This is a small, targeted release with a few key improvements. This is also our last planned release before the December holiday season.
Note that this is a server-only release. There are no changes to the client libraries.
Release Highlights
Client API Blocking
We have added a new feature that makes it easier to secure your app from mischievous players.
Devs have always been able to add an API Pre-hook to block specific calls from the client – but this is painful to set up – and results in additional API counts for the app.
Configuring the new API Blocking feature is as simple as going to the new Design | Cloud API | API Blocking page, and selecting the Services + API Calls to block. Hit SAVE and you are done! (Or more likely, you are once you deploy those changes to your production app.)
We hope this new feature helps our customers to keep ahead of their most competitive (and ill-mannered) players.
Note that this feature requires a Plus plan to activate.
Note also that certain calls, like the Award(), Consume() and Reset() currency calls, may already be blocked from the client depending based on the compatibility settings on the Design | Core App Info | Advanced Settings page.
Leaderboard “Days” rotation increase
This is a small change – but apps using the arbitrary “Days” rotation for their leaderboards can now set the rotation as high as 28 days…. ← the previous limit was 14 days.
Portal Changes
We’ve made the following portal changes:
Design
Cloud Code | API Blocking
A new screen that allows devs to block specified APIs from being callable from the client.
Leaderboards |
Leaderboards can now be configured with a 28 day rotation.
API Changes
There are no changes to individual API calls, but the new API Blocking feature means that any client API call can now return the following error:
BCLOUD-3305 and BCLOUD-3331 – Improvements to resetting of end-user passwords. Now preventing double-clicks, and waiting until code has been successfully changed to remove the link code.
BCLOUD-3109 – Improvements to json response exception reporting from scripts
BCLOUD-3295 – Corrected permissions check on app passwords feature
BCLOUD-1518 – Fix to lobby screen – disband on start no longer automatically selected
BCLOUD-3362 – Fix to serialization issue for cloud code version of LobbyService.GetLobbyInstances()
Plus miscellaneous fixes and performance enhancements…
brainCloud 4.13 has just dropped. Here’s what it contains…
Warning
Note – the implementation of GlobalEntity.IncrementGlobalEntityData() and Entity.IncrementUserEntityData() have changed – to properly enforce acl.other permissions. Be sure that your app isn’t improperly using those methods against entities with acl.other set to 0 or 1 – because those calls will now fail under 4.13!
Also creating unowned Group Entities via Group.CreateGroupEntity() or Group.SysCreateGroupEntity() with acl.member of 0 or 1 will no longer be overridden to 2 permission.
Contact support if you would like our team to reset any previously created entities for you.
App Minimum Password Standards
This feature allows developers to set minimum password requirements for the users of their apps.
The following requirements can be set:
minLength – <x> chars. Default 8
maxLength – <y> chars. Default is 25 (max is 128).
minDigits – <n>. Default 1
minUppercase – <n>. Default 1
minLowercase – <n>. Default 1
minSymbols – <n>. Default 1
Feature notes:
This feature affects users when setting new passwords. Existing passwords already associated with an account are not affected by this feature.
For symbol enforcement, the following characters are treated as symbols: ~!@#$%^&*_-+=`|(){}[]:;'<>,.?/
If enabled, these standards are automatically enforced by brainCloud when:
creating new accounts
using Email or Universal authentication
using following User service APIs (if a password is provided – generated passwords will not be verified):
SysCreateUserEmailPassword
SysCreateUserUniversalId
attaching new Email or Universal identities
updating passwords (via reset password and other mechanisms)
Attempting to create an account (or attach an identity) whose password does not meet the requirements will return the new INVALID_PASSWORD_CONTENT ( 550022) reason code.
{
"status_message": "Processing exception (message): Password should have minimum 1 uppercase character/s",
"reason_code": 550022
}
Temporary Leaderboards
Apps can now more easily create temporary leaderboards using the SysCreateLeaderboardConfig() call. A new field, expireInMins, has been added to the configuration object to control the lifetime of the leaderboard. Leaderboards set to expire will show an epoch timestamp the expiry field returned from SysGetLeaderboardConfig() and other methods. The system will automatically remove the leaderboard after the specified time has expired.
Technically the clean-up is done nightly, but those are just implementation details.
This provides a convenient method for creating temporary leaderboards, without having to implement a separate process to clean them up.
Note that this functionality is limited to ADHOC and NEVER rotation leaderboards (i.e. leaderboards that don’t rotate).
Resend Verification Emails
For apps with Reject Unverified Email Logins enabled (via the Design | Authentication | Email screen) — the system will now automatically resend the verification email to users when they re-attempt to login.
GameLift-based Relay Servers
We have extended our AWS GameLift integration to include support for Relay Servers.
For instructions on how to configure them, see this article.
Non-consumable IAP Product History
Non-consumable In-App-Purchases can be processed multiple times (unless the “Do not reprocess currencies for non-consumable IAP products in receipts” compatibility flag is enabled).
This can be triggered when an iOS user clicks [Restore Purchases] on an app. Doing so may cause the transaction to be moved from one brainCloud account to another… (for example – if the iOS user is using a different brainCloud account than when they originally made the purchase).
Note that this sort of activity could also theoretically happen if your app has been cracked and users are sending stolen (but valid) receipts into brainCloud.
We have enhanced the system to keep track of all users that have processed a non-consumable IAP item. The processing history can be viewed by clicking on the new View History menu option on the Monitoring | User Monitoring | Transactions screen.
Library Improvements
All client libraries have been updated to include the 4.13 API additions.
Note that some of the listed improvements were included in 4.12 patches previously.
C++
Upgraded WebSockets for RTT with embedded SSL certification
Reconnect() method returns a failure if previous connection information is not available
Improved build time in Objective-C
Improvements for Android Studio builds
Added response codes and API calls
Java
Added 502 & 504 response code conditions to retry requests.
Reconnect() method returns a failure if previous connection information is not available
Javascript
Reconnect() method returns a failure if previous connection information is not available
Unity
Compressed Responses and Requests are now turned on by default. This should be transparent to your app – but can be disabled by setting EnabledCompressedRequests(false) and EnableCompressedResponses(false).
Reconnect() method returns a failure if previous connection information is not available
Adding Mac OS support for getting country code while initializing the client
Now supports Unity up to 2021.3 LTS
Unreal lib
Plugin supports and ready to use in Unreal Engine 5
Fixes to engine heartbeat not working as intended (also in 4.12.2 patch)
Reconnect() method returns a failure if previous connection information is not available
Moved plugin to standalone release in GitHub for use as git submodule (Improved setup in GitHub?)
Fixed MacOS build error
Added check for failed connection callback
Miscellaneous Improvements
ACL Permissionsfixes
Fixes have been applied to several methods in Global, User and Group Entities.
Be sure to double-check the ACL permissions of you entity objects if you see issues with your app(s)
Custom Entityimprovements
New IncrementSingletonData() API call
Improved locking for Custom Entity Singletons
Deploymentimprovements
Improvements to the web and server components to prevent parallel deployment / import / restore processes
Optimizations to cache notifications to reduce the traffic across the api servers
Added a fail-safe refresh after deployment to ensure that all caches are updated properly
Dormant Userprocessing
Refactored dormant user deletion to add parallel processing (across datastream servers)
Global Files
Fixes to file versioning during deploys and imports (was also patched late in 4.12)
New portal function to manually edit a File’s version on the Design | Custom Config | Global Files page
Groups
The custom data section of Group objects are now indexed on an indexedId field (if it exists). Feel free to set that field, and do searches using it for quick lookups of groups via an alternate id.
Legacy Flagged Users API
We’ve added an API for controlling the users that that appear in the Portal’s flagged users list.
This is legacy system, and not super-scaleable – and thus we have named the methods as such.
Important: Apps are limited to 1000 flagged users max.
The API methods can be found in the GlobalApp service. ← due to the legacy of it’s implementation
Do NOT use these APIs for anything other than tagging users to make them easier to look-up in the portal.
Push Notifications
Improvements to performance of Push Notifications sent to all users of an app
S2S API
Significant improvements to S2S locking – prevents lock timeouts in certain situations
Steamintegration improvements
Steam purchase transaction ids are now prefixed by the appId of the brainCloud app processing them. This reduces situations where the ids may clash if the same Steam information is being used across both dev and production apps in brainCloud.
System now returns more useful information for failed SteamClient validations
Features for Private Licensees
Portal SSO
Improvements to handling of mixed-case email addresses for SSO-connected private deployments
Azure
Improvements to handling of long-lived Azure ServiceBus requests
Portal Changes
We’ve made the following portal changes:
Design Section
Authentication | Passwords
New Passwords screen allows apps to enforce minimum password standards
Cloud Code | API Hooks
Hooks are properly ordered by Service, then Operation in the main screen
Also, when selecting a script for a hook, the scrips are now sorted alphabetically by path
Cloud Code | Scripts
Quick Authenticate now ensures it chooses a platform that is enabled
Optimizations to the script editor – no longer retrieves all scripts when attempting to run the current script!
Custom Config | Global Files
You can now manually adjust the “version” of a file using by choosing Adjust Version from the Action menu.
Integrations | Blockchain
Added new Ultra App blockchain integration to be used by Ultra licensee apps to enable integration with Ultra’s blockchain services – including Uniqs.
Monitoring
Global Monitoring | Custom Entities
Custom Entity collections now displayed in alphabetical order
User Monitoring | Transactions
The processing history of a non-consumable transaction can now be viewed by choosing the View History option from the action menu. Note that the View History menu option will only be available for transactions that have history to view.
API Changes
The following changes/additions have affected the brainCloud API:
Blockchain
New GetUniqs() call added for retrieving Uniqs from the Ultra blockchain
Also new GetBlockchainItems() for other blockchain flavors
Bridge
New VerifySignedJwt() method added to the cloud code bridge to aid in implementing OpenId via External Authentication
Added GetSessionForValidatedCredential() method to the client bridge… (was only in the server bridge before)
Custom Entity Service
New IncrementSingletonData() API call
GlobalApp
New methods for controlling the users that appear in the Portal’s flagged users list. This is legacy system, and not super-scaleable – and thus we have named the methods as such. Do NOT use these APIs for anything other than tagging users to make them easier to look-up in the portal.
Important: Apps are limited to 1000 flagged users max.
The new methods are: SysAddLegacyFlaggedUser(), SysGetLegacyFlaggedUserData(), SysGetLegacyFlaggedUserDataList(), SysRemoveFromLegacyFlaggedUsers(), SysUpdateLegacyFlaggedUser()
Group Service
New cloud code only SysAddGroupMember() call adds the specified member to the group immediately (irregardless of the permissions of the current user)
Leaderboard Service
SysCreateLeaderboardConfig() and SysEditLeaderboardConfig() methods updated to access the new expireInMins field. Select methods like SysGetLeaderboardConfig() now return an expiry field with the calculated epoch expiry.
RTT
New RegisterBlockchainCallback() and DeregisterBlockchainCallback() methods enable registering for real-time blockchain changes
Script Service
Added new cloud code only SysCancelScheduledScriptIfExists() call which as the name implies, cancels a script if it exists – but more importantly, does not return an error if it does not!
Added new cloud code only SysCancelUserScriptBatchIfExists() to do the same for batch script processing
Miscellaneous Changes / Fixes
The following issues have been addressed in this release:
BCLOUD-1257 – Getting NPE When Paginating in the Server logs Page
BCLOUD-1728 – [Internal] The “Localize in” field stuck when user made a changes and click on Cancel button
BCLOUD-2050 – [Internal] Cloud Code – Scripts page, when user “Export All Scripts” and single “Export Script” in the TEAM | Audit Log shows duplicate entries for the exported
BCLOUD-2084 – JoinDivision and SysGetLeaderboardConfig responses to include timestamp division set instance leaderboard was created at
BCLOUD-2113 – Missing translation “Details for” on Monitoring | Global Monitoring | Redemption Codes page
BCLOUD-2114 – Missing translation “Error! Invalid search criteria. Please enter a minimum of 3 characters.” on User Monitoring | User Summary – Select User
BCLOUD-2115 – Missing translation “Code Info” on Monitoring | Global Monitoring | Redemption Codes page
BCLOUD-2191 – Cache ItemDef collection in app cache
BCLOUD-2260 – Support locking of singleton custom entities by ownerId
BCLOUD-2336 – Avoid SendGrid enabled checking (and logging warnings) for User service “create” APIs when notificationTemplateId input is empty string
BCLOUD-2347 – Issue handling Portal User Emails with mixed cases
BCLOUD-2349 – Return a 503 response status in the event of Memcached timeouts
BCLOUD-2351 – Reset password for email and universalId not trimming or lowercasing “externalId” input
BCLOUD-2352 – Custom Entity SysIncrementData and IncrementData APIs require Sharded versions for sharded custom collections
BCLOUD-2353 – [Internal] Nintendo is not in alphabetical order in Select User Identity list
BCLOUD-2375 – [Internal ] Unlock App dialog ignores changes to the application name
BCLOUD-2376 – Errors in prod-baas for IdentityService ATTACH with Google OpenID
BCLOUD-2396 – Super / Manage / Apps – Search filter is performing the query against the server on EVERY character that is typed.
BCLOUD-2433 – Audit logs missing for a number of update and delete Push Notification settings requests from Portal
BCLOUD-2488 – [Internal] Generate error/warning message when user saves a User Statistics Event without proper Actions
BCLOUD-2499 – Modify Steam IAP order id generation to incorporate app id
BCLOUD-2512 – We should have a way of re-sending end-user email verification emails?
BCLOUD-2525 – PATCH! Need IdentityService.getIdentityData() to be accessible from cloud code scripts!
BCLOUD-2528 – [Internal] Design | Cloud Data | Custom Entities, HTTP Status 500 error message pops up when user create “Migrate:true” entity type collection in portal
BCLOUD-2550 – [Internal ] While IOS platform disabled, the script Quick Authenticate throw exception error message “Processing exception (message): Platform IOS has not been enabled for this app”
BCLOUD-2558 – Legacy Portal – Cloud Code Scripts (remove usage of the “scripts-read” call).
BCLOUD-2601 – When Updating Existing Owned Entity(Custom Collection is Sharded) Incorrect Version is Getting Updated in API Response and Global Monitoring – Custom Entities Page
BCLOUD-2647 – API counts posted for scripts using relative reference to other scripts are failing
BCLOUD-2652 – Refactor purgeSoon User Purge processing to use Consumers
BCLOUD-2771 – Email Auth – Resend Verification
BCLOUD-2781 – Cloud code audit log improvements
BCLOUD-2785 – Add support for CustomEntity IncrementSingletonData API and locking on all “increment” APIs
BCLOUD-2786 – Change audit logs to differentiate “App user-enabled” activity for import/deploy versus “Updated app” (generic)
BCLOUD-2788 – Add new Group service SysAddGroupMember API
BCLOUD-2790 – Clicking a folder-based script execution entry from the API Usage page (under API Errors) is not redirecting to the correct location in the portal (API Errors).
BCLOUD-2791 – After a deployment, the system should set a timer for X seconds, and when it expires, trigger a refresh of the app
BCLOUD-2792 – [Internal] Not able to see newly created app in Admin Tools-Deployment drop-down menu of other app
BCLOUD-2815 – Change Deploys, Import Configuration and Restore to Checkpoint processing to clear new appCache via prefix rather than looping
BCLOUD-2821 – New special “indexedId” field in Group Data
BCLOUD-2861 – Cloud Code – API Explorer – Service script list should be sorted by path+scriptname
BCLOUD-2865 – [Internal ] Super | Manage | Teams page, previous Team Name is saving in delete dialog text field while attempting to delete different team
BCLOUD-2866 – [Internal] Design | Cloud Code | Scripts, when user export single script doesn’t logged in the Audit Log
BCLOUD-2873 – [Internal] Monitoring | User Monitoring | Groups, the ID links don’t use a hand cursor when user hover over to click on the ID links
BCLOUD-2877 – Legacy Portal: Item Management – Make select virtual currency mandatory before the user enters the $ amount
BCLOUD-2880 – User batch script with passed in profileIds list to skip null profileId
BCLOUD-2881 – Enable setting of expiry date to applicable Leaderboard APIs to create or edit leaderboard configs
BCLOUD-2885 – Nightly purge of leaderboard scores for old versions is including gameId in query (slow)
BCLOUD-2891 – Legacy Portal – Monitoring / Global Monitoring / Custom Entities – Apply alphabetical order to entity type list.
BCLOUD-2901 – Total Users value displayed for Super | Manage | Apps isn’t accurate
BCLOUD-2902 – [Internal] When user entering iTunes IAP Product ID no limitation and after 53 characters cutting off
BCLOUD-2904 – [Internal] When user entering Configure Platforms fields no limitation and after 56 characters cutting off
BCLOUD-2908 – Deployment / Import Configuration / Restore to Checkpoint safety measures required to prevent overlap
BCLOUD-2909 – Core App Info – Admin Tools – Deploy configuration button should be disabled when deployment is in progress
BCLOUD-2918 – Legacy Portal – API Key Name is Restricted to Numbers, letters and underscore (_) When Adding a New Key in Edit Profile | Permissions | API Keys Tab
BCLOUD-2921 – Internal – Unlock dialog will display APP ID twice after user selects Cancel on the unlock dialog
BCLOUD-2923 – [Internal ] Deploying to an app with incorrect app name does not show error, instead upon hovering over Deploy button ( active) shows red icon
BCLOUD-2948 – Unreal Engine Heartbeat Not Working As Intended
BCLOUD-2956 – [Internal] French Version – Selecting Group id and Group Name from drop-down menu cut off
BCLOUD-2996 – Legacy Portal – Scripts – API Usage should use new fields returned from the server instead of calculating the values itself.
BCLOUD-2998 – Legacy Portal – If passwords feature not enabled those password rules should not be displayed on the Reset Password page
BCLOUD-3000 – Legacy Portal – User Monitoring | Transactions, adjust the View Transaction to show both dataJson and history
BCLOUD-3002 – Set proper version on target files for deploy
BCLOUD-3029 – JSON Error App not found error generates when deploying to the same app multiple times
BCLOUD-3037 – New app-overridable brainCloud property to control audit logging of leaderboard configuration (create, edit) via Sys or post to dynamic APIs
BCLOUD-3040 – [Legacy] Desing | Gamification – Statistics Event ‘Add User Statistics Event’ pops up dialog has ‘Currencies’, ‘User Statistics’ and ‘Global Statistics’ options are enabled compared to XP Levels page
BCLOUD-3044 – Add some additional logging around 3rd party authentication
BCLOUD-3045 – Legacy Portal – Player Selector – Applicable options in search drop-down not working correctly when language is French.
BCLOUD-3051 – Do some pre-processing on Nintendo externalId
BCLOUD-3054 – [Legacy] Icon of Platforms ‘Oculus’ and ‘Apple watchOS’ are not shown in User Monitoring >User Summary Logged In From section
BCLOUD-3067 – GlobalEntity IncrementGlobalEntityData is not enforcing read-only for other users
BCLOUD-3081 – Entity service Increment User Entity Data APIs are not enforcing read-only for other users