9.8.3-2 OnPremise Patch Release Notes

9.8.3-2 OnPremise Patch Release Notes

Module API security fix

API Update: In response to the Module API security fix #35067, we have updated the following API's which enhances security to view/retrieve responses from Projects and requires users to have appropriate Project level-permissions. Therefore, from 9.8.8 and going forward, users will require Project-level permissions for any API and UI actions unless the API is specifically at the Site-level and does not target a specific Project.

  1. Module:
    • Get Modules: /api/v3/projects/projectId/modules
    • Get a Module: qtestUrl/api/v3/projects/projectId/modules/moduleId
      • Permission: Requirement and Test Design Tree
  2. Test Execution:
    Permission: View Test Run
  3. Link Objects:
    Remove link objects - Success with link between build and requirements
    Permission Notes:
    • Build: support requirement
      • Permission: Edit Release\Build + View Requirements
    • Release: support requirement
      • Permission: Edit Release/Build + View Requirements
    • Requirement: support Test Case
      • Permission: Edit Requirement + View Test Cases
    • Test Logs: support Defects
      • Permission: Edit Test Run
    • Test Step Logs: Defects
      • Permission: Edit Test Run
  4. Custom fields
    Get fields: /api/v3/projects/projectId/settings/{objectType}/fields
    • Create custom field: ( release / build / requirement / test case / test suite / test run / defect/api/v3/projects/projectId/settings/objectType/fields
    • Update system field: /api/v3/projects/projectId/settings/defects/systemfields/6421
      • Permission: Manage Field Settings

Additionally, the Automation Integration API's listed below will also be affected with this
change and users will need "Automation Schedules" Project-level permissions for the
associated {projectId}:

  1. Create an Automation Agent
    POST /api/v3/projects/{projectId}/automation/hosts/{host_server_id}/agents
  2. Update an Automation Agent
    PUT /api/v3/projects/{projectId}/automation/hosts/{host_server_id}/agents/{agent_server_id}
  3. Delete an Automation Agent
    DEL /api/v3/projects/{projectId}/automation/hosts/{host_server_id}/agents/{agent_server_id}
  4. Activate an Automation Agent
    POST /api/v3/projects/{projectId}/automation/hosts/{host_server_Id}/agents/{agent_server_id}/activate
  5. Deactivate an Automation Agent
    POST /api/v3/projects/{projectId}/automation/hosts/{host_server_Id}/agents/{agent_server_id}/deactivat
  6. Update a Job’s Status
    PUT /api/v3/projects/{projectId}/automation/jobs/{job_id}/status

Requirement Data Query Update

In response to PIR-154, the "Data Query with JIRA fields" enhancement that was released with Manager 9.8 has been modified to reduce the number of database connections. The following changes are applied to the Requirement Data Query:

  1. The "JIRA ID" field has been replaced with the "External ID" field.
  2. In the Criteria drop-down, the "JIRA Issue Type" field has been replaced with the "External Object Type" field. However, users will still see “JIRA Issue Type” in Customize View, Query Results grid and Export.

If there are any saved queries that used the "JIRA ID" or "JIRA Issue Type" fields before, they will be changed automatically without any effect on the query result. The user will also see "External ID" and "External Object Type" in Customize View, Query Results grid, and Export.

JIRA Integration

Atlassian API changes affected the JIRA integration and some users could not create new defects from qTest to Jira nor could they save the JIRA connection. Error messages were received when saving the connection "Connection failed. Permissions queries data is required". Issue types linked to JIRA were not visible from the Integration Settings page. This is resolved. 

Powered by Zendesk