Encrypting attachments for specific catalog items
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Tuesday
Version: Zurich
Requirement: Encrypt attachments for specific catalog items only
Question: I configured the following, but the file attached to the specific catalog items was not encrypted. Is there something wrong with the settings?
Note: Decryption settings will be configured later.
[Creating an Encryption Module]
All > System Security > Field Encryption > Field Encryption Modules
Purpose: Symmetric Data Encryption/Decryption
Algorithm: AES 256 CBC
[Creating a Module Access Policy]
All > Key Management > Module Access Policies
Granular Operation: Symmetric Encryption and Decryption
Type: System Access
[Creating a Business Rule]
Table: Attachment (sys_attachment)
When: after insert
Scripts:
(function executeRule(current, previous /*null when async*/) {
// Specific Catalog Item sys_id
var TARGET_CAT_ITEM_SYSID = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';
// Field Encryption Module sys_id
var ENCRYPTION_MODULE_SYSID = 'yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy';
// Parent
var parentTable = current.getValue('table_name');
var parentSysId = current.getValue('table_sys_id');
//RITM
if (parentTable !== 'sc_req_item') return;
var ritm = new GlideRecord('sc_req_item');
if (!ritm.get(parentSysId)) return;
// Specific Catalog Item Only
if (ritm.getValue('cat_item') !== TARGET_CAT_ITEM_SYSID) return;
// Encryption
var gsa = new GlideSysAttachment();
gsa.changeCryptoModule('sc_req_item', ritm.getUniqueValue(), current.getUniqueValue(), ENCRYPTION_MODULE_SYSID);
})(current, previous);
