INC-190876 · Issue 680191
Handling added for corrupted direct index
Resolved in Pega Version 8.7
A corrupted dedicated index was causing a null pointer error. Handling for this has been added by way of an additional condition check for an improper direct index with no fields in the metainfoindex document, along with a filter to check if the category is null.
INC-192582 · Issue 682390
Drilldown report opening made consistent
Resolved in Pega Version 8.7
After launching the user portal for a hybrid app on the system and going to Reports --> Case Volume report, drilling down in the report and clicking on an entry opened it in a new tab, but going to Actions --> Refresh and performing the same action opened it in the same tab. This has been resolved by refreshing the entire pzReportDisplay section to retrigger the JS found in pzRDWinTitle which replaces the drilldown functions.
INC-192769 · Issue 683001
Removed incorrect role from accessible filter logic
Resolved in Pega Version 8.7
When using JAWS, tabbing out from Close(X) and setting focus on the "filter by" section resulted in JAWS reading out "use arrows to move". This was not an available action, and has been resolved by removing role="listitem" from the RRFilters_logic.
INC-195827 · Issue 687211
Accessibility improved for filter pop-up buttons
Resolved in Pega Version 8.7
JAWS was not reading the buttons on the filters pop-up for a report in report browser. This has been resolved by adding helper text for the cancel button of pzReportConfigApplyCancel and for the Search icon of the pzAvailableValues.
INC-197610 · Issue 688003
Dataflow with report definition source repaired
Resolved in Pega Version 8.7
After update, data flows using a report definition dataset as source were throwing a null pointer exception. This was traced to previous work done around retry handling for Oracle queries where there were issues identifying the correct column types; that previous work has been reverted to resolve this null pointer exception, and further work will be done to refine the solution to the Oracle CLOB DatabaseException.
INC-197953 · Issue 686254
Execution class parameter handling updated for scheduled reports
Resolved in Pega Version 8.7
The schedule was picking the wrong class to execute a report, choosing the report top class/current application class instead of the expected shortcut class mentioned in the report class of the schedule. This has been resolved by updating the parameter handling in the pzRunScheduleShortcut activity.
INC-157095 · Issue 638808
Enhancement added for tenant-level authentication
Resolved in Pega Version 8.7
In a multi-tenant PDC with a few tenants that utilize their own custom SSO, a pre-authentication activity inside a tenant that should block community access was also affecting tenants that did not have that pre-auth activity set. This was a missed use case and has been resolved by adding a tenantId hash in SchemePRAuth.makeUniqueSchemeName() to create the authServiceName.
INC-162434 · Issue 640051
LookUpList correctly executes during SSO login with model operator
Resolved in Pega Version 8.7
After configuring SSO to create operators on fly using a model operator, a new user logging in for the very first time had their operator ID created using the model operator, but after upgrade new users logging in to the system received the error "Only authenticated client may start this activity: RULE-OBJ-ACTIVITY @BASECLASS LOOKUPLIST". This was due to the methods used for additional security on the activity @baseclass LookUpList which allows it to only be run by authenticated users, and has been resolved.
INC-163201 · Issue 646910
BrowserFingerprint updated
Resolved in Pega Version 8.7
Security improvements have been added to the browser fingerprint process.
INC-163914 · Issue 668846
Improved Agile Studio passivation recovery
Resolved in Pega Version 8.7
When an Agile Studio session was passivated, the error "SECU0008 : CSRF Detected and Blocked" was seen. Reactivating the session resulted in a blank page. This was traced to the clearing of requestor level registrations added for that particular thread, and has been resolved by adding a new flag to identify if a thread is passivated along with the necessary structure for the conditionalized clearing of requestor level registrations based on this flag.