Name
sn_risk_advanced.AdvancedRiskAssessmentScoringAJAX
Description
No description available
Script
var AdvancedRiskAssessmentScoringAJAX = Class.create();
AdvancedRiskAssessmentScoringAJAX.prototype = Object.extendsObject(global.AbstractAjaxProcessor, {
commitResponses: function() {
var responses = JSON.parse(this.getParameter('sysparm_responses'));
var responseIds = Object.keys(responses);
var resultObject = {};
for (var i = 0; i < responseIds.length; i++) {
var result = new sn_risk_advanced.RiskAssessmentScoringUtils().commitResponseToDB(responseIds[i], responses[responseIds[i]]);
resultObject[responseIds[i]] = result;
}
return JSON.stringify(resultObject);
},
validateScripts: function() {
if (gs.hasRole('sn_risk_advanced.ara_admin') || gs.hasRole('sn_grc.developer')) {
var groupFactorId = this.getParameter('sysparm_groupFactorId');
var groupFactor = new GlideRecord('sn_risk_advanced_group_factor');
groupFactor.get(groupFactorId);
var result = {};
new sn_risk_advanced.FactorUtils().validateBothScripts(groupFactor, result);
return JSON.stringify(result);
} else {
return JSON.stringify(gs.getMessage("Insufficient privileges to perform this action"));
}
},
validateAsmtTypeScripts: function() {
if (gs.hasRole('sn_risk.admin') || gs.hasRole('sn_grc.developer')) {
var asmtTypeId = this.getParameter('sysparm_asmtTypeId');
var asmtType = new GlideRecord('sn_risk_advanced_assessment_type');
asmtType.get(asmtTypeId);
var result = {};
new sn_risk_advanced.FactorUtils().validateBothAsmtTypeScripts(asmtType, result);
return JSON.stringify(result);
} else {
return JSON.stringify(gs.getMessage("Insufficient privileges to perform this action"));
}
},
validateResidualScoringBasedOnInherentAndControlScript: function() {
if (gs.hasRole('sn_risk.admin') && gs.hasRole('sn_grc.developer')) {
var asmtTypeId = this.getParameter('sysparm_asmtTypeId');
var asmtType = new GlideRecord('sn_risk_advanced_residual_assessment');
asmtType.get(asmtTypeId);
var evaluator = new GlideScopedEvaluator();
evaluator.putVariable('score', null);
evaluator.putVariable('result', {});
evaluator.putVariable('asmtId', '');
evaluator.putVariable('inherent_score', 0);
evaluator.putVariable('control_effectiveness', 0);
evaluator.evaluateScript(asmtType, 'qualitative_scoring_logic_script', null);
var result = evaluator.getVariable('result');
return JSON.stringify(result);
} else {
return JSON.stringify(gs.getMessage("Insufficient privileges to perform this action"));
}
},
getScriptForIndividualControlAsmt: function() {
return JSON.stringify(" /*************************************************************************************/\n\n" +
"/* 1. Use the predefined variables from the Qualitative script variables field.\n" +
"/* 2. You can define your own script variables within the script itself. For example, var impact = 1;\n" +
"/* asmtId can be passed as a parameter to the methods in the script. It can be used to derive the key and the non-key control scores.\n" +
"/* Function getControlScores returns the key score, the non-key score and the total control count which is used to get the final score.\n\n" +
"/*************************************************************************************/\n\n\n\n" +
" try {\n\n" +
" /***Start of Custom Code. Please write your scoring formula below. */\n" +
" var res = getControlScores(asmtId);\n" +
" score = (res.keyControlScore * 0.75 + res.nonkeyControlScore * 0.25) / res.totalControlCount;\n\n" +
" /***End of Custom Code. Do not modify anything below. */\n\n" +
" if (isNaN(score)) {\n" +
" throw 'Not a number';\n" +
" } else if (score == Infinity) {\n" +
" throw 'Divide by zero error'; \n" +
" }\n" +
"} catch (ex) {\n" +
" result.error = ex;\n" +
"}\n\n" +
"function getControlScores(asmtId) {\n" +
" var res = {};\n" +
" res.totalControlCount = 0;\n" +
" res.keyControlScore = 0;\n" +
" res.nonkeyControlScore = 0;\n" +
" var gr = new GlideRecord('sn_risk_advanced_risk_assessment_instance_response');\n" +
" gr.addQuery('assessment_instance_id', asmtId);\n" +
" gr.addQuery('assessment_type', '2');\n" +
" gr.addNotNullQuery('control');\n" +
" gr.query();\n" +
" while (gr.next()) {\n" +
" res.totalControlCount++;\n" +
" if (gr.control.key_control + '' == 'true')\n" +
" res.keyControlScore += parseFloat(gr.getValue('qualitative_response'));\n" +
" else\n" +
" res.nonkeyControlScore += parseFloat(gr.getValue('qualitative_response'));\n" +
" }\n" +
" return res;\n" +
"}\n");
},
getScriptForControlEnvAsmt: function() {
return JSON.stringify(" /*************************************************************************************/\n\n" +
"/* 1. Use the predefined variables from the Qualitative script variables field.\n" +
"/* 2. You can define your own script variables within the script itself. For example, var impact = 1;\n" +
"/* Example 1: If you wish to write a formula such as (FACxxxxxxx1 * FACxxxxxx2)/FACxxxxxx3 between three factors, FACxxxxxx1,\n FACxxxxxx2 and FACxxxxxx3 which represent design effectiveness factor, operational effectiveness factor and" + "issue remediation factor\n respectively, then write the the code: score = (FACxxxxxxx1 + FACxxxxxx2)*2 + FACxxxxxx3\n" +
"/* Example 2: If you wish to use your own variable in the script you can write it as 'score = (FACxxxxxxx1 + FACxxxxxx2 + cust_var)*2\n FACxxxxxx3' where cust_var is your declared variable.\n\n" +
"/*************************************************************************************/\n\n\n\n" +
" try {\n\n" +
" /***Start of Custom Code. Please write your scoring formula below. */\n" +
" score = '';\n\n" +
" /***End of Custom Code. Do not modify anything below. */\n\n" +
" if (isNaN(score)) {\n" +
" throw 'Not a number';\n" +
" } else if (score == Infinity) {\n" +
" throw 'Divide by zero error'; \n" +
" }\n" +
"} catch (ex) {\n" +
" result.error = ex;\n" +
"}\n\n");
}
});Sys ID
ff283728536100100b39ddeeff7b12be