Name

sn_grc.GRCSecurityManagerAjax

Description

General AJAX utilities for GRC

Script

var GRCSecurityManagerAjax = Class.create();
GRCSecurityManagerAjax.prototype = Object.extendsObject(global.AbstractAjaxProcessor, {

  getConfidentialUsers: function(tableName, sysId, strconfiguredFields) {
      if (gs.nil(tableName))
          tableName = this.getParameter("sysparm_table");

      if (gs.nil(sysId))
          sysId = this.getParameter("sysparm_sys_id");

      if (gs.nil(strconfiguredFields))
          strconfiguredFields = this.getParameter("sysparm_configuredFields");

      configuredFields = new global.JSON().decode(strconfiguredFields);

      if (gs.nil(tableName) || gs.nil(sysId) || gs.nil(configuredFields))
          return false;

      var confidentialUsers = '';
      var current = new GlideRecord(tableName);

      for (var key in configuredFields) {

          if (key.includes('.') && !gs.nil(configuredFields[key])) {
              var configuredFieldName = key.split('.')[0];
              var dotWalkedColumnName = key.split('.')[1];

              configuredFieldTableName = current.getElement(configuredFieldName).getReferenceTable();

              grConfiguredField = new GlideRecord(configuredFieldTableName + '');
              grConfiguredField.get(configuredFields[key]);

              if (!gs.nil(grConfiguredField))
                  configuredFieldUser = grConfiguredField.getElement(dotWalkedColumnName);
              if (!gs.nil(configuredFieldUser)) {
                  confidentialUsers += configuredFieldUser + ',';
              }
          }
      }
      return confidentialUsers;
  },
  
  //verifying if a table is confidential out of the box
  
  isConfidentialTable: function(tableName) {
  	tableName = this.getParameter("sysparm_table");
  	return new sn_grc.GRCSecurityManager().isConfidentialTable(tableName);
  },
  
  getCustomConfidentialFields: function(){
  	var table = this.getParameter("sysparm_table");
  	if (!table)
          return this._error(gs.getMessage("Table name is missing in the request"));
  	var fields = new sn_grc.GRCSecurityManager().getCustomConfidentialFields(table);
  	return new global.JSON().encode(fields);
  },
  
  getConfidentialitySourceUserGroups: function(){
  	var table = this.getParameter("sysparm_table");
  	var sysId = this.getParameter("sysparm_record_sys_id");
  	var usersCopySource = this.getParameter("sysparm_users_copy_cource");
  	var groupsCopySource = this.getParameter("sysparm_groups_copy_cource");
  	var referenceTableValuesForUsers = this.getParameter("sysparm_referencing_tables_for_users");
  	var referenceTableValuesForGroups = this.getParameter("sysparm_referencing_tables_for_groups");
  	var usersOnForm = this.getParameter("sysparm_users_on_form");
  	var groupsOnForm = this.getParameter("sysparm_groups_on_form");
  	if (!table)
          return this._error(gs.getMessage("Table name is missing in the request"));
  	if (!sysId)
          return this._error(gs.getMessage("Record sys id is missing in the request"));
  
  	var result = new sn_grc.GRCSecurityManager().getConfidentialitySourceUserGroups(table, sysId, usersCopySource, groupsCopySource, usersOnForm, groupsOnForm,referenceTableValuesForUsers,referenceTableValuesForGroups);
  	
  		
  	return new global.JSON().encode(result);
  },
  
  
  
  getMainAndInheritingTables: function(mainConfidentialRecord,inheritingConfidentialRecord) {
  	
  	var tables = { "main_table":"", "inheriting_table":"" };
  	
  	var confidentialityGr = new GlideRecord("sn_grc_confidentiality_configuration");
  	
  	if(mainConfidentialRecord && inheritingConfidentialRecord) {
  		confidentialityGr.get(mainConfidentialRecord);
  		tables.main_table = confidentialityGr.getValue("table");
  		
  		confidentialityGr.initialize();
  		confidentialityGr.get(inheritingConfidentialRecord);
  		tables.inheriting_table = confidentialityGr.getValue('table');
  	}
  	return tables;
  },
  
  
  getExistingRelationshipTypes: function() {
  	
  	var mainConfidentialRecord = this.getParameter("sysparm_main_confidential_record");
  	var inheritingConfidentialRecord = this.getParameter("sysparm_inheriting_confidential_record");
  	
  	if(mainConfidentialRecord && inheritingConfidentialRecord) {
  		var tables = this.getMainAndInheritingTables(mainConfidentialRecord,inheritingConfidentialRecord);
  		
  		var result = new sn_grc.GRCSecurityManager().getExistingRelationshipTypes(tables.main_table,tables.inheriting_table);
  		return new global.JSON().encode(result);
  	}
  	
  },
  
  getRelationshipData: function() {
  	var result ;
  	
  	var mainConfidentialRecord = this.getParameter("sysparm_main_confidential_record");
  	var inheritingConfidentialRecord = this.getParameter("sysparm_inheriting_confidential_record");
  	var relationship_type = this.getParameter("sysparm_relationship_type");
  	
  	var tables = this.getMainAndInheritingTables(mainConfidentialRecord,inheritingConfidentialRecord);
  	var mainTable = tables.main_table;
  	var inheritingTable = tables.inheriting_table;
  	
  	if(mainTable && inheritingTable) {
  		if(relationship_type == "one_to_many") {
  			result = new sn_grc.GRCSecurityManager().getO2MRelationshipData(mainTable,inheritingTable);
  		} else if(relationship_type == "many_to_many") {
  			result = new  sn_grc.GRCSecurityManager().getM2MRelationshipData(mainTable,inheritingTable);
  		} else {
  			result = new sn_grc.GRCSecurityManager().getScriptedRelationshipData(mainTable,inheritingTable);
  		}
  	}
  	
  	return new global.JSON().encode(result);
  },
  
  /* returns fields of given m2m table which have references to parent table */
  
  getM2MTableFields: function() {
  	var result;
  	
  	var mainConfidentialRecord = this.getParameter("sysparm_main_confidential_record");
  	var inheritingConfidentialRecord = this.getParameter("sysparm_inheriting_confidential_record");
  	var relationship_table = this.getParameter("sysparm_relationship_table");
  	
  	var tables = this.getMainAndInheritingTables(mainConfidentialRecord,inheritingConfidentialRecord);
  	var mainTable = tables.main_table;
  	
  	if(mainTable && relationship_table) {
  		result = new sn_grc.GRCSecurityManager().getM2MTableFields(mainTable,relationship_table);
  	}
  	
  	return new global.JSON().encode(result);
  },
  
  /* mark records in related list confidential given inheritance config exists */
  
  markRelatedListRecordsConfidential: function() {
  
  	var childIds = this.getParameter("sysparm_childIds");
  	var childTable = this.getParameter("sysparm_childTable");
  	var parentSysId = this.getParameter("sysparm_parentSysId");
  	var parentTable = this.getParameter("sysparm_parentTable");
  	var relation = this.getParameter("sysparm_relation");
  	
  	var result = new sn_grc.GRCSecurityManager().markRelatedListRecordsConfidential(childIds,childTable,parentSysId,parentTable,relation);
  	if(result)
  		return new global.JSON().encode(result);
  },
  
  /* show remove confidentiality popup only when confidentiality config and inheritance config exists */
  validateRemoveConfidentialityPopUp: function() {
  	var tableName = this.getParameter("sysparm_table");
  	var recordId = this.getParameter("sysparm_recordId");
  	var newValue = this.getParameter("sysparm_confidentiality_value");
  
  	
  	var gr = new GlideRecord(tableName);
  	gr.get(recordId);
  	
  	var confidentialityGr = new GlideRecord("sn_grc_confidentiality_configuration");
  	confidentialityGr.addQuery("table",tableName);
  	confidentialityGr.setLimit(1);
  	confidentialityGr.query();
  	if(!confidentialityGr.hasNext())
  		return false;
  	confidentialityGr.next();
  	
  	var confidentialityField = confidentialityGr.getValue("confidentiality_field");
  	if(gr.getValue(confidentialityField) == "1" && newValue == "false") {
  		var inheritanceConfigExists = new sn_grc.GRCSecurityManager().checkIfInheritanceConfigExists(tableName);
  		if (inheritanceConfigExists){
  			return true;
  		}
  	}
  	
  	return false;
  	
  },
  
  /* Marking parent as non-confidential should mark all its children non-confidential , given inheritance config 
  exists btwn parent and child */
  removeConfidentialityThroughInheritanceConfig: function() {
  	var recordId = this.getParameter("sysparm_recordId");
  	var tableName = this.getParameter("sysparm_tableName");
  	
  	var gr = new GlideRecord(tableName);
  	gr.get(recordId);
  	
  	var script = new sn_grc.GRCSecurityManager();
  	var inheritanceConfigExists = script.checkIfInheritanceConfigExists(tableName);
  	if (inheritanceConfigExists) {
  		gs.addInfoMessage(gs.getMessage("Confidentiality of related records will be removed based on {0} confidentiality inheritance configuration done by admin. This process may take some time to complete.",[gr.getClassDisplayValue()]));
  		script.createRecordToBeProcessed(inheritanceConfigExists, gr, false, gs.getUserID());
  	}
  		
  		
  },

  
  
  type: 'GRCSecurityManagerAjax'
});

Sys ID

c9af02f2c7f33010ed8c927603c26022

Offical Documentation

Official Docs: