Skip to main content

Release Notes 2.2

· 7 min read

What's New

Version 2.2 includes following new features and changes.

Graph Security Layer

New features to enable additional filtering and automatic Access Rule generation were added to Graph Security Layer.

Custom ExternalGraphSecurity workers allow to additionally filter graph related results after Access Rules are applied. Once registered in GBS, each graph related call to EBS will also call ExternalGraphSecurity workers which may then filter results based on customer specific systems or rules. For more information regarding the implementation of such a worker, refer to the developer documentation.

Since manually creating and maintaining Access Rules can be cumbersome, version 2.2 adds the possibility to automatically generate Access Rules based on external systems. A new Rule Transformation step can be added to Load Plans. This step allows to define a registered RuleTransformation worker that is called when the step is executed. Such a worker can be used to automatically create Access Rules based on customer specific systems. The data a worker needs to create rules (e.g., users, entities, properties, etc.) can be defined in the Rule Transformation step. For more information regarding the implementation of such a worker, refer to the developer documentation.

caution

In order for rule transformation steps to work in Airflow, the service account of explore-airflow client needs additional roles assigned in Keycloak:

  • xpl-gbs-target-entities-execute (realm role)
  • xpl-gbs-worker-framework-execute (realm role)
  • view-users (role of realm-management client)

An active flag was added to workers in GBS which allows to pause the usage of a worker in the system. This comes in handy if for example an ExternalGraphSecurity worker is malfunctioning or not available. By pausing this specific worker the system will still work instead of returning errors because of a faulty worker.

Until now it was assumed that workers only provide GET / and POST / endpoints. Because of this, GBS took the provided worker URL as is to get basic information when adding a new worker to the system. With the new version custom endpoints are supported and GBS ensures to call GET / when registering a new worker no matter which worker URL is provided.

The way property value conditions are displayed in an Access Rule has been improved. Instead of displaying each individual condition in a row, they are now grouped by entity and property.

With version 2.2 EBS' /api/graph/query/cypher endpoint is deprecated. This endpoint allowed to execute any cypher query and directly returned the result from Neo4j which made it impossible to apply Graph Security Layer to any results. The endpoint is superseded by /api/graph/cypher/count and /api/graph/cypher/nodes. These endpoints also allow to execute custom cypher queries but only return a count result respectively nodes contained in a result. Additionally, the latter also applies Graph Security Layer.

Data Pump Overrides

The way how Data Pump overrides work was changed to be more resilient and performant. Until now all overrides were executed at once. If three overrides were defined, GBS collected data of all overrides before processing them. This could lead to failures while importing because of duplicated entries and impact performance of the system. With version 2.2, overrides are handled individually. Each override will be its own task in Airflow and therefore processed independent of each other.

Additionally, support of placeholders was added to overrides which allows to define dates passed to overrides (see Load Plan documentation) for more information). This can, for instance, be used to pass a date to an endpoint in order to only retrieve data of a certain point in time.

Frontend Graph Layout and Performance Improvements

Besides overall graph performance improvements, following changes have been made to improve the look and feel when working with the Frontend:

  • Replace hierarchical layout algorithm by a more performant one
  • Add top down order to by-level layout
  • Decrease distance between nodes for by-level layout
  • Add lasso selection that allows to freely select multiple nodes
  • Add performance indicator for layouts
  • Add warning indicator when too many nodes are displayed and display a hint to change the layout
  • Add suggestion to change layout in "too many nodes" warning
  • Focus and select newly added nodes in sandbox mode
  • Add option to toggle automatic centering/fitting of nodes after running layout
  • Add min and max zoom limit

Removal of [Empty] Expression

Data Importer allowed to map an [Empty] expression to any property. This predefined expression was removed since it is also possible to define an empty string with through "Set expression".

Improvements

  • [Frontend] Menu for saving sessions was simplified
  • [Frontend] A "quick save" button was added to top menu
  • [Frontend] A "delete session" option was added to the top menu
  • [Frontend] "Remove selected" was added to the default options of the node menu
  • [Frontend] Added error screens for missing nodes in sessions and viewpoints
  • [Frontend] Added detailed tooltips for graph controls
  • [Frontend] Added "Provide" menu to graph overview
  • [Frontend] Added cancel pending request dialog when loading takes too long
  • [Frontend] Improved interaction between label and property filters
  • [Frontend] Import sandbox functionality was moved from export to top menu
  • [Frontend] Webvis library was updated to work with 3DHub 3.7
  • [Frontend] Overall performance improvements
  • [GBS] Loading data of dashboard tabs is done lazily when clicking on tabs instead of greedily when opening GBS UI
  • [GBS] Use same date formats throughout the dashboard
  • [GBS] Removed superfluous "Smoke test" button in Data Pump containers
  • [GBS] Updated "Clear relationship" icon to make clear that it triggers a destructive behavior
  • [GBS] When clicking on "Add related" in graph processing, all related entities are added instead of only related entities in selected workspace

Bug Fixes

  • [Frontend] Node menu is not immediately closed when clicking "expand"
  • [Frontend] "Expand" menu might get stuck when opening node menu
  • [Frontend] Edges won't reset color after selection in graph overview
  • [Frontend] Cytoscape occasionally freezes in Firefox when zooming
  • [Frontend] Authentication failed view cannot be rendered because theme is not present
  • [Frontend] Filter by label is not working as expected
  • [Frontend] Dashboard is crashing when roles are missing
  • [Frontend] Property filter is not sorted correctly when toggling labels
  • [Frontend] When using a property filter on a deselected entity, other entities cannot be selected
  • [Frontend] When saving a renamed session, the old name is displayed shortly before menu is closed
  • [GBS] When relationship diagram is moved to the bottom of the page it is rendered on top of the session logs
  • [GBS] Changing a property aggregation while entity filter is active breaks filtering
  • [GBS] Fixed a few bugs that could appear when creating multiple entities from a container
  • [GBS] Dashboard does not consider selected workspaces when opened for the first time
  • [GBS] First startup of a new instances fails because not correctly updating internal state
  • [GBS] Queue jobs table in dashboard overlaps session logs
  • [GBS] In graph processing it is not possible to select a load type if build type was selected before an entity
  • [GBS] Entities belonging to a selected workspace are not displayed in property aggregation drop-down
  • [GBS] Search index creation fails when empty entity is processed
  • [GBS] It is possible to delete files from Data Pump image and save it without any files

Deprecations

  • [EBS] /api/graph/query/cypher has been deprecated and replaced by /api/graph/cypher/count and /api/graph/cypher/nodes endpoints. The deprecated endpoint will be removed in the next release.