Skip to main content

Prevent high volume spam api calls on task table: my version for Incident table

 condition:

!gs.hasRole('itil') || !gs.isInteractive()


script:


(function executeRule(current, previous /*null when async*/ ) { //--see STRY0010718 for full background "Pentest - Limits on non-ITIL user API Calls" //--CONDITION: !gs.hasRole('itil') || !gs.isInteractive() var thresholdPeriod = parseInt(gs.getProperty('integ.threshold.period')); //--in seconds var maxTransactions = parseInt(gs.getProperty('integ.threshold.value')); //--max allowed transactions var bDebug = (gs.getProperty('integ.threshold.debug_logging') == 'true'); if (bDebug) { gs.log(current.number + '; user: ' + gs.getUserName() + '; thresholdPeriod: ' + thresholdPeriod + ';maxTransactions: ' + maxTransactions + '; isInteractive: ' + gs.isInteractive() + '; user has itil role: ' + gs.hasRole('itil'), 'busRule: MTH Limit API Calls'); } var grINC = new GlideRecord('incident'); var qryStr = 'opened_by=' + gs.getUserID(); qryStr += '^sys_created_onONToday@javascript:gs.beginningOfToday()@javascript:gs.endOfToday()'; grINC.addEncodedQuery(qryStr); grINC.orderByDesc('number'); grINC.query(); var icount = grINC.getRowCount(); if (icount > 0 && (icount >= maxTransactions)) { if (grINC.next()) { var dateBack = new GlideDateTime(); var dateINC = new GlideDateTime(grINC.sys_created_on); var secondsElapsed = gs.dateDiff(dateINC, dateBack, true); if (bDebug) { gs.log(current.number + '; count: ' + icount + '; maxTransactions: ' + maxTransactions, 'busRule: MTH Limit API Calls'); } if (secondsElapsed < thresholdPeriod) { gs.logError(current.number + '; user: ' + gs.getUserName() + '; Number of permitted Transactions per thresholdPeriod [' + thresholdPeriod + ' ] seconds has been exceeded for table: INCIDENT', 'busRule: MTH Limit API Calls'); current.setAbortAction(true); } } } })(current, previous);

Comments

Popular posts from this blog

URL link in addInfoMessage

var ga=new GlideAjax('gld_HR_ajax'); ga.addParam('sysparm_name', 'checkEmployeeNumber_hrProfile'); ga.addParam('sysparm_hrprofilenumber', g_form.getValue('number')); ga.addParam('sysparm_employeenumber', newValue); ga.getXMLAnswer(function(answer) { if (answer!='undefined' && answer!=''){ var navURL="<a style='text-decoration:underline;color:blue' href=hr_profile.do?sysparm_query=number=" + answer + ">" + answer + "</a><img width='3' src='images/s.gif'/>"; var sMsg='The employee number entered already exists on another HR Profile ' + navURL; //alert(sMsg); g_form.showErrorBox('employee_number', 'error - please check'); g_form.addInfoMessage(sMsg); } });

GlideRecord setValue

setValue(String name, Object value) Sets the specified field to the specified value. Normally a script would do a direct assignment, for example,  gr.category = value . However, if in a script the element name is a variable, then  gr.setValue(elementName, value)  can be used. When setting a value, ensure the data type of the field matches the data type of the value you enter. This method cannot be used on journal fields. If the value parameter is null, the record is not updated, and an error is not thrown https://developer.servicenow.com/app.do#!/api_doc?v=madrid&id=r_GlideRecord-setValue_String_Object