INC-176158 · Issue 664348
Max number of rows setting properly honored
Resolved in Pega Version 8.7
The setting for the maximum number of rows to retrieve was still used in a report definition even when it was disabled. This was traced to the report definition being sourced from a data page and having pagination enabled, and has been resolved by updating the handling for this use case.
INC-157957 · Issue 624208
Autocomplete correctly sets null values in clipboard
Resolved in Pega Version 8.5.3
When using an autocomplete control with display configuration "In a List", if a property value was null then the value of the property in the clipboard was set as �undefined�. This was due to the pzGetACData activity returning only properties with values and excluding empty properties, causing setProperty to use "undefined" when a property value was not found in the response. To resolve this, a condition has been added to the processAdditionalProperties method to replace an undefined value with an empty string.
SR-D32972 · Issue 513488
HTML entity handling added to URLObfuscation
Resolved in Pega Version 8.2.5
When URLObfuscation was enabled through the configuration settings, clicking on Operator -> Profile page generated an ArrayIndexOutOfBoundException. When obfuscation is used the decrypted string is parsed and the request map is populated, but HTML entities were not considered during this process. To resolve this, handling has been added for HTML entities and characters during obfuscation. Please note: URL Obfuscation is a legacy feature with many known limitations and it is no longer recommended that these settings be used.
INC-170514 · Issue 653762
Lock conflict resolved for AssignmentCheck
Resolved in Pega Version 8.7
The error "Unable to unlock this work object" sporadically appeared in both the runtime log and Pega RULES log when the robot was trying to create a case in Pega using an API call. Investigation showed that as the case was created, it was pulled by another robot (another requestor) which was using the GetAssignments API. This caused the perform assignment check to fail. To resolve this, a 'when' rule has been added to the performAssignmentCheck Activity.
INC-187350 · Issue 703198
UUID added to iOS direct photo upload to differentiate filename
Resolved in Pega Version 8.6.4
When "Content Storage" with the option "Store in repository" was enabled on the "Integration" tab in the Application definition, it was not possible to add more that two attachments to a case with an iPhone when directly capturing a photo through the camera app instead of uploading the photo as an attachment using the gallery. When using the default "Store in Pega database", the additional photos could be uploaded directly from an iOS camera without any errors. Investigation showed that when "Store in repository" was enabled, a file name conflict check was done in the repository. Because the iOS camera app saves/uploads every image as "image.jpg", this caused the error when checking for a filename conflict in the repository. This has been resolved by adding code to append a UUID to the attachname when the device is mobile and browser is Apple Safari.
INC-156588 · Issue 621967
File Listener creates pegaAPI reference for indirect reference
Resolved in Pega Version 8.5.3
When using a constant for the source location of a file, the listener had no problems starting but a severe guardrail warning appeared indicating "Source location should use D_pxGetApplicationSettingValue instead of a constant value". When the source location was changed to point to a data page as suggested, the file listener would not start. This was traced to a null pointer exception caused by the listener running on a thread that did have a reference to publicAPI as required to get the indirect reference to the property, and has been resolved by adding code to create pegaAPI (if not present) when an indirect reference is present.
INC-193561 · Issue 680427
Client secret made optional for JWT Bearer Grant type
Resolved in Pega Version 8.7
After update, trying to connect a REST API using OpenAM as the provider for OAuth and using JWT Bearer as Grant type was resulting in an error indicating the request was not reaching the destination. This was traced to the client secret being designated a mandatory field when it should be optional in this case as the required key store was already configured with a JWT token profile. To resolve this, an update has been made which will make the client secret optional when the authentication scheme is JWT Bearer. In addition, the blank value caused a null pointer error when the client secret was not passed. This has been handled with a check.
INC-177665 · Issue 662020
Security updated to allow Access group switching
Resolved in Pega Version 8.7
When a member of two different access groups attempted to switch from one group to another, an "access denied" message occurred. This was traced to the use of BAC, and has been resolved by updating the pzProcessApplicationSwitch activity to use the pzEncryptURLActionString function to register the request.
INC-186868 · Issue 675245
Security updated to allow Access group switching
Resolved in Pega Version 8.7
When a member of two different access groups attempted to switch from one group to another, an "access denied" message occurred. This was traced to the use of BAC, and has been resolved by updating the pzProcessApplicationSwitch activity to use the pzEncryptURLActionString function to register the request.
INC-176205 · Issue 655938
Secure shared link generation added to scheduled reports
Resolved in Pega Version 8.7
When a scheduled report with a link was sent in email, clicking the link displayed an access denied message. To support this use, logic has been added to pytaskoutputprocessor in the pega-scheduledtask-reporting and pega-scheduledtask classes that will create a secure encrypted URL using the PublicLinkURL function.