Isora v1.4.3
May 30th, 2025
What's New
Unit Inventory Table
- Provides a centralized location to create, manage, and organize units within Isora.
- It includes a hierarchical table for unit management, a sidebar for editing unit details, and options to assign users and roles within units.
- Access Control
- Superusers can access and manage all units, including creating, editing, assigning roles, and deleting units.
- Assessment Managers can manage only the roles within their assigned units (specific roles TBD).
- If hide_admin_settings in /api/config is set to true, only Superusers can access and manage the Unit Inventory.
- Tabs for Managing Users & Child Units
- Assigned People Tab:
- Displays users and their roles in the unit (mirroring People Inventory permissions).
- Users can assign new people and roles to the unit.
- Child Units Tab:
- Displays a hierarchical table summary of child units.
- Users can reorganize child units with the same actions as the main table.
- More Options Menu
- The three-dot menu in the sidebar allows users to delete the unit.
- Assigned People Tab:
Assessment Search Bar
- Now you can search across all relevant levels of hierarchy in assessments, so that you can easily find a series, assessment, unit, application, vendor, or product.
Exceptions Register Table
- Now you can search, add, and upload exceptions, so that you can efficiently manage exception type options.
- Exception Type Sidebar: Now you can easily update fields like name, description, and whether assets are required.
- Clicking a row opens a sidebar with editable fields:
name
description
- The sidebar includes a More Options menu with “Delete”:
- If the type is in use, deletion is blocked and a message is shown.
- Clicking a row opens a sidebar with editable fields:
- Manage button on the Exceptions page allows users to access the Exception Type Library, so that Superadmins can maintain the list of available exception types.
Location Inventory Table
- Allows admins to manage and organize physical location information, including site, building, room, and confidentiality designation.
- It follows the same structure as other inventories (e.g., People, Units), with a searchable and editable table, sidebar-based record management, and bulk import/export via CSV.
- Each row includes a “More Options” menu with a “Delete” action.
- System asks for confirmation before deletion.
- An "Add" button opens a modal for creating a new location.
- Required fields:
site
,building
, androom
.
- Required fields:
- Clicking a row opens a sidebar showing editable fields:
site
building
room
floor
description
confidential
(toggle between Yes/No)
- All fields are editable, and saving updates the record via
/api/locations
.
Bug Fixes & Improvements
- Version and Build Information: Fixed a bug that caused the displayed version and build date of Isora GRC to be inaccurate. Instances now consistently show the correct version and build details.
- Risk Register: Fixed a bug that caused a 500 error when attempting to delete certain Risks. Users will now receive a clearer error message in these cases.
API Updates
/api/surveys
- Added the ability to filter
/api/surveys
by status, org_unit_id, question_list_id, due_date_gt, due_date_lt- Example:
/api/surveys?status=status
/api/surveys?org_unit_id=org_unit_uuid
/api/surveys?question_list_id=question_list_uuid
/api/surveys?due_date_gt=yyyy-mm-dd
/api/surveys?due_date_lt=yyyy-mm-dd
Exception Types
- A CSV upload button allows bulk import via
POST /api/exceptiontypes/csv
- A CSV template is available for download to guide formatting.
- A CSV download button allows bulk import via
GET /api/exceptiontypes/csv
Location Inventory
- A CSV upload option is available:
- Endpoint:
POST /api/locations/csv
- Endpoint:
- A CSV download button is available:
- Endpoint:
GET /api/locations/csv
- Endpoint: