Name
sn_grc.GRCSecurityManagerAjax
Description
General AJAX utilities for GRC
Script
var GRCSecurityManagerAjax = Class.create();
GRCSecurityManagerAjax.prototype = Object.extendsObject(global.AbstractAjaxProcessor, {
getConfidentialUsers: function(tableName, sysId, strconfiguredFields) {
if (gs.nil(tableName))
tableName = this.getParameter("sysparm_table");
if (gs.nil(sysId))
sysId = this.getParameter("sysparm_sys_id");
if (gs.nil(strconfiguredFields))
strconfiguredFields = this.getParameter("sysparm_configuredFields");
configuredFields = new global.JSON().decode(strconfiguredFields);
if (gs.nil(tableName) || gs.nil(sysId) || gs.nil(configuredFields))
return false;
var confidentialUsers = '';
var current = new GlideRecord(tableName);
for (var key in configuredFields) {
if (key.includes('.') && !gs.nil(configuredFields[key])) {
var configuredFieldName = key.split('.')[0];
var dotWalkedColumnName = key.split('.')[1];
configuredFieldTableName = current.getElement(configuredFieldName).getReferenceTable();
grConfiguredField = new GlideRecord(configuredFieldTableName + '');
grConfiguredField.get(configuredFields[key]);
if (!gs.nil(grConfiguredField))
configuredFieldUser = grConfiguredField.getElement(dotWalkedColumnName);
if (!gs.nil(configuredFieldUser)) {
confidentialUsers += configuredFieldUser + ',';
}
}
}
return confidentialUsers;
},
//verifying if a table is confidential out of the box
isConfidentialTable: function(tableName) {
tableName = this.getParameter("sysparm_table");
return new sn_grc.GRCSecurityManager().isConfidentialTable(tableName);
},
getCustomConfidentialFields: function(){
var table = this.getParameter("sysparm_table");
if (!table)
return this._error(gs.getMessage("Table name is missing in the request"));
var fields = new sn_grc.GRCSecurityManager().getCustomConfidentialFields(table);
return new global.JSON().encode(fields);
},
getConfidentialitySourceUserGroups: function(){
var table = this.getParameter("sysparm_table");
var sysId = this.getParameter("sysparm_record_sys_id");
var usersCopySource = this.getParameter("sysparm_users_copy_cource");
var groupsCopySource = this.getParameter("sysparm_groups_copy_cource");
var referenceTableValuesForUsers = this.getParameter("sysparm_referencing_tables_for_users");
var referenceTableValuesForGroups = this.getParameter("sysparm_referencing_tables_for_groups");
var usersOnForm = this.getParameter("sysparm_users_on_form");
var groupsOnForm = this.getParameter("sysparm_groups_on_form");
if (!table)
return this._error(gs.getMessage("Table name is missing in the request"));
if (!sysId)
return this._error(gs.getMessage("Record sys id is missing in the request"));
var result = new sn_grc.GRCSecurityManager().getConfidentialitySourceUserGroups(table, sysId, usersCopySource, groupsCopySource, usersOnForm, groupsOnForm,referenceTableValuesForUsers,referenceTableValuesForGroups);
return new global.JSON().encode(result);
},
getMainAndInheritingTables: function(mainConfidentialRecord,inheritingConfidentialRecord) {
var tables = { "main_table":"", "inheriting_table":"" };
var confidentialityGr = new GlideRecord("sn_grc_confidentiality_configuration");
if(mainConfidentialRecord && inheritingConfidentialRecord) {
confidentialityGr.get(mainConfidentialRecord);
tables.main_table = confidentialityGr.getValue("table");
confidentialityGr.initialize();
confidentialityGr.get(inheritingConfidentialRecord);
tables.inheriting_table = confidentialityGr.getValue('table');
}
return tables;
},
getExistingRelationshipTypes: function() {
var mainConfidentialRecord = this.getParameter("sysparm_main_confidential_record");
var inheritingConfidentialRecord = this.getParameter("sysparm_inheriting_confidential_record");
if(mainConfidentialRecord && inheritingConfidentialRecord) {
var tables = this.getMainAndInheritingTables(mainConfidentialRecord,inheritingConfidentialRecord);
var result = new sn_grc.GRCSecurityManager().getExistingRelationshipTypes(tables.main_table,tables.inheriting_table);
return new global.JSON().encode(result);
}
},
getRelationshipData: function() {
var result ;
var mainConfidentialRecord = this.getParameter("sysparm_main_confidential_record");
var inheritingConfidentialRecord = this.getParameter("sysparm_inheriting_confidential_record");
var relationship_type = this.getParameter("sysparm_relationship_type");
var tables = this.getMainAndInheritingTables(mainConfidentialRecord,inheritingConfidentialRecord);
var mainTable = tables.main_table;
var inheritingTable = tables.inheriting_table;
if(mainTable && inheritingTable) {
if(relationship_type == "one_to_many") {
result = new sn_grc.GRCSecurityManager().getO2MRelationshipData(mainTable,inheritingTable);
} else if(relationship_type == "many_to_many") {
result = new sn_grc.GRCSecurityManager().getM2MRelationshipData(mainTable,inheritingTable);
} else {
result = new sn_grc.GRCSecurityManager().getScriptedRelationshipData(mainTable,inheritingTable);
}
}
return new global.JSON().encode(result);
},
/* returns fields of given m2m table which have references to parent table */
getM2MTableFields: function() {
var result;
var mainConfidentialRecord = this.getParameter("sysparm_main_confidential_record");
var inheritingConfidentialRecord = this.getParameter("sysparm_inheriting_confidential_record");
var relationship_table = this.getParameter("sysparm_relationship_table");
var tables = this.getMainAndInheritingTables(mainConfidentialRecord,inheritingConfidentialRecord);
var mainTable = tables.main_table;
if(mainTable && relationship_table) {
result = new sn_grc.GRCSecurityManager().getM2MTableFields(mainTable,relationship_table);
}
return new global.JSON().encode(result);
},
/* mark records in related list confidential given inheritance config exists */
markRelatedListRecordsConfidential: function() {
var childIds = this.getParameter("sysparm_childIds");
var childTable = this.getParameter("sysparm_childTable");
var parentSysId = this.getParameter("sysparm_parentSysId");
var parentTable = this.getParameter("sysparm_parentTable");
var relation = this.getParameter("sysparm_relation");
var result = new sn_grc.GRCSecurityManager().markRelatedListRecordsConfidential(childIds,childTable,parentSysId,parentTable,relation);
if(result)
return new global.JSON().encode(result);
},
/* show remove confidentiality popup only when confidentiality config and inheritance config exists */
validateRemoveConfidentialityPopUp: function() {
var tableName = this.getParameter("sysparm_table");
var recordId = this.getParameter("sysparm_recordId");
var newValue = this.getParameter("sysparm_confidentiality_value");
var gr = new GlideRecord(tableName);
gr.get(recordId);
var confidentialityGr = new GlideRecord("sn_grc_confidentiality_configuration");
confidentialityGr.addQuery("table",tableName);
confidentialityGr.setLimit(1);
confidentialityGr.query();
if(!confidentialityGr.hasNext())
return false;
confidentialityGr.next();
var confidentialityField = confidentialityGr.getValue("confidentiality_field");
if(gr.getValue(confidentialityField) == "1" && newValue == "false") {
var inheritanceConfigExists = new sn_grc.GRCSecurityManager().checkIfInheritanceConfigExists(tableName);
if (inheritanceConfigExists){
return true;
}
}
return false;
},
/* Marking parent as non-confidential should mark all its children non-confidential , given inheritance config
exists btwn parent and child */
removeConfidentialityThroughInheritanceConfig: function() {
var recordId = this.getParameter("sysparm_recordId");
var tableName = this.getParameter("sysparm_tableName");
var gr = new GlideRecord(tableName);
gr.get(recordId);
var script = new sn_grc.GRCSecurityManager();
var inheritanceConfigExists = script.checkIfInheritanceConfigExists(tableName);
if (inheritanceConfigExists) {
gs.addInfoMessage(gs.getMessage("Confidentiality of related records will be removed based on {0} confidentiality inheritance configuration done by admin. This process may take some time to complete.",[gr.getClassDisplayValue()]));
script.createRecordToBeProcessed(inheritanceConfigExists, gr, false, gs.getUserID());
}
},
type: 'GRCSecurityManagerAjax'
});
Sys ID
c9af02f2c7f33010ed8c927603c26022