Updating queries that must access the REST API
There is a new query restriction in iMIS EMS for queries that must access the REST API. If a query needs to access the REST API, it must be explicitly granted permissions to do so. For more information about this change, see IQA Security Update.
Preparing queries pre-upgrade
During the pre-upgrade phase, you must identify all queries that access the REST API. Make note of the full query paths, and keep the full list in a text document, such as Notepad.
Tip! If you are testing iMIS EMS, you may reach out to ASI Technical Support for assistance with gathering these queries.
Updating queries post-upgrade
ASI is providing a PowerShell script that will assist with updating all necessary queries in bulk. Download the PowerShell script from the bottom of this article: IQA Security Update: iMIS EMS.
Using the powershell script
The ChangeRESTAvailabilitywithIQAList PowerShell script allows you to update the Available via the REST API setting for a user-defined list of queries.
Do the following to use the PowerShell script:
- Download and extract the files.
- Identify the paths of the queries that need to be updated.
- Add the query paths to a Text Document, such as Notepad. Each line must be a single query path. The file should have no headers.
- Save the document and make note of the path where the document is saved. For example, if the file is called Queries_To_Update and you have it saved in your computer's Documents folder, the path would be similar to the following: C:\Users\UserName\Documents\Queries_To_Update.txt
- Run the ChangeRESTAvailabilityWithIQAList Windows Batch File.
- The Command Window appears, and prompts you to enter the following:
- Enter your iMIS System Administrator user - Enter the iMIS username. This must be a system administrator user.
- Enter password - Enter the iMIS password for the username you just entered.
- Enter the base iMIS URI - Enter the iMIS URL for your website.
- Enter the full file path to a text document - Enter the full file path to where you saved the document. For example, if the file is called Queries_To_Update and you have it saved in your computer's Documents folder, the path would be similar to the following: C:\Users\UserName\Documents\Queries_To_Update.txt
- Should these IQAs from the list be retrievable via REST API Requests? (y or n) - Enter y if you want to enable the Available via the REST API flag on the query, or enter n to leave the flag disabled.
- If there are errors, they are listed under Issues detected. Other than the issues detected, all other queries should be properly updated. Continue to run the script as many times as necessary.