Skip to main content

Prevent high volume spam api calls on task table: my version for Incident table

 condition:

!gs.hasRole('itil') || !gs.isInteractive()


script:


(function executeRule(current, previous /*null when async*/ ) { //--see STRY0010718 for full background "Pentest - Limits on non-ITIL user API Calls" //--CONDITION: !gs.hasRole('itil') || !gs.isInteractive() var thresholdPeriod = parseInt(gs.getProperty('integ.threshold.period')); //--in seconds var maxTransactions = parseInt(gs.getProperty('integ.threshold.value')); //--max allowed transactions var bDebug = (gs.getProperty('integ.threshold.debug_logging') == 'true'); if (bDebug) { gs.log(current.number + '; user: ' + gs.getUserName() + '; thresholdPeriod: ' + thresholdPeriod + ';maxTransactions: ' + maxTransactions + '; isInteractive: ' + gs.isInteractive() + '; user has itil role: ' + gs.hasRole('itil'), 'busRule: MTH Limit API Calls'); } var grINC = new GlideRecord('incident'); var qryStr = 'opened_by=' + gs.getUserID(); qryStr += '^sys_created_onONToday@javascript:gs.beginningOfToday()@javascript:gs.endOfToday()'; grINC.addEncodedQuery(qryStr); grINC.orderByDesc('number'); grINC.query(); var icount = grINC.getRowCount(); if (icount > 0 && (icount >= maxTransactions)) { if (grINC.next()) { var dateBack = new GlideDateTime(); var dateINC = new GlideDateTime(grINC.sys_created_on); var secondsElapsed = gs.dateDiff(dateINC, dateBack, true); if (bDebug) { gs.log(current.number + '; count: ' + icount + '; maxTransactions: ' + maxTransactions, 'busRule: MTH Limit API Calls'); } if (secondsElapsed < thresholdPeriod) { gs.logError(current.number + '; user: ' + gs.getUserName() + '; Number of permitted Transactions per thresholdPeriod [' + thresholdPeriod + ' ] seconds has been exceeded for table: INCIDENT', 'busRule: MTH Limit API Calls'); current.setAbortAction(true); } } } })(current, previous);

Comments

Popular posts from this blog

Get URL Parameter - server side script (portal or classic UI)

Classic UI : var sURL_editparam = gs . action . getGlideURI (). getMap (). get ( ' sysparm_aparameter ' ); if ( sURL_editparam == 'true' ) { gs . addInfoMessage ( 'parameter passed ); } Portal : var sURL_editparam = $sp . getParameter ( " sysparm_aparameter " ); if ( sURL_editparam == 'true' ) { gs . addInfoMessage ( 'parameter passed ); }

ServiceNow - script include: build up the results as a JSON object (array) - example 2

function call var sCurrentGroupMembers = new <script_include> (). getGroupMembers ( group_sysid ); gs . print ( 'sCurrentGroupMembers:' + sCurrentGroupMembers ); var oGroupMembers = JSON . parse ( sCurrentGroupMembers ); gs . print ( JSON . stringify ( oGroupMembers . users )); oNewGroupMember = JSON . parse ( group_members ); var oGroupConfig = getGroupDeltas ( oGroupMembers . users , oNewGroupMember ); gs . print ( JSON . stringify ( oGroupConfig . remove )); gs . print ( JSON . stringify ( oGroupConfig . add )) output : *** Script: sCurrentGroupMembers: {"manager":"3b2649efdb0f8c10cc0652f3f39xxxxx", "email":"", "type":"33a2226edb99c340edfc7cbdae96xxxx", "description":"Created for xyz", "users":[{"user":"3b2649efdb0f8c10cc0652f3f396xxxx"},{"user":"856a8f71db3d73041b4ffc45ae96196a"},{"user":"3752771