Blue Prism 6.3: August 2018

Multi-team Environments enable organizations to model increasingly complex security configurations within Blue Prism by extending the existing role-based access controls to enable more granular configurations. These capabilities better enable organizations to share Blue Prism assets, such as business objects and runtime resources, with multiple teams within a given Blue Prism environment.

For example, users who are members of a team may have full access to some business objects but may only have the ability to view or execute others, as may be appropriate for assets that are shared by multiple teams.

Multi-Team Environments introduces the following key highlights to Blue Prism:

• An Access Rights option has been added to the context menu for groups of processes, objects, and resources from where permissions are applied for the items in that group. The option is also available for each item in a group, providing a read-only view of the permissions applied for the group.
• The mechanism provided by this feature for securing access to resources, replaces the previous capability of applying permissions directly to individual resources. Any previously applied permissions must be manually reconfigured.
• New Default groups have been added for processes, objects, and resources. When logging in to Blue Prism following an upgrade, all processes, objects, and resources that were previously stored at the top level in their respective folders, are added to a default group – items can no longer be stored at the root level in a tree.
• New Execute, Execute as Web Service, and Manage Access Rights permissions have been introduced and a number of existing permissions have been updated.

Native support for automating web pages and applications in Chrome is provided within Blue Prism through the use of a Blue Prism Chrome extension. This allows Blue Prism to interact with web pages and applications, presented in Chrome, so that business processes that rely on applications presented in this browser can easily be modelled.

The Application Modeller wizard has been updated with a new additional Browser-based Application (Chrome) application mode that enables Chrome elements to be spied and used within business objects.

As part of this feature, the Blue Prism installer has been updated to enable the installation and removal of the extension.

The Blue Prism installer has been updated to provide the optional installation of:

• The Chrome Browser Automation Extension (via a registry setting)
• The Outlook interop DLL required if the MS Outlook Email VBO is used

A number of improvements have been applied which improve the usability of child or nested collections:

• A child collection within a nested collection can be referenced using dot (.) notation.
• A child collection or a value within a child collection can be retrieved or set using dot (.) notation.
• A child collection can be stored or used directly in a range of scenarios such as:
  • Store In addresses (e.g. calc stages, multicalcs, output parameters)
  • Collection actions (e.g. Add Row, Copy Rows, Count Columns, Count Rows, Remove all rows, Remove Row)
• The mechanism of serializing the XML representation of collections has been optimized to reduce the size of the data transmitted between components. Primarily this benefits situations where nested collections are in use.

A new Web Service Consumer role has been created to simplify the ability to apply the correct permissions to user accounts that will be used to consume Blue Prism processes and objects exposed as Web Services. This role grants the necessary execute permissions without providing access to areas of the interface, such as Control Room. The role can be used in conjunction with the capabilities of Multi-Team Environments to restrict which exposed objects and processes can be accessed by user accounts assigned to this role.

A number of session management commands (create, start, delete) no longer work by default. They have been superseded by createas, startas, and deleteas which require the use of the getauthtoken method.

While not recommended, the previous methods can be re-enabled by disabling the new setting that enforces permissions of controlling users when carrying out session management actions.

When selecting to override the session logging level on the runtime resource (via Resource Management) it is now possible to select Errors Only logging. When a runtime resource is configured with this override, session logging will be reduced to only log stages which result in an error being reported.

The status message shown in the Blue Prism client when connected directly to a database has been updated. It now presents the reported SQL version number instead of “Unknown” for situations where the friendly name for the SQL version is not known.

The way that pools and their members are displayed within System > Resource Management has been updated so that resources appear under their pool rather than separately.

A number of improvements have been made to the Session Management pane in Control Room:

• The session management pane in Control Room has been updated to show the top 5000 records, ordered by start time descending. The maximum number of rows can now be selected using the drop-down and the data is refreshed from the database each time a saved filter is used or the currently loaded dataset is (re-)ordered.
• When saving a Session Management filter, changes are no longer incorrectly applied to the default Today filter. The behavior where the names of saved filters are lost has also been improved.
• When first accessing Control Room, the default Session management sort order is now set to be Start Time descending. Additionally, the Session Management column sorting is now maintained when returning to Control Room after having navigated away.

When users manually change or set the value of a Session variable via Control Room, the action is now recorded with the session log.

It is now possible to alter the process behavior when applying updates to a collection that was copied from an inner, or nested collection. When this optional change is applied, the relationship between the original and nested collection is affected and is passed by value, rather than by reference. When the data is passed by value, changes are not reflected in the original collection. This is implemented on a per process basis and requires a manual update to the process XML via export and re-import.

For advice on applying this change see the knowledge base article:

How do I update a copy of an inner collection or nested collection, without affecting the original?

The attribute named Match Index is now available when modelling elements using UI Automation.

The action of manually releasing a lock in System > Workflow > Environment Locks now results in an entry being made into the audit log.

All relevant Blue Prism user interface controls have had their scale mode updated to improve the presentation of the interface when installed on Japanese operating systems.

A number of security enhancements have been to revalidate actions taken within the Blue Prism client against the user’s permissions on the server (where deployed). This includes:

• Manage (and delete) Exception Types
• Create/Update/Delete Environment Variables
• Create/Update/Delete external Web services

The manage credentials functionality has been updated so that the password and property values, which are not required, are no longer included in the underlying data object. This reduces the likelihood of sensitive information from being discovered. Additionally, the user interface now clarifies that blank or duplicate property names cannot be used.

Within Credential Manager, the access rights tabs for each credential have been reordered to give prominence to the recommended “Security Roles” capabilities. New descriptions on each of the tabs that allow restrictions by Security Role, process and resource have been added to clarify the nature of the restriction that the respective settings enable.

A number of reconnection issues have been addressed:

• Runtime resources now correctly reconnect following an SQL Server database restart. An issue introduced in 6.0, meant that when a resource attempted to reconnect to the database either directly or via an application server, an error reported that the runtime listener was offline and tried to restart every two minutes even though it was already online.
• The behavior has been improved when refreshing the view in Control Room if there is an issue communicating with the database. It now correctly reports the state of the connection and presents a meaningful error.
• Following an interruption in the connection between a runtime and the application server, the runtime resource reported that it was unable to calculate the run mode of its sessions. This mechanism has been updated.
• Following an application server service restart, scheduled jobs previously failed to run and required the Run Now feature to manually triggered. This has now been fixed so that all schedules restart as expected following an application server service restart.

A number of improvements have been made to improve the performance and responsiveness of the platform when version 6.0, 6.1, 6.2 or 6.2.1 is deployed. Primarily, albeit not exclusively, these changes benefit situations where a WCF server connection mode is in use:

• Improvements to the responsiveness of Control Room while the runtime resource connectivity status is refreshed. Actions such as moving between Session Management and Schedules, expanding/collapsing the group structure, and dragging a process onto a runtime resource are improved.
• Minor improvements to the mechanism used to re-draw the group hierarchical tree structure when scrolling.
• Behavior improvements when navigating quickly across the areas of Blue Prism while data is still loading.
• Optimization of data loading mechanism such as when entering Control Room tab, using Session Management, entering Studio tab, and loading a dashboard.

A number of fixes have been applied to active queues to address issues experienced in Version 6, including:

• Queue totals (Worked, Pending and Deferred) not updating as expected.
• Incorrect totals of available and busy resources being reported when resources (or resource pools) are offline.
• Exceptions were reported when navigating away from Active Queues while the data is loading.
• Exceptions were reported when assigning work to a resource that was recently offline
• Quickly selecting different active queues causing the incorrect queue information to be presented.

An issue that caused Control Room to crash when selecting the Scheduler node if the schedule had more than 2000 log entries, has been addressed.

An issue that prevented screen captures if Preserve the type and detail of the current exception was selected in the exception action, has been addressed so screen captures occur irrespective of the option to preserve the type.

The following issues have been addressed:

• Where a stage has been configured with a custom warning threshold value, but the value specified was incorrectly interpreted to be seconds instead of minutes.
• Where the resource Pane in Control Room incorrectly reported that a runtime was in a warning state even though it was had subsequently moved on and cleared the warning. Previously, to reset the Resource Pane, the user was required to navigate away from Control Room.
• The resource incorrectly reported a process to be in a warning state when a certain server connection error was experienced.

An intermittent issue that resulted in extended login times in environments with large numbers of runtime resources has been addressed.

An improvement has been made to address the issue where, after cloning a published process using Save As, if the user selects to publish the process, this is not saved until the new process is closed and reopened.

An issue has been addressed whereby the action of encrypting or decrypting a data using an encryption scheme incorrectly required full Credential Management privileges. The mechanism used for these actions now applies the correct permissions, which improves the behavior when using the Blue Prism Encryption VBO to encrypt and decrypt data.

The messages presented when carrying out an import of a release have been clarified to address an issue where, in some situations, when a user selected not to import a business object or process because it already exists, they were informed that it had been imported.

An improvement has been applied that addresses a scenario where pressing enter when a group or folder was selected resulted in unexpected behavior.

It is no longer possible to rename a group to have the same name as another group at the same level in the hierarchy. This addresses the scenario where a group with a duplicate name, at the same level in the hierarchy, would be hidden from view.

This affects groups of queues, processes, objects, tiles, users, and resources.

The scenario where an unexpected error was presented when deleting a process that had not been run, but for which process alerts had been configured, has been addressed.

An issue has been fixed to address scenarios where process alert users incorrectly received the message Alert Received but cannot be displayed, because this machine is not registered.

The Export current view as report option in Control > Queue Management is no longer available if there are no queues in the Queue Contents section of the screen. Previously, the option was available and would produce and error as no queues were available.

Runtime resources now restart as expected from the resources system tray context menu when the restart action is selected and when instructed using the /resourcepc switch. Previously, an unhandled exception was generated.

An improvement to the session log viewing functionality has been applied to ensure meaningful information arising from errors is not hidden.

The scenario where an unhandled exception is thrown when the scheduler attempts to start sessions across multiple runtime resources if one or more of the runtime resources is offline has been addressed.

The following improvements/fixes have been applied when using WCF server connection modes:

• An improvement to the serialization mechanism that is used for transmitting a collection over a WCF connection has been made to better cater for large collections.
• The data packets generated when creating or updating schedules over a WCF server connection have been optimized to improve performance and reduce the potential for SQL timeouts.
• An issue has been addressed that resulted in an error occurring when renaming a group if using a WCF connection

A redundant server method has been removed to prevent it being exploited by a malicious actor.

An update has been made to reduce the occurrence of an error that reports that the machine name parameter has been set to null.

When parsing XML from an HTTP response, a static encoding format was used resulting in scenarios where responses that contained multi-byte characters produced an error. The encoding format specified in the SOAP HTTP response is now used when consuming third-party web services.

A usability improvement has been made within region editor. Users are now directed to first select a Location Method, and in situations where the Coordinates options is selected, the incompatible Position option named Anywhere is no longer available.

An issue has been addressed whereby an error was encountered when attempting to use Check JAB Attribute condition in a Wait stage while automating a Java application. The data type set in the condition now uses the correct case and the Wait stage no longer produces errors.

In Audit > Design > Control, the automatic validation settings when opening, resetting, and saving processes were not applied when using the X button to close Process or Object Studio. With the appropriate settings applied, the Save button correctly allowed unvalidated changes to be saved but pressing the X button carried out unexpected validation and prevented the window from closing.

The close button now matches the behavior of the Save button with respect to observing the validation settings.

Adding or removing a breakpoint within the definition of a business object or process is now a recognized change and users are prompted to save changes when exiting the designer.

Validation has been added that displays an error when an invalid Data stage is referenced as an element parameter in a Wait stage. Previously, the error would only be highlighted when the stage was executed.

The RemoveRow action has been updated to correctly iterate through the rows when removing duplicates. The previous mechanism caused items to be skipped during processing as the loop stage did not update correctly.

When using Active Accessibility, it is now possible to select any item from a combo box drop-down list, irrespective of whether the item is currently visible due to being presented within a scroll list. Prior to this fix, if scrolling through the drop-down was required to locate an item, an error occurred.

A small number of incorrect hard coded database schema references within the upgrade scripts have been removed to address an issue where the database upgrade may fail on deployments which do not use the default dbo schema. These references were incorrectly introduced in the 6.2 upgrade scripts. For scenarios where the default schema was not used but the upgrade succeeded, the incorrectly specified schemas are addressed by this fix.

When making changes to previously configured Startup Parameters within Control Room, pressing Cancel incorrectly resulted in the changes being saved. This issue has been fixed and pressing Cancel correctly disregards any changes.

View-only (read-only) mode of the object or process designer correctly prevented any changes from being saved. It has now been updated to prevent changes from being made to the process flow when using View-only mode to avoid a situation where users believe they are making changes that will be saved.

The process/object validation logic has been updated to correctly present an error when a reference to an action is present, but the action has been deleted.

The pools management screen has been updated to correctly reflect whether a resource within a pool has been retired.

The API Documentation help option is now only available once a user has authenticated with the environment. This addresses an issue where an error was presented because the items within the environment could not be queried prior to the login taking place.

A number of improvements or fixes have been applied when Exposing Blue Prism objects or processes as Web Services:

• An issue has been addressed whereby malformed requests to a Blue Prism object or process, exposed as a web service, would return an error and result in no further Web Service requests from being processed.
• Exposed Blue Prism Web Services no longer apply case sensitive logic when processing headers.
• An issue has been addressed where no response was provided if authentication failed due to invalid credentials – a credentials error is now provided.

The mechanism that presents error messages in situations where a connection to the server cannot be established has been improved so that where error messages are available, they are now presented to the user.

The list of third party webservices available within the System area is now presented using a different user interface control. This removes the ability to inadvertently disable all Web Services when accidently highlighting multiple rows.

The following changes have been applied:

• The description of the Local parameter of the MakeDateTime method has been updated.
• The description of the Queue name parameter of the Work Queues, Get Next Item has been updated.

In the Application Modeller wizard, an option has been renamed from Restrict to non-invasive techniques to Disable invasive techniques (hooking).

A minor change has been applied to the XML, provided when exporting an object or process that featured a single row collection, to remove a duplication of the <singlerow/> attribute.

The Choice stage form has been updated to improve the scaling behavior when resizing.

The mechanism used to transport exceptions to the server that are raised on the client using a WCF connection has been improved.

A fix has been applied to correct the capitalization of messages presented while validating or stepping through a process or object.

When logging is enabled, the status and sub-status are now captured to enable additional diagnostics.