL before:

curl -X 'POST' \
  'http://localhost:3000/aws-iot/update-device?itemId=abc?token=123' \
  -H 'accept: application/json' \

Example CURL after:

curl -X 'POST' \
  'http://localhost:3000/aws-iot/update-device?itemId=abc' \
  -H 'accept: application/json' \
  -H 'token: 123' \

MeshResponseWithItemWebModel renames property itemResponse to item

The following meshes are expected to return a response which includes an item payload under the property itemResponse.

• alloy-push-mayrise-notice-mesh
• json-push-alloy-mesh
• telensa-fault-push-alloy-mesh

This property is being renamed to item but we will continue to return itemResponse until the date specified below for Phase 2. 

Example response before:

{
  "itemResponse": {
    "itemId": "af32ef...",
    ...
  }
}

Example response after:

{
  "itemResponse": {
    "itemId": "af32ef...",
    ...
  },
  // we will duplicate the data in the recommended item property
  "item": {
    "itemId": "af32ef...",
    ...
  },
}

Risk calculation mesh to remove itemsResponse property

The risk calculation mesh alloy-push-risk-calculation-mesh is removing the itemsResponse property as it was not correctly indicating the success of the response model, it isn't required and will therefore be removed as part of Phase 1 changes. 

When do these changes take effect?

The above changes will be rolled out in June 2021, with deprecations finally removed in January 2022 with the following expected release dates: 

Expected Release Date

Phase 1: June 24th 2021

Phase 2: February 24th 2022