beqom v10 HF167 - Release notes
This article lists the new features that have been added to the platform, as well as the bugs that have been corrected in this release.
Deployment date: May 29th, 2024
Fix version: v10 - HF 167.11 - DB 10.0.936
| Type | Issue key | Description | |
|---|---|---|---|
| Zendesk | Jira | ||
| BQM-24047 | Error in Content Security Policy if Pay Equity URL Parameter is Empty The following issue was reported in the beqom v10 application: in the beqom Admin Portal, if the Pay Equity URL field in > Technical Admin > Settings Management was empty or if the URL was incorrectly configured, the Content Security Policy (CSP) used in the application unexpectedly returned an error which was causing the application to crash. The issue has been corrected and now the Content Security Policy always handle the cases when the Pay Equity URL field is empty or misconfigured and disruptions are no longer experienced. | ||
| BQM-24072 | Admin Portal: Unexpected Situation Plan Call when Loading Manager Report in Process Grids In the Admin Portal, when working in a process grid in which a payee was configured with a manager report and a situation plan, if the user opened the report and refreshed the grid, it was reported that a unnecessary call to the situation plan was made which could cause performance issue. The issue has been fixed by removing the situation check call when a manager report is loaded in the application. | ||
| BQM-24079 | Admin Portal: Cannot Open Manager Reports in Process Grids When working in the beqom Admin Portal, if a user accessed a process grid and selected a payee to which a manager report was attached, when he opened the report the application returned the error "Invalid parameters". The manager report display issue was linked to the improvement performed on the process security token and linked to a misconfiguration of the javascript code to pass the token. The issue has been corrected by adjusting the security token calls and now users can normally access manager reports in the beqom Admin Portal. | ||
| 103971 | Web App: Unauthorized Data Accessible via idPayee Modification in SSRS Report URL The following security issue was reported in the beqom v10: when a user with the correct permissions granted to his profile accessed a process grid and opened a SSRS report, if he copied and pasted the URL of the application to another Web Browser tab, he was able to access unauthorized data by modifying the idPayee directly from the URL. This security issue has been corrected and now when the application loads SSRS reports, a separate security token (payeeToken) is created and prevent payees to access unauthorized data. | ||
| BQM-23980/BQM-24036 Back-End: Update Redis URL Configuration on Local Environment In order to simplify the development team operations and prevent manual configuration, the local environment on which development tasks are performed is now always configured to the local Redis docker container. The release of this ticket has no direct impact on end-users of the application but aims at improving the development processes by restoring the Redis configuration on RN.Service and RN.WebUI. | |||
| In this Release Note | |||