@manyos/smileconnect-api 1.28.1 → 1.29.2

package/app.js

@@ -31,6 +31,7 @@ const supportgroupRoutes = require('./routes/supportgroupRoutes');
 const ciRelationRoutes = require('./routes/ciRelationRoutes');
 const peopleRelationRoutes = require('./routes/peopleRelationRoutes');
 const appConfigRoutes = require('./routes/appConfigRoutes');
+const scriptRoutes = require('./routes/scriptRoutes');
 const relatedObjectsController = require('./controller/relatedObjectsController');
 const addRequestId = require('express-request-id')();
 const compression = require('compression');
@@ -210,17 +211,25 @@ app.use(passport.authenticate('jwt', {session: false}), responseHandler.logReque
 
 // setup routes
 
-app.use('/v1/cmdbobjects', cmdbObjectRoutes);
+app.use('/v1/cmdbobjects', function(req, res, next) {
+    const ticketType = req.baseUrl.split('/')[2];
+    log.debug('ticketType', ticketType);
+    req.ticketType = ticketType;
+    req.parentType = ticketType;
+    req.requestType = ticketType;
+    next();
+}, cmdbObjectRoutes);
+
 app.use('/v1/persons', personRoutes);
 app.use('/v1/supportgroups', supportgroupRoutes);
 app.use('/v1/organisations', organisationRoutes);
 app.use('/v1/cirelations', ciRelationRoutes);
 app.use('/v1/peoplerelations', peopleRelationRoutes);
 app.use('/v1/appconfig', appConfigRoutes);
+app.use('/v1/scripts', scriptRoutes);
 
 //tickethandling
 app.use('/v1/(|incidents|problems|workorders|changes)', function(req, res, next) {
-    log.debug('dad');
     const ticketType = req.baseUrl.split('/')[2];
     req.ticketType = ticketType;
     req.parentType = ticketType;

package/conf/scripts/folder1/p1.js

@@ -0,0 +1,11 @@
+const allowedCats = [
+    "Request",
+    "Failure"
+];
+
+//Validate opsCat1
+if (requestData.opsCat1 && !allowedCats.find(element => element === requestData.opsCat1)) {
+    reject(`opsCat1 ${requestData.opsCat1} not in allowed values ${allowedCats}`);
+}
+requestData.summary = `Da kam an: ${requestData.summary}`
+resolve();

package/controller/cmdbobjectController.js

@@ -9,10 +9,17 @@ const searchUtil = require('../util/searchUtil');
 const {getIncludeArray} = require('../util/paramHelper');
 const relationUtil = require('../util/relationUtil');
 const ticketCIRelationController = require('../controller/ticketCIRelationController');
+const mappingUtil = require('../util/mappingUtil');
+const { v4 } = require('uuid');
+const CMDBOBJECT = 'cmdbobject';
 
 const cmdbCache = new CacheService(process.env.CACHETTL_CMDB || 600); // Create a new cache service instance
 const schemaCache = new CacheService(process.env.CACHETTL_SCHEMANAMES || 3600); // Create a new cache service instance
 
+function getRandomId() {
+    return v4();
+}
+
 function getCmdbObjects(config, category, ciIds, includeString) {
     let query = '1=1';
     if (category)
@@ -113,7 +120,7 @@ function getSchemaName(classId) {
     }
 }
 
-function queryCMDBObject(clientConfig, query, customFields, customOptions, includeString) {
+function queryCMDBObject(clientConfig, query, customFields, customOptions, includeString, mapping) {
     let fields = clientConfig.cmdbobject.fields;
     let deleteClassId = false;
 
@@ -138,7 +145,9 @@ function queryCMDBObject(clientConfig, query, customFields, customOptions, inclu
     const key = clientConfig.cmdbobject.basequery + fields.toString() + query + JSON.stringify(options) + includeArray;
     log.debug('Cachekey is', key);
 
-    const mapping = config.getMapping('cmdbobject');
+    if (mapping == null || mapping == undefined) {
+        mapping = config.getMapping('cmdbobject');
+    }
     log.debug('mapping', mapping);
 
     return cmdbCache.get(key, async function () {
@@ -164,7 +173,7 @@ async function handleCMDBObjectResult(cmdbObject, mapping, clientConfig, include
     //get class form
     const classId = cmdbObject['Class Id'];
     if (deleteClassId === true) {
-        delete cmdbObject['Class Id'];
+        delete cmdbObject[CMDBOBJECT];
     }
     //Apply mapping
     mapping.forEach(function (mappingEntry) {
@@ -218,9 +227,11 @@ async function handleCMDBObjectResult(cmdbObject, mapping, clientConfig, include
     return cmdbObject;
 }
 
-async function getCMDBObjectClassAttributes(id, classId, clientConfig) {
+async function getCMDBObjectClassAttributes(id, classId, clientConfig, mapping) {
     const schemaName = await getSchemaName(classId);
-    const mapping = config.getMapping('cmdbobject_' + schemaName);
+    if (!mapping) {
+        mapping = config.getMapping('cmdbobject_' + schemaName);
+    }
     const fields = clientConfig.cmdbobject['fields_' + schemaName];
     if (schemaName && fields && mapping) {
         return cmdbCache.get(id+classId+fields, async function () {
@@ -246,9 +257,9 @@ async function getCMDBObjectClassAttributes(id, classId, clientConfig) {
     }
 }
 
-async function getCmdbObject(config, id, includeString) {
+async function getCmdbObject(config, id, includeString, mapping) {
     const query = `'Instance Id'=\"${id}\"`;
-    const returnValue = await queryCMDBObject(config, query, null, null, includeString);
+    const returnValue = await queryCMDBObject(config, query, null, null, includeString, mapping);
     log.debug (returnValue);
     const cmdbObject = returnValue.data[0];
     return {data: cmdbObject, included: returnValue.included};
@@ -262,7 +273,7 @@ async function hasAccess(config, id) {
 }
 
 async function applyMapping(clientConfig, data) {
-    const mapping = config.getMapping('cmdbobject');
+    const mapping = config.getMapping(CMDBOBJECT);
     const mappedRecord = searchUtil.applyMapping2record(data, clientConfig, mapping);
     return mappedRecord;
 }
@@ -273,13 +284,116 @@ function searchCmdbObjectByName(config, name, includeString) {
 }
 
 function searchCmdbObject(clientConfig, searchString, fields, options, includeString) {
-    const mapping = config.getMapping('cmdbobject');
+    const mapping = config.getMapping(CMDBOBJECT);
     const mappedString = searchUtil.applyMapping(searchString, mapping);
     const customFields = searchUtil.getCustomFields(clientConfig.cmdbobject.fields, mapping, fields);
     options.sort = searchUtil.applySortMapping(options.sort, mapping);
     return queryCMDBObject(clientConfig, mappedString, customFields, options, includeString);
 }
 
+async function updateCmdbObject(ticketConfig, clientConfig, id, ciData, classId) {
+    const formName = classId || 'AST:BaseElement';
+
+    const scripts = clientConfig[CMDBOBJECT].scripts.PUT;
+    //const fields = clientConfig[ticketConfig.requestType].fields
+
+    //run preScripts
+    if (scripts && scripts.preMapping) {
+        await scriptController.runScripts(scripts.preMapping, ciData);
+    }
+
+    const myClientConfig = {};
+    myClientConfig[CMDBOBJECT] = {baseQuery: clientConfig[CMDBOBJECT].baseQuery, fields: [1, 400079600]};
+    myClientConfig[CMDBOBJECT+'_AST:ComputerSystem'] = myClientConfig[CMDBOBJECT];
+
+    //sarch CI to updata
+
+    const result = await arquery.executeARQuery(formName, null, `'179'="${id}"`, '1');
+    const ci = result.data[0];
+    log.debug('CI to Update', ci);
+
+    if (!ci) {
+        throw new Error("CI not found")
+    }
+
+    const mapping = getClassMapping(classId);
+
+    //Constants work only on new.
+    ciData = mappingUtil.applyMapping2Remedy(ciData, mapping, undefined, clientConfig.cmdbobject.fields);
+
+    //run postMapping
+    if (scripts && scripts.postMapping) {
+        await scriptController.runScripts(scripts.postMapping, ciData);
+    }
+
+    const update = await arquery.updateEntry(formName, ci['Request ID'], ciData);
+
+    //run afterExecution
+    if (scripts && scripts.afterExecution) {
+        await scriptController.runScripts(scripts.afterExecution, ciData);
+    }
+
+    return update;
+}
+
+function getClassMapping(classId) {
+    const mappings = [];
+    const globalMappings = config.getMapping(CMDBOBJECT);
+    const classMappings = config.getMapping(`${CMDBOBJECT}_${classId}`);
+
+    //Add all global Mappings that are not in ClassMapping
+    globalMappings.forEach(globalMapping => {
+        const foundInClassMappings = classMappings.find(element => element.newName === globalMapping.newName);
+        if (!foundInClassMappings) {
+            mappings.push(globalMapping);
+        }
+    });
+
+    //Add class Mapping
+    classMappings.forEach(classMapping => {
+        mappings.push(classMapping);
+    });
+    return mappings;
+}
+
+async function createCmdbObject(assetConfig, clientConfig, classId, ciData) {
+    const reconId = getRandomId();
+    const instanceId = getRandomId();
+
+    const scripts = clientConfig[CMDBOBJECT].scripts.PUT;
+    //const fields = clientConfig[ticketConfig.requestType].fields
+
+    //run preScripts
+    if (scripts && scripts.preMapping) {
+        await scriptController.runScripts(scripts.preMapping, ciData);
+    }
+
+    const mapping = getClassMapping(classId);
+
+    log.debug('Combined Mapping', mapping);
+
+    //Constants work only on new.
+    ciData = mappingUtil.applyMapping2Remedy(ciData, mapping, undefined, clientConfig.cmdbobject.fields);
+
+    //run postMapping
+    if (scripts && scripts.postMapping) {
+        await scriptController.runScripts(scripts.postMapping, ciData);
+    }
+
+    ciData['Data Set Id'] = "BMC.ASSET"
+    ciData['400129200'] = reconId;
+    ciData['Instance Id'] = instanceId;
+
+    const update = await arquery.createEntry(classId, ciData);
+
+    //run afterExecution
+    if (scripts && scripts.afterExecution) {
+        await scriptController.runScripts(scripts.afterExecution, ciData);
+    }
+
+    return instanceId;
+}
+
 module.exports = {
     getCmdbObjects,
     getCmdbObject,
@@ -287,5 +401,7 @@ module.exports = {
     searchCmdbObject,
     getCIRelations,
     hasAccess,
-    applyMapping
+    applyMapping,
+    updateCmdbObject,
+    createCmdbObject
 };

package/controller/eventLogController.js

@@ -52,7 +52,7 @@ function setEventData(req, eventName, schemaName, ticketNumber, jsonData, ticket
     };
 }
 
-function setEventData(req, eventBase, eventAction, schemaName, ticketNumber, jsonData, ticketNumber2) {
+function setEventData(req, eventBase, eventAction, schemaName, ticketNumber, jsonData, ticketNumber2, ticketNumber3) {
     req.eventData = {
         event: eventBase + '_' + eventAction,
         schema: schemaName,

package/controller/scriptController.js

@@ -6,6 +6,8 @@ const fs = require('fs');
 const basePath = 'conf';
 const basePathGlobalScripts = basePath + '/scripts';
 
+const {getClients} = require('../util/config');
+
 require('dotenv').config();
 const {NodeVM} = require('vm2');
 
@@ -69,7 +71,7 @@ async function executeCode(code, requestData, params, logStream, executedByScrip
         params,
         log,
         script:executeScriptByScript,
-        env: {}//process.env
+        env: process.env
     };
 
     sandbox.executedByScript = executedByScript === true;
@@ -165,6 +167,46 @@ async function readScriptFromFile(fileName) {
     return script;
 }
 
+async function getUsage(scriptId) {
+    const clients = getClients();
+    const usages = [];
+    clients.forEach(client => {
+        //check each client entry for scripts
+        Object.keys(client.config).forEach(clientKey => {
+            //log.debug(clientKey, client.config[clientKey].scripts);
+            const clientScripts = client.config[clientKey].scripts;
+            //check all script operations
+            if (clientScripts) {
+                Object.keys(clientScripts).forEach(operation => {
+                    //log.debug ('ops', operation);
+                    const opsScripts = clientScripts[operation];
+                    Object.keys(opsScripts).forEach(scriptType => {
+                        const opsTypeScripts = opsScripts[scriptType]
+                        //log.debug ('opsTypeSc', opsTypeScripts);
+                        if (opsTypeScripts && Array.isArray(opsTypeScripts)) {
+                            opsTypeScripts.forEach(script => {
+                                //log.debug (scriptType, scriptId, script);
+                                if (script === scriptId) {
+                                    const usage = {
+                                        client: client.name,
+                                        key: clientKey,
+                                        operation,
+                                        scriptType,
+                                        script
+                                    }
+                                    log.debug ('script match found', usage);
+                                    usages.push(usage);
+                                }
+                            });
+                        }
+                    })
+                })
+            }
+        })
+    });
+    return usages;
+}
+
 async function getScripts(pathName, catalogType, catalogId) {
     const files = recFindByExt(pathName,'js')
     const scriptNames = files.map(file => file.substr(0, file.length-3));
@@ -209,5 +251,6 @@ module.exports = {
     getGlobalScripts,
     setGlobalScript,
     deleteGlobalScript,
-    runScripts
+    runScripts,
+    getUsage
 };

package/docs/eventlog/events.md

@@ -63,3 +63,23 @@ An new worklog has been attached to a workorder.
 * WOI_WorkLog_Modified
 
 An new worklog has been attached to a workorder.
+
+* Task
+
+A task is modified.
+```json
+{
+    "event": "INC_TAS_Modify",
+    "objectId": "INC365840",
+    "objetctId2": "TAS30940"
+}
+```
+A task worklog is created.
+```json
+{
+    "event": "INC_TAS_WorkLog_Create",
+    "objectId": "INC365840",
+    "objetctId2": "TAS30940",
+    "objetctId3": "WLG9039283"
+}
+```

package/docs/openapi.json

@@ -555,31 +555,6 @@
         },
         "/appconfig": {
 
-        },
-        "/appconfig/clients": {
-            "get": {
-                "tags": [
-                    "AppConfig"
-                ],
-                "responses": {
-                    "200": {
-                        "content": {
-                            "application/json": {
-                                "schema": {
-                                    "$ref": "#/components/schemas/AppConfigClientResponseList"
-                                }
-                            }
-                        }
-                    }
-                },
-                "summary": "Get all clients"
-            },
-            "post": {
-                "tags": [
-                    "AppConfig"
-                ],
-                "summary": "Create a new Client"
-            }
         },
         "/appconfig/clients/{client}": {
             "get": {
@@ -2642,41 +2617,6 @@
         },
         "/appconfig/forms/{id}/fields": {
 
-        },
-        "/incidents/{id}/worklogs/{worklogId}/attachment": {
-            "get": {
-                "tags": [
-                    "Incidents",
-                    "Worklogs"
-                ],
-                "responses": {
-                    "200": {
-                        "content": {
-                            "Content-disposition', 'attachment; filename=<fileName>'": {
-
-                            }
-                        },
-                        "description": "Get the attachment of a worklog. Only attachment field1 ist used."
-                    }
-                },
-                "summary": "Get an Incident Worklog Attachment"
-            },
-            "post": {
-                "requestBody": {
-                    "description": "Send the data in the key: \"file\"",
-                    "content": {
-                        "application/x-www-form-urlencoded": {
-
-                        }
-                    },
-                    "required": true
-                },
-                "tags": [
-                    "Incidents",
-                    "Worklogs"
-                ],
-                "summary": "Set an Incident Worklog Attachment"
-            }
         },
         "/templates/{templateType}": {
             "get": {
@@ -3272,6 +3212,195 @@
                     "required": false
                 }
             ]
+        },
+        "/incidents/{id}/worklogs/{worklogId}/attachments/1": {
+            "get": {
+                "tags": [
+                    "Incidents",
+                    "Worklogs"
+                ],
+                "responses": {
+                    "200": {
+                        "$ref": "#/components/responses/attachmentResponse"
+                    }
+                },
+                "summary": "Get an Incident Worklog Attachment"
+            },
+            "post": {
+                "requestBody": {
+                    "description": "Send the data in the key: \"file\"",
+                    "content": {
+                        "application/x-www-form-urlencoded": {
+
+                        }
+                    },
+                    "required": true
+                },
+                "tags": [
+                    "Incidents",
+                    "Worklogs"
+                ],
+                "responses": {
+                    "200": {
+                        "description": "Attachment added"
+                    }
+                },
+                "summary": "Set an Incident Worklog Attachment"
+            },
+            "parameters": [
+                {
+                    "name": "worklogId",
+                    "schema": {
+                        "type": "string"
+                    },
+                    "in": "path",
+                    "required": true
+                },
+                {
+                    "name": "id",
+                    "schema": {
+                        "type": "string"
+                    },
+                    "in": "path",
+                    "required": true
+                }
+            ]
+        },
+        "/incidents/{id}/worklogs/{worklogId}/attachments/2": {
+            "get": {
+                "tags": [
+                    "Incidents",
+                    "Worklogs"
+                ],
+                "responses": {
+                    "200": {
+                        "$ref": "#/components/responses/attachmentResponse"
+                    }
+                },
+                "summary": "Get an Incident Worklog Attachment"
+            },
+            "post": {
+                "requestBody": {
+                    "description": "Send the data in the key: \"file\"",
+                    "content": {
+                        "application/x-www-form-urlencoded": {
+
+                        }
+                    },
+                    "required": true
+                },
+                "tags": [
+                    "Incidents",
+                    "Worklogs"
+                ],
+                "responses": {
+                    "200": {
+                        "description": "Attachment added"
+                    }
+                },
+                "summary": "Set an Incident Worklog Attachment"
+            },
+            "parameters": [
+                {
+                    "name": "worklogId",
+                    "schema": {
+                        "type": "string"
+                    },
+                    "in": "path",
+                    "required": true
+                },
+                {
+                    "name": "id",
+                    "schema": {
+                        "type": "string"
+                    },
+                    "in": "path",
+                    "required": true
+                }
+            ]
+        },
+        "/incidents/{id}/worklogs/{worklogId}/attachments/3": {
+            "get": {
+                "tags": [
+                    "Incidents",
+                    "Worklogs"
+                ],
+                "responses": {
+                    "200": {
+                        "$ref": "#/components/responses/attachmentResponse"
+                    }
+                },
+                "summary": "Get an Incident Worklog Attachment"
+            },
+            "post": {
+                "requestBody": {
+                    "description": "Send the data in the key: \"file\"",
+                    "content": {
+                        "application/x-www-form-urlencoded": {
+
+                        }
+                    },
+                    "required": true
+                },
+                "tags": [
+                    "Incidents",
+                    "Worklogs"
+                ],
+                "responses": {
+                    "200": {
+                        "description": "Attachment added"
+                    }
+                },
+                "summary": "Set an Incident Worklog Attachment"
+            },
+            "parameters": [
+                {
+                    "name": "worklogId",
+                    "schema": {
+                        "type": "string"
+                    },
+                    "in": "path",
+                    "required": true
+                },
+                {
+                    "name": "id",
+                    "schema": {
+                        "type": "string"
+                    },
+                    "in": "path",
+                    "required": true
+                }
+            ]
+        },
+        "/appconfig/clients": {
+            "get": {
+                "tags": [
+                    "AppConfig"
+                ],
+                "responses": {
+                    "200": {
+                        "content": {
+                            "application/json": {
+                                "schema": {
+                                    "$ref": "#/components/schemas/AppConfigClientResponseList"
+                                }
+                            }
+                        }
+                    }
+                },
+                "summary": "Get all clients"
+            },
+            "post": {
+                "tags": [
+                    "AppConfig"
+                ],
+                "responses": {
+                    "200": {
+                        "description": "Client added"
+                    }
+                },
+                "summary": "Create a new Client"
+            }
         }
     },
     "components": {
@@ -15036,6 +15165,26 @@
                     }
                 },
                 "description": "Returns an array of Templates"
+            },
+            "attachmentResponse": {
+                "headers": {
+                    "content-disposition": {
+                        "schema": {
+                            "format": "attachment; filename=<filename>",
+                            "type": "string"
+                        },
+                        "description": "The name of the attachment"
+                    }
+                },
+                "content": {
+                    "application/octet-stream": {
+                        "schema": {
+                            "format": "binary",
+                            "type": "string"
+                        }
+                    }
+                },
+                "description": "Get the attachment of a worklog."
             }
         },
         "securitySchemes": {

package/nodemon.json

@@ -1,3 +1,3 @@
 {
-  "ignore": ["conf/*.json", "Config"]
+  "ignore": ["conf/*.json", "Config", "conf/scrips/*.js"]
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@manyos/smileconnect-api",
-  "version": "1.28.1",
+  "version": "1.29.2",
   "description": "A proxy and abstraction layer for BMCs IT Service Management Suite",
   "main": "app.js",
   "scripts": {
@@ -21,9 +21,9 @@
     "express-fileupload": "^1.2.1",
     "express-rate-limit": "^5.2.6",
     "express-request-id": "^1.4.1",
-    "express-validator": "^5.3.1",
+    "express-validator": "^6.10.0",
     "moment": "^2.29.1",
-    "mongoose": "^5.12.1",
+    "mongoose": "^5.12.3",
     "node-cache": "^4.2.1",
     "only": "0.0.2",
     "p-limit": "^2.3.0",
@@ -35,7 +35,7 @@
     "request-promise-native": "^1.0.9",
     "socket.io": "^2.4.1",
     "uuid": "^3.4.0",
-    "vm2": "^3.9.2"
+    "vm2": "^3.9.3"
   },
   "devDependencies": {
     "chai": "^4.3.4",

package/routes/cmdbObjectRoutes.js

@@ -150,5 +150,68 @@ module.exports = (function () {
         }
     });
 
+    cmdbObjectRoutes.put('/:id', async function (req, res, next) {
+        const id = req.params.id;
+        const classId = req.body.classId;
+        const includeString = req.query.include;
+        eventLog.setEventData(
+            req,
+            CONSTANTS.EVENT_BASE_AST,
+            CONSTANTS.EVENT_ACTION_MODIFY,
+            CONSTANTS.FORM_ASSET,
+            id
+        );
+        const errors = validationResult(req);
+        if (!errors.isEmpty()) {
+            req.errorStatus = 422;
+            next(errors.array());
+        } else {
+            //const clientConfig = config.getClientConfig(clientId);
+            const result = [];
+            try {
+                const ci = req.body.data;
+                const hasAccess = await cmdbobjects.hasAccess(req.user.config, id);
+                if (hasAccess) {
+                    const result = await cmdbobjects.updateCmdbObject(req.ticketConfig, req.user.config, id, req.body.data, classId);
+                    const ci = await cmdbobjects.getCmdbObject(req.user.config, id, includeString);
+                    req.result = ci;
+                    next();
+                } else {
+                    req.errorStatus = 403;
+                    next('Access forbidden.')
+                }
+            } catch (e) {
+                next(e);
+            }
+        }
+    });
+
+    cmdbObjectRoutes.post('/', async function (req, res, next) {
+        const classId = req.body.classId;
+        const includeString = req.query.include;
+        eventLog.setEventData(
+            req,
+            CONSTANTS.EVENT_BASE_AST,
+            CONSTANTS.EVENT_ACTION_MODIFY,
+            classId
+        );
+        const errors = validationResult(req);
+        if (!errors.isEmpty()) {
+            req.errorStatus = 422;
+            next(errors.array());
+        } else {
+            //const clientConfig = config.getClientConfig(clientId);
+            const result = [];
+            try {
+                const ciInstanceId = await cmdbobjects.createCmdbObject(req.ticketConfig, req.user.config, classId, req.body.data);
+                const ci = await cmdbobjects.getCmdbObject(req.user.config, ciInstanceId, includeString);
+                req.result = ci;
+                next();
+            } catch (e) {
+                next(e);
+            }
+        }
+    });
+
     return cmdbObjectRoutes;
 })();

package/routes/scriptRoutes.js

@@ -0,0 +1,142 @@
+const path = require('path');
+const log = require('@manyos/logger').setupLog('SMILEconnect_' + path.basename(__filename));
+const scriptController = require('../controller/scriptController');
+const eventLog = require('../controller/eventLogController');
+const CONSTANTS = require('../util/constants');
+const scriptDefinitionSchema = require('../util/schemas/scriptDefinitionSchema');
+const {isAuthorizedAdmin} = require('../util/auth');
+
+const {checkSchema, validationResult} = require('express-validator');
+
+const {throwSchemaError} = require('../util/responsehandler');
+
+module.exports = (function() {
+    const scriptRoutes = require('express').Router();
+
+    scriptRoutes.get('/',
+        isAuthorizedAdmin,
+        function (req, res, next) {
+        eventLog.setEventData(
+            req,
+            CONSTANTS.EVENT_BASE_SCRIPT,
+            CONSTANTS.EVENT_ACTION_QUERY,
+            CONSTANTS.FORM_SCRIPTS
+        );
+
+        scriptController.getGlobalScripts().then(function (result) {
+            log.debug('result', result);
+
+            req.includeObjectsList = result.included;
+            req.result = {data:result};
+            next();
+        }).catch(function (reason) {
+            next(reason);
+        });
+    });
+
+    scriptRoutes.get('/:scriptId*', isAuthorizedAdmin, async function (req, res, next) {
+        const scriptId = req.path.replace(`/`,"");
+        eventLog.setEventData(
+            req,
+            CONSTANTS.EVENT_BASE_SCRIPT,
+            CONSTANTS.EVENT_ACTION_QUERY,
+            CONSTANTS.FORM_SCRIPTS,
+            scriptId
+        );
+
+        try {
+            const code = await scriptController.getGlobalScript(scriptId);
+            const usage = await scriptController.getUsage(scriptId);
+            req.result = {
+                id: scriptId,
+                code,
+                usage
+            };
+            next();
+        } catch (error) {
+            next (error);
+        }
+    });
+
+    async function createAndUpdateScript(scriptId, code) {
+        await scriptController.setGlobalScript(scriptId, code);
+        return {
+            id: scriptId,
+            code: code
+        }
+    }
+
+    scriptRoutes.put('/:scriptId*',
+        isAuthorizedAdmin,
+        checkSchema(scriptDefinitionSchema),
+        function (req, res, next) {
+
+            //validate schema
+            const errors = validationResult(req);
+            throwSchemaError(errors);
+
+            const scriptId = req.path.replace(`/`,"");
+
+            eventLog.setEventData(
+                req,
+                CONSTANTS.EVENT_BASE_SCRIPT,
+                CONSTANTS.EVENT_ACTION_MODIFY,
+                CONSTANTS.FORM_SCRIPTS,
+                scriptId
+            );
+
+            createAndUpdateScript(scriptId, req.body.code).then(script => {
+                req.result = script;
+                next();
+            }).catch (error=> {
+                next(error);
+            });
+        });
+
+    scriptRoutes.delete('/:scriptId*', isAuthorizedAdmin, function (req, res, next) {
+        const scriptId = req.path.replace(`/`,"");
+        eventLog.setEventData(
+            req,
+            CONSTANTS.EVENT_BASE_SCRIPT,
+            CONSTANTS.EVENT_ACTION_DELETE,
+            CONSTANTS.FORM_SCRIPTS,
+            scriptId
+        );
+
+        scriptController.deleteGlobalScript(scriptId).then(script => {
+            req.result = script;
+            next();
+        }).catch (error=> {
+            next(error);
+        });
+    });
+
+    scriptRoutes.post('/',
+        isAuthorizedAdmin,
+        checkSchema(scriptDefinitionSchema),
+        function (req, res, next) {
+            //validate schema
+            const errors = validationResult(req);
+            throwSchemaError(errors);
+
+            const scriptId = req.body.id;
+
+            eventLog.setEventData(
+                req,
+                CONSTANTS.EVENT_BASE_SCRIPT,
+                CONSTANTS.EVENT_ACTION_CREATE,
+                CONSTANTS.FORM_SCRIPTS,
+                scriptId
+            );
+
+            createAndUpdateScript(scriptId, req.body.code).then(script => {
+                req.result = script;
+                log.debug('run next');
+                next();
+            }).catch (error=> {
+                next(error);
+            });
+        });
+
+    return scriptRoutes;
+})();

package/routes/taskRoutes.js

@@ -18,7 +18,7 @@ module.exports = (function () {
         //todo customize eventbase
         eventLog.setEventData(
             req,
-            req.parentEventBase,
+            req.parentEventBase + '_' + CONSTANTS.EVENT_BASE_TAS,
             CONSTANTS.EVENT_ACTION_QUERY,
             CONSTANTS.FORM_TASK,
             id
@@ -35,8 +35,8 @@ module.exports = (function () {
         const origData = JSON.parse(JSON.stringify(req.body));
         eventLog.setEventData(
             req,
-            req.parentEventBase,
-            CONSTANTS.EVENT_ACTION_MODIFY,
+            req.parentEventBase + '_' + CONSTANTS.EVENT_BASE_TAS,
+            CONSTANTS.EVENT_ACTION_CREATE,
             CONSTANTS.FORM_TASK,
             req.parentId,
             origData
@@ -87,7 +87,7 @@ module.exports = (function () {
         const taskId = req.params.taskId;
         eventLog.setEventData(
             req,
-            req.parentEventBase,
+            req.parentEventBase + '_' + CONSTANTS.EVENT_BASE_TAS,
             CONSTANTS.EVENT_ACTION_QUERY,
             CONSTANTS.FORM_TASK,
             parentId,
@@ -106,7 +106,7 @@ module.exports = (function () {
         const origData = JSON.parse(JSON.stringify(req.body));
         eventLog.setEventData(
             req,
-            req.parentEventBase,
+            req.parentEventBase + '_' + CONSTANTS.EVENT_BASE_TAS,
             CONSTANTS.EVENT_ACTION_MODIFY,
             CONSTANTS.FORM_TASK,
             req.parentId,
@@ -136,7 +136,7 @@ module.exports = (function () {
         const taskId = req.params.taskId;
         eventLog.setEventData(
             req,
-            req.parentEventBase,
+            req.parentEventBase + '_' + CONSTANTS.EVENT_BASE_TAS,
             CONSTANTS.EVENT_ACTION_QUERY,
             CONSTANTS.FORM_TASK_WORKLOG,
             req.parentId,
@@ -160,7 +160,7 @@ module.exports = (function () {
         const taskId = req.params.taskId;
         eventLog.setEventData(
             req,
-            req.parentEventBase,
+            req.parentEventBase + '_' + CONSTANTS.EVENT_BASE_TAS,
             CONSTANTS.EVENT_ACTION_CREATE,
             CONSTANTS.FORM_TASK_WORKLOG,
             req.parentId,
@@ -201,12 +201,13 @@ module.exports = (function () {
         const worklogId = req.params.worklogId;
         eventLog.setEventData(
             req,
-            req.parentEventBase,
+            req.parentEventBase + '_' + CONSTANTS.EVENT_BASE_TAS,
             CONSTANTS.EVENT_ACTION_QUERY,
             CONSTANTS.FORM_TASK_WORKLOG,
             req.parentId,
              null,
-            taskId
+            taskId,
+            worklogId
         );
 
         const result = await task.getTaskWorklog(req.user.config, taskId, worklogId);

package/util/config.js

@@ -341,7 +341,6 @@ const ticketConfig = {
         "requestTemplate": "taskTemplate",
         "templateRequestId": "Template ID"
     }
-
 };
 
 module.exports = {

package/util/constants.js

@@ -26,6 +26,8 @@ module.exports = {
     FORM_APC_FORMS: "Forms",
     FORM_APC_FORMS_META: "Metadata",
 
+    FORM_SCRIPTS: "Scripts",
+
     FORM_PEOPLE: "CTM:People",
     FORM_SUPPORTGROUP: "CTM:Support Group",
     FORM_ORGANISATION: "CTM:People Organization",
@@ -46,6 +48,8 @@ module.exports = {
 
     EVENT_BASE_APC: "APC",
 
+    EVENT_BASE_SCRIPT: "SCRIPT",
+
     EVENT_BASE_INC: "INC",
     EVENT_BASE_INC_WORKLOG: "INC_Worklog",
     EVENT_BASE_INC_WORKLOG_ATTACHTMENT: "INC_Worklog_Attachment",
@@ -60,9 +64,12 @@ module.exports = {
 
     EVENT_BASE_WOI: "WOI",
 
+    EVENT_BASE_TAS: "TAS",
+
     EVENT_ACTION_QUERY: 'Query',
     EVENT_ACTION_CREATE: 'Create',
     EVENT_ACTION_MODIFY: 'Modify',
+    EVENT_ACTION_DELETE: 'Delete',
     EVENT_ACTION_SEARCH: 'Search',
 
     EVENT_BASE_ORG_PEOPLE: "ORG_People",

package/util/responsehandler.js

@@ -87,6 +87,13 @@ function eventQueueHandler(req, res, next) {
     }
 }
 
+function throwSchemaError(errors) {
+    if (!errors.isEmpty()) {
+        log.error(errors.array());
+        throw ({validationErrors: errors.array(), status:400});
+    }
+}
+
 module.exports = {
-    logErrors, errorHandler, eventQueueHandler, logRequest
+    logErrors, errorHandler, eventQueueHandler, logRequest, throwSchemaError
 };

package/util/schemas/scriptDefinitionSchema.js

@@ -0,0 +1,14 @@
+module.exports = {
+    'id': {
+        in: ['body'],
+        exists: {
+            errorMessage: 'Is required'
+        }
+    },
+    'code': {
+        in: ['body'],
+        exists: {
+            errorMessage: 'Is required'
+        }
+    }
+};