3.28.47 Release

Owned by Panagiotis Papanastasiou
Last updated: Dec 23, 2021 by Apostolos Karakaxas
4 min read

Date:  Dec 22, 2021

Installation: https://downloads.interworkscloud.net/patches/3.28.0/CloudPlatform.Patch.3.28.47.zip
You must upgrade first to 3.28.0 using the interworks.cloud installer before applying this patch

 

Microsoft “New Commerce Experience” Integration (Version 2 Technical Preview)

Following our previous announcement (Release Note 3.28.43) of the latest integration between our platform and the Microsoft New Commerce Experience (NCE), we are pleased to inform you that from this release onwards, you can:

  • Place orders for NCE products and provision them from both the BSS portal and the Storefront

  • Invoce NCE Subscriptions

  • Manage the NCE subscriptions by either increasing their licenses or canceling and suspending them.

Please check the and pages for more information.

On this page

Strings for the Upcoming Release Note

The following Excel file contains the latest strings for translation, based on their tag_name, for the upcoming release note 3.28.48.

 

Role-Based Access for Your Storefront Users

We are excited to introduce a new access control feature that ensures access control for your Storefront users. Its name is Role-Based Access Control (RBAC), and its purpose is to allow the business users of resellers and end-customers who enter your Storefront to gain access to a set of features based on their work needs and eligibility. With RBAC you can offer a robust, secure, and modern Storefront environment to your customers for transacting with your cloud business. Your customers can ensure that their business users have access only to functionalities needed for their job role. We introduce two types of users:

  • Admin Users: These users have full rights to every Storefront module as a superuser. It can create and manage the rest users via the Storefront Access Control module.

  • Simple Users: These users have a range of restricted access rights dependent on the role(s) they are assigned to them. The available roles are the following:

    • Billing Agent: This role is responsible for managing the billing details and making payments.

    • Subscriptions Manager: This role is responsible for managing the subscriptions (adding extra licenses, purchasing add-ons, etc.). He cannot place an order for a new product.

    • Buyer: This role is responsible for placing new orders and request trials.

    • Cloud Administrator: This role is responsible for managing the services in the My Workspace section.

RBAC helps your customers to:

  • Protect their valuable commercial data from being disclosed to users with no work-related interest. 

  • Eliminate errors by allowing specific actions to certain users.

Next Steps

You can prepare your communication strategy and inform your Storefront customers about this significant feature.
 👉 With this release, a new Users module will appear in the main menu of the Storefront, and all your Storefront users will be assigned with User Type Admin so that their access to your Storefront is not affected while a smooth transition to the new classification is ensured. 
 👉 As a following step, your customers must select and assign the proper User Types and User Roles to each of their users who enter your Storefront.


For more information, please check the page.

Security Improvement on the BSS Platform

The documents upload mechanism of BSS has been updated to securely handle any file uploads and eliminate any potentially malicious code threats. As a result, the following file extensions are blacklisted from the documents upload mechanism: asp, exe, pl, cgi, com, bat, vbs, asa, js, cmd, ps, aspx, php, py, axd, htm, html, cpl, dll, hta, inf, ins, isp, jse, lnk, msi, msp, ocx, pif, reg, scr, sct, sys, url, wsf, wsh.

Stripe Payment Gateway Improvement

There are rare cases where a third party (entirely unrelated to interworks.cloud) dispatches a request to the payment gateway of Stripe, and Stripe, due to mismanagement of their webhooks mechanism, responds back to that third party request from all the available webhooks, including ours. Since this was problematic and affected our Stripe webhooks, we have improved our webhook check mechanism to discard those erroneous responses from third-party requests.

Updates on APIs

 

Products API (V.3)

 

Products API (V.3)

Improvement Description

A performance improvement was made to the Products API (V.3). The change concerns the response of the following four end-points where the add-ons schema does not contain the full information of the add-on anymore but rather only the necessary information.

Affected End-Point(s)

  1. GET /api/products : Retrieves the products of the current organization.

  2. POST /api/products : Creates a new product for the current organization.

  3. GET /api/products/{productId} : Retrieves a specific product of the current organization based on the given ID.

  4. PATCH /api/products/{productId} : Partially updated an existing product of the organization based on the given ID.