I have a request for creating a business rule that executes an audit over new change records and if some conditions match, the system should create Unauthorized change records or normal change records (identified by the Short description of each one). The specific request is:
- While creating a new change, define the CI in the new record and validate if there are previous records created in a period of 7 days before the current date (if yes, not create a new change record. if not, create a new change record)
- Validate if the user that is creating a new change record contains sys_user_role = admin, if yes, the change record should be created as usual and not as a 'Not authorized change'. If the user has another role, create the record after the previous step validation (or not) with the description 'Unauthorized change'
- If the environment in which the change will be executed is Dev or QA, the change should be created as usual and not as Unauthorized, but if is for Prod, the business rule of first step must be triggered and the 7 days validation against another CR that was related to the CI for the new change record.
- If a change in server class CIs was executed, make the adjustment to the process of Unauthorized Changes, generating the exception rule taking as absolute value of tolerance 50 Bytes for the events that are generated from Disk and Memory. For example, if an event is presented with Previous value = 8192; New value = 8191 it should not be reported as an unauthorized change; it must exceed the 50 bytes difference to generate a change.
- Make the adjustment to the Unauthorized Changes process, taking into account that the new Infrastructure Flow is going to include the task where they must relate the CI, and if it registers in the RITM it should not generate unauthorized change record.
The code that is working right now for the validation for the creation of normal or unauthorized changes is:
(function executeRule(current, previous /*null when async*/) {
var msgtest = 'JF Flujo de Cambios no Autorizados\n';
if(!current.isNewRecord()){
var user = current.sys_updated_by;
var ci_class = current.sys_class_name;
var ci_ip = current.ip_address;
var ci_name = current.name;
var ci_id = current.sys_id;
var ci_class_str = '';
var ci_attributes = '';
var ci_environment = '';
if(ci_class.indexOf('server') > -1 && ci_class.indexOf('esx') == -1) {ci_class_str = 'server'; }
else if(ci_class.indexOf('service') >-1) ci_class_str = 'service';
else if((ci_class.indexOf('database') > -1) || (ci_class.indexOf('dbase') > -1) || (ci_class.indexOf('instance') >-1)) { ci_class_str = 'database'; }
msgtest += 'Clase = ' + ci_class_str;
switch(ci_class_str){
case "server":
ci_attributes = gs.getProperty('sn.chgnoauth.serverattributes');
ci_environment = gs.getProperty('sn.chgnoauth.server.environment');
msgtest += '\nAtributos = ' + ci_attributes + '\nAmbiente = ' + ci_environment;
break;
case 'service':
ci_attributes = gs.getProperty('sn.chgnoauth.serviceattributes');
ci_environment = gs.getProperty('sn.chgnoauth.service.environment');
msgtest += '\nAtributos = ' + ci_attributes + '\nAmbiente = ' + ci_environment;
break;
case 'database':
ci_attributes = gs.getProperty('sn.chgnoauth.databaseattributes');
ci_environment = 'true';
msgtest += '\nAtributos = ' + ci_attributes;
break;
default:
msgtest += '\nNo hay clase especificada';
break;
}
var isValidEnv = new ChangeOrderUtils().validateCIEnvironment(ci_id,ci_class_str,ci_class, ci_environment);
msgtest += '\nAmbiente valido?: ' + isValidEnv;
var isValidField = new ChangeOrderUtils().validateChangesOnValidFields(ci_attributes,ci_id,current.sys_updated_on);
msgtest += '\nCampos validos?: ' + isValidField;
if(isValidEnv && isValidField){
var chg_states = gs.getProperty('sn.chgnoauth.approval.states');
var days_left = gs.getProperty('sn.chgnoauth.beforedays');
var chg_query = 'ci_item='+ ci_id +'^task.stateIN' + chg_states + '^task.numberSTARTSWITHchg';
msgtest += '\nDays left: '+ days_left +'\nQuery:\n ' + chg_query;
var gdt_update1 = new GlideDateTime(current.sys_updated_on.getDisplayValue());
var gdt_date1 = gdt_update1.getDate();
var gdt_time = gdt_update1.getTime();
var gdt_update_date = gdt_date1.getByFormat("dd/MM/yyyy");
msgtest += '\nFecha de actualización del CI ' + gdt_update_date;
var gdt_update = new GlideDateTime(gdt_update_date + ' ' + gdt_time);
gdt_update.addDaysLocalTime(days_left * -1);
var gdt_minus_days = gdt_update.getDate();
msgtest += '\nFecha de actualización menos '+ days_left + ' días = ' + gdt_minus_days.getDisplayValue();//Pruebas
var chgs = new GlideRecord('task_ci');
chgs.addEncodedQuery(chg_query);
chgs.orderByDesc('sys_created_on');
chgs.query();
var total_chg = chgs.getRowCount();
msgtest += '\nTotal de cambios encontrados = ' + total_chg;
while(chgs.next()){
var gdt_sd = new GlideDateTime(chgs.task.end_date.getDisplayValue());
var gdt_sd_date = gdt_sd.getDate();
msgtest += '\nCambio encontrado: '+ chgs.task.getDisplayValue() +'\nFecha de fin planeada: ' + gdt_sd_date.getDisplayValue();
var comp = gdt_sd_date.compareTo(gdt_minus_days);
if(comp > -1){
msgtest += '\nSe econtro cambio autorizado...TERMINANDO FLUJO';
break;
}else{
total_chg --;
}
}
msgtest += '\nTotal ' + total_chg;
if(total_chg == 0){
var up = '';
var us = new GlideRecord('sys_user');
us.addQuery('user_name',user);
us.query();
if(us.next()){
up = us.name;
}
var fin_days = gs.getProperty('sn.chgnoauth.add.days');
var end_date = new GlideDateTime(current.sys_updated_on);
end_date.addDaysLocalTime(fin_days);
msgtest += '\n' + fin_days +' días a partir de hoy ' + end_date;
msgtest += '\nUsuario del cambio: ' + up;
var newChg = new GlideRecord('change_request');
newChg.initialize();
newChg.type = 'standard';
newChg.short_description = 'CAMBIO NO AUTORIZADO';
newChg.cmdb_ci = ci_id;
newChg.end_date = end_date;
newChg.u_chg_no_auth_user = up;
newChg.insert();
msgtest += '\nSe insertó el cambio ' + newChg.number + ' con SYS ID: ' + newChg.sys_id;
new ChangeOrderUtils().setNumber2Audit(ci_id,ci_class,current.sys_updated_on,newChg.number,ci_attributes);
msgtest += '\nSe actualizó REASON en autdit...';
var new_chg_dsc = new ChangeOrderUtils().getAttributesValues(ci_id,ci_class,current.sys_updated_on,ci_attributes,ci_ip,ci_name,newChg.number);
msgtest += '\nValores obtenido:\n' + new_chg_dsc;
var c = new ChangeOrderUtils().updateChDescription(newChg.sys_id,new_chg_dsc);
var chg_dsc_html = new ChangeOrderUtils().getAttributesValuesHTML(ci_id,ci_class,current.sys_updated_on,ci_attributes,ci_ip,ci_name);
msgtest +='\nHTML:\n' + chg_dsc_html;
gs.info('JF post HTML\n ' + msgtest);
gs.eventQueue('cmdb.chg_no_auth',newChg,current.support_group,chg_dsc_html);
msgtest += '\nEjecución de evento para notificación';
gs.info('JF post event\n' + msgtest);
}
}
}else{
msgtest += '\nEjecución de BR... Es registro nuevo... exit';
}
gs.info(msgtest);
})(current, previous);
If any body can help for having the correct script that takes all the conditions explained above. I will be very grateful
