INC-127981 · Issue 562998
Rulesets removed from direct invocation ability
Resolved in Pega Version 8.2.7
The following rules have been updated such that they are no longer available to be invoked directly by a client or service: Clipboard_ExecuteActivity, getClassInstances, getOperatorIDs, and GetXMLRuleData. In addition, pzAutoGenClipboard_ExecuteActivity will now require authentication.
SR-D79831 · Issue 562800
Access Deny working as expected for Offers
Resolved in Pega Version 8.2.7
It was possible to Save-As an offer in PegaMKT-Work-Offer after encountering an access deny rule. The record was not created in Dev Studio, however, and an expected denial of access was not registered at runtime. This was due to Access deny rules not being considered as a part of validation, and has been resolved by adding the necessary permission validation to the new harness that will produce the error message informing the user that they are missing a permission. Additional work has also been done to pass the 'pzKeepPageMessages' parameter as true so that page level error messages are correctly displayed.
SR-D87673 · Issue 548627
PegaCESvcsIntegrator security updated
Resolved in Pega Version 8.2.7
Security updates have been made which now require authentication to consume the services from the PegaCESvcsIntegrator package.
SR-D88451 · Issue 550848
Testcases are not available for 'access when' rules
Resolved in Pega Version 8.2.7
Attempting to create test cases for access when rules resulted in guardrail warnings about the need to create a test case. Because Test Cases are not available for the Access When rule type as per Pega expected behavior, the guardrail warnings are not valid and have been removed.
SR-D91834 · Issue 554424
Related cases of different types properly linked in Case Worker Portal
Resolved in Pega Version 8.2.7
After creating a case of type1 in the Case Worker portal, creating a case of type2 from the first case showed the case ID of the second case in the Related Work section as expected. However, after clicking on the link of the case ID of the second case from the related work section, the second case opened but the case ID of the first case was not shown in the Related work. The cases were correctly associated when the Case Manager portal was used instead. This was traced to the Case Worker clipboard continuing to hold the previous case ID thread, and has been resolved.
SR-D62754 · Issue 559848
PrepareResponse updated to explictly close Input Handler
Resolved in Pega Version 8.2.7
When using prpcServiceUtils to export a product in a Windows+Weblogic environment, attempting to export repeatedly using the same archiveName with the intention of overwriting the older product with the newer one in the ServiceExport directory failed with a FileNotFoundException. Investigation showed that the product file that was created by the pzExport REST call was not being released by the Weblogic File Handler process. Due to this, the next time the call was invoked the system tried to create the same file in the directory but failed due to the earlier File handle lock. To resolve this, the system has been updated to explicitly close the InputStream using try-with-resources.
SR-D78274 · Issue 544092
Handling added for dual privileges with MSSQL
Resolved in Pega Version 8.2.7
After setting up dual privileges, the Admin user was able to create a table but the base user received an "insufficient privileges" error. Investigation showed this was an issue when using MSSQL: the generated grant statements used the server login name as the user in the grant statement, instead of the database user. For all other databases, the username passed into the connection is the correct user to use for grants. Only MSSQL has a distinction between this connection user name (the login) and the database user, and since the login did not exist in the user table, the grant failed. To resolve this, when MSSQL is used, the system will fetch the underlying database user when determining the user for grant statement generation.
SR-D84190 · Issue 547173
Post-Import Migration Agent query optimized
Resolved in Pega Version 8.2.7
A Post-Import Migration agent belonging to the Pega-ImportExport Ruleset and set to run every 60 seconds by default triggered the SQL query "select ASTERISK from pegadata.pca_CWT_CXP_Work_Interaction" which ran for an excessive amount of time, caused a utilization spike, and then crashed the utility nodes. Investigation showed the excessive run time and load was caused by the query fetching a very large number of results. To better handle this scenario, the query usage has been updated.
SR-D84364 · Issue 551400
Check for circular references added to SearchInventoryImpl to prevent recursive call
Resolved in Pega Version 8.2.7
An out of memory error was traced to SearchInventoryImpl infinitely recursing over a clipboard property, where the child property referenced a parent property and resulted in an endless loop. This has been resolved with the addition of a depth check to ensure that the search does not recurse infinitely.
SR-D85100 · Issue 556260
ProductInfoReader updated to fetch only most recent version information
Resolved in Pega Version 8.2.7
After update, running Hfix scanner on Pega Marketing 8.2 displayed missed critical Hfixes for Pega Marketing 8.1. This has been resolved by modifying ProductInfoReader.runQuery to fetch only latest version of DAPF instances during a scan.