INC-156797 · Issue 618991
Property check handling updated for Ajax requestor
Resolved in Pega Version 8.6
SECU0001 alerts were seen when submitting a case in the interaction portal. Logging indicated the errors were related to the 'pxRequestor.pyLatitude' and 'pxRequestor.pyLongitude' properties which are included in an Ajax request when they exist in the DOM and the 'pyGeolocationTrackingIsEnabled' when rule is true. The error was traced to a condition where a new thread request results in an unexpected property check that encounters a clipboard which doesn't have any pages created for that thread. To resolve this, the 'pxRequestor.pyLatitude' and 'pxRequestor.pyLongitude' properties have been added to an allow list to handle the unexpected properties check.
INC-158489 · Issue 623452
Captcha control updated to support ClientValidation
Resolved in Pega Version 8.6
The required checkbox for the pzCaptcha control was not working when using a custom configuration, allowing a case to be submitted with a blank captcha even when the required parameter was selected on control. This was traced to a required parameter not being correctly populated to the pzCaptcha control, and has been resolved by adding ClientValidation into the pzCaptcha control so that if a required parameter is selected on the control it will be applied during case execution.
INC-160024 · Issue 625831
Deprecated authentication methods removed
Resolved in Pega Version 8.6
After upgrade, attempting to trigger the Pega hosted API externally through Post Man resulted in the exception "The method getAuthenticationService() is undefined for the type OAuth2AccessTokenValidation". This was traced to the use of references to the methods getAuthenticationService() and getAuthenticationServiceType(), which are not in use from v8.5 onwards in pzOAuth2AuthenticationActivity and have now been removed. For OAuth2 authentication, the service package should use authentication type as OAuth2; the system will then take care of validating the token and establishing the operator context.
INC-161660 · Issue 633032
Authorization token handling and cleanup improved
Resolved in Pega Version 8.6
When using a mobile app configured with default authentication, clicking on the "Trouble logging in?" link opened a new window and displayed the message "please contact your system administrator" along with the error "Only authenticated client may start this activity: RULE-OBJ-ACTIVITY CODE-SECURITY PZGETAUTHORIZATIONCODE". This has been resolved. In addition, the OAuth token generation and handling has been improved, and the purge agent has been updated to accept a DSS setting for the max number of expired records to purge each time it is run. The default value is 5000.
SR-SR-D79737 · Issue 602304
Improvements for Report Definition OperatorID filtering
Resolved in Pega Version 8.6
Report Definition filters were not working as expected when data from the OperatorID page was used and authentication was enabled. This was traced to the OperatorID page not being correctly populated. To resolve this, the authentication logic has been modified to always create the OperatorID page at requestor level, and the HTTP API layer has been updated to remove the thread level OperatorID page if exists. In addition, an enhancement has been added for improved debugging on log appenders provided by log4j which allows log filtering based on the requestor and thread for a given appender at a specific log level.
SR-D47018 · Issue 517032
Corrected parameter being encrypted during change portal configuration
Resolved in Pega Version 8.2.5
After configuring a changePortalLayout control using .pyDescription as property, trying to switch the portal was throwing a error page. The same configuration worked in earlier platform versions. This was traced to recent updates where the activity parameter ended up being encrypted along with the activity name, and has been resolved by removing the parameter from encryption input and adding it to encryption output.
SR-D5904 · Issue 511600
Discard changes dialog now showing for local actions
Resolved in Pega Version 8.2.5
After having modified case data without saving and clicking on a menu entry (left menu, search, ...), the system shows a dialog box to ask the user to confirm it is ok to discard changes. However, this confirmation dialog did not work with local actions, leading users to lose their work without any warning nor any way to step back. This was traced to a difference in the dirty form check, which was not present when launching a local action from a case. An enhancement has now been added to the handleMenuAction js function in pypega_ui_harnessactions.js which will perform a dirty form check with a prompt.
INC-
196961 · Issue 693473
Iteration method updated for SetRequiredSkillsCountColumn
Resolved in Pega Version 8.7.1
After update, database utilization spiked and did not drop. Investigation traced this to the use of Local.totalCount in pzSetRequiredSkillsCountColumn, which caused the iteration loop to run more times than necessary. This has been resolved by replacing Local.totalCount with Local.iterationsCount in the iteration.
INC-184040 · Issue 688256
Improved accessibility for Disclosable Documents/attach files/auto selection dropdowns
Resolved in Pega Version 8.7.1
When using Dragon for accessibility, issues were seen when trying to select different options in the dropdowns related to attaching multiple files. This was caused by the legacy grids being used not supporting this type of accessibility functionality, and has been resolved by updating pzAttachFileDDFileList to use an optimized table instead.
INC-186036 · Issue 685370
Field Level Audit updated to handle hierarchical properties
Resolved in Pega Version 8.7.1
Field Audit was not working for the first change of the data selected/provided for a field. The audit was only reflected after the second change was made. When the property involved a series of hierarchies, for example pageprop.pagelist(1).pageprop, the FLA objects will initially use deferred saves and the generated pzinskeys will be added to a savedFLAMap object. However, when the last pageprop was not eligible to save, all the deferred saves of earlier records were cancelled but the inskeys were not removed from the savedFLAMap object. Because of this, the parent FLA records were assumed to have been saved already when those saves were actually deferred. This was a missed use case for hierarchical properties, and has been resolved by adding an update to remove the inskeys from the savedFLAMap object so that in the subsequent property change the audit's FLA records for the parent properties (pageprop.pagelist(1)) will be saved again.