Orchestrator
2020.10
False
不在支持范围内
Orchestrator 发行说明
上次更新日期 2023年12月12日
2020.10.18
发行日期:2022 年 12 月 12 日
- 我们修复了一个问题,该问题导致用于连接到存储桶提供程序的密码存储在数据库中。 当您创建或编辑存储桶时,会发生这种情况。 具有数据库读取权限的 SQL 管理员或具有通过 API 审核 的“查看”权限的任何人都可以检索密码。
- 我们修复了导致凭据存储密码存储在数据库中的问题。 对数据库具有读取权限的 SQL 管理员或通过 API 对 审核 具有查看权限的任何人都可以检索密码。
- 我们修复了一个问题,该问题导致在检索所有审核数据的调用返回的响应中显示许可证代码。
- 我们修复了导致外部订阅源密码存储在数据库中的问题。 当您创建用于维护自动化包的外部订阅源时,会发生这种情况。
使用此脚本清除现有日志中显示的所有密码。 在升级到此版本之前,可以运行该脚本。
DECLARE @serverVersion INT
SET @serverVersion = ISNULL(CAST(COALESCE(SERVERPROPERTY('ProductMajorVersion'),PARSENAME(CAST(SERVERPROPERTY('productversion') AS varchar(20)), 4)) as INT),0)
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.Buckets' AND [TenantId] IS NULL)
BEGIN
IF @serverVersion >= 13 -- SQL Server 2016
-- Remove just the password if json functions are supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogs]
SET [Parameters] = JSON_MODIFY([Parameters], ''$.bucketDto.Password'', NULL)
WHERE
[TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[Buckets] WHERE [StorageProvider] IN (''Amazon'',''Azure'',''Minio'',''S3Compatible'')) AND
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.BucketsController'' AND
CHARINDEX(''Password'', [Parameters]) > 0 AND
NULLIF(JSON_VALUE([Parameters], ''$.bucketDto.Password''), '''') IS NOT NULL'
ELSE
-- Remove all parameters if json functions are not supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogs]
SET [Parameters] = ''''
WHERE
[TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[Buckets] WHERE [StorageProvider] IN (''Amazon'',''Azure'',''Minio'',''S3Compatible'')) AND
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.BucketsController'' AND
CHARINDEX(''Password'', [Parameters]) > 0'
INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
VALUES (null,null,'Migration.AuditCleanup.Buckets','true',GETUTCDATE())
END
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.CredentialStores' AND [TenantId] IS NULL)
BEGIN
IF @serverVersion >= 13 -- SQL Server 2016
-- Remove just the password if json functions are supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogs]
SET [Parameters] = JSON_MODIFY([Parameters], ''$.credentialStoreDto.AdditionalConfiguration'', NULL)
WHERE
[TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[CredentialStores] WHERE [Type] <> ''Database'') AND
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.CredentialStoresController'' AND
CHARINDEX(''AdditionalConfiguration'', [Parameters]) > 0 AND
ISJSON([Parameters]) = 1 AND
NULLIF(JSON_VALUE([Parameters], ''$.credentialStoreDto.AdditionalConfiguration''), '''') IS NOT NULL
-- Some records are truncated, so not valid JSON
UPDATE [dbo].[AuditLogs]
SET [Parameters] = ''''
WHERE
[TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[CredentialStores] WHERE [Type] <> ''Database'') AND
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.CredentialStoresController'' AND
CHARINDEX(''AdditionalConfiguration'', [Parameters]) > 0 AND
ISJSON([Parameters]) = 0'
ELSE
-- Remove all parameters if json functions are not supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogs]
SET [Parameters] = ''''
WHERE
[TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[CredentialStores] WHERE [Type] <> ''Database'') AND
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.CredentialStoresController'' AND
CHARINDEX(''AdditionalConfiguration'', [Parameters]) > 0'
INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
VALUES (null,null,'Migration.AuditCleanup.CredentialStores','true',GETUTCDATE())
END
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.PackageFeedApiKey' AND [TenantId] IS NULL)
BEGIN
IF @serverVersion >= 13 -- SQL Server 2016
-- Remove just the password if json functions are supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogEntities]
SET [CustomData] = JSON_MODIFY([CustomData], ''$.ApiKey'', NULL)
WHERE
[EntityId] IS NULL AND
[EntityName] = ''UiPackageFeed'' AND
CHARINDEX(''ApiKey'', [CustomData]) > 0 AND
JSON_VALUE([CustomData], ''$.ApiKey'') IS NOT NULL'
ELSE
-- Remove just the password if json functions are supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogEntities]
SET [CustomData] = ''''
WHERE
[EntityId] IS NULL AND
[EntityName] = ''UiPackageFeed'' AND
CHARINDEX(''ApiKey'', [CustomData]) > 0'
INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
VALUES (null,null,'Migration.AuditCleanup.PackageFeedApiKey','true',GETUTCDATE())
END
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.PackageFeedBasicPassword' AND [TenantId] IS NULL)
BEGIN
IF @serverVersion >= 13 -- SQL Server 2016
-- Remove just the password if json functions are supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogEntities]
SET [CustomData] = JSON_MODIFY([CustomData], ''$.BasicPassword'', NULL)
WHERE
[EntityId] IS NULL AND
[EntityName] = ''UiPackageFeed'' AND
CHARINDEX(''BasicPassword'', [CustomData]) > 0 AND
JSON_VALUE([CustomData], ''$.BasicPassword'') IS NOT NULL'
ELSE
-- Remove just the password if json functions are supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogEntities]
SET [CustomData] = ''''
WHERE
[EntityId] IS NULL AND
[EntityName] = ''UiPackageFeed'' AND
CHARINDEX(''BasicPassword'', [CustomData]) > 0'
INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
VALUES (null,null,'Migration.AuditCleanup.PackageFeedBasicPassword','true',GETUTCDATE())
END
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.LicenseKey' AND [TenantId] IS NULL)
BEGIN
IF @serverVersion >= 13 -- SQL Server 2016
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogs]
SET [Parameters] = JSON_MODIFY([Parameters], ''$.licenseKey'', NULL)
WHERE
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.SettingsController'' AND
CHARINDEX(''licenseKey'', [Parameters]) > 0 AND
ISJSON([Parameters]) = 1 AND
JSON_VALUE([Parameters], ''$.licenseKey'') IS NOT NULL
UPDATE [dbo].[AuditLogs]
SET [Parameters] = ''''
WHERE
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.SettingsController'' AND
CHARINDEX(''licenseKey'', [Parameters]) > 0 AND
ISJSON([Parameters]) = 0'
ELSE
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogs]
SET [Parameters] = ''''
WHERE
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.SettingsController'' AND
CHARINDEX(''licenseKey'', [Parameters]) > 0'
INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
VALUES (null,null,'Migration.AuditCleanup.LicenseKey','true',GETUTCDATE())
ENDDECLARE @serverVersion INT
SET @serverVersion = ISNULL(CAST(COALESCE(SERVERPROPERTY('ProductMajorVersion'),PARSENAME(CAST(SERVERPROPERTY('productversion') AS varchar(20)), 4)) as INT),0)
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.Buckets' AND [TenantId] IS NULL)
BEGIN
IF @serverVersion >= 13 -- SQL Server 2016
-- Remove just the password if json functions are supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogs]
SET [Parameters] = JSON_MODIFY([Parameters], ''$.bucketDto.Password'', NULL)
WHERE
[TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[Buckets] WHERE [StorageProvider] IN (''Amazon'',''Azure'',''Minio'',''S3Compatible'')) AND
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.BucketsController'' AND
CHARINDEX(''Password'', [Parameters]) > 0 AND
NULLIF(JSON_VALUE([Parameters], ''$.bucketDto.Password''), '''') IS NOT NULL'
ELSE
-- Remove all parameters if json functions are not supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogs]
SET [Parameters] = ''''
WHERE
[TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[Buckets] WHERE [StorageProvider] IN (''Amazon'',''Azure'',''Minio'',''S3Compatible'')) AND
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.BucketsController'' AND
CHARINDEX(''Password'', [Parameters]) > 0'
INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
VALUES (null,null,'Migration.AuditCleanup.Buckets','true',GETUTCDATE())
END
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.CredentialStores' AND [TenantId] IS NULL)
BEGIN
IF @serverVersion >= 13 -- SQL Server 2016
-- Remove just the password if json functions are supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogs]
SET [Parameters] = JSON_MODIFY([Parameters], ''$.credentialStoreDto.AdditionalConfiguration'', NULL)
WHERE
[TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[CredentialStores] WHERE [Type] <> ''Database'') AND
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.CredentialStoresController'' AND
CHARINDEX(''AdditionalConfiguration'', [Parameters]) > 0 AND
ISJSON([Parameters]) = 1 AND
NULLIF(JSON_VALUE([Parameters], ''$.credentialStoreDto.AdditionalConfiguration''), '''') IS NOT NULL
-- Some records are truncated, so not valid JSON
UPDATE [dbo].[AuditLogs]
SET [Parameters] = ''''
WHERE
[TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[CredentialStores] WHERE [Type] <> ''Database'') AND
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.CredentialStoresController'' AND
CHARINDEX(''AdditionalConfiguration'', [Parameters]) > 0 AND
ISJSON([Parameters]) = 0'
ELSE
-- Remove all parameters if json functions are not supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogs]
SET [Parameters] = ''''
WHERE
[TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[CredentialStores] WHERE [Type] <> ''Database'') AND
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.CredentialStoresController'' AND
CHARINDEX(''AdditionalConfiguration'', [Parameters]) > 0'
INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
VALUES (null,null,'Migration.AuditCleanup.CredentialStores','true',GETUTCDATE())
END
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.PackageFeedApiKey' AND [TenantId] IS NULL)
BEGIN
IF @serverVersion >= 13 -- SQL Server 2016
-- Remove just the password if json functions are supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogEntities]
SET [CustomData] = JSON_MODIFY([CustomData], ''$.ApiKey'', NULL)
WHERE
[EntityId] IS NULL AND
[EntityName] = ''UiPackageFeed'' AND
CHARINDEX(''ApiKey'', [CustomData]) > 0 AND
JSON_VALUE([CustomData], ''$.ApiKey'') IS NOT NULL'
ELSE
-- Remove just the password if json functions are supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogEntities]
SET [CustomData] = ''''
WHERE
[EntityId] IS NULL AND
[EntityName] = ''UiPackageFeed'' AND
CHARINDEX(''ApiKey'', [CustomData]) > 0'
INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
VALUES (null,null,'Migration.AuditCleanup.PackageFeedApiKey','true',GETUTCDATE())
END
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.PackageFeedBasicPassword' AND [TenantId] IS NULL)
BEGIN
IF @serverVersion >= 13 -- SQL Server 2016
-- Remove just the password if json functions are supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogEntities]
SET [CustomData] = JSON_MODIFY([CustomData], ''$.BasicPassword'', NULL)
WHERE
[EntityId] IS NULL AND
[EntityName] = ''UiPackageFeed'' AND
CHARINDEX(''BasicPassword'', [CustomData]) > 0 AND
JSON_VALUE([CustomData], ''$.BasicPassword'') IS NOT NULL'
ELSE
-- Remove just the password if json functions are supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogEntities]
SET [CustomData] = ''''
WHERE
[EntityId] IS NULL AND
[EntityName] = ''UiPackageFeed'' AND
CHARINDEX(''BasicPassword'', [CustomData]) > 0'
INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
VALUES (null,null,'Migration.AuditCleanup.PackageFeedBasicPassword','true',GETUTCDATE())
END
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.LicenseKey' AND [TenantId] IS NULL)
BEGIN
IF @serverVersion >= 13 -- SQL Server 2016
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogs]
SET [Parameters] = JSON_MODIFY([Parameters], ''$.licenseKey'', NULL)
WHERE
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.SettingsController'' AND
CHARINDEX(''licenseKey'', [Parameters]) > 0 AND
ISJSON([Parameters]) = 1 AND
JSON_VALUE([Parameters], ''$.licenseKey'') IS NOT NULL
UPDATE [dbo].[AuditLogs]
SET [Parameters] = ''''
WHERE
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.SettingsController'' AND
CHARINDEX(''licenseKey'', [Parameters]) > 0 AND
ISJSON([Parameters]) = 0'
ELSE
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogs]
SET [Parameters] = ''''
WHERE
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.SettingsController'' AND
CHARINDEX(''licenseKey'', [Parameters]) > 0'
INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
VALUES (null,null,'Migration.AuditCleanup.LicenseKey','true',GETUTCDATE())
END我们建议您定期查看弃用时间表,以获取有关针对即将弃用和删除功能的任何更新。
