SR-B35942 · Issue 295191
Grid filter column localization fixed
Resolved in Pega Version 7.3.1
The repeating grid's column filter was not displaying the localized pyStatusLabel value. This has been fixed.
SR-B15685 · Issue 317888
Mobile autocomplete dropdown selections fixed
Resolved in Pega Version 7.3.1
When the 'Enable lightweight autocomplete on phone' and 'Allow scrolling for more results' were enabled, the incorrect data was selected (e.g., using the autocomplete to select "John" from the list instead displayed "Mark"). This was due to a logic issue around the scroll feature for mobile list based autocomplete, and has been fixed.
SR-B71308 · Issue 319409
Paragraphs load as expected in offline app
Resolved in Pega Version 7.3.1
After upgrade, paragraph rules were not displaying as expected in the offline mobile app. Instead, the message 'Loading...' appeared in their place. This was traced to the records being returned correctly but not being properly packaged for display due to an error in the report definition. To correct this, a step has been added to the pzPackageLocalization activity to clear parameters which may mislead report execution.
SR-B71308 · Issue 320806
Paragraphs load as expected in offline app
Resolved in Pega Version 7.3.1
After upgrade, paragraph rules were not displaying as expected in the offline mobile app. Instead, the message 'Loading...' appeared in their place. This was traced to the records being returned correctly but not being properly packaged for display due to an error in the report definition. To correct this, a step has been added to the pzPackageLocalization activity to clear parameters which may mislead report execution.
SR-B66996 · Issue 312205
Access control policy logic added for non-work/data/assign classes
Resolved in Pega Version 7.3.1
As part of ABAC (Attribute-based access control) restrictions, if a class property was of type PageList, security had to be created in the PageList property class type. However, if the pagelist was of type "Embed-" class then it was not possible to create security policy due to the inability to apply property masking for page list properties of that class. To resolve this, property masking implementation logic has been added to support page list properties of non-work/data/assign classes for access control policies.
SR-B66996 · Issue 315524
Access control policy logic added for non-work/data/assign classes
Resolved in Pega Version 7.3.1
As part of ABAC (Attribute-based access control) restrictions, if a class property was of type PageList, security had to be created in the PageList property class type. However, if the pagelist was of type "Embed-" class then it was not possible to create security policy due to the inability to apply property masking for page list properties of that class. To resolve this, property masking implementation logic has been added to support page list properties of non-work/data/assign classes for access control policies.
SR-B55119 · Issue 312817
Handling added for absent property in Access When
Resolved in Pega Version 7.3.1
Configuring Access Control Policy to automatically restrict access to certain records by including an Access When rule to compare a custom property (.Consultant) on the OperatorID (Data-Admin-Operator-ID) page generated an exception if that property did not actually exist on the current operator. This has been resolved by revising the security policy engine to handle the exception.
SR-B71077 · Issue 323027
IDP Encrypted connections working on SAML
Resolved in Pega Version 7.3.1
IDP initiated SAML 2.0 was not working, and generated the error "Unable to process the SAML WebSSO request : Missing Relaystate information in IDP Response". Authentication worked fine with unencrypted SAML token. This schema validation failure happened because encrypted attributes were previously being ignored by Pega due to an issue in the underlying openSAML library. To resolve this, a custom PegaSAMLValidator has been inserted to validate the assertion and honor encrypted attributes.
SR-B56328 · Issue 312168
RARO rules more secure against deletion
Resolved in Pega Version 7.3.1
In order to make RARO rules more secure, the system has been updated such that Class Permissions can't be deleted from the role unless the operator has permission and is operating in a valid context (unlocked ruleset). This has been done by revising the Role rule form to disable the delete button when RARO/RADO is in a locked ruleset.
SR-B57046 · Issue 314358
Parameters removed from on-screen error messages to protect sensitive data
Resolved in Pega Version 7.3.1
It was discovered that sensitive information such as account numbers used as parameters were being displayed in exception error messages displayed on the screen. Including the parameters as part of the error is intended to aid in debugging the problem, but these parameters do not need to be displayed in the UI. In order to protect potentially sensitive data, parameter values have been removed from the exception message. When the DeclarativePageDirectoryImpl logger is enabled, the parameters will be entered into the Pega log files and not shown on screen.