Name
sn_grc.GRCAjax
Description
General AJAX utilities for GRC
Script
var GRCAjax = Class.create();
GRCAjax.prototype = Object.extendsObject(global.AbstractAjaxProcessor, {
get_already_associated_item: function(profileIds, contentId, contentType) {
return this._get_already_associated_item(profileIds, contentId, contentType);
},
getMyAssignments: function() {
return new sn_grc.GRCUtils().getMyAssignments();
},
updateSourceAndCreateM2MRelation: function(contentId, profileIds, contentType, item) {
return this._updateSourceAndCreateM2MRelation(contentId, profileIds, contentType, item);
},
getCountOfEntity: function() {
var tableName = this.getParameter('sysparm_tableName');
var filterValue = this.getParameter('sysparm_filter_condition');
var entity = new GlideAggregate('sn_grc_profile');
if (tableName) {
entity.addQuery("table", tableName);
entity.addQuery("profile_class", "");
} else {
entity.addEncodedQuery("profile_classISEMPTY^" + filterValue);
}
entity.addAggregate('COUNT');
entity.query();
if (entity.next()) {
return entity.getAggregate('COUNT');
}
return 0;
},
updateBulkEntityClass: function() {
var tableName = this.getParameter('sysparm_tableName');
var filterValue = this.getParameter('sysparm_filter_condition');
var entityClass = this.getParameter('sysparm_class');
var entity = new GlideRecord('sn_grc_profile');
if (tableName) {
entity.addQuery("table", tableName);
entity.addQuery("profile_class", "");
} else {
entity.addEncodedQuery("profile_classISEMPTY^" + filterValue);
}
entity.query();
while (entity.next()) {
entity.setValue("profile_class", entityClass);
entity.update();
}
},
getProfileClass: function() {
var tableName = this.getParameter('sysparm_table');
var recordId = this.getParameter('sysparm_appliesToRecord');
return new sn_grc.ImportProfiles().getProfileClass(tableName, recordId);
},
isGeneratingForProfileRecords: function(table, ids, method, operation_to_do) {
var uniqueID = ids;
var methodName = method;
var tableName = table;
var operation = operation_to_do;
return this.getItemsToMultipleProfile(uniqueID, operation);
},
getClassFromClassRule: function() {
var tableName = this.getParameter('sysparm_table');
var recordId = this.getParameter('sysparm_appliesToRecord');
var gr = new GlideRecord("sn_grc_profile_class_rules");
gr.addQuery("table", tableName);
gr.setLimit(1);
gr.query();
if (gr.next()) {
var defaultClass = gr.getValue("profile_class");
var subClass = new sn_grc.ImportProfiles().getSubClassUsingClassRuleFilters(gr.getUniqueValue(), recordId, tableName);
if(subClass != "") {
return subClass;
}
return defaultClass;
}
return "";
},
getItemsToMultipleProfile: function(uniqueId, operation_to_do) {
if (!gs.hasRole('sn_grc.user'))
return "{}";
var profile = uniqueId;
var operation = operation_to_do;
var result = {};
result = this._getAssociatedItemsForMultipleProfile('profile', result, profile, operation);
// Get associate indicators
result = this._buildResultForIndicatorsOrTPsForMultipleProfile('sn_grc_indicator', result, 'item.profile', profile, operation);
// Get associate test plans
result = this._buildResultForIndicatorsOrTPsForMultipleProfile('sn_audit_test_plan', result, 'control.profile', profile, operation);
result = this._getAssociatedRiskIdentificationForMultipleProfile(result, profile, operation);
return new global.JSON().encode(result);
},
_buildResultForIndicatorsOrTPsForMultipleProfile: function(tableName, result, field, profile, operation) {
var rec = new GlideAggregate(tableName);
if (rec.isValid()) {
rec.addQuery(field, "IN", profile);
rec.setGroup(false);
rec.addAggregate('COUNT', 'sys_class_name');
rec.query();
while (rec.next()) {
var number = rec.getAggregate('COUNT', 'sys_class_name');
var l10nRecords = gs.getMessage('{0} record(s)', number);
if (number > 0)
result[tableName] = {
'label': this._getPluralFromRecord(tableName),
'number': l10nRecords,
'link': 'now/risk/common/list-view/' + tableName + '/params/list-title/' + this._getPluralFromRecord(tableName) + '/query/' + rec.getEncodedQuery(),
'operation': operation
};
}
}
return result;
},
_getAssociatedRiskIdentificationForMultipleProfile: function(result, entityID, operation) {
var ri = new GlideAggregate('sn_risk_advanced_risk_identification');
if (ri.isValid()) {
ri.addQuery('entity', "IN", entityID);
ri.setGroup(false);
ri.addAggregate('COUNT', 'sys_class_name');
ri.query();
while (ri.next()) {
var classNameCount = ri.getAggregate('COUNT', 'sys_class_name');
var l10nRecords = gs.getMessage('{0} record(s)', classNameCount);
if (classNameCount > 0)
result["sn_risk_advanced_risk_identification"] = {
'label': "Risk Identification",
'number': l10nRecords,
'link': 'now/risk/common/list-view/' + "sn_risk_advanced_risk_identification" + '/params/list-title/' + "Risk Identification" + '/query/' + ri.getEncodedQuery(),
'operation': operation
};
}
}
return result;
},
_getAssociatedItemsForMultipleProfile: function(type, result, id, operation) {
// Get associate items count
var item = new GlideAggregate('sn_grc_item');
item.addQuery(type, "IN", id);
item.addQuery('active', 'true');
item.addAggregate('COUNT', 'sys_class_name');
item.query();
while (item.next()) {
var className = item.sys_class_name;
var classNameCount = item.getAggregate('COUNT', 'sys_class_name');
var l10nRecords = gs.getMessage('{0} record(s)', classNameCount);
if (classNameCount > 0)
result[className] = {
'label': this._getPluralFromRecord(item.sys_class_name + ''),
'number': l10nRecords,
'link': 'now/risk/common/list-view/' + className + '/params/list-title/' + this._getPluralFromRecord(item.sys_class_name + '') + '/query/' + item.getEncodedQuery(),
'operation': operation
};
}
return result;
},
getEntitiesAlreadyAssociated: function(contentId) {
var entitiesAlreadyAssociated = [];
var m2m = new GlideRecord('sn_grc_m2m_content_profile');
m2m.addQuery('sn_grc_content', contentId);
m2m.query();
while (m2m.next()) {
entitiesAlreadyAssociated.push(m2m.getValue('sn_grc_profile'));
}
return entitiesAlreadyAssociated.join(',');
},
isStartBeforeEnd: function() {
var startDate = new GlideDateTime();
startDate.setDisplayValue(this.getParameter('sysparm_startDate'));
var endDate = new GlideDateTime();
var end = this.getParameter('sysparm_endDate');
if (end)
endDate.setDisplayValue(end);
else
endDate.setDisplayValue((new Date()).toString());
return GlideDateTime.subtract(startDate, endDate).getNumericValue() >= 0;
},
getTodaysDate: function() {
return new GlideDateTime();
},
getTodaysLocalDate: function() {
return new GlideDateTime().getDisplayValue();
},
getIssueRating: function() {
var response = null;
var issueId = this.getParameter('sysparm_issue_id');
var newValue = this.getParameter('sysparm_new_value');
var issue = new GlideRecord('sn_grc_issue');
issue.get(issueId);
if (newValue && !issue.due_date.nil()) {
var property = gs.getProperty('sn_grc.auto_populate_due_date_based_on_issue_rating');
if (property == 'true') {
var rating = new GlideRecord('sn_grc_issue_rating');
rating.get(newValue);
var days = rating.remediation_timeframe;
var ed = new GlideDateTime();
ed.addDaysUTC(days + "");
response = ed.getDisplayValue();
}
}
return response;
},
getInfoMessageForDueDate: function() {
var response = null;
var issueId = this.getParameter('sysparm_issue_id');
var newValue = this.getParameter('sysparm_new_value');
var issue = new GlideRecord('sn_grc_issue');
issue.get(issueId);
if (!issue.issue_rating.nil()) {
var property = gs.getProperty('sn_grc.auto_populate_due_date_based_on_issue_rating');
if (property == 'true') {
var days = issue.issue_rating.remediation_timeframe;
var ed = new GlideDateTime();
ed.addDaysUTC(days + "");
var newVal = new GlideDateTime(newValue);
if (newVal.getDate() < ed.getDate()) {
response = gs.getMessage("The selected due date occurs before the suggested due date {0} determined by the issue rating.", ed.getDate().getDisplayValue());
}
}
}
return response;
},
associateInfoObjectandRecords: function() {
if (!gs.hasRole('sn_grc.user'))
return;
var tableName = this.getParameter('sysparm_tableName');
var infoObject = this.getParameter('sysparm_infoObject');
var operation = this.getParameter('sysparm_operation');
var selectionFilter = this.getParameter('sysparm_recordSelection');
var recordList = "";
var rec = "";
if (selectionFilter == 'condition') {
var queryStr = this.getParameter('sysparm_recordQuery');
rec = new GlideRecord(tableName);
rec.addEncodedQuery(queryStr);
rec.query();
} else if (selectionFilter == 'record_list') {
recordList = this.getParameter('sysparm_recordList');
}
var m2mTable = "";
var baseRecordType = "";
if (tableName == "sn_risk_definition" || tableName == "sn_compliance_citation") {
m2mTable = "sn_grc_m2m_content_information_object";
baseRecordType = "sn_grc_content";
} else if (tableName == "sn_compliance_policy") {
m2mTable = "sn_grc_m2m_document_information_object";
baseRecordType = "sn_grc_document";
}
if (rec != "") {
while (rec.next()) {
this.associateInfoObject(m2mTable, rec.getUniqueValue(), infoObject, operation, baseRecordType);
}
} else if (recordList != "") {
var list = recordList.split(",");
for (var i = 0; i < list.length; i++) {
this.associateInfoObject(m2mTable, list[i], infoObject, operation, baseRecordType);
}
}
},
associateInfoObject: function(tableName, record, infoObject, operation, baseRecordType) {
gr = new GlideRecord(tableName);
gr.addQuery(baseRecordType, record);
gr.addQuery("information_object", infoObject);
gr.query();
if (gr.next()) {
gr.setValue("applicable_for", operation);
gr.update();
} else {
gr.initialize();
gr.setValue(baseRecordType, record);
gr.setValue("information_object", infoObject);
gr.setValue("applicable_for", operation);
gr.insert();
}
},
getItemDetails: function() {
if (!gs.hasRole('sn_grc.user'))
return "";
var obj = {};
var item = new GlideRecord("sn_grc_item");
if (item.get(this.getParameter('sysparm_item'))) {
if (!item.profile.nil()) {
obj.table = item.profile.table + '';
obj.entity = item.profile + '';
}
}
return new global.JSON().encode(obj);
},
deleteInactiveEntities: function() {
new GRCUtils().deleteInactiveEntities(this.getParameter("sysparm_entities_ids"));
},
getAssociatedItemsToProfileType: function(uniqueId, table_name, operation) {
if (!gs.hasRole('sn_grc.user'))
return "{}";
var l10nRecords;
var profileType = uniqueId || this.getParameter('sysparm_id');
var tableName = table_name || this.getParameter('sysparm_table_name');
var result = {};
if (operation == 'mark_for_deletion') {
var m2mProfileTypeTables = ['sn_grc_m2m_content_profile_type', 'sn_grc_m2m_document_profile_type'];
for (var index in m2mProfileTypeTables) {
// Get the content/document to profile type links
var m2mProfileTypeTable = new GlideTableHierarchy(m2mProfileTypeTables[index]).getTableExtensions();
for (var item in m2mProfileTypeTable) {
var m2mProfileType = new GlideRecord(m2mProfileTypeTable[item]);
m2mProfileType.addQuery('sn_grc_profile_type', profileType);
m2mProfileType.query();
l10nRecords = gs.getMessage('{0} record(s)', m2mProfileType.getRowCount());
if (m2mProfileType.getRowCount() > 0) {
result[m2mProfileTypeTable[item]] = {
'label': this._getPluralFromRecord(m2mProfileTypeTable[item] + ''),
'number': l10nRecords,
'link': m2mProfileTypeTable[item] + '_list.do?sysparm_query=' + m2mProfileType.getEncodedQuery(),
'operation': 'delete'
};
}
}
}
}
// Get Entities that needs to be deactivated
// Get all of the profiles that are associated with the profile type
var profileIds = [];
var associatedProfiles = new GlideRecord('sn_grc_m2m_profile_profile_type');
associatedProfiles.addQuery('profile_type', profileType);
associatedProfiles.addQuery('profile.active', true);
associatedProfiles.query();
while (associatedProfiles.next()) {
profileIds.push(associatedProfiles.getValue('profile'));
}
// Filter the profiles to those that are associated with an another profile type that's active
var ga = new GlideAggregate('sn_grc_m2m_profile_profile_type');
ga.addQuery('profile', 'IN', profileIds);
ga.addQuery('profile_type', '!=', profileType);
ga.addQuery('profile_type.active', true);
ga.groupBy('profile');
ga.query();
var remainingActive = [];
while (ga.next()) {
remainingActive.push(ga.getValue('profile'));
}
var needDeactivatedProfileIds = new global.ArrayUtil().diff(profileIds, remainingActive);
var needDeactivatedProfileIdsCount = parseFloat(needDeactivatedProfileIds.length);
if (needDeactivatedProfileIdsCount > 0) {
l10nRecords = gs.getMessage('{0} record(s)', needDeactivatedProfileIdsCount.toString());
result['sn_grc_profile'] = {
'label': this._getPluralFromRecord('sn_grc_profile'),
'number': l10nRecords,
'link': 'sn_grc_profile_list.do?sysparm_query=sys_idIN' + needDeactivatedProfileIds,
'operation': 'deactivate'
};
}
// Query for items that will be deactivated
var grcItem = new GlideAggregate("sn_grc_item");
grcItem.addQuery('source', profileType + ',');
grcItem.addQuery('active', 'true');
grcItem.addQuery('instance', 'true');
grcItem.addAggregate('COUNT', 'sys_class_name');
grcItem.query();
while (grcItem.next()) {
var className = grcItem.sys_class_name;
var classNameCount = grcItem.getAggregate('COUNT', 'sys_class_name');
l10nRecords = gs.getMessage('{0} record(s)', classNameCount);
if (classNameCount > 0)
result[className] = {
'label': this._getPluralFromRecord(grcItem.sys_class_name + ''),
'number': l10nRecords,
'link': className + '_list.do?sysparm_query=' + grcItem.getEncodedQuery(),
'operation': 'deactivate'
};
}
return new global.JSON().encode(result);
},
getAssociatedItemsToDocument: function(uniqueId, table_name) {
if (!gs.hasRole('sn_grc.user'))
return "{}";
var document = uniqueId || this.getParameter('sysparm_id');
var tableName = table_name || this.getParameter('sysparm_table_name');
var result = {};
var contentTable = '';
var itemTable = '';
var l10nRecords;
if (tableName == 'sn_risk_framework') {
contentTable = 'sn_risk_definition';
itemTable = 'sn_risk_risk';
}
// Get the contents associated to the document
var content = new GlideRecord(contentTable);
content.addQuery('document', document);
content.addActiveQuery();
content.query();
if (content.getRowCount() > 0) {
l10nRecords = gs.getMessage('{0} record(s)', content.getRowCount());
result[contentTable] = {
'label': this._getPluralFromRecord(contentTable),
'number': l10nRecords,
'link': contentTable + '_list.do?sysparm_query=' + content.getEncodedQuery(),
'operation': 'deactivate'
};
}
// Get items
var contentIds = this.getContentIds(tableName, [document]);
var item = new GlideRecord(itemTable);
item.addQuery('content', 'IN', contentIds);
item.addQuery('instance', true);
item.addActiveQuery();
item.query();
l10nRecords = gs.getMessage('{0} record(s)', item.getRowCount());
if (item.getRowCount() > 0) {
result[itemTable] = {
'label': this._getPluralFromRecord(itemTable),
'number': l10nRecords,
'link': itemTable + '_list.do?sysparm_query=' + item.getEncodedQuery(),
'operation': 'deactivate'
};
}
return new global.JSON().encode(result);
},
getItemsToProfile: function(uniqueId, operation_to_do) {
if (!gs.hasRole('sn_grc.user'))
return "{}";
var profile = uniqueId || this.getParameter('sysparm_id');
var operation = operation_to_do || this.getParameter('sysparm_operation');
var result = {};
result = this._getAssociatedItems('profile', result, profile, operation);
// Get associate indicators
result = this._buildResultForIndicatorsOrTPs('sn_grc_indicator', result, 'item.profile', profile, operation);
// Get associate test plans
result = this._buildResultForIndicatorsOrTPs('sn_audit_test_plan', result, 'control.profile', profile, operation);
result = this._getAssociatedRiskIdentification(result, profile, operation);
return new global.JSON().encode(result);
},
getItemsProfileToProfileType: function() {
if (!gs.hasRole('sn_grc.user'))
return "{}";
var ids = this.getParameter('sysparm_ids');
var profileToProfileTypeIds = ids.split(',');
var result = {};
var profileIds = {};
var profileTypeIds = {};
var profileToProfileType;
for (var index in profileToProfileTypeIds) {
profileToProfileType = new GlideRecord('sn_grc_m2m_profile_profile_type');
profileToProfileType.get(profileToProfileTypeIds[index]);
profileIds[profileToProfileType.profile + ''] = true;
profileTypeIds[profileToProfileType.profile_type + ''] = true;
}
result = this._getItems(result, 'profile', Object.keys(profileIds), Object.keys(profileTypeIds));
return new global.JSON().encode(result);
},
getItemsContentToProfileType: function() {
if (!gs.hasRole('sn_grc.user'))
return "{}";
var ids = this.getParameter('sysparm_ids');
var tableName = this.getParameter('sysparm_table_name');
var contentToProfileTypeIds = ids.split(',');
var result = {};
var contentIds = {};
var profileTypeIds = {};
var contentToProfileType;
var query = "contentIN";
for (var index in contentToProfileTypeIds) {
contentToProfileType = new GlideRecord(tableName);
contentToProfileType.get(contentToProfileTypeIds[index]);
contentIds[contentToProfileType.sn_grc_content + ''] = true;
profileTypeIds[contentToProfileType.sn_grc_profile_type + ''] = true;
}
result = this._getItems(result, 'content', Object.keys(contentIds), Object.keys(profileTypeIds));
return new global.JSON().encode(result);
},
getItemsDocToProfType: function() {
if (!gs.hasRole('sn_grc.user'))
return "{}";
var tableName = this.getParameter('sysparm_table_name');
var sysIds = this.getParameter('sysparm_ids').split(',');
var contentToProfileTypeTable = '';
var result = {};
if (tableName == 'sn_risk_m2m_framework_profile_type')
contentToProfileTypeTable = 'sn_risk_m2m_risk_definition_profile_type';
else if (tableName == 'sn_compliance_m2m_policy_profile_type')
contentToProfileTypeTable = 'sn_compliance_m2m_statement_profile_type';
var documentIds = {};
var profileTypeIds = {};
var docToProfileType;
// Get the content to profile type associations
for (var index in sysIds) {
docToProfileType = new GlideRecord(tableName);
docToProfileType.get(sysIds[index]);
documentIds[docToProfileType.sn_grc_document + ''] = true;
profileTypeIds[docToProfileType.sn_grc_profile_type + ''] = true;
}
// Get contents associated to the documents
var contents = this.getContentIds(tableName, Object.keys(documentIds));
var contentToProfileType = new GlideRecord(contentToProfileTypeTable);
contentToProfileType.addQuery('sn_grc_content', 'IN', contents);
contentToProfileType.addQuery('sn_grc_profile_type', 'IN', Object.keys(profileTypeIds));
contentToProfileType.addQuery('created_one_off', 'false');
contentToProfileType.query();
var contentToProfileTypeCount = contentToProfileType.getRowCount();
if (contentToProfileTypeCount > 0) {
var l10nRecords = gs.getMessage('{0} record(s)', contentToProfileTypeCount);
result[contentToProfileTypeTable] = {
'label': this._getPluralFromRecord(contentToProfileTypeTable + ''),
'number': l10nRecords,
'link': contentToProfileTypeTable + '_list.do?sysparm_query=' + contentToProfileType.getEncodedQuery(),
'operation': 'delete'
};
}
var contentIds = [];
while (contentToProfileType.next()) {
contentIds.push(contentToProfileType.sn_grc_content + '');
}
result = this._getItems(result, 'content', contentIds, Object.keys(profileTypeIds));
return new global.JSON().encode(result);
},
getContentIds: function(tableName, documentIds) {
var content;
var contentIds = [];
if (tableName.match("sn_risk")) {
content = new GlideRecord('sn_risk_definition');
content.addQuery('document', 'IN', documentIds);
content.query();
while (content.next())
contentIds.push(content.sys_id + '');
} else if (tableName.match("sn_compliance")) {
var contentToDoc = new GlideRecord('sn_compliance_m2m_policy_policy_statement');
contentToDoc.addQuery('document', 'IN', documentIds);
contentToDoc.query();
while (contentToDoc.next())
contentIds.push(contentToDoc.content + '');
}
return contentIds;
},
_getItems: function(result, field, ids, profileTypeIds) {
var item = new GlideAggregate('sn_grc_item');
item.addQuery(field, 'IN', ids);
var qc = item.addQuery('source', profileTypeIds[0] + ','); // Checking that the item was generated only for this profile type
if (profileTypeIds.length > 1) {
for (var i = 1; i < profileTypeIds.length; i++)
qc.addOrCondition('source', 'CONTAINS', profileTypeIds[i]);
}
item.addQuery('instance', true);
item.addQuery('state', '!=', 'retired');
item.addAggregate('COUNT', 'sys_class_name');
item.query();
while (item.next()) {
var className = item.sys_class_name;
var classNameCount = item.getAggregate('COUNT', 'sys_class_name');
var l10nRecords = gs.getMessage('{0} record(s)', classNameCount);
if (classNameCount > 0) {
result[className] = {
'label': this._getPluralFromRecord(item.sys_class_name + ''),
'number': l10nRecords,
'link': className + '_list.do?sysparm_query=' + item.getEncodedQuery(),
'operation': 'deactivate'
};
}
}
return result;
},
getItemsToContent: function(uniqueId, operation_to_do) {
if (!gs.hasRole('sn_grc.user'))
return "{}";
var content = uniqueId || this.getParameter('sysparm_id');
var result = {};
var operation = operation_to_do || this.getParameter('sysparm_operation');
// Get associate items count for content
result = this._getAssociatedItems('content', result, content, operation);
return new global.JSON().encode(result);
},
getRiskControlQueryCondition: function(profileIdArg, tableArg, itemID) {
if (!gs.hasRole('sn_grc.user'))
return "sys_idIN";
var profile = profileIdArg ? profileIdArg : this.getParameter('sysparm_profile_id') + '';
var table = tableArg ? tableArg : this.getParameter('sysparm_table_name') + '';
var gr = new GlideRecord(table);
gr.addQuery('profile', profile);
gr.query();
var associatedRiskOrControlIds = [];
while (gr.next()) {
if (this._alreadyAssociated(gr.sys_id + '', itemID))
associatedRiskOrControlIds.push(gr.sys_id + '');
}
var queryCondition = ('profile=' + profile + '^' + 'sys_idNOT IN' + associatedRiskOrControlIds+"^active=true" + "^EQ");
return queryCondition;
},
_alreadyAssociated: function(riskOrControlId, itemID) {
var ret = false;
var itemId = itemID ? itemID : this.getParameter('sysparm_item_id') + '';
var item = new GlideRecord('sn_grc_item');
if (!item.get(itemId))
return ret;
var gr = new GlideRecord('sn_risk_m2m_risk_control');
if (item.sys_class_name == 'sn_risk_risk') {
gr.addQuery('sn_compliance_control', riskOrControlId);
gr.addQuery('sn_risk_risk', itemId);
} else {
gr.addQuery('sn_risk_risk', riskOrControlId);
gr.addQuery('sn_compliance_control', itemId);
}
gr.query();
if (gr.next())
ret = true;
return ret;
},
associateRiskAndControl: function() {
var itemId = this.getParameter('sysparm_item_id') + '';
var item = new GlideRecord('sn_grc_item');
if (!item.get(itemId))
return '';
var isRiskOrControl = item.sys_class_name == 'sn_risk_risk' || item.sys_class_name == 'sn_compliance_control';
var isRiskOrComplianceUser = gs.hasRole('sn_risk.user') || gs.hasRole('sn_compliance.user');
if (!isRiskOrControl || !isRiskOrComplianceUser)
return '';
var riskOrControlIds = this.getParameter('sysparm_risk_control_ids');
if (riskOrControlIds != '') {
riskOrControlIdList = riskOrControlIds.split(',');
for (var i = 0; i < riskOrControlIdList.length; i++) {
var gr = new GlideRecord('sn_risk_m2m_risk_control');
if (item.sys_class_name == 'sn_risk_risk') {
gr.addQuery('sn_compliance_control', riskOrControlIdList[i]);
gr.addQuery('sn_risk_risk', itemId);
} else {
gr.addQuery('sn_risk_risk', riskOrControlIdList[i]);
gr.addQuery('sn_compliance_control', itemId);
}
gr.query();
if (!gr.next()) {
gr.initialize();
if (item.sys_class_name == 'sn_risk_risk') {
gr.sn_compliance_control = riskOrControlIdList[i];
gr.sn_risk_risk = itemId;
} else {
gr.sn_risk_risk = riskOrControlIdList[i];
gr.sn_compliance_control = itemId;
}
gr.insert();
}
}
}
if ((new sn_grc.GRCUtils()).isRiskControlRelationshipAvailable(itemId))
return "true";
else
return "false";
},
getSelectedTemplateIdList: function() {
var itemId = this.getParameter('sysparm_item_id');
var itemFieldName = this.getParameter('sysparm_item_field_name');
var table = this.getParameter('sysparm_table');
var templateFieldName = this.getParameter('sysparm_template_field_name');
return (new GRCUtils()).getSelectedTemplateIdList(itemId, itemFieldName, table, templateFieldName);
},
getUnselectedIndicatorTemplateIdList: function() {
var itemId = this.getParameter('sysparm_item_id');
var contentId = this.getParameter('sysparm_content_id');
var selectedList = (new GRCUtils()).getSelectedTemplateIdList(itemId, 'item', 'sn_grc_indicator', 'template');
var unselectedList = [];
var gr = new GlideRecord('sn_grc_m2m_ind_temp_cont');
gr.addQuery('content', contentId);
gr.addQuery('indicator_template', 'NOT IN', selectedList);
gr.addQuery('indicator_template.active', true);
gr.query();
while (gr.next())
unselectedList.push(gr.getValue('indicator_template'));
return unselectedList.join(',');
},
generateIndicatorFromTemplate: function() {
var itemId = this.getParameter('sysparm_item_id');
var item = new GlideRecord('sn_grc_item');
if (!item.get(itemId))
return "";
if ((item.sys_class_name == 'sn_risk_risk' && !gs.hasRole('sn_risk.manager')) ||
(item.sys_class_name == 'sn_compliance_control' && !gs.hasRole('sn_compliance.manager')))
return "";
var templateIds = this.getParameter('sysparm_template_ids');
if (templateIds != '') {
templateIdList = templateIds.split(',');
var i = 0;
while (i < templateIdList.length) {
(new sn_grc.IndicatorGeneratorEngine()).generateIndicatorFromTemplate(templateIdList[i], itemId);
i++;
}
}
if ((new GRCUtils()).isIndicatorRelationshipAvailable(itemId))
return "true";
else
return "false";
},
createProfileRelationshipModel: function() {
var downstreamProfileIds = this.getParameter('sysparm_downstream_profile_ids').split(',');
var upstreamProfileIds = this.getParameter('sysparm_upstream_profile_ids').split(',');
var direction = this.getParameter('sysparm_direction');
for (var i = 0; i < upstreamProfileIds.length; i++) {
for (var j = 0; j < downstreamProfileIds.length; j++) {
var profileToProfile = new GlideRecord("sn_grc_m2m_profile_profile");
profileToProfile.upstream_profile = upstreamProfileIds[i];
profileToProfile.downstream_profile = downstreamProfileIds[j];
profileToProfile.insert();
}
}
return new global.JSON().encode({
hasDownstreamProfiles: false,
hasUpstreamProfiles: false
});
},
_getAssociatedItems: function(type, result, id, operation) {
// Get associate items count
var item = new GlideAggregate('sn_grc_item');
item.addQuery(type, id);
if (!(type == "profile" && operation == "delete"))
item.addQuery('state', '!=', 'retired');
item.addAggregate('COUNT', 'sys_class_name');
item.query();
while (item.next()) {
var className = item.sys_class_name;
var classNameCount = item.getAggregate('COUNT', 'sys_class_name');
var l10nRecords = gs.getMessage('{0} record(s)', classNameCount);
if (classNameCount > 0)
result[className] = {
'label': this._getPluralFromRecord(item.sys_class_name + ''),
'number': l10nRecords,
'link': className + '_list.do?sysparm_query=' + item.getEncodedQuery(),
'operation': operation
};
}
return result;
},
_getAssociatedRiskIdentification: function(result, entityID, operation) {
var ri = new GlideRecord('sn_risk_advanced_risk_identification');
if (ri.isValid()) {
ri.addQuery('entity', entityID);
ri.addQuery('state', '!=', 'retired');
ri.query();
if (ri.next()) {
result["sn_risk_advanced_risk_identification"] = {
'label': 'Risk Identification',
'number': gs.getMessage('1 record'),
'link': 'sn_risk_advanced_risk_identification.do?sys_id=' + ri.getUniqueValue(),
'operation': operation
};
}
}
return result;
},
_getPluralFromRecord: function(tableName) {
// TODO: Will use getPlural() after it is available to scoped app
var rec = new GlideRecord(tableName);
return rec.getLabel();
},
_buildResultForIndicatorsOrTPs: function(tableName, result, field, profile, operation) {
var rec = new GlideRecord(tableName);
if (rec.isValid()) {
rec.addActiveQuery();
rec.addQuery(field, profile);
rec.query();
var number = rec.getRowCount();
var l10nRecords = gs.getMessage('{0} record(s)', number);
if (number > 0)
result[tableName] = {
'label': this._getPluralFromRecord(tableName),
'number': l10nRecords,
'link': tableName + '_list.do?sysparm_query=' + rec.getEncodedQuery(),
'operation': operation
};
}
return result;
},
isGeneratingForProfileType: function() {
var tableName = this.getParameter('sysparm_table_name');
var ids = this.getParameter('sysparm_ids');
var fieldName = this.getParameter('sysparm_field_name');
var method = this.getParameter('sysparm_method_name');
switch (method) {
case 'getItemsProfileToProfileType':
return this.getItemsProfileToProfileType();
case 'getItemsContentToProfileType':
return this.getItemsContentToProfileType();
case 'getItemsDocToProfType':
return this.getItemsDocToProfType();
case 'getAssociatedItemsToProfileType':
return this.getAssociatedItemsToProfileType(ids, tableName, 'mark_for_deletion');
}
},
isGeneratingForRecord: function(table, id, method, operation_to_do) {
var uniqueID = id || this.getParameter('sysparm_id');
var methodName = method || this.getParameter('sysparm_method_name');
var fieldName = this.getParameter('sysparm_field_name');
var tableName = table || this.getParameter('sysparm_table_name');
var operation = operation_to_do || this.getParameter('sysparm_operation');
switch (methodName) {
case 'getItemsToProfile':
return this.getItemsToProfile(uniqueID, operation);
case 'getItemsToContent':
return this.getItemsToContent(uniqueID, tableName);
case 'getAssociatedItemsToDocument':
return this.getAssociatedItemsToDocument(uniqueID, tableName);
case 'getAssociatedItemsToProfileType':
return this.getAssociatedItemsToProfileType(uniqueID, tableName, operation);
}
},
getMetricInfo: function() {
var sysId = this.getParameter('sysparm_sys_id');
var assessmentInstance = new GlideRecord('asmt_assessment_instance');
if (assessmentInstance.get(sysId))
return assessmentInstance.getValue('metric_type');
return '';
},
userHasRole: function() {
if (!gs.hasRole('sn_grc.user')) //Fix for DEF0104652
return "{}";
var userId = this.getParameter('sysparm_userId');
var roleName = this.getParameter('sysparm_role_name');
return new GRCUtils().userHasRole(userId, roleName);
},
removeUsersWithoutRole: function() {
if (!gs.hasRole('sn_grc.user')) //Fix for DEF0104652
return "{}";
var users = this.getParameter('sysparm_users');
var roleName = this.getParameter('sysparm_role_name');
return new GRCUtils().removeUsersWithoutRole(users, roleName);
},
getInvalidProfile: function(currentID, direction) {
var ids = '';
if (!gs.hasRole('sn_grc.manager')) {
return ids;
}
var currentProfile = new GlideRecord('sn_grc_profile');
if (currentProfile.get(currentID)) {
var associatedProfileIds = new sn_grc.ImportProfiles().getAssociatedProfiles(currentID, direction);
var invalidProfiles;
if (direction == "upstream") {
invalidProfiles = new sn_grc.GRCProfileLists().getDownstreamProfiles(currentID);
} else {
associatedProfileIds.push(currentID);
invalidProfiles = new sn_grc.GRCProfileLists().getUpstreamProfiles(currentID);
}
if (!currentProfile.profile_class.category.nil()) {
var gr = new GlideRecord("sn_grc_profile");
gr.addQuery("sys_id", "IN", invalidProfiles);
gr.addEncodedQuery("profile_class.category=" + currentProfile.profile_class.category + "^ORprofile_class.category=");
gr.query();
ids = [];
while (gr.next()) {
ids.push(gr.getUniqueValue());
}
} else {
ids = invalidProfiles;
}
ids = ids.concat(associatedProfileIds);
}
return ids;
},
getRelationships: function(currentIDArg, directionArg, relationshipTypesArg) {
var listIds = {};
var currentID = currentIDArg ? currentIDArg : this.getParameter('sysparm_currentID');
var direction = directionArg ? directionArg : this.getParameter('sysparm_direction');
var relationshipTypes = relationshipTypesArg ? relationshipTypesArg.split(",") : this.getParameter('sysparm_relationshipTypes').split(",");
for (var i = 0; i < relationshipTypes.length; i++) {
var ids = '';
switch (relationshipTypes[i]) {
case 'profile':
var profile = new GlideRecord('sn_grc_profile');
if (profile.get(currentID))
ids = new sn_grc.ImportProfiles().getCategories(profile, direction);
break;
case 'invalidProfile':
ids = this.getInvalidProfile(currentID, direction);
break;
case 'risk':
var risk = new GlideRecord('sn_risk_risk');
if (risk.get(currentID)) {
var riskProfile = new GlideRecord('sn_grc_profile');
if (riskProfile.get(risk.profile))
ids = new sn_risk.RiskUtilsV2().getValidRisksForRelationships(riskProfile, direction, risk.sys_id);
}
break;
case 'engagement':
ids = new sn_audit.AuditUtils().getSelectedProfileIdList(currentID);
break;
case 'metric':
ids = new sn_compliance.GRCPolicyCompAssessment().getAllowedEvaluationMethods();
break;
}
if (typeof ids == 'undefined')
ids = "";
listIds[relationshipTypes[i]] = ids;
}
return new global.JSON().encode(listIds);
},
createControlsOrRisks: function() {
var contentType = this.getParameter('content_type');
var isPolicyStatement = false;
if (contentType == 'sn_compliance_policy_statement') {
if (!(new GlideRecord('sn_compliance_control')).canCreate())
return this._error(gs.getMessage('Insufficient privileges to create controls'));
isPolicyStatement = true;
} else {
if (!(new GlideRecord('sn_risk_risk')).canCreate())
return this._error(gs.getMessage('Insufficient privileges to create risks'));
}
var profileIds = this.getParameter('sysparm_profile_ids');
if (!profileIds)
return this._error(new sn_grc.GRCUtils().getMessage('missing_profile_ids'));
profileIds = profileIds.split(',');
if (profileIds.length == 1 && profileIds[0] == '')
return this._error(new sn_grc.GRCUtils().getMessage('missing_profile_ids'));
var contentId = this.getParameter('sysparm_content_id');
if (!contentId)
return this._error(gs.getMessage('Missing content'));
var canCreateControls = false;
if (isPolicyStatement)
canCreateControls = this._canControlsGetCreated(contentType, contentId);
var numControlsOrRisksCreated = 0;
var numExistingControlsOrRisks = 0;
var numExistingRetriedControlsOrRisks = 0;
var content_profile_m2m = null;
for (var i = 0; i < profileIds.length; i++) {
var item = this._get_already_associated_item(profileIds[i], contentId, contentType);
if (item == null) {
content_profile_m2m = this._createProfileToContentAssociation(contentId, profileIds[i], this.getParameter('content_type'));
if (content_profile_m2m == null) {
if (isPolicyStatement)
return this._error(new sn_grc.GRCUtils().getMessage('unable_to_create_items_ps'));
else
return this._error(new sn_grc.GRCUtils().getMessage('unable_to_create_items_rs'));
}
if (isPolicyStatement && !canCreateControls) {
continue;
}
item = this._get_already_associated_item(profileIds[i], contentId, contentType);
if (item)
numControlsOrRisksCreated++;
} else {
var ans = this._updateSourceAndCreateM2MRelation(contentId, profileIds[i], this.getParameter('content_type'), item);
if (ans.error) {
return ans.error;
} else {
if (ans.existingRetiredItem) {
numExistingRetriedControlsOrRisks++;
} else {
numExistingControlsOrRisks++;
}
}
}
}
if (isPolicyStatement && !canCreateControls) {
return this._info(gs.getMessage('The "Create controls automatically" check box is not selected, so controls will not be generated automatically.'));
}
var result = {
numControlsOrRisksCreated: numControlsOrRisksCreated + '',
numExistingControlsOrRisks: numExistingControlsOrRisks + '',
numExistingRetriedControlsOrRisks: numExistingRetriedControlsOrRisks + '',
};
return new global.JSON().encode(this._getMessages(result, contentType));
},
_updateSource: function(item, profileId) {
var source = item.getValue('source');
var searchString = profileId + ',';
if (source == null)
source = '';
else if (source.search(searchString) != -1)
return;
source = source + profileId + ',';
item.setValue('source', source);
},
_canControlsGetCreated: function(contentType, contentId) {
var content = new GlideRecord(contentType);
content.get(contentId);
return content.auto_control_create;
},
_getMessages: function(result, contentType) {
var numControlsOrRisksCreatedMsg = '';
var numExistingControlsOrRisksMsg = '';
var numExistingRetiredControlsOrRisksMsg = '';
var numNoAutoCreateControlObjectivesMsg = '';
if (contentType == 'sn_compliance_policy_statement') {
numControlsOrRisksCreatedMsg = gs.getMessage('{0} new control(s) created', result.numControlsOrRisksCreated);
if (result.numExistingRetriedControlsOrRisks != 0)
numExistingRetiredControlsOrRisksMsg = gs.getMessage('{0} control(s) moved from retired to draft state', result.numExistingRetriedControlsOrRisks);
if (result.numExistingControlsOrRisks != 0)
numExistingControlsOrRisksMsg = gs.getMessage('{0} control(s) ignored', result.numExistingControlsOrRisks);
if (result.numNoAutoCreateControlObjectives != 0)
numNoAutoCreateControlObjectivesMsg = gs.getMessage('{0} control(s) were not created as "Creates controls automatically" flag was unchecked. Please check the flag if you wish to create controls for those control objectives', result.numNoAutoCreateControlObjectives);
} else {
numControlsOrRisksCreatedMsg = gs.getMessage('{0} new risk(s) created', result.numControlsOrRisksCreated);
if (result.numExistingRetriedControlsOrRisks != 0)
numExistingRetiredControlsOrRisksMsg = gs.getMessage('{0} risk(s) moved from retired to draft state', result.numExistingRetriedControlsOrRisks);
if (result.numExistingControlsOrRisks != 0)
numExistingControlsOrRisksMsg = gs.getMessage('{0} risk(s) ignored', result.numExistingControlsOrRisks);
}
return {
numControlsOrRisksCreatedMsg: numControlsOrRisksCreatedMsg,
numExistingControlsOrRisksMsg: numExistingControlsOrRisksMsg,
numExistingRetiredControlsOrRisksMsg: numExistingRetiredControlsOrRisksMsg,
numNoAutoCreateControlObjectivesMsg: numNoAutoCreateControlObjectivesMsg
};
},
_error: function(msg) {
return new global.JSON().encode({
error: msg
});
},
_info: function(msg) {
return new global.JSON().encode({
info: msg
});
},
createDownstreamRisks: function() {
if (!(new GlideRecord('sn_risk_risk')).canCreate())
return this._error(gs.getMessage('Insufficient privileges to create risks'));
var contentIds = this.getParameter('sysparm_content_ids');
if (!contentIds)
return this._error(gs.getMessage('Missing content id(s)'));
contentIds = contentIds.split(',');
if (contentIds.length == 1 && contentIds[0] == '')
return this._error(gs.getMessage('Missing content id(s)'));
var profileId = this.getParameter('sysparm_profile_id');
if (!profileId)
return this._error(new sn_grc.GRCUtils().getMessage('missing_profile'));
var numControlsOrRisksCreated = 0;
var numExistingControlsOrRisks = 0;
var numExistingRetriedControlsOrRisks = 0;
var content_profile_m2m = null;
for (var i = 0; i < contentIds.length; i++) {
var item = this._get_already_associated_item(profileId, contentIds[i], 'sn_risk_definition');
if (item == null) {
content_profile_m2m = this._createProfileToContentAssociation(contentIds[i], profileId, 'sn_risk_definition');
if (content_profile_m2m == null)
return this._error(gs.getMessage('Unable to create risks'));
item = this._get_already_associated_item(profileId, contentIds[i], 'sn_risk_definition');
if (item)
numControlsOrRisksCreated++;
} else {
var ans = this._updateSourceAndCreateM2MRelation(contentIds[i], profileId, 'sn_risk_definition', item);
if (ans.error) {
return ans.error;
} else {
if (ans.existingRetiredItem) {
numExistingRetriedControlsOrRisks++;
} else {
numExistingControlsOrRisks++;
}
}
}
}
var result = {
numControlsOrRisksCreated: numControlsOrRisksCreated + '',
numExistingControlsOrRisks: numExistingControlsOrRisks + '',
numExistingRetriedControlsOrRisks: numExistingRetriedControlsOrRisks + ''
};
return new global.JSON().encode(this._getMessages(result, 'sn_risk_definition'));
},
createDownstreamControls: function(controlObjectives, profileSysId) {
if (!(new GlideRecord('sn_compliance_control')).canCreate())
return this._error(gs.getMessage('Insufficient privileges to create controls'));
var contentIds = this.getParameter('sysparm_content_ids');
if (!contentIds) {
contentIds = controlObjectives;
}
if (!contentIds)
return this._error(gs.getMessage('Missing content id(s)'));
contentIds = contentIds.split(',');
if (contentIds.length == 1 && contentIds[0] == '')
return this._error(gs.getMessage('Missing content id(s)'));
var profileId = this.getParameter('sysparm_profile_id');
if (!profileId) {
profileId = profileSysId;
}
if (!profileId)
return this._error(new sn_grc.GRCUtils().getMessage('missing_profile'));
var numControlsOrRisksCreated = 0;
var numExistingControlsOrRisks = 0;
var numExistingRetriedControlsOrRisks = 0;
var content_profile_m2m = null;
var numNoAutoCreateControlObjectives = 0;
for (var i = 0; i < contentIds.length; i++) {
var item = this._get_already_associated_item(profileId, contentIds[i], 'sn_compliance_policy_statement');
if (item == null) {
content_profile_m2m = this._createProfileToContentAssociation(contentIds[i], profileId, 'sn_compliance_policy_statement');
if (content_profile_m2m == null) {
continue;
}
var co = new GlideRecord("sn_compliance_policy_statement");
co.get(contentIds[i]);
if (!co.auto_control_create) {
numNoAutoCreateControlObjectives++;
continue;
}
item = this._get_already_associated_item(profileId, contentIds[i], 'sn_compliance_policy_statement');
if (item)
numControlsOrRisksCreated++;
} else {
var ans = this._updateSourceAndCreateM2MRelation(contentIds[i], profileId, 'sn_compliance_policy_statement', item);
if (ans.error) {
return ans.error;
} else {
if (ans.existingRetiredItem) {
numExistingRetriedControlsOrRisks++;
} else {
numExistingControlsOrRisks++;
}
}
}
}
var result = {
numControlsOrRisksCreated: numControlsOrRisksCreated + '',
numExistingControlsOrRisks: numExistingControlsOrRisks + '',
numExistingRetriedControlsOrRisks: numExistingRetriedControlsOrRisks + '',
numNoAutoCreateControlObjectives: numNoAutoCreateControlObjectives + ''
};
return new global.JSON().encode(this._getMessages(result, 'sn_compliance_policy_statement'));
},
getAlreadyAssociatedContentForEntity: function(entityId, className) {
return new sn_grc.GRCProfileLists().getAlreadyAssociatedContent(entityId, className);
},
_updateSourceAndCreateM2MRelation: function(contentId, profileId, contentType, item) {
var result = {};
var content_profile_m2m = this._createProfileToContentAssociation(contentId, profileId, contentType);
if (content_profile_m2m == null) {
if (contentType == 'sn_compliance_policy_statement')
result.error = this._error(gs.getMessage('Unable to create controls'));
else
result.error = this._error(gs.getMessage('Unable to create risks'));
}
if (item.getValue('state') === 'retired') {
result.existingRetiredItem = true;
} else {
result.existingRetiredItem = false;
}
return result;
},
_createProfileToContentAssociation: function(contentId, profileId, contentType) {
var content_profile_m2m = new GlideRecord('sn_grc_m2m_content_profile');
content_profile_m2m.addQuery('sn_grc_content', contentId);
content_profile_m2m.addQuery('sn_grc_profile', profileId);
content_profile_m2m.addQuery('content_type', contentType);
content_profile_m2m.query();
if (!content_profile_m2m.next()) {
content_profile_m2m.setValue('sn_grc_content', contentId);
content_profile_m2m.setValue('sn_grc_profile', profileId);
content_profile_m2m.setValue('content_type', contentType);
var sysId = content_profile_m2m.insert();
if (sysId == null) {
return null;
}
content_profile_m2m.initialize();
content_profile_m2m.get(sysId);
}
return content_profile_m2m;
},
_get_already_associated_item: function(profileId, contentId, contentType) {
var item = new GlideRecord('sn_grc_item');
item.addQuery('profile', profileId);
item.addQuery('content', contentId);
item.addQuery('instance', true);
item.query();
if (item.next()) {
return item;
}
return null;
},
getLastMonthAccrualPeriod: function() {
return new LicenseUtils().getLastMonthAccrualPeriod();
},
checkProfileClassRootExists: function() {
var sysId = this.getParameter('sysparm_sysId');
var profileClass = new GlideRecord("sn_grc_profile_class");
profileClass.addQuery("is_root", true);
profileClass.query();
if (profileClass.next()) {
if (profileClass.getUniqueValue() != sysId) {
return true;
}
}
return false;
},
isContentActive: function() {
return new sn_grc.GRCUtilsBase().isContentActive(this.getParameter('sysparm_args'));
},
isProfileActive: function() {
return new sn_grc.GRCUtilsBase().isProfileActive(this.getParameter('sysparm_args'));
},
getRelationshipIds: function(profileId, relationshipType){
return new sn_grc.GRCProfileLists().getRelationshipIds(profileId, relationshipType);
},
getInfoObjects: function(m2mTableName, baseTableColumnName, baseTableID){
var relGr = new GlideRecord(m2mTableName);
relGr.addQuery(baseTableColumnName, baseTableID);
relGr.query();
var sysId_list = [];
while(relGr.next()) {
sysId_list.push(relGr.getValue('information_object'));
}
return sysId_list.join(',');
},
getEntityOwner: function() {
var gr = new GlideRecord('sn_grc_profile');
if(gr.get(this.getParameter('sysparm_entity_id'))) {
return gr.getValue('owned_by');
}
},
getImmediateEngagements: function() {
return new sn_grc.GRCProfileLists().getImmediateEngagmentIDs(this.getParameter('sysparm_entity_id'));
},
getCommonControlsForEntity: function(id) {
var profileId;
if(id) {
profileId = id;
} else {
profileId = this.getParameter("sysparm_profileId");
}
var result = new sn_grc.ItemInheritanceAPI().getItemsForReliantEntity({
entityId: profileId,
itemType: "Control"
});
return result.itemIds;
},
type: 'GRCAjax'
});
Sys ID
03be61172f3202007eaf77cfb18c9588