paulsena/AppAccessRequestHelper.js

## AppAccessRequestHelper.js
var AppAccessRequestHelper = Class.create();
AppAccessRequestHelper.prototype = {
    initialize: function() {
        this.debug = gs.getProperty("intuit.custom.debug", "true");
        this.error_message = String();
        this.applicationId = '';
    },

    //WS Wrapper function to handle Request and Response Object.
    //This is called from a Scripted WS.
    ws_createSailpointRequest: function(ws_request) {
        //Init
        var ws_response = {};

        try {
            ws_response.request_number = this.createSailpointRequest(ws_request).toString();
            ws_response.error_message = this.error_message.toString();
        }
        catch(ex) {
            gs.logError('Error at line ' + ex.lineNumber + ' in ' + ex.sourceName + '. ' + ex.toString(), this.type);
            ws_response.error_message = 'Internal Script Error. Please check details in SN logs for ' + this.type;
        }

        return ws_response;
    },

    //WS Wrapper function to handle Request and Response Object.
    //This is called from a Scripted WS.
    ws_createGenericRequest: function(ws_request) {
        //Init
        var ws_response = {};

        try {
            ws_response.request_number = this.createGenericRequest(ws_request).toString();
            ws_response.error_message = this.error_message.toString();
        }
        catch(ex) {
            gs.logError('Error at line ' + ex.lineNumber + ' in ' + ex.sourceName + '. ' + ex.toString(), this.type);
            ws_response.error_message = 'Internal Script Error. Please check details in SN logs for ' + this.type;
        }
        return ws_response;
    },

    /* General use function for creating Application Access Service Requests.
    *  @variables_object - JSON object with Request Item Variables
    *  Object needs to contain: requested_for, access_action, application, environment, roles, additional_notes
    */
    createSailpointRequest: function(variables_object) {

        //Check for mandatory fields.  If fail, return
        if (this._checkRequiredFields(variables_object, ["requested_for", "application"])) {
            return -1;
        }

        //Create cart
        var cart = new Cart();
        var item = cart.addItem(gs.getProperty('intuit.custom.sailpoint_req_item','c67e26bd6fbb9100ad4c6592be3ee4e3'));  //Item: 'Sailpoint Application Revoke

        //Verify and add Requested For variable
        this._addRequestedFor(cart, item, variables_object.requested_for);

        //Verify and add Application variable
        this._addApplication(cart, item, variables_object.application);

        //Verify and add optional Roles variable
        this._addRoles(cart, item, variables_object.roles);


        //Return -1 for Request Number if errors otherwise place order and return Req Num
        if (this.error_message) {
            return -1;
        }
        else {
            var request = cart.placeOrder();
            return request.number;
        }

    },

    /* General function for creating Generic Service Requests
    *  Dynamically passes JSON objects from WS to a Catalog Item's variable
    */
    createGenericRequest: function(variables_object) {

        //TODO: For in each loop around JSON WS object and pass it to Catalog Item.  No data validation needed
    },

    _checkRequiredFields: function(variables_object, required_fields) {
        var isError = false;
        for (var fieldName in required_fields) {
            if (!variables_object[required_fields[fieldName]]) {
                isError = true;
                this.error_message += required_fields[fieldName] + " is a mandatory field. \n";
            }
        };

        return isError;
    },

    _addRequestedFor: function(cart, item, userId) {
        //Check and set requested_for field
        var gruser = new GlideRecord("sys_user");
        gruser.addActiveQuery();
        var gruserOR = gruser.addQuery("u_corporate_id", userId);
        gruserOR.addOrCondition("user_name", userId);
        gruser.query();
        if (gruser.next()) {
            var cartGR = cart.getCart();
            cartGR.requested_for = gruser.sys_id;
            cartGR.update();
            cart.setVariable(item, 'requested_for', gruser.sys_id);
        } else {
            this.error_message += "Unable to locate user with Corp ID or User ID - " + userId + "\n";
        }
    },

    //Check and set access_action field
    _addAccessAction: function(cart, item, action) {

        if (action == 'add') {
            cart.setVariable(item, 'access_action', 'I am requesting new access');
        }
        else if (action == 'remove') {
            cart.setVariable(item, 'access_action', 'I need to remove access');
        }
        else {
            this.error_message += "Access Action is invalid. Does not match 'add' or 'remove'. Received - " + action + "\n";
        }
    },

    //Check and set application field
    _addApplication: function(cart, item, appId) {

        var grApps = new GlideRecord("u_access_application");
        grApps.addActiveQuery();
        var grAppsOR = grApps.addQuery("u_name", appId);
        grAppsOR.addOrCondition("sys_id", appId);
        grApps.query();
        if (grApps.next()) {
            cart.setVariable(item, 'application', grApps.sys_id);
            this.applicationId = grApps.sys_id;
        }
        else {
            this.error_message += "Unable to locate Application with - " + appId + "\n";
        }
    },

    _addRoles: function(cart, item, rolesStr, appId) {

        if (rolesStr) {
            this._logDebug('Roles Passed In: ' + rolesStr);

            var rolesArray = rolesStr.split(',');

            for (var index in rolesArray) {
                var role = rolesArray[index].trim();
                this._logDebug('Validating Role: ' + role);
                var grRoles = new GlideRecord('u_access_l1');
                grRoles.addActiveQuery();
                grRoles.addQuery('u_parent', this.applicationId);
                grRoles.addQuery('u_name', role);
                grRoles.query();

                this._logDebug(grRoles.getRowCount().toString());
                if (grRoles.getRowCount() == 0) {
                    this.error_message += "Role: " + role + ", doesn't exist for this application\n";
                }
            }

            this._logDebug('Roles Errors: ' + this.error_message);
            if (!this.error_message) {
                cart.setVariable(item, 'roles', rolesStr);
            }
        }

    },

    _logDebug: function(msg) {
        if (this.debug == true || this.debug == "true") {
            gs.log(msg, this.type);
        }
    },
    type: 'AppAccessRequestHelper'
};
	var AppAccessRequestHelper = Class.create();
	AppAccessRequestHelper.prototype = {
	initialize: function() {
	this.debug = gs.getProperty("intuit.custom.debug", "true");
	this.error_message = String();
	this.applicationId = '';
	},

	//WS Wrapper function to handle Request and Response Object.
	//This is called from a Scripted WS.
	ws_createSailpointRequest: function(ws_request) {
	//Init
	var ws_response = {};

	try {
	ws_response.request_number = this.createSailpointRequest(ws_request).toString();
	ws_response.error_message = this.error_message.toString();
	}
	catch(ex) {
	gs.logError('Error at line ' + ex.lineNumber + ' in ' + ex.sourceName + '. ' + ex.toString(), this.type);
	ws_response.error_message = 'Internal Script Error. Please check details in SN logs for ' + this.type;
	}

	return ws_response;
	},

	//WS Wrapper function to handle Request and Response Object.
	//This is called from a Scripted WS.
	ws_createGenericRequest: function(ws_request) {
	//Init
	var ws_response = {};

	try {
	ws_response.request_number = this.createGenericRequest(ws_request).toString();
	ws_response.error_message = this.error_message.toString();
	}
	catch(ex) {
	gs.logError('Error at line ' + ex.lineNumber + ' in ' + ex.sourceName + '. ' + ex.toString(), this.type);
	ws_response.error_message = 'Internal Script Error. Please check details in SN logs for ' + this.type;
	}
	return ws_response;
	},

	/* General use function for creating Application Access Service Requests.
	* @variables_object - JSON object with Request Item Variables
	* Object needs to contain: requested_for, access_action, application, environment, roles, additional_notes
	*/
	createSailpointRequest: function(variables_object) {

	//Check for mandatory fields. If fail, return
	if (this._checkRequiredFields(variables_object, ["requested_for", "application"])) {
	return -1;
	}

	//Create cart
	var cart = new Cart();
	var item = cart.addItem(gs.getProperty('intuit.custom.sailpoint_req_item','c67e26bd6fbb9100ad4c6592be3ee4e3')); //Item: 'Sailpoint Application Revoke

	//Verify and add Requested For variable
	this._addRequestedFor(cart, item, variables_object.requested_for);

	//Verify and add Application variable
	this._addApplication(cart, item, variables_object.application);

	//Verify and add optional Roles variable
	this._addRoles(cart, item, variables_object.roles);


	//Return -1 for Request Number if errors otherwise place order and return Req Num
	if (this.error_message) {
	return -1;
	}
	else {
	var request = cart.placeOrder();
	return request.number;
	}

	},

	/* General function for creating Generic Service Requests
	* Dynamically passes JSON objects from WS to a Catalog Item's variable
	*/
	createGenericRequest: function(variables_object) {

	//TODO: For in each loop around JSON WS object and pass it to Catalog Item. No data validation needed
	},

	_checkRequiredFields: function(variables_object, required_fields) {
	var isError = false;
	for (var fieldName in required_fields) {
	if (!variables_object[required_fields[fieldName]]) {
	isError = true;
	this.error_message += required_fields[fieldName] + " is a mandatory field. \n";
	}
	};

	return isError;
	},

	_addRequestedFor: function(cart, item, userId) {
	//Check and set requested_for field
	var gruser = new GlideRecord("sys_user");
	gruser.addActiveQuery();
	var gruserOR = gruser.addQuery("u_corporate_id", userId);
	gruserOR.addOrCondition("user_name", userId);
	gruser.query();
	if (gruser.next()) {
	var cartGR = cart.getCart();
	cartGR.requested_for = gruser.sys_id;
	cartGR.update();
	cart.setVariable(item, 'requested_for', gruser.sys_id);
	} else {
	this.error_message += "Unable to locate user with Corp ID or User ID - " + userId + "\n";
	}
	},

	//Check and set access_action field
	_addAccessAction: function(cart, item, action) {

	if (action == 'add') {
	cart.setVariable(item, 'access_action', 'I am requesting new access');
	}
	else if (action == 'remove') {
	cart.setVariable(item, 'access_action', 'I need to remove access');
	}
	else {
	this.error_message += "Access Action is invalid. Does not match 'add' or 'remove'. Received - " + action + "\n";
	}
	},

	//Check and set application field
	_addApplication: function(cart, item, appId) {

	var grApps = new GlideRecord("u_access_application");
	grApps.addActiveQuery();
	var grAppsOR = grApps.addQuery("u_name", appId);
	grAppsOR.addOrCondition("sys_id", appId);
	grApps.query();
	if (grApps.next()) {
	cart.setVariable(item, 'application', grApps.sys_id);
	this.applicationId = grApps.sys_id;
	}
	else {
	this.error_message += "Unable to locate Application with - " + appId + "\n";
	}
	},

	_addRoles: function(cart, item, rolesStr, appId) {

	if (rolesStr) {
	this._logDebug('Roles Passed In: ' + rolesStr);

	var rolesArray = rolesStr.split(',');

	for (var index in rolesArray) {
	var role = rolesArray[index].trim();
	this._logDebug('Validating Role: ' + role);
	var grRoles = new GlideRecord('u_access_l1');
	grRoles.addActiveQuery();
	grRoles.addQuery('u_parent', this.applicationId);
	grRoles.addQuery('u_name', role);
	grRoles.query();

	this._logDebug(grRoles.getRowCount().toString());
	if (grRoles.getRowCount() == 0) {
	this.error_message += "Role: " + role + ", doesn't exist for this application\n";
	}
	}

	this._logDebug('Roles Errors: ' + this.error_message);
	if (!this.error_message) {
	cart.setVariable(item, 'roles', rolesStr);
	}
	}

	},

	_logDebug: function(msg) {
	if (this.debug == true \|\| this.debug == "true") {
	gs.log(msg, this.type);
	}
	},
	type: 'AppAccessRequestHelper'
	};