Platform | Lake Update (1.7)

Check out the news in TOTVS Fluig Platform’s 1.7.0 update:

Platform

Fluig Platform is now TOTVS Fluig Platform!

Nowadays, everything around is us constantly changing... And we wouldn’t have it any other way here at TOTVS, right? That’s why our brand architecture was revamped to simplify product presentation, making it easier for the market to understand our portfolio.

Therefore, the Fluig Platform you know is now called TOTVS Fluig Platform: endless possibilities within our very own platform, with all of the power that lies behind the TOTVS brand!

This brand shift also changed the platform’s visual features to add TOTVS’s identity.

Brazilian General Data Protection Regulation (LGPD)

Diving deep in personal data with the LGPD

The LGPD (Brazilian General Data Protection Regulation) governs activities surrounding personal data to ensure the security and privacy of consumers. As a software provider, TOTVS is positioned as a partner to its clients in the LGPD compliance process. 

With this scenario in mind, the Lake update brings new features to maintain and scale compliance with best management practices and processes related to data protection. Learn more:

Use Policy and Consent Form 
Write a complete use policy for your portal, covering all points where the portal requests user data. The use policy can be set up as a consent form: when logging in for the first time, users must accept this term before browsing through the portal. This protects the company and ensures users are aware that their data are being used.

Manage personal data requested in the platform

Since the fluig platform is highly customizable, most of the information stored comes from fields created by the users themselves. In order to make it easier to identify and control personal data stored, the data is now mapped in a separate list, available only to administrators. 

The Personal Data Register is here to make your life easier! Indicate the fields on your database that contain personal data. Make the register even more complete by adding classifications and justifications, such as why the data is requested and for what purposes it will be used.

Guaranteed privacy of your users

Diving deeper into this context, what if a data owner is worried about his privacy and requests any action regarding his data? The Lake update is ready for that!

With the new Anonymize/export personal data feature, you can easily find personal data per user or type of data, and take all necessary measures, including export or anonymize data.

- When exporting data, the requested personal data are gathered in a JSON file to be sent to the data owner, who may also import the file into other systems, if necessary;

- In anonymization, the personal data undergo an irreversible treatment and will no longer be presented in the respective registers. 

See below:

Map personal data in forms

The Lake update brings a wave of new security and protection features to your platform. Now, forms created by fluig users that contain personal data can also be mapped to ensure compliance with the LGPD. This encompasses forms created in advanced mode, in fluig Studio, process forms, community forms, and Forms.

These features include data search, anonymization and exporting, as needed, in addition to viewing log, to ensure absolute security for data owners. 

Keep track of everything happening on the platform
As an additional features to guarantee the security of your operations, fluig offers a logging service for all changes made to the platform, in specific features such as Roles, Users, Groups, Processes, Documents, etc., and exclusive monitoring tools for all registered personal data. Refer to Audit Events to learn more.

Processes

LGPD applied to process forms

For either SaaS applications or local systems, we all want to ensure the security of our data travelling through the net. That is the reason for the consolidated and complete approach of the LGPD, covering all of these demands and providing users with a complete alternative to protect and treat their personal data, with the confidentiality and attention they deserve. 

Forms were always major protagonists when it comes to data, since most of them request a wide range of information, which is often personal, such as age, Individual Taxpayer Registration Number, ID number, and date of birth, among others. These data carry the weight of completely personal and non-transferable information. 

Personal data within a platform can rely on security measures where, when setting up a form within a process with specific rules, you can determine which information can or cannot be available for viewing. The Privacy item can be configured in all fields, except Evaluation, determining whether the field has personal data, if its content can be anonymized, and the reason and justification for requesting such information in the form. Check out the complete step-by-step process in Configure form and learn which items can be configured based on the Brazilian General Data Protection Regulation.

New APIs to register processes and substitutes

In order to meet clients’ needs regarding the creation, query, update and distribution of processes via API, we introduced new APIs created specifically to facilitate the workflow process registration routine. 

In addition, we implemented a logic in process APIs to consider the concept of substitute users for mobile applications. 

To learn more about these APIs, refer to API Process Management. 

Documents

Advanced form in the LGPD context

Advanced forms (i.e. created and configured through Fluig Studio) also adopt personal data security measures. The settings, in this case, are encoded directly in Studio and allow developers to add some attributes to the HTML “input” field, in order to configure the privacy of the field.

Check out below the step-by-step instructions to configure your advanced form based on LGPD regulations to protect your data, or refer to Form creation.

Dive deeper into fluig reports

We updated our platform to ensure compatibility with the latest BIRT version: 4.8. BIRT is an open source platform that facilitates report modelling within fluig. In this version, the platform received enhancements related to the security of data and access to data, broader support to other report exporting formats (including XLS and DOCX), and streamlined integration with JavaScript libraries. Go to the official website to learn more about this version. 

Mobile

Substitutes in Approval

We implemented a mechanism in Approval that allows moving requests with substitute users. With this feature, users can select the replaced person and view their pending tasks, making it easier to access and complete tasks with even more efficiency.
Go to “Configure activities and flows” to check out the documentation. Don’t forget to check out this app’s new features in “Release Notes Approval”.

Social

New Social APIs in the Lake update

We are constantly brainstorming new ways to meet our client’s needs across a wide range of different operations. That is precisely why we developed new Collaboration APIs to facilitate operations in:

• Communities: APIs were created for communities to list specific community information, list information of all communities, list users in the community, request permission to join communities, and remove community users;
• Followers: APIs were created for followers to search all followers of a user, requests to follow specific users, and remove users from the list of followers of another user;
• Profile pictures: an API was created for profile pictures to add or edit images for specific users;
• Users: APIs were created to list information of all users, list users followed by a specific user, and list information of a single user.

LGPD applied to community forms

You can also use our features to adapt to new data protection measures in forms posted in communities.

The fields now have another configuration option: the Privacy item. Simply add the fields required for your form and define the Privacy item within each field’s configuration. This enhances the security of data gathered in your forms.

Do not miss this update and the opportunity to make your fluig even more flexible.

Architecture

More security and compatibility in fluig

Some libraries and tools were updated to enhance the fluig platform’s security, performance and stability. The platform now uses the application server Wildfly, version 18, and the run environment Java (OpenJDK), version 11. We also validate the Oracle18c database and Windows Server 2019.

WCM

Architecture update in WCM – Even more security for you

Version 1.7.0 Lake brings updated libraries (libs) to ensure even more security and stability when accessing the Fluig platform.

Check out the updated libraries:

• jQuery version 222 to 3.5.0
• Moment version 2.9.0 to 2.24.0
• Bootstrap version 3.3.6 to 3.4.1

Since this update can impact page and widget development, we added a migration plugin provided by jQuey: jquery-migrate.

Besides helping restore behaviors lost in the previous version, this will also help identify points where code updates are required. We recommend using this plugin to make code adjustments as soon as possible, since it will be removed from Fluig’s installation in the next releases.

New Fluig editing menu

The Fluig platform was fully updated with major improvements not only in terms of security, but also in usability.

The Fluig Platform menu was completely updated to facilitate user identification and use.

The features Edit profile, Edit image, Language, Help and Logout are now located on the right-hand side of the user profile picture, identified by the icon. This makes it easier to find and use all of the features that were previously embedded into the profile picture.

Documentation

• Our documentation on Audit Events was updated to detail events that will be audited in the platform. Check it out!
• Documents regarding the new features related to user privacy, grouped in Security and Access.
• TOTVS Identity now has an exclusive area for help, FAQ and technical documents. Access here!  
• Check out more details about the novelties and fixes made to the fluig Mobile application.

Fixes

WCM

• Processing to allow the addition of more than one URL in posts.
• Adjusted the autocomplete component of the Style Guide, in order not to show the list of options when the field is disabled.

BPM

• Adjusted update scroll for the Snowflake theme, correcting content alignment on screen.
• Fixed conditional activity to correctly accept and validate the activity’s script.
• Fixed the creation of subcategories with the same name of the parent category. Processing to separate categories per structure level, solving inconsistency issues, in order to correctly load processes and show folders.
• Fixed imported libraries to automatically validate and no longer show the message, when the form uses the Style Guide.
• Adjusted to underline in red words typed incorrectly in request add-ons, indicating a spelling mistake, after the fluig update.
• Fixed situation where, within a process with a mechanism of assignment by form field, when editing and deleting the existing field to add a new field, the activity mechanism was empty and did not allow editing. Adjustment made to update the field when replaced.
• Fixed to ensure correct display of users in a certain role when viewing an activity’s data, during process startup.
• Adjustment to the search of users in Tasks to ensure the list of users is viewed correctly.
• Fixed fluig mobile to correctly display the text of the service activity add-on on the screen.
• Fixed the table FDN_PERSONALDATA related to process form fields, to ensure personal data marked as anonymous are correctly anonymized.
• Adjusted to underline in red words typed incorrectly in request add-ons, indicating a spelling mistake, after the fluig update.
• Fixed inconsistency in substitute user registration, where the system previously allowed registering identical users and dates.
• Fixed inconsistency preventing the validation or editing of substitute users during process startup.
• Fixed inconsistency when selecting an activity in pool, and after clicking to show the list of users in the group/role, the result is loaded correctly.
• Adjusted validations of service activity, enabling exporting a process with cleared version, containing the service activity without a script.
• Processing to issue a warning if the user tries to move a request to an inactive or non-existing user.
• Fixed fluig ADHOC to use a single form registration version.

Forms

• Fixed forms with text fields with currency or percentage mask, in order to correctly save the amount in the database with POINT, which is the correct decimal place indicator, instead of COMMA, which was being used incorrectly.
• Adjusted form fields to correctly save names.
• Adjusted the rich text field and increased field limit to 10,000 characters, with validation only applied to characters that are visible to the user.
• Adjusted forms for the rich text component to show a field character counter, as well as a screen message displayed when the character limit is exceeded.
• Adjusted the use of the Tab button to shift the focus between fields, from left to right, and subsequently down in the first field to the left, facilitating the completion of forms without having to click each field to complete it.

Portais

• Fixed inconsistency that prevented a correct fluig startup.
• Fix to allow deploying components with “js” files with less than 3 characters.

Fundação

• Fixed sorting by columns “Substitute registration” and “Substituted registration” in the Substitutes screen.
• Fixed validation of number of characters in the fields “Login” and “Registration” of the user.
• Added message with instructions to complete the code when inserting roles.
• Adjusted Approval to validate LDAP connections without using credentials.
• Added a user permission check in Linux environments, where users initiating services must be the owner of the installation folder. This validation was only made for Linux environments derived from Deban, and are now also performed in Linux environments derived from RedHat.
• Adjustment made to situations in which users are active in more than one company in Fluig. Now, user registration, user editing, user reactivation and during log in, a message will be shown to the administrator informing that the user cannot access the platform using an email already registered in another company, allowing the administrator to choose whether to continue with the procedures listed above.

Dataset

• Fixed API "/ecm/dataset/synchronizeDataset" to show the proper operation.

ECM

• Adjustment made to show commends added to the Document on the screen without having to close and reopen the comments screen.
• Fixed inconsistency when exporting access lists of all document versions, in case of documents with many hits.
• Added the fields inheritApprovers, convertDocumentType, notificationDays, quota, and publicDocument to the DocumentDto object.