...
CoreOne Authentication Services
Features
Log messages have been improved
Bugfixes
The feedback message for was missing if a black listed password was not indicative enough, the message has been improved.
CoreOne Application Services
Bug fixes
password is on the black list
CoreOne Application Services
Features
New API endpoint: Get-user-rights-log. This new endpoint can help in diagnosing problems with user permission as it retrieves all the rights of a user and groups them by roles. Documentation can be found here: User rights API-Endpoint
New security role:
CoreOne Suite Personal Data. This role gives you access to view and edit your own core identity. Together with theCoreOne Suite Basic Accessrole, you can use this to give a user access to the Self-Service Portal to edit his own personal data.
Bug fixes
Potential breaking change: A bug was fixed which allowed you to edit your core identity even if you didn’t explicitly had those rights. Please check on existing systems if this fix restricts the ability to edit your own core identity on the Self-Service Portal. In this case you need to add the
CoreOne Suite Personal Datarole (see Features above)Some legacy oData API methods like
Users/GetByDisplayNameand/SimpleUsers/GetUsersByRoleClaimNames(roleClaimNames=['82af670e5d254a4b891e0ecda552d3b3'])did no longer work properly.The
UserDeleteAccountRequestedevent did not trigger the mail notification correctly.Nested role assignments where not persisted correctly if the same role was inherited over multiple paths. This only occurred in complex role nesting. This will lead to the creation of missing nested role assignments after the update. Note: The resulting roles and resources where were always correct, only some of the alternative nested roles assignments where were missing.
CoreOne System Connectors
...
The
superiorfield in the WIKO connector was not handled correctly, this has been fixed.
CoreOne Workflow Engine
Bug fixes
The workflow activity “ConvertObjectToXml” now returns datetimes in the ISO 8601 format