v1.4.3

3 min read

Isora v1.4.3

May 30th, 2025

What's New

Unit Inventory Table

  • Provides a centralized location to create, manage, and organize units within Isora.
  • It includes a hierarchical table for unit management, a sidebar for editing unit details, and options to assign users and roles within units.
  • Access Control
    • Superusers can access and manage all units, including creating, editing, assigning roles, and deleting units.
    • Assessment Managers can manage only the roles within their assigned units (specific roles TBD).
    • If hide_admin_settings in /api/config is set to true, only Superusers can access and manage the Unit Inventory.
  • Tabs for Managing Users & Child Units
    • Assigned People Tab:
      • Displays users and their roles in the unit (mirroring People Inventory permissions).
      • Users can assign new people and roles to the unit.
    • Child Units Tab:
      • Displays a hierarchical table summary of child units.
      • Users can reorganize child units with the same actions as the main table.
    • More Options Menu
      • The three-dot menu in the sidebar allows users to delete the unit.

Assessment Search Bar

  • Now you can search across all relevant levels of hierarchy in assessments, so that you can easily find a series, assessment, unit, application, vendor, or product.

Exceptions Register Table

  • Now you can search, add, and upload exceptions, so that you can efficiently manage exception type options.
  • Exception Type Sidebar: Now you can easily update fields like name, description, and whether assets are required.
    • Clicking a row opens a sidebar with editable fields:
      • name
      • description
    • The sidebar includes a More Options menu with “Delete”:
      • If the type is in use, deletion is blocked and a message is shown.
  • Manage button on the Exceptions page allows users to access the Exception Type Library, so that Superadmins can maintain the list of available exception types.

Location Inventory Table

  • Allows admins to manage and organize physical location information, including site, building, room, and confidentiality designation.
  • It follows the same structure as other inventories (e.g., People, Units), with a searchable and editable table, sidebar-based record management, and bulk import/export via CSV.
  • Each row includes a “More Options” menu with a “Delete” action.
    • System asks for confirmation before deletion.
  • An "Add" button opens a modal for creating a new location.
    • Required fields: site, building, and room.
  • Clicking a row opens a sidebar showing editable fields:
    • site
    • building
    • room
    • floor
    • description
    • confidential (toggle between Yes/No)
    • All fields are editable, and saving updates the record via /api/locations.

Bug Fixes & Improvements

  • Version and Build Information: Fixed a bug that caused the displayed version and build date of Isora GRC to be inaccurate. Instances now consistently show the correct version and build details.
  • Risk Register: Fixed a bug that caused a 500 error when attempting to delete certain Risks. Users will now receive a clearer error message in these cases.


API Updates

/api/surveys

  • Added the ability to filter /api/surveys  by status, org_unit_id, question_list_id, due_date_gt, due_date_lt
    • Example:
/api/surveys?status=status
/api/surveys?org_unit_id=org_unit_uuid
/api/surveys?question_list_id=question_list_uuid
/api/surveys?due_date_gt=yyyy-mm-dd
/api/surveys?due_date_lt=yyyy-mm-dd

Exception Types

  • A CSV upload button allows bulk import via POST /api/exceptiontypes/csv
    • A CSV template is available for download to guide formatting.
  • A CSV download button allows bulk import via GET /api/exceptiontypes/csv

Location Inventory

  • A CSV upload option is available:
    • Endpoint: POST /api/locations/csv
  • A CSV download button is available:
    • Endpoint: GET /api/locations/csv
Did this answer your question?