I created a child classification in the Space Class Current classification. In TRIRIGA, I am able to filter the selection to just this child classification via the filter in Report Manager. However, for my CAD Integrator users, it seems to be pulling the entire Space Class Current classification. Is it possible to limit that list in CAD Integrator?
Okay, I figured it out. In CAD Mapping, there is a Report Filter that is referencing a query called “triSpaceClassCurrent – CI – Available Space Class”. In this query, I added filters to filter down the list.
[Admin: To see other related posts, use the CAD tag or Integrator tag.]
Testers found that they had the ability to add reports to the My Reports page in TRIRGA, even though the links for New, Copy, Delete, Copy as Community Report, and Share Report were not present for the read-only users.
Moving forward, an privilege escalation issue in Report Manager has been resolved.
[Admin: To see other related posts, use the Vulnerability tag or CVE tag.]
If you add a single quote to a query name and click “Where Used”, it causes errors. I suspect this is due to the SQL generated, as it would require an extra single quote to pass the string correctly. If you add another single quote, to ‘escape’ the character, it will work correctly. This is an amendment to the SQL query that is generated when clicking “Where Used”. Additional logic is required where it searches for a single quote and then if it finds one, it adds it to the SQL generated.
We needed to update the SQL call to allow for a single quote in the parameter. Moving forward, the issue is resolved where the “Where Used” tab throws an exception if the report has single quote (‘) in the name.
When creating a system report, the order of BOs listed within a module is not always alphabetical. This can be seen in at least two different areas:
- (1) On the General tab, when you add a business object.
- (2) On the Advanced tab, when you add an association filter.
For convenience, here are the some recent CVE IDs.
||The IBM TRIRIGA Report Manager contains a vulnerability that could allow authenticated users to execute actions to which they do not have access.
||The IBM TRIRIGA Application Platform contains a vulnerability that could allow authenticated users to execute application actions to which they do not have access.
||The IBM TRIRIGA Document Manager contains a vulnerability that could allow authenticated users to execute actions to which they do not have access.
[Admin: This post is related to the 05.17.16 post and the 04.04.16 post about vulnerabilities and fixes. To see other related posts, use the Vulnerability tag.]
Are there any known limitations with pie charts in the TRIRIGA Report Manager?
We created a chart, but the available data meant it should show 100% for a single status value. However, the report just says “No data to display”. Expanding the filter to bring in more records meant that we had multiple status values to display and the chart displayed correctly. Is there a limitation on a pie chart so that if the result set is 100% in one grouping, it doesn’t display anything?
This is a known issue covered in APAR IV95291. You can subscribe to the APAR for updates on the fix.
The IBM TRIRIGA application is vulnerable to a privilege escalation vulnerability. Specifically, IBM TRIRIGA Report Manager contains a vulnerability that could allow an authenticated user to execute actions to which they should not have access.