The reason could be, because the approval was with the Security Officer team. Open the Request or Change where the approval failed.
No, the Security Office did not have anything to do with this request (which is why they are questioning why they go this email).
Since it is being triggered based on the event, approval.email.errmsg, check for the script which triggers(business rules, inbound action, etc) that event and in that check for param1, since send to event param 1 was checked.
I think an email went out to the person who was supposed to approve it, and it looks like he may have tried to approve it using the email functionality (link in the email to approve it). So I think it is an Inbound Action. Though I am not sure where the Security Officer came in (did the Approver CC them into the email)?
I was able to find the event in the Event Log, and it does show the Security Office email address in the Parm1 field, but I am not certain where to go to see where/how this Parm1 gets populated.
I was able to find an Inbound Action named "Update Approval Request", which has the following script:
/*global current, email, gs, GlideController, GlideRecord*/
/*eslint-disable eqeqeq*/
processApprovalEmail();
function processApprovalEmail() {
"use strict";
var errorMsg = "";
var msgArray = [];
if (current.getTableName() != "sysapproval_approver")
return;
var displayValue = getApprovalDisplayValue(current);
if (!validUser()) {
gs.log(getFailurePreamble() + "Sender email does not match approval assignee.");
msgArray.push(displayValue);
msgArray.push(current.approver.getDisplayValue());
msgArray.push(current.approver.email);
errorMsg = gs.getMessage("approvalInvalidUser", msgArray);
createEmailEvent(errorMsg);
return;
}
if (current.state == 'cancelled') {
gs.log(getFailurePreamble() + "The approval has been canceled.");
msgArray.push(displayValue);
errorMsg = gs.getMessage("approvalCancelled", msgArray);
createEmailEvent(errorMsg);
return;
}
if (email.body.state != undefined)
current.state = email.body.state;
if (email.subject.indexOf("approve") >= 0)
current.state = "approved";
if (email.subject.indexOf("reject") >= 0)
current.state = "rejected";
if (current.state != "approved" && current.state != "rejected") {
gs.log(getFailurePreamble() + "The subject is malformed. The approver probably did not click the approve or reject button on the email.");
msgArray.push(displayValue);
errorMsg = gs.getMessage("approvalFailed", msgArray);
createEmailEvent(errorMsg);
return;
}
current.comments = "reply from: " + email.from + "\n\n" + email.body_text;
var controller = new GlideController();
controller.putGlobal("approvalSource", "email");
current.update();
controller.removeGlobal("approvalSource");
function validUser() {
if (current.approver == email.from_sys_id)
return true;
// check if the email is from a delegate of the approver
var g = new GlideRecord("sys_user_delegate");
g.addQuery("user", current.approver.toString());
g.addQuery("delegate", email.from_sys_id);
g.addQuery("approvals", "true");
g.addQuery("starts", "<=", gs.daysAgo(0));
g.addQuery("ends", ">=", gs.daysAgo(0));
g.query();
return g.hasNext();
}
function createEmailEvent(msg) {
gs.eventQueue("approval.email.errorMsg", current, email.from, msg);
}
function getFailurePreamble() {
return 'Approval email from ' + email.from + ' for task "' + displayValue + '" assigned to "' + current.approver.getDisplayValue()
+ '" failed because: ';
}
function getApprovalDisplayValue(approval) {
if (!gs.nil(approval.sysapproval))
return approval.getDisplayValue();
else {
var target = new GlideRecord(approval.source_table);
if (target.get(approval.document_id))
return target.getDisplayValue();
}
gs.warn("Target for sysapproval_approver:" + approval.getUniqueValue() + " not found. Target=" + approval.source_table + ":" + approval.document_id);
return "Unknown";
}
}
Though I don't know that helps me identify where this Parm1 value came from.
