Posts

Showing posts from 2019

ACL Execution

1) incident.None --> if user satisfies this ACL, then he will have access to the table and all the fields provide there are no field level acls like incident.* or incident.<field_name> 2) incident.None & incident.caller --> User should satisfy both the ACLs in order to have access to caller field, but rest of the fields can be accessed if user satisfies incident.None acl. 3) incident.None & incident.*-->User should satisfy both the ACLs in order to have access to all the fields 4) incident.*--> this is a field level acl. So user still needs to satisfy the table level acl incident.none in order to access the table and fields. 5) incident.* & incident.caller --> User still needs to satisfy incident.none acl and incident.* acls to access all the fields except caller. For caller user needs to satisfy both the incident.none and incident.caller acl. 6) incident.None & incident.* and incident.caller --> User still needs to satisfy inciden...

Setup OAuth2 authentication for RESTMessageV2 integrations

Image
1. Configure OAuth provider on instance 1 (OAuth Application Registry -> Create an OAuth API endpoint for external clients) Create unique provider profile name. We need to generate client ID along with Client Secret. Both can be generated by system normally. Token lifespan are optional, generated by default system policy. 2. Configure OAuth consumer on instance 2 (OAuth Application Registry -> Connect to a third party OAuth Provider) Create unique consumer profile name. (very important, script will need pass in this consumer profile name as parameter) Client ID and Client secret are the values were generated from step 1. Grant type. Value can be either "password" or "refresh_token". Suggest to use password since you won't have refresh_token info initially. This refresh_token only will be generated during first time when access token is generated. Token URL will be provided by OAuth provider. In this example, it would be the  https://oauth_...

Background Scripts

BACKGROUND SCRIPT CODE VAULT RECORD QUERIES ACTIVE REQUESTS WITHOUT REQUESTED ITEMS (function() { var grRequest = new GlideRecord("sc_request"); grRequest.addEncodedQuery("active=true"); grRequest.query(); gs.print('Active Requests without Requested Items :('); while (grRequest.next()) { var gaRequestedItem = new GlideAggregate("sc_req_item"); gaRequestedItem.addQuery("request",grRequest.sys_id); gaRequestedItem.addAggregate('COUNT'); gaRequestedItem.query(); var req = 0; if (gaRequestedItem.next()) { req = gaRequestedItem.getAggregate('COUNT'); if (req == 0) { gs.print(grRequest.number); } } } })(); DISTINCT OPERATING SYSTEMS OF CIS (function() { var gaServer = new GlideAggregate('cmdb_ci_server'); //GlideAggregate query gaServer.addAggregate('count'); //Count aggregate (only necessary for a count of items of each OS) gaServer.orderByAggregate('count'); //Count aggregate ordering gaServe...

SNow - Clean Architecture

Clean Architecture with ServiceNow Introduction The following set of rules is aimed to provide a maintainable, extendable and understandable architecture for any solution within service now. They are kept as short as possible to allow for a one page document. Please share your thoughts and feedback, as well as your critique. 1 Script Includes are for Data Manipulation Don’t save. Don’t update. Don’t insert. Don’t delete. In fact: Script Includes don’t. They provide. 2 Business Rules are for Data Transformation Do save. Do update. Do insert. Do delete. In fact: Business Rules do, but won’t think. Therefore, make Script Includes the brain of Business Rules. 3 Client scripts are for displaying data What do they display? Data! Where do they get it from? Queries! Do they think? No! Do they do? No! But what are they there for? To display data. That’s it. 4 Workflows are a succession of Business Rules Follow the same principles! They do, but won’t think. Make Sc...