Resolved Issues and Bug Fixes
Read more about resolved issues and bug fixes in this release.
UI and UX
Read-only access to identity views on assignment policy
We have fixed an issue with the read-only state of the Identity view field in the Assignment policy data object form.
INC-290453
Missing translations of widget titles
We have enabled the translations of widget titles on dashboards where those translations were missing.
INC-286603
Performance issues
To reduce loading time and avoid session crashes, we have:
- improved performance when running Policy and risk checks in the new UI access approval flow,
- simplified the counting query to improve performance when updating the count of items in the menu.
INC-286918
Approving or rejecting requests with valid to set in the past
Due to an issue, it was impossible to approve or reject an access request that had the valid to in the past. We have now made it possible.
INC-289917
Export option not working under access approvals
The export option has been removed from the Approvals page, as exporting is available for the List views only.
INC-290584
Error message when using the assignment explorer
We have fixed an issue where the assignment explorer in the old UI would not open if references attribute values had identical names.
INC-290125, INC-289040, INC-290153
Access Request
Request cancellation notification
We have fixed an issue with request cancellation notifications by adding a new template with actual values and removing the empty ones.
Role and Policy Engine
Permission compliance status set wrongly to Explicitly approved with Parent review
There was a bug related to the ReviewOK reason: the child resources were inheriting the ReviewOK reason from the parent, which was causing the compliance status to be set to Explicitly approved instead of Implicitly approved. Now, this wrong behavior has been fixed, and children do not inherit the ReviewOK reason from parents anymore.
INC-285597
MultiValue resource-driven attribute failing
There was an issue where the RoPE AttributeValueResolver extension ignored the MultiValue attribute if there were spaces between the values in the extraInfo. We now support the syntax with a space after the semicolon: Type:ReferencePath; MultiValue:True.
For details, see the following table in RoPE standard extensions:
INC-291382
Failing RoPE calculations
There were issues with failing RoPE calculations. They have now been resolved: deleting old Calculation Queue, Cycle Run, and Object Event items is now done in batches of 1000 to avoid timeouts and prevent excessive locking of the tables.
INC-290898
Enterprise Server
Error executing webservice – System Owners
We have fixed an error with executing the web service which occurred in the System Overview when selecting the System Owners.
INC-290074
Empty date in copy rules blocking access to all copy rules
We have fixed the displaying of copy rules with empty copy values and added validation before saving the data in the copy rule fields.
INC-287321
Event definitions failing to trigger object creation
There were issues with event definitions on object creation that sometimes was not triggered correctly. We have now fixed it.
INC-291739, INC-291282
Access modifiers and property security
We have enhanced the security measures in the access modifiers listed below, preventing the Property security configuration from being overwritten. This way, we avoid the disclosure of property values for properties that are protected by the Property security (which could only happen if the user had read access to the object under the business rules of the access modifier).
In the default configuration, the following Data Object Types have an access modifier set on the type definition:
- Access requests
- Activities
- Application onboardings
- Context assignment requests
- Context assignments
- Data update requests
- Delegations
- Evaluate identity violations
- Identities
- Onboarding contractors
- Onboarding employees
- Password reset enrollments
- Processes
- Provisioning tasks
- Resource assignments
- Resource folders
- Resources
- Survey templates
- Surveys
- Systems
The following access modifiers have been updated:
ActivityAccessModifierFullReadAccessModifierProcessAccessModifierProcessTargetAccessModifierCalculatedRolesAccessModifierContextAssignmentsAccessModifierContextIdentitiesAccessModifierContextObjectsAccessModifierDuplicateRoleAssignmentsAccessModifierIdentitiesAccessModifierIdentityContextsAccessModifierIdentityRequestableRolesAccessModifierIrrelevantRoleAssignmentsAccessModifierManagedIdentitiesAccessModifierManagedOrOwnedObjectsAccessModifierMyContextsAccessModifierMyDelegationsAccessModifierMySurveysAccessModifierObjectsWithIdentityPropertyMatchOrgUnitsAccessModifierOwnedContextsAccessModifierOwnedRolesAccessModifierOwnedSystemsAccessModifierPasswordResetAccessModifierResourceFoldersAccessModifierResourcesAccessModifierRoleAssignmentsAccessModifierSecondaryIdentitiesAccessModifierSystemRolesAccessModifierSystemRoleSelectionAccessModifier
Connectors
JWT sends empty fields resulting in invalid requests for some APIs
The REST OPS connector sent all standard headers and claims in the JWT token, even if they were empty. It was changed to contain non-empty headers and claims only.
OAuth2 Client Credentials certificate not recognized by ADP system
The Include certificate option in the REST connectivity was not respected for the authentication requests (when OAuth2 authentication was used). This has been fixed.
INC-290669