SR-B30485 · Issue 287734
Tenant ID check added to Ruleset Wizard for MT
Resolved in Pega Version 7.3
Attempting to deleting a ruleset in a multi-tenant environment using the Ruleset Wizard resulted in the error message 'Getting records from the database' and the application would hang. This was due to a missing tenant ID in the SQL statement, and a check has been added to the query generation to ensure the prepared values for "pzTenantID" are included.
SR-B30713 · Issue 296998
New activity pyCustomValidator added to pzValidateCustomFilterSection
Resolved in Pega Version 7.3
When a report definition enables "Prompt for filter changes before displaying report", and the report specifies a custom filter section, the harness that displays the custom filter section (pzRRDisplayCustomFilterSection) is Final and was not available to validate the fields in the custom filter section. To enable this use, a new available activity "pyCustomValidator" has been added and can be called from pzValidateCustomFilterSection.
SR-B30747 · Issue 297009
XSS filtering added to report browser CategoryDescription
Resolved in Pega Version 7.3
The list of categories on the right in the report browser allowed some HTML tags to be applied when added to the label. XSS filters have been applied to the CategoryDescription labels to improve security.
SR-B30822 · Issue 289826
SignatureDate populated correctly
Resolved in Pega Version 7.3
The out-of-the-box signature control was passing the current date to the signature date field rather than the date parameter given. This has been fixed.
SR-B30914 · Issue 290290
PurgeExtraRecents logging changed from error to info
Resolved in Pega Version 7.3
In order to support increasing the number of recent items to display to more than 30, the existing logging function in System-User-Recents!pzPurgeExtraRecents activity has been changed from error mode to info mode so the logging can be disabled if desired.
SR-B30935 · Issue 289403
CMIS files stored according to application config
Resolved in Pega Version 7.3
Files uploaded to the CMIS repository were being stored in the "Root" Folder of the repository rather than the folder selected in the Application configuration. This was unexpected behavior caused by an implementation error, and has been corrected. The setFolderID in CMISConnector has been refactored in order to stop dropping the Folder ID in the request unless the Folder with that ID cannot be found. The name will be used if the folder ID is not found, and the root folder will only be used as the last resort.
SR-B30962 · Issue 291933
SaveOperatorUnavailability error message made generic
Resolved in Pega Version 7.3
Data-Admin-Operator-ID.SaveOperatorUnavailability generates the error message ("You are not authorized to create, modify, or lock operator instance "+myStepPage.getString("pyUserIdentifier")); if the request is not sent with the proper privileges. In order to obscure what the privileges are from potentially malicious use, this message has been made more general with the text "You are not authorized for this operation".
SR-B31094 · Issue 288810
Removed uppercase shift from GetColumnInfo and ValidateDBTable
Resolved in Pega Version 7.3
The Connector wizard was failing against external Sybase DBs due to the schema name being sent uppercase. This has been resolved by updating the activities GetColumnInfo and ValidateDBTable to remove the code that converts the names to uppercase.
SR-B31210 · Issue 290303
Draft mode defaults to off for SaveAs in Screen flows
Resolved in Pega Version 7.3
After upgrade, the behavior of Save as for Screen flows changed from defaulting from draft mode being off to draft mode being on. This was a missed use case, and has been fixed with a check in the Validate Rule-Obj-Flow activity that will not set defaultOn to true if the operation is SaveAs.
SR-B31303 · Issue 288518
Revision management GET logic revised
Resolved in Pega Version 7.3
When the revision manager creates a new revision, the second step is to add rules (strategies/data transforms etc.) into that revision so that a strategy designer can work on that. However, it was found that if one of the HTTP requests was of GET method, selecting the rules and hitting 'submit' constructed an oversized URL which listed all the rules listed on the Revision page and the browser would hang due to the GET exceeding the character limit. To avoid this, the logic used to create the post body has been modified to creating avoid long parameter values.