Unifyed Announces General Availability of Student Engage v9.1

New Features

Message Acknowledgement

This new feature allows users to request for acknowledgement for the messages they have sent. The acknowledgement notification would be visible to users ONLY upon login. The sender can also set an expiration date so that the message no longer appears on the login screen of the user.

Integration to PeopleSoft Apps

With this release, Unifyed has the integration with the new Peoplesoft Apps which is available at Unifyed App Store. All the integrated apps are listed below:

1. Peoplesoft – Grades
2. Peoplesoft – Personal Info
3. Peoplesoft – Transcript
4. Account Balance/Account Summary

RBAC Functionality Extension

With this release, a new feature ‘Studio Access Control’ is available for tenant admins. ‘Studio Access Control’ extends RBAC capability to Studio level. Now, a tenant admin can create new Content Creator and Admin with rights only to do specific tasks e.g. only to create content/article, pages etc.

Yoda – New Look

Yoda – The Chatbot has a new interface, more modern look and feel with upgraded framework V2 of dialogflow from Google, new images, colors and style. For interaction, you can also now select language as per your preference. You can choose the language of your choice by clicking.

 

Enhancements

Messaging Templates

With this release, the Messaging app’s functionality has been enhanced to re-send a sent message with just one click; also, save the message as a template for future usage. You can also create Message Templates through Messaging app. Messaging template feature allows you to create, edit, delete and save a template.

Adding Unifyed Group Admins

This enhancement empowers a Unifyed Group Administrator to reassign admin rights and add users as new group administrators for managing content/messaging/events of a group. Apart from managing groups, the new administrators can also add/delete/view the other administrators including the group owner (creator of the group).

Sensitive Data Exposure

The AWS s3 credentials from endpoints API are no longer exposed and are secured by encryption to tackle any security breach.

Unrestricted File Upload

Previously, the system was accepting an image of any size and type. However, now, the image upload has been restricted to max 5 MBs in size and the allowed image formats are only png, jpg and jpeg.

Drive App Enhancements

With this release, Unifyed Engage has the enhanced version of the Drive app to give users more options, features and capabilities. Following are the features available to users:

1. Multiple Files Upload – Previously, users could only upload a single file at a time. Now, the functionality has been enhanced to select and upload multiple files in one time to a folder. The maximum limit for file upload is set to 30 files at a time with max 7 MB each.
2. Public URL for Files – This functionality creates URL(s) for each uploaded file. The URL can be used for Connect posts, Messaging, Emailing etc.

Message to a Single User

Previously, admins were restricted to send messages to a group only. This release enables admins to send messages to an individual user(s) as well.

Sub-Term Field Addition

With this release, you can now search for classes based on sub-term. A new field ‘Sub-Term’ has been added inside the register for classes applet.

SMS Messaging Applet

Previously, there was a limit of 100 characters set on the SMS channel for messaging. Due to this limit, sender was able to type a message more than 100 characters, but the receiver would only get the 100 characters of the message. The remaining characters would be delivered in a separate message(s). With this release, the character limit on SMS messaging has been removed. You can now send and receive more than 100 characters in a single message.

Drag & Drop Favorites

With this release, adding Favorites through ‘Drag & Drop’ feature has been enhanced to work on Mozilla Firefox as well. Now, you can add favorites on Mozilla Firefox in a similar manner to other browsers.

Security – Vulnerable Targets

With this release, the proxy API calls cannot execute URLs without them being added to the ‘Allowed Proxy URLs’ list by the tenant admin. These URLs must be added to the ‘Allowed Proxy URLs’ list in Studio > Settings > Site Settings > Proxy URLs tab. This limitation is being added as part of the security patch for Unifyed and Kryptos environment.

Sensitive Data Exposure

Simple Auth Mechanism used for middleware was leaking critical login credentials information which an attacker could use to get access to the database. The security around the middleware server has been enhanced using hash and bcryptEncoder with this release.

Security – Stack Traces

There was an error displayed related to tracing a user. However, for security reasons the visibility of the error trace for a user has been blocked from backend with this release.

Github Data Exposure

Security on Github server has been enhanced by deleting a file containing sensitive information and removing unimportant APIs which were leaking crucial information containing other sensitive information like users, passwords & AWS storage credentials.

Broken Access Control

Some APIs were exposing sensitive username and password details while performing inspect element. With the enhancement, the sensitive data has been removed/blocked from displaying on the screen.