Trigger Table API from Scripted REST API from the same instance
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-23-2019 05:38 PM
Hi All,
I am trying to trigger a Table API GET call from scripted REST API by impersonating a user. This is for an integration with an application which is authenticated by oauth profile. I would only get Table API URL in the request (with table name, sys_id of record and user's email).
This GET call is currently returning records for which the requesting user does not have access to. I am trying to restrict this by exposing a Scripted REST API, where I would be impersonating the user and then trigger the same Table API. But, this call requires user's credentials which I dont have(ex. password).
Can anyone help me how to proceed in this scenario?
Thanks,
Kiran
- Labels:
-
Integrations
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-23-2019 08:11 PM
You could pass the Users id in as a parameter of the initial REST call, use that in your query to limit the results that are returned before returning the data.
Are you able to share more of what your process is trying to achieve? Some code snippets would be good too for additional debugging.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-23-2019 09:25 PM
Hi Aidan, I do get User ID in as a parameter, and when I try to make another REST Call(Table API call), it asks for authentication for which I do not have user's password.
Here is code snippet of my scripted rest resource.
(function process(/*RESTAPIRequest*/ request, /*RESTAPIResponse*/ response)
{
var user = new GlideRecord('sys_user');
user.get('email',request.queryParameter('user'));
gs.getSession().impersonate(user.sys_id);
var request = new sn_ws.RESTMessageV2();
request.setEndpoint('https://abc.service-now.com/api/abcgr/web_integration_rest_api?
table='+request.queryParamter('table')+'&number='+request.queryParameter('number'));
request.setHttpMethod('GET');
//Eg. UserName="admin", Password="admin" for this code sample.
var user = 'admin';
var password = 'admin';
request.setBasicAuth(user,password);
request.setRequestHeader("Accept","application/json");
var response = request.execute();
gs.log(response.getBody());
})(request, response);
In the above code, I do not have Password without which the call would fail
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-23-2019 09:39 PM
Is it even necessary for you to call another rest endpoint from your endpoint?
Could you not just query the requested tables directly?
(function process(/*RESTAPIRequest*/ request, /*RESTAPIResponse*/ response)
{
var user = new GlideRecord('sys_user');
user.get('email',request.queryParameter('user'));
gs.getSession().impersonate(user.sys_id);
// Run Glide Query here instead of calling rest again
var newquery = new GlideRecord(request.queryParamter('table'));
newquery.addQuery("user",user.sys_id);
newquery.addQuery("number",request.queryParameter('number'));
newquery.query();
if(newquery.next()){
gs.log(newquery.number + " returned");
}
})(request, response);- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-23-2019 11:16 PM
I have to extend this to query all the APIs exposed currently. This will include PUT/POST/DELETE table APIs and also other scripted rest APIs, which will be a heavy customisation if I have to take it up this route??
