UNPKG

@servicenow/sdk

Version:

ServiceNow SDK

www.servicenow.com/docs/csh

123 lines (86 loc) 3.42 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
--- tags: [CrossScopePrivilege, cross scope privilege, scope, access, sys_scope_privilege, permission, cross-scope, application scope] --- # CrossScopePrivilege Creates a Cross Scope Privilege — a declaration that your application needs runtime access to resources owned by a different application scope (`sys_scope_privilege`). Required when your scripts read/write tables, call script includes, or use scriptable objects from other scopes. ## Signature ```typescript fluent CrossScopePrivilege(config) ``` ## Parameters ### config `CrossScopePrivilege` an object containing the following properties: **Properties:** - **$id** (required): `string | number | ExplicitKey<string>` - **operation** (required): `'read' | 'delete' | 'create' | 'execute' | 'write'` The operation being requested on the target. - **status** (required): `'requested' | 'allowed' | 'denied'` The authorization status of the privilege request. Can be 'requested', 'allowed', or 'denied'. - **$meta** (optional): `object` - **installMethod**: `'first install' | 'demo' | 'once'` Map a record to an output folder that loads only in specific circumstances. 'first install' - > 'unload', 'demo' -> 'unload.demo' - **targetName** (optional): `string` The name of the table, script include, or script object being requested. - **targetScope** (optional): `string` The application scope whose resources are being requested. - **targetType** (optional): `'sys_db_object' | 'sys_script_include' | 'scriptable'` The type of target being requested **Constraint:** `operation: 'execute'` requires `targetType: 'sys_script_include' | 'scriptable'`. CRUD operations (`create`, `read`, `write`, `delete`) require `targetType: 'sys_db_object'`. ## See - https://docs.servicenow.com/csh?topicname=c_CrossScopePrivilegeRecord.html&version=latest ## Examples ### Execute Script Include Privilege Allow executing a script include from another scope ```typescript fluent /** * @title Execute Script Include Privilege * @description Allow executing a script include from another scope */ import { CrossScopePrivilege } from '@servicenow/sdk/core' CrossScopePrivilege({ $id: Now.ID['6d109a82ff54b210fd87ffffffffff8e'], operation: 'execute', status: 'allowed', targetName: 'GlideQuery', targetScope: 'global', targetType: 'sys_script_include', }) ``` ### Read Table Privilege Allow reading records from a table in another scope ```typescript fluent /** * @title Read Table Privilege * @description Allow reading records from a table in another scope */ import { CrossScopePrivilege } from '@servicenow/sdk/core' CrossScopePrivilege({ $id: Now.ID['read_privilege'], operation: 'read', status: 'allowed', targetName: 'cmdb_ci_computer', targetScope: 'global', targetType: 'sys_db_object', }) ``` ### Write Table Privilege Allow writing records to a table in another scope ```typescript fluent /** * @title Write Table Privilege * @description Allow writing records to a table in another scope */ import { CrossScopePrivilege } from '@servicenow/sdk/core' CrossScopePrivilege({ $id: Now.ID['write_privilege'], operation: 'write', status: 'allowed', targetName: 'incident', targetScope: 'global', targetType: 'sys_db_object', }) ``` For guidance on configuring cross-scope access, see the `cross-scope-privilege-guide` topic.