Commerce

8.2.x

Elastic Path 8.2.x Release Notes

Learn about changes to Elastic Path Commerce for this release. Fixes since the release are summarized in the changelog.

Changelog

The changelog contains the list of fixes and improvements made to Elastic Path Commerce 8.2 since its release date. To learn how to consume the updates, see Consuming Support Fixes.

  • 0b148528: Fixed an intermittent build failure where the index status was not set as expected. (Sep 15, 2021)
  • aabe19cb: Fixed the cache for the DynamicAttributeValue. (Sep 1, 2021)
  • b0b74641: Removed unnecessary duplicate promotions caches and fixed potential thundering herd issue when promotions cache is initially populated. (Aug 31, 2021)
  • a9cc15ee: Optimized the inventory rollup job performance and changed it to run more frequently. (Aug 24, 2021)
  • 670b34f8: Performance fix for ShipmentDetailsIdParameterServiceImpl that previously retrieved each shipment in the user’s order history to determine if the shipment resources should be accessible. (Aug 23, 2021)
  • a459f794: Second payment capture attempts are not logged or recorded in TORDERPAYMENTS when using an expired tokens. (Aug 19, 2021)
  • 0af8cab1: Updated promotion rule retrieval so that all other rules in the ruleset are not eagerly loaded. (Aug 15, 2021)
  • 7f477d77: Updated customer domain object so that addresses are no longer eagerly loaded and are only retrieved when needed. (Aug 16, 2021)
  • ad852669: Improved performance in the cart item modifier field validator. (Aug 12, 2021)
  • 6e22a618: Implemented a deadlock retry to address deadlocks on TORDERNUMBERGENERATOR under a high load. (Jul 14, 2021)
  • 6d858a2e: Fixed a race condition in SolrFacetAdapter that was causing Cortex errors when retrieving faceted offer search results. (Jul 6, 2021)
  • 8ac5a462: Backported the mvnmin.xml file to maintenance releases. (Jun 21, 2021)
  • 8e8957c5: Improved catalog projection clean-up performance. (Jun 9, 2021)
  • e5878d04: Allow groovy-maven artifacts to be downloaded from Maven central and removed duplicate versions. (May 10, 2021)
  • dcc90e22: Updated the pom.xml file to allow groovy-maven related artifacts download from Maven central repository and removed duplicate versions. (May 11, 2021)
  • eb01eef0: Updated maven.springframework.org with an https protocol. (May 10, 2021)
  • d0446fa7: Removed customer Solr index. (Apr 27, 2021)
  • c32c9463: Updated the product name search to use special characters in Commerce Manager. (Apr 1, 2021)
  • c32c9463: Updated the product name search with special characters in Commerce Manager. (Apr 2, 2021)
  • 31af27bd: Updated the default batch size for the TINDEXNOTIFY table as the search primary tried to fetch all data from the table. The TINDEXNOTIFY table contains millions of records and was causing resource issues. (Mar 29, 2021)
  • 15829005: Updated the AddressRepositoryImpl file to remove an unnecessary PMD.TooManyMethods suppressed warning. (Mar 30, 2021)
  • 019a5ea6: Added an extensibility on the AddressRepositoryImpl and AddressEntity classes, and added the extensibility to the Elastic Path Commerce example. (Mar 31, 2021)
  • 188c7af3: Fixed CSV Import and Change Set issues. (Mar 25, 2021)
  • b38a78e2: Updated the Buyer roles roles field to be a JSON array of strings. (Mar 18, 2021)
  • 5a957e0e: Created a reference Cortex resource for read-only reference data. (Mar 17, 2021)
  • 21c845b8: Updated the add-associate-form link to be addassociateform to align with standard Cortex naming practices. (11-Mar-2021)

Changelog Announcements

Removed Customer Solr index

Elastic Path Commerce uses Solr for fast lookup of records based on advanced search criteria. This includes "DisMax" searches which return relevance-sorted results based on simple search criteria. For example, the Cortex keyword searches use the Product Solr index to find products and SKUs based on a keyword search.

The customer Solr index was only used by Commerce Manager, when searching for customers by specific fields, such as name, address, or phone number. These types of searches can be done just as quickly using SQL queries against indexed database fields.

Due to the fact that customer records are transactional, meaning that the number of records will grow over time as more users interact with the store. This can cause issues due to the size of the Solr index, or if the customer index ever needs to be rebuilt from scratch, which can be very time consuming.

For these reasons, we made the decision to remove the customer Solr index, and re-implement all Commerce Manager search functions as SQL queries. This functionality is seen in the new CustomerCriterionImpl and CustomerSearchCriteria classes in the source.

8.2.0

Released: March 2021

Release Highlights

Account Management

This release focuses on delivering buyer capabilities to enable Buying Organizations to manage their departments, regions, and hierarchy of accounts and buyers from the storefront powered by Cortex.

Ability for Buyers to View and Manage Account Details

Buyers can now modify associated accounts in Cortex. The following aspects of accounts can be modified:

Attributes

Buyers with the MODIFY_ACCOUNTS permission can edit account attributes. This can be done through a PUT operation on the account resource, similar to how profile attributes are modified.

For more information, see Update Account.

Addresses

Buyers with the MODIFY_ACCOUNT_ADDRESSES permission can add, edit, and delete addresses stored on the account. This can be done by following the addresses link on the account resource. The default shipping and billing address for the account can also be selected.

For more information, see Read Addresses from Account.

Payment Instruments

Buyers with the MODIFY_ACCOUNT_PAYMENT_INSTRUMENTS permission can add and delete payment instruments stored on the account. Payment instruments can be added by following the paymentmethods link on the account resource. Existing payment instruments can be viewed and deleted by following the paymentinstruments link on the account resource. The default payment instrument for the account can also be selected.

For more information, see Read Payment Instruments from Account.

Status

Buyers can now view the status of associated accounts in Cortex. A new link named status is available on the account resource.

For more information, see Read Status on Account.

Ability for Buyers to Manage Account User Associations

Buyers with the MODIFY_ACCOUNT_ASSOCIATES permission can add and delete associates on an account. Associates can be viewed by following the associates link on the account resource. Buyers can be added to the account by specifying their email and role in the add-associate-form link. Shoppers must be registered in Cortex before they can be added to an account.

For more information, see Read Associates from Account.

Ability for Buyers to View Child Accounts

Buyers can view child accounts in the account hierarchy. This is done by following the childaccounts link on the account resource. Each child account has the same links as accounts that the buyer is directly associated to.

For more information, see Read Child Accounts from Account.

Ability for Buyers to Choose from Account Addresses and Payment Instruments during Checkout

When a buyer is transacting on behalf of an account, meaning the x-ep-account-shared-id header is specified, the options presented are different. When selecting the cart order billing address, shipping address, and payment instrument, the options are now based on records stored on the account, instead of the records stored on the profile.

note

Currently, when transacting on behalf of an account, the option to add a new address from the cart order will not appear. Buyers with the appropriate permissions can still add addresses to the account through the account resource.

For more information, see Select Order Billing Address, Select Delivery Shipping Address, and Select Order Payment Instrument.

Ability to Define Roles for Buyers

Buyers can now be assigned to Elastic Path roles, representing a grouping of multiple Shiro roles (permissions). Each Shiro role is a granular permission that controls what the buyer can view, create, modify, or delete through the Cortex API. For example, buyers without the READ_PRICES permission cannot access resources that return product prices.

Developers can modify Elastic Path roles, including their assigned Shiro roles through a simple Spring map declaration (roleToPermissionsMap).

Seller admins can define what Elastic Path role buyers will acquire in Commerce Manager. For B2C scenarios, the Store record can define roles for both single-session and registered buyers. For B2B scenarios, the role can be assigned to the user association record on each account. Buyers automatically get the same access role to any child accounts in the hierarchy.

For more information about how roles and permissions work, see Cortex Authorization.

Order Hold Strategies

Order Hold Strategies allows your business to define rules that determine when new purchases should be placed on hold. The following are use cases examples for Order Hold Strategies:

  • A high fraud score
  • An issue with downstream fulfillment services
  • A delayed payment method, such as payment by cheque or Bitcoin

When a cart is checked out, an order record is created, inventory is reserved, and credit card payments are pre-authorized. The Order Hold Strategies are then executed. If one or more of these strategies determines that a hold is required, the order is placed in the ON_HOLD state, and an Order Confirmation email is sent to the customer. The payment will not be captured, and the order will not be sent to fulfillment until all of the holds are resolved.

A configurable seller admin email is notified on a scheduled basis (every 4 hours by default) for each store that contains held orders. The seller admin can then view the held orders along and mark holds as resolved or unresolvable. If all of the holds are resolved, the order proceeds to payment capture and fulfillment. If any of the holds are marked unresolvable, the order is cancelled, and a cancellation email is sent to the shopper.

For more information, see Order Hold Strategies.

Catalog Promotion Selling Context

Seller admins can now define personalized criteria for catalog promotions, allowing more targeted promotions that appear to the shopper even before the shopping cart.

The Selling Context allows promotions to be activated based on characteristics of the shopper. This functionality has been available for use when defining shopping cart promotions in Elastic Path Commerce for many years. Now, the same level of flexibility is available for use on catalog promotions.

Catalog Promotion Selling Context

For more information, see Shopper Segment Rules.

System Requirements and Compatibility

Elastic Path Commerce 8.2.0 is now certified for use with the following technologies:

TechnologyOld CertificationNew Certification
Amazon Aurora RDSAurora v1 (MySQL 5.6)Aurora v2 (MySQL 5.7)
MySQL5.7.195.7.32
Oracle12.119.0
Zulu JDK8u2028u275

Elastic Path Commerce 8.2.0 is compatible with the following Elastic Path releases:

Elastic Path ComponentCompatibility
Elastic Path CloudOps for KubernetesCloudOps for Kubernetes compatibility matrix

For more information, see Supported Technologies.

New in This Release

In addition to the Release Highlights, this release contains the following updates:

Ability for Seller Admins to Mark Accounts as Suspended

Seller admins have more control over the status of accounts. In addition to the existing ACTIVE and DISABLED options, accounts can now be set to a SUSPENDED state.

For accounts in the ACTIVE state, associated buyers can transact on behalf of the account and checkout. For accounts in the DISABLED state, buyers will not be able to transact on behalf of these accounts. The x-ep-account-shared-id header will not be accepted. For accounts in the SUSPENDED state, associated buyers can transact on behalf of the account, but they will not be permitted to purchase a cart, the purchaseform action will be blocked.

For more information, see Disabling or Suspending an Account record.

Cache implementation improvements

In some cases, you want to cache the fact that a key is not present in the database, and differentiate that from the circumstance where the cache has not been populated. To address this, we added a new class called CacheResult that can differentiate between "value not present" and "value is null". Then updated the cache get methods to return a CacheResult object.

Also, the V get(K key, Function<K, V> fallbackLoader) method was updated to prevent the "thundering herd" issue when high-usage cache keys expire. Specifically, the following guarantees are provided:

  1. Threads will only be blocked if there is a cache miss and there is already an evaluation running for an equivalent cache key. Lookups for different cache keys will not be blocked.

  2. Only one evaluation will be executed for a cache miss of a given cache key. There is actually a small chance that this could occur if the evaluation locks map rolls over, but it is highly unlikely.

  3. While a cache miss evaluation is in progress, requests from separate threads for the same cache key will block until evaluation is complete and they will get the cached value after the evaluation completes.

Most calls to CacheResult<V> get(K key) were replaced with calls to V get(K key, Function<K, V> fallbackLoader) to allow caches to take advantage of these guarantees.

Made refreshStrategy metadata records required for all setting definitions

The implementation of CachedSettingsReader was changed so that it now throws an exception if a setting definition does not have a corresponding refreshStrategy metadata record. Previously, CachedSettingsReader would fallback to the immediate refresh strategy if not explicitly defined, which lead to unexpected performance issues.

Surefire and Failsafe plugin updates

When an exception occurred in unit or integration tests, the stack trace was being truncated by the Surefire and Failsafe plugins. The trimStackTrace setting has now been set to false to prevent this behaviour.

The Surefire and Failsafe plugins were upgraded to version 2.22.2.

Removed some outdated language in alignment with diversity and inclusion commitments

Some parameters that made reference to master were renamed. Also, the CP_GENDER customer profile attribute was removed.

See upgrade notes for more information about both of these changes.

Upgraded shopper and business user password hashing

Upgraded the password hashing algorithm for passwords from SHA-256 to BCrypt. For existing users, the current hash is re-hashed with BCrypt during the database upgrade. When a user signs in, Elastic Path Commerce first tries to match the password with the BCrypt hash. If that fails, it tries again with a BCrypt and SHA-256 hash. This allows us to upgrade the hashes without losing existing passwords, in accordance with OWASP recommendations.

Added ability to specify filtering when exporting customers through Import/Export

Added the ability to specify queries when exporting customers through the Import/Export CLI or API.

FieldField ParametersSample Query
SharedIDN/AFIND Customer WHERE SharedID = 'e27ffe24-1281-4841-bc78-d9006ae7771d'
CustomerTypeN/AFIND Customer WHERE CustomerType = ACCOUNT
LastModifiedDateN/AFIND Customer WHERE LastModifiedDate > '2020-01-01T00:00:00-08:00'

Improved logging when running data population

Data population now writes separators to the logs for each stage of the data population process, giving better insight into what it is doing.

Improved how Cortex LINK permissions are defined

Assume that we have two links contributed by the carts resource to the root: carts and defaultcart. We want defaultcart to appear to all users (PUBLIC) and carts to only appear to logged in users (REGISTERED).

We expect to be able to create a permission.permissions file like this:

relos.role.PUBLIC=LINK:{base.scope}:default;
relos.role.REGISTERED=LINK:{base.scope}:EOL;

However, this caused both links to disappear for all users because Cortex was evaluating links in such a way that only wildcards would work; they weren’t evaluated based on their target URIs. That has now been resolved.

Enhanced ep-core-tool to allow Setting Metadata to be updated

The ep-core-tool now supports the following commands:

  • set-setting-metadata
  • bulk-set-setting-metadata

These commands allow the ep-core-tool to update the metadata for setting definitions.

Commerce Manager now displays orders in FAILED state

Orders in the FAILED state did not previously appear in search results in Commerce Manager.

Address family-name and given-name fields are now optional

Addresses can be associated to either a shopper profile, or an account. When adding an address to an account, the family-name and given-name fields are usually irrelevant. Therefore, we have modified Elastic Path Commerce so that addresses can be created without these values. These fields are now optional in both Cortex and Commerce Manager.

Added references resource in Cortex root

A new link has been added to the Cortex root resource named references. This resource allows us to group links to resources that provide read-only reference data that is required by the client.

Initially, this resource contains two links:

  • countries
  • buyerroles

The countries link is a duplicate of the countries link on the root resource. The countries link on the root is now deprecated and may be removed in a future version.

The buyerroles link allows the client to read the list of available roles that can be used when associating a user to an account. For more information about buyerroles, see Read Buyer Roles.

Replaced XA with Outbox pattern

In Elastic Path Commerce 7.5.1, XA transaction support was added. This was to ensure the publishing of domain event messages if and only if the transactions containing these database updates were committed to the database. This guarantee is essential to ensure that Catalog Syndication projections can be kept up-to-date.

This technology added significant complexity and boilerplate code into the Elastic Path Commerce framework. To reduce this complexity, we made the decision to replace XA with the Transactional Outbox pattern. This pattern requires the platform to insert a record into an outbox table in the same transaction as the catalog update. A separate job later reads the outbox records and relays them as the appropriate domain event messages.

The commit includes the following changes:

  • Removes all library dependencies on Atomikos.
  • Removes ep-jta module.
  • Removes XaTransactionTestSupport from all integration tests.
  • Removes support for JVM parameter -Dspring.profiles.active=non-xa.
  • Removes all XA configuration from each webapp’s context.xml files - including epjndi-xa.
  • Adds TOUTBOXMESSAGE table to the database.
  • Adds Relay Outbox Messages Quartz job in Batch Server.
  • Adds support for JVM parameter -Dspring.profiles.active=disable-domain-events.

Added Maven Minimal Configuration

Maven Minimal is a developer tool to build large multi-module projects quickly, by building only changed modules. Maven Minimal is currently under development and nearing release.

In anticipation of Maven Minimal’s release, its configuration is included in Elastic Path Commerce.

Fixed Issues

Prevent Cortex error when viewing customer profile

If a customer is edited in Commerce Manager, in some cases a 500 error would occur when viewing the customer profile in Cortex.

Cortex webapp overlays folder added to gitignore

The extensions/cortex/ext-cortex-webapp/overlays/ folder was added to .gitignore to prevent temporary files in that folder from being committed accidentally.

Removed unnecessary cart re-pricing calls

Some unnecessary calls to update pricing during shopping cart retrieval were removed.

Fixed thread safety issue when calculating promotions

A thread safety issue in LogicalTreeBuilder was in some cases causing shopping cart promotions to be evaluated incorrectly.

Messaging in CM when there was a reservation failure during order modification was confusing

Improved messaging on the dialog that appears when modifying an order in Commerce Manager.

Fixed several Liquibase upgrade script issues

  • Several 7.2.0 Liquibase scripts had very poor performance during upgrades.
  • The 7.6.0-torder-make-cart-order-guids-unique script missed some order records when making the CART_ORDER_GUID field unique.
  • The 2020-05-update-accountmanagement-customertype script could throw a No value specified for parameter exception in some circumstances.
  • The 2020-05-add-accountmanagement-customertype script could hang during an update in some circumstances.
  • The core-changelog-2020-03-payments.xml script could throw a missing expression exception in some cases.
  • The core-changelog-2020-06-common-shared-identifier-users-accounts.xml script could throw a duplicate keys found exception in some circumstances.

Improved handling for unpriced items in the cart

Added defensive code to prevent Cortex exceptions when line items in the cart do not have a price. If a line item is missing a price, the line item price and total links will no longer be displayed. At the cart and order levels, the total and tax entities assume that the price of line items without prices is zero. Shipping service level calculations also function normally but assume that the price of line items without prices is zero.

Fixed issue in which Cortex sometimes re-uses shopper record from a different store

Fixed an issue where a user’s shopper record and cart from a different store was retrieved incorrectly.

Ensure that cart modifier values are cleared from default cart after checkout

Cart modifier values are now reset on the default shopping cart whenever the cart is checked out.

Limited use coupon codes could not be removed from cart

Limited-use coupon codes were being automatically re-applied after a customer removed the coupon code.

Removed unnecessary duplicate queries to TATTRIBUTE table during checkout

Cortex made multiple unnecessary TATTRIBUTE queries during checkout. This has now been reduced to a single query.

Import/Export imports weren’t updating Catalog Syndication projections

When products were updated using Import/Export, the required domain events were not being published.

Eliminated unnecessary UIDPK = 0 queries

Applied a fix to OpenJPA to eliminate unnecessary SQL queries that would never return any results because they contain UIDPK = 0 within the where clause.

Fixed exception that could occur when multiple threads request the same shopping cart concurrently

When a shopping cart contains a bundle, and multiple threads request the same shopping cart concurrently, the following exception could occur: com.elasticpath.commons.exception.InvalidProductStructureException: ShoppingItem structure invalid

Optimized the cleanupFailedOrdersJob batch job

This job is responsible for deleting failed orders that are more than COMMERCE/SYSTEM/FAILEDORDERCLEANUP/maxHistory days old. Each time this job is executed, it deletes qualifying records in batches of size COMMERCE/SYSTEM/FAILEDORDERCLEANUP/batchSize until all qualifying records are deleted. This is a change from the old behavior which would cleanup only COMMERCE/SYSTEM/FAILEDORDERCLEANUP/batchSize records each time the job was executed. This job also executes much more quickly than before and uses less memory.

Updated several Maven plugins to improve multi-threaded build support

When building ep-commerce source in multi-threaded mode, such as -T 1C, several warnings appear in the logs about plugins that don’t support multi-threading. The following list shows the upgraded Maven plugins to better support multi-threaded builds:

  • Upgraded gmaven-plugin 1.4 to groovy-maven-plugin 2.1.1.
  • Upgraded javacc-maven-plugin 2.6 to ph-javacc-maven-plugin 4.1.4.
  • Upgraded maven-replacer-plugin to 1.5.2.
  • Added threadSafe=true to ep-core-tool.

Caching bug could cause product to appear as missing in Cortex

In some circumstances, when the productUidCache entry expires before the productUidByGuidCache, Cortex was misinterpreting this situation to mean that the product was not present in the database.

Prevent duplicate domain events from being published

Due to the way that OpenJPA lifecycle events work, there were some circumstances where duplicate domain events were being sent when a record was updated in Import/Export or Commerce Manager. To address this, a LifecycleEventFilter was added that identifies and filters out duplicate lifecycle events in the same thread.

Products without display name in Commerce Manager language do not appear properly in promotions wizard

If a promotion in Commerce Manager has a condition or action that references a Product or SKU that is missing a localized display name it was "invisible". The code now falls back on the product code or SKU code in this circumstance.

Improvement to offer-price-range logic when list price is lower than sale price

When a price is configured such that the list price is lower than the sale price, the offer-price-range resource didn’t correctly show the lowest price.

Improved search master customer indexing

Ensure that customer records are only indexed if at least one of the following is true:

  • Customer type is REGISTERED_USER or ACCOUNT.
  • Customer type is SINGLE_SESSION_USER and is associated to one or more purchases.

Also removed the use of the TINDEXNOTIFY table for determining which records require re-indexing; the code now relies exclusively on TCUSTOMER.LAST_MODIFIED_DATE.

Fixed several tests that were incorrectly using "week year" instead of "year"

Several tests were using use SimpleDateFormat("YYYY-MM-dd”) instead of SimpleDateFormat("yyyy-MM-dd”). YYYY means "week year", while yyyy means "year". This caused several test failures in the last week of each year.

Fallback payment capture attempts are not recorded

If a payment capture fails, Elastic Path Commerce will try to create a new reservation and charge, but the second charge was not being recorded in the TORDERPAYMENT table.

Shipping address on all active shopping carts is changed when shopper’s default shipping address is updated

If a shopper edits an address that is the default shipping address on their profile, all of that shopper’s active carts were updated to make that the current shipping address. This behaviour has been removed.

Avoid unnecessary validation calls during add-to-cart and checkout

The presence of ADVISE_CREATE in the cart permission.properties was causing the add-to-cart form validation rules to be executed unnecessarily when posting to the add-to-cart form.

Also, inventoryProductSkuValidator was being executed during purchase validation even though the required functionality was already covered by inventoryShoppingItemValidator.

Improved consistency of catalog entity code validation

Different Elastic Path Commerce applications were validating Catalog entity codes differently. For example, Import/Export might allow a catalog code to contain an underscore but Commerce Manager would not.

To address these inconsistencies, CatalogCodeUtil has been added to ep-core which provides information that applications can use to validate the various types of codes. Currently only Commerce Manager has been wired in to use this information.

Extended bundle permission.properties not overriding permission.properties consistently

Cortex requires that all extension bundles declare their own permission.properties file. Before this fix, Cortex was arbitrarily reading either the out of the box or extension bundle permission.properties file to determine permissions. Now extension bundles are required to specify a permissionsLookupRank value in their wiring modules which Cortex uses to identify the correct permission.properties file.

Upgrade Notes

The upgrading Elastic Path guide provides general instructions on upgrading Elastic Path projects.

Core Commerce

  • All TSETTINGDEFINITION records now require a corresponding TSETTINGMETADATA record with key refreshStrategy and a value containing the cache refresh strategy. Make sure to add these records for any custom settings or the CachedSettingsReader will throw an exception when the settings are retrieved.

  • The ep.search.master.url, ep.search.default.url, and ep.search.requires.master properties have been deprecated. These were specifiable either as JVM parameters or in ep.properties. The old parameters are still supported, but we now recommend specifying them using JVM parameters as follows:

    • ep.search.master.url should be specified as -Dep.search.primary.url=
    • ep.search.default.url should be specified as -Dep.search.replica.url=
    • ep.search.requires.master should be specified as -Dep.search.mode=, where the value is set to primary or replica.

  • The CP_GENDER customer profile attribute was removed. If tracking gender is an important attribute for your business, we recommend creating a new custom profile attribute and creating a Liquibase script to transfer the data to your custom attribute.

  • The family-name and given-name fields on Addresses have been made optional. If you have any customizations that use addresses, ensure that they can handle null values in these fields.

  • Many Cortex bundle permission.properties files have been updated to support the new Shiro roles such as CATALOG_BROWSER and BUYER_ADMIN. If your project has overridden any Cortex bundles, make sure to merge your custom permission.properties file with the out of the box version.

  • Any bundles that extend existing out of the box bundles will require an update to their wiring class to allow Cortex to determine which permission.properties file to use. The out of the box bundles all use a rank of 100, so extended bundles should specify a higher rank, such as 200. If the permissions lookup rank is not specified in the extension bundle, the following exception will be thrown at Cortex startup: java.lang.IllegalArgumentException: Permission lookup for server prices already exists with rank 100 Here is an example of the permissionsLookupRank method that needs to be overridden in the wiring modules:

package com.elasticpath.extensions.rest.extprices.wiring;

import com.elasticpath.rest.resource.prices.wiring.PriceWiring;

import javax.inject.Named;

/**
 * Extended Price wiring.
 */
@Named
public class ExtPriceWiring extends PriceWiring {

    @Override
    protected int permissionsLookupRank() {
        return 200;
    }
}

Database Changes

  • Added CASCADE on DELETE on all foreign key relationships to the following fields to allow cleanupFailedOrdersJob to be more efficient. For more information, see the core-changelog-2020-08-cleanup-expired-failed-orders-job.xml file.
    • TORDER.ORDER_NUMBER
    • TORDER.UIDPK
    • TORDERPAYMENT.UIDPK
    • TAPPLIEDRULE.UIDPK
    • TORDERSHIPMENT.UIDPK
    • TORDERRETURN.UIDPK
    • TORDERSKU.UIDPK
  • Added ORDER_UID field to TORDERSKU table to allow queries to avoid join to TORDERSHIPMENT.
  • Added index on TCUSTOMER.AUTHENTICATION_UID.
  • Renamed apiRefreshStrategy and adminRefreshStrategy values on TSETTINGMETADATA.METADATA_KEY to refreshStrategy.
  • Added refreshStrategy metadata records to all TSETTINGDEFINITION records.
  • TCMUSER.PASSWORD values are re-encoded to BCRYPT format.
  • TCUSTOMERAUTHENTICATION.PASSWORD values are re-encoded to BCRYPT format.
  • Removed CP_GENDER customer profile attribute.
  • Added index on TCUSTOMERPROFILEVALUE.CUSTOMER_UID, replacing previous composite index.
  • Updated COMMERCE/SYSTEM/SEARCH/searchHost context keys from master to primary and default to replica.
  • Added unique constraint on SHOPPER_UID,DEFAULTCART fields of TSHOPPINGCART and made DEFAULTCART nullable.
  • Added TOUTBOXMESSAGE table.
  • Added B2C_AUTHENTICATED_ROLE and B2C_SINGLE_SESSION_ROLE fields to TSTORE table.

Upgraded Libraries

The following libraries were upgraded as part of this release, primarily to address vulnerabilities detected within these libraries.

LibraryChange
activemq-broker-5.16.0.jarVersion changed from 5.15.12
activemq-camel-5.16.0.jarVersion changed from 5.15.12
activemq-client-5.16.0.jarVersion changed from 5.15.12
activemq-console-5.16.0.jarVersion changed from 5.15.12
activemq-jms-pool-5.16.0.jarVersion changed from 5.15.12
activemq-kahadb-store-5.16.0.jarVersion changed from 5.15.12
activemq-openwire-legacy-5.16.0.jarVersion changed from 5.15.12
activemq-pool-5.16.0.jarVersion changed from 5.15.12
activemq-spring-5.16.0.jarVersion changed from 5.15.12
activemq-stomp-5.16.0.jarVersion changed from 5.15.12
activemq-web-5.16.0.jarVersion changed from 5.15.12
activemq-web-console-5.16.0.warVersion changed from 5.15.12
checker-qual-2.10.0.jarRemoved
dec-0.1.2.jarAdded
error_prone_annotations-2.3.4.jarRemoved
failureaccess-1.0.1.jarRemoved
guava-28.2-jre.jarRemoved
hawtdispatch-1.11.jarAdded
hawtdispatch-transport-1.11.jarAdded
htmlunit-2.38.0.jarAdded
htmlunit-core-js-2.38.0.jarAdded
htmlunit-cssparser-1.5.0.jarAdded
integration-test-definitions-8.2.0.5657f7cc81.jarAdded
j2objc-annotations-1.3.jarRemoved
jackson-annotations-2.10.2.jarRemoved
jackson-annotations-2.11.2.jarVersion changed from 2.10.3
jackson-core-2.10.2.jarRemoved
jackson-core-2.11.2.jarVersion changed from 2.10.3
jackson-databind-2.11.2.jarVersion changed from 2.10.3
jackson-databind-2.9.10.3.jarRemoved
jackson-databind-2.9.10.4.jarVersion changed from 2.10.2
jackson-dataformat-csv-2.11.2.jarVersion changed from 2.10.2
jackson-datatype-jsr310-2.11.2.jarVersion changed from 2.10.3
jackson-jaxrs-base-2.10.2.jarRemoved
jackson-jaxrs-base-2.11.2.jarVersion changed from 2.10.3
jackson-jaxrs-json-provider-2.10.2.jarRemoved
jackson-jaxrs-json-provider-2.11.2.jarVersion changed from 2.10.3
jansi-1.18.jarVersion changed from 1.8
jetty-client-9.4.27.v20200227.jarAdded
jetty-http-9.4.27.v20200227.jarAdded
jetty-io-9.4.27.v20200227.jarAdded
jetty-xml-9.4.27.v20200227.jarAdded
jsr305-3.0.2.jarRemoved
jstl-1.1.2.jarAdded
listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jarRemoved
mqtt-client-1.3.jarAdded
mysql-connector-java-8.0.22.jarVersion changed from 5.1.44
neko-htmlunit-2.38.0.jarAdded
openjpa-2.4.0-ep2.3.jarVersion changed from 2.4.0-ep2.1
openjpa-jdbc-2.4.0-ep2.3.jarVersion changed from 2.4.0-ep2.1
openjpa-jest-2.4.0-ep2.3.jarVersion changed from 2.4.0-ep2.1
openjpa-kernel-2.4.0-ep2.3.jarVersion changed from 2.4.0-ep2.1
openjpa-lib-2.4.0-ep2.3.jarVersion changed from 2.4.0-ep2.1
openjpa-persistence-2.4.0-ep2.3.jarVersion changed from 2.4.0-ep2.1
openjpa-persistence-jdbc-2.4.0-ep2.3.jarVersion changed from 2.4.0-ep2.1
org.apache.commons.logging-1.1.1.v201101211721.jarRemoved
org.apache.servicemix.bundles.spring-orm-4.3.25.RELEASE_1.jarAdded
serializer-2.7.2.jarAdded
slf4j-api-1.7.30.jarAdded
slf4j-log4j12-1.7.30.jarAdded
standard-1.1.2.jarAdded
websocket-api-9.4.27.v20200227.jarAdded
websocket-client-9.4.27.v20200227.jarAdded
websocket-common-9.4.27.v20200227.jarAdded
xalan-2.7.2.jarAdded
xbean-spring-4.17.jarVersion changed from 4.16
Last updated on 9/17/2021
GuidesSupported Technologies