Hi Kris,
The condition for the "Request Exception" button is below:
All statements between && are conditions to be return true so that the button is visible.
1. canDefer basically looks at the state of the VIT and if the VIT is in a state in which deferring is possible.
VIT should be in one of the states above.
2. checkAccess:
Above checks if the user has any of the sn_vul_write_all and sn_vul.app_write_all roles. Or if the VIT is assign to the user Or if this VIT is a member of a Vulnerability Group which the user is assigned to.
Pretty complicated ha!
Just check if the user who is trying to view the "Request Exception" button satisfies the conditions above.
3. getSelectedException checks if you configured the Exception settings in the module "Exception Management Configuration" and selected "Vulnerability Response" as the option. Easy check would be look at the record in the table sn_vul_exception_config and if "Vulnerability Response" is selected.
Hope it helps.
Mark it as helpful if it is!
Fatih.
Hi Kris,
The condition for the "Request Exception" button is below:
All statements between && are conditions to be return true so that the button is visible.
1. canDefer basically looks at the state of the VIT and if the VIT is in a state in which deferring is possible.
VIT should be in one of the states above.
2. checkAccess:
Above checks if the user has any of the sn_vul_write_all and sn_vul.app_write_all roles. Or if the VIT is assign to the user Or if this VIT is a member of a Vulnerability Group which the user is assigned to.
Pretty complicated ha!
Just check if the user who is trying to view the "Request Exception" button satisfies the conditions above.
3. getSelectedException checks if you configured the Exception settings in the module "Exception Management Configuration" and selected "Vulnerability Response" as the option. Easy check would be look at the record in the table sn_vul_exception_config and if "Vulnerability Response" is selected.
Hope it helps.
Mark it as helpful if it is!
Fatih.
