SR-D54984 · Issue 529208
Resolved ruleset save issue for Google Chrome/IE
Resolved in Pega Version 8.1.8
When using particular versions of Google Chrome or IE, the intermittent error "pyComponentInterfaceClass: <user> does not exist or is not a valid entry for this ruleset and its prerequisites" appeared when attempting to validate an application, and the ruleset could not be saved. This was traced to changes made in the browser around password handling, and has been resolved by explicitly clearing out the pyComponentInterfaceClass if that value is not in use.
SR-D70447 · Issue 533598
SQL injection protection added to Circumstanced Search
Resolved in Pega Version 8.1.8
Parameters used by the PegaAccel-Task-CircumstanceSearch.pzGetCircumstancePropValues activity are now encoded to prevent SQL injection attacks.
SR-D72672 · Issue 536387
Security updated for CreateOperator
Resolved in Pega Version 8.1.8
In order to improve security, CreateOperator in Pega-ProCom will require authentication to run with pxCanManageUsers privilege.
SR-D75469 · Issue 538120
Resolved null-pointer exception in Expression Builder launch from activity rule
Resolved in Pega Version 8.1.8
A NullPointerException occurred in SafeURL when trying to launch the Expression Builder from an activity rule. This was trasced to a failure to get a value property in a target field due to the target element and its parent element containing the same value for name attribute. This caused the parent element to be considered instead of the target element. To resolve this, the search for the target element in parent tag will use '$p' along with 'target element name' in query selector.
SR-D87673 · Issue 548628
PegaCESvcsIntegrator security updated
Resolved in Pega Version 8.1.8
Security updates have been made which now require authentication to consume the services from the PegaCESvcsIntegrator package.
SR-D71408 · Issue 534932
DIrty check flag triggered by adding columns and filters
Resolved in Pega Version 8.1.8
If a report was edited and closed without saving, the dirty check worked as expected. However, if new columns or filters were added and the report closed without saving, the dirty check did not appear. This has been resolved by updating the check logic.
SR-D53176 · Issue 541793
Error when adding function filter will persist
Resolved in Pega Version 8.1.8
When an exception occurred while adding a filter in the report viewer, the error was shown but cleared due to an immediate refresh of the parent section. Analysis found that step2 of pzGetFiltersFromContent was failing, after which the error was shown, the section reload happened, and the error disappeared. To resolve the error being cleared prematurely, the pzOnLoadReloadReport control has been modified so that when there are messages on the top level page (pyReportContentPage), a parameter will be set on HarnessContextMgr to not to clear them during the next refresh call.
SR-D76204 · Issue 543591
Index conflict resolution logic updated
Resolved in Pega Version 8.1.8
After configuring a dedicated index on delivered Class - PegaCA-Interface-Contact, trying to generate the index resulted in an error indicating a type conflict in delivered classes/properties. This has been resolved by updating the conflict resolution logic.
INC-127981 · Issue 562998
Rulesets removed from direct invocation ability
Resolved in Pega Version 8.2.7
The following rules have been updated such that they are no longer available to be invoked directly by a client or service: Clipboard_ExecuteActivity, getClassInstances, getOperatorIDs, and GetXMLRuleData. In addition, pzAutoGenClipboard_ExecuteActivity will now require authentication.
SR-D79831 · Issue 562800
Access Deny working as expected for Offers
Resolved in Pega Version 8.2.7
It was possible to Save-As an offer in PegaMKT-Work-Offer after encountering an access deny rule. The record was not created in Dev Studio, however, and an expected denial of access was not registered at runtime. This was due to Access deny rules not being considered as a part of validation, and has been resolved by adding the necessary permission validation to the new harness that will produce the error message informing the user that they are missing a permission. Additional work has also been done to pass the 'pzKeepPageMessages' parameter as true so that page level error messages are correctly displayed.