# 13.20.0

{% hint style="info" %}
**Release date 18-03-2026**
{% endhint %}

## New Features

* **Configuration warnings for imported case definitions**

  When a case definition is imported into a new environment, it may reference configurations — such as a Zaken API plugin or Objecten API sync — that do not yet exist in that environment. Valtimo now detects these missing references during import and shows warnings to help administrators resolve them.

## Enhancements

* **Secure /users endpoint with access control**

  A new access control resource type has been added `com.ritense.valtimo.contract.authentication.User`.

  This resource type allows for controlling access to user data through the `/api/v1/users/` API. The supported actions are:

  * `view`: Allows viewing details of a single user.
  * `view_list`: Allows viewing a list of users or searching for users.

## Bugfixes

* Scoped Keycloak role lookups to the current client ID so that roles from other clients in the same realm are no longer included when resolving user identity and menu visibility.
* Fixed a bug where task auto-assignment ignored permission restrictions. When auto-assign was enabled, the case assignee was automatically assigned to tasks regardless of whether their permissions allowed it.
* Cleaned up unused code for task notifications, solving an error about `email_notification_settings_days` that appeared once a day.
* **Fixed error when viewing audit events for cases created before 13.15.0**

  Opening the progress tab for a case that was created on an older version could result in an error. A database migration now automatically corrects the stored audit data on startup.

  <div data-gb-custom-block data-tag="hint" data-style="warning" class="hint hint-warning"><p><strong>Performance note:</strong> This migration updates audit records that still use the old data format. On databases with a large number of audit records this can take a significant amount of time. If you prefer to run it during a maintenance window, you can execute the appropriate SQL below directly on your database <strong>before</strong> upgrading. The migration will then detect that no records need updating and complete instantly.</p></div>

  **PostgreSQL:**

  ```sql
  UPDATE audit_record
  SET audit_event = (
      jsonb_set(
          audit_event::jsonb #- '{definitionId,caseDefinitionId}',
          '{definitionId,blueprintId}',
          jsonb_build_object(
              'blueprintType', 'CASE',
              'blueprintKey', audit_event->'definitionId'->'caseDefinitionId'->>'key',
              'blueprintVersionTag', audit_event->'definitionId'->'caseDefinitionId'->>'versionTag'
          )
      )
  )::json
  WHERE audit_event::jsonb->'definitionId'->'caseDefinitionId' IS NOT NULL;
  ```

  **MySQL:**

  ```sql
  UPDATE audit_record
  SET audit_event = JSON_REMOVE(
      JSON_SET(
          audit_event,
          '$.definitionId.blueprintId',
          JSON_OBJECT(
              'blueprintType', 'CASE',
              'blueprintKey', JSON_UNQUOTE(JSON_EXTRACT(audit_event, '$.definitionId.caseDefinitionId.key')),
              'blueprintVersionTag', JSON_UNQUOTE(JSON_EXTRACT(audit_event, '$.definitionId.caseDefinitionId.versionTag'))
          )
      ),
      '$.definitionId.caseDefinitionId'
  )
  WHERE JSON_EXTRACT(audit_event, '$.definitionId.caseDefinitionId') IS NOT NULL;
  ```