This update tightens security on several core workflow types that previously shipped without explicit View permissions.
The following workflow types will now be restricted so that only RSR - Staff Workers, RSR - Staff Like Workers, and RSR - Rock Administration can View them:
- Data Integrity
- DISC Request
- Person Data Error
- Photo Request
- Request Assessment
- Requests
- Facilities Request
- IT Support
- Samples
Your existing custom security is preserved. The update only applies these defaults to workflow types that currently have no View security configured. If you've already customized the View security on any of these workflows, the update skips them and leaves your settings exactly as they are.
If your organization intentionally desired broader (e.g., anonymous/All Users) View access to any of these workflows, you can re-grant it after the update under Admin Tools > Security > Workflow Configuration then click the lock icon on the affected Workflow Type.
This update also adds the SanitizeSql Lava filter to SQL queries inside several core Workflow Type's RunSQL workflow actions to address an issue where workflow attribute values containing an apostrophe would break the generated SQL.