@manyos/smileconnect-api 1.39.1 → 1.40.0

package/app.js

@@ -233,6 +233,19 @@ app.get('/debug', function (req, res, next) {
 //global authentication
 app.use(passport.authenticate('jwt', {session: false}), responseHandler.logRequest);
 
+//Check for dynamic impersonate
+app.use(function (req, res, next) {
+    if (req.user) {
+        const clientConfig = req.user.config;
+        const dynamicARUser = req.query.impersonateUser;
+        if (clientConfig && clientConfig.options && clientConfig.options.allowDynamicImpersonate === true && dynamicARUser) {
+            log.debug('Dynamic impersonate to user', dynamicARUser)
+            clientConfig.options.impersonateUser = dynamicARUser
+        }
+    }
+    next()
+})
+
 //set globalscript params
 app.use(function (req, res, next) {
     req.globalScriptParams = {

package/conf/clients.json

@@ -133,6 +133,7 @@
         "dateFormati": "dd.MM.yyyy HH:mm.ss",
         "clientLimit": 100000,
         "impersonateUser": "rhannemann",
+        "allowDynamicImpersonate": true,
         "translateSelectionFieldsX": false
       },
       "custom_Sample:Enrollments": {

package/docs/README.md

@@ -0,0 +1 @@
+Our ITSM API creates a RESTful layer on-top of BMCs ITSM Suite. It allows you to expose all of your services with an easy and powerful REST-API. You can perform create, read and update operations on Incidents, Changes, Problems, Work Orders, Tasks and Assets. With no need for customization.

package/docs/_coverpage.md

@@ -0,0 +1,12 @@
+![logo](_media/logo.png)
+
+# SMILEconnect
+
+> Learn all about manyos ITSM API on these pages
+
+- The easy way to integrate providers
+- Reduce efforts and license cost
+- State of the art ITSM REST API
+
+[manyos](https://manyos.it)
+[Get Started](quickstart#Introduction)

package/docs/_sidebar.md

@@ -0,0 +1,25 @@
+- Getting started
+
+  - [Quick start](quickstart.md)
+  - [Architecture](architecture.md)
+  - [API Specification](spec/index.html)
+
+- Configuration
+
+  - [Global Settings](configuration/config.md)
+  - [Mapping](configuration/mapping.md)
+  - [Client Configuration](configuration/clients.md)
+  - [Events](configuration/events.md)
+
+- Data manipulation
+
+  - [Scripts](scripts.md)
+  - [Adapter](adapter.md)
+
+- How-Tos
+
+  - [Authentication](howto/token.md)
+  - [Incident Requests](howto/incidents.md)
+  - [Handle Worklogs](howto/worklogs.md)
+  - [Handle Attachments](howto/attachments.md)
+  - [Read Configuration Items](howto/cmdbobjects.md)

package/docs/{configuration/adapter.md → adapter.md}

@@ -1,13 +1,4 @@
----
-layout: page
-title: Adapter
-subtitle: Talk to the outside world
-use-site-title: true
-bigimg: /img/gb-isapi.jpg
-toc: true
----
-
-# Introduction
+# Adapter
 
 Adapter are used to integrate with different systems. SMILEconnect comes with a flexible adapter architecture. Multiple types of adapters can be used and also multiple adapters of the same type can be configured. This can be useful if you need to interact e.g. with two different LDAP Systems.
 
@@ -15,7 +6,7 @@ Adapter are used to integrate with different systems. SMILEconnect comes with a
 
 Adapter are configured in the file *adapterConfig.js* in the root of the conf folder. Within the configuration file the variable *env* can be used to access system environment variables. E.g. *env.AR_USER* reflects the value of the system variable *AR_USER*.
 
-For security, it is advised to store confidential information, like passwords, in the environment variables and not in the configuration file itself. 
+For security, it is advised to store confidential information, like passwords, in the environment variables and not in the configuration file itself.
 
 Configuration example:
 ```javascript
@@ -74,7 +65,7 @@ The Remedy Adapter is used to connect to BMC Remedy Action Request Servers. It a
 
 **rapiUri**: The URL of the RAPI Server wich is used as middleware to connect to the arsystem server. e.g. https://rapi.mydomain.com
 
-**cacheTime**: The default time in seconds in which the result of queries is stored in a cache. This is used to increase performance dramatically. Defaults to 300s. 
+**cacheTime**: The default time in seconds in which the result of queries is stored in a cache. This is used to increase performance dramatically. Defaults to 300s.
 
 **limitDefault**: The default limit of records retrieved in a query. This value is used whenever no value is specified. Can be overwritten in queries.
 
@@ -148,7 +139,7 @@ The form in which a new record is created. e.g. CTM:People
 
 * entry (object):
 
-The entry object that is ceated. 
+The entry object that is ceated.
 
 e.g.
 
@@ -157,7 +148,7 @@ e.g.
     "Source Keyword": "SMILEcatalog",
     "Company": "Calbro Services",
     "AppRequestSummary": "New Request from SMILEcatalog",
-    "TitleInstanceID": "SRGAA5V0GEfds7LO5YL6Q945Z", 
+    "TitleInstanceID": "SRGAA5V0GEfds7LO5YL6Q945Z",
     "Login ID": "Allen"
 }
 ```
@@ -207,6 +198,7 @@ e.g.
 }
 ```
 
+
 * countOnly (only search)
 
 Can be used to retrieve only the size of the results without any payload. This improves performance.
@@ -312,6 +304,6 @@ The SMILEconnect Adapter can be used to do calls against SMILEconnect. It will a
 
 ### Functions
 
-The SMILEconnect adapter is an open source project. 
+The SMILEconnect adapter is an open source project.
 
-[Visit the project homepage for details]https://github.com/manyosit/smileconnect-client
+[Visit the project homepage for details](https://github.com/manyosit/smileconnect-client)

package/docs/architecture.md

@@ -0,0 +1,8 @@
+# Architecture
+
+In this guide we will explain the different components of ISAPI and how you can use them.
+
+![architecure of smileconnect](_media/architecture.jpeg)
+
+
+![architecure of smileconnect](_media/dataflow.png)

package/docs/configuration/clients.md

@@ -0,0 +1,69 @@
+# Client Config
+
+On a per client base it can be configured which fields are returned for each object and if a basequery is applied. This expose certain fields only dedicated clients. It also allows to define which rows a client can access. Clients are configured in conf/clients.json
+
+```json
+[
+  {
+    "name": "jira",
+    "config": {
+      "options" : {
+        "dateFormat" : "dd.MM.yyyy HH:mm.ss",
+        "clientLimit": 100
+      },
+      "cmdbobject": {
+        "basequery": "'Data Set Id' = \"BMC.ASSET\" AND ('Mark As Deleted' = \"No\" OR 'Mark As Deleted' = $NULL$) AND 'Class Id' = \"BMC_COMPUTERSYSTEM\"",
+        "fields": [
+          "Instance Id",
+          "Tag Number",
+          "Name",
+          "AssetLifecycleStatus",
+          "Category",
+          "Item",
+          "Type",
+          "Availability",
+          "Confidentiality",
+          "Integrity",
+          "Authenticity",
+          "Model Number",
+          "Class Id",
+          "Reconciliation Identity"
+        ]
+      },
+      "orgdata": {
+        "basequeryPeople": "'Profile Status' = \"Enabled\"",
+        "basequeryOrganisation": "'Status'=\"Enabled\"",
+        "basequerySupportGroup": "'Status'=\"Enabled\""
+      },
+      "change": {
+        "fields": [
+          "Infrastructure Change ID",
+          "Categorization Tier 1",
+          "Categorization Tier 2",
+          "Categorization Tier 3",
+          "Product Cat Tier 1",
+          "Product Cat Tier 2",
+          "Product Cat Tier 3",
+          "Product Name (2)",
+          "Description",
+          "Detailed Description",
+          "Status Reason",
+          "Change Request Status",
+          "Requested Start Date",
+          "Requested End Date",
+          "Scheduled Start Date",
+          "Scheduled End Date",
+          "Support Group ID",
+          "Support Group ID 2",
+          "Customer Person ID"
+        ],
+        "constants" : [
+          {"name": "Location Company", "value" : "Calbro Services"},
+          {"name": "Company", "value" : "Calbro Services"},
+          {"name": "RequesterLoginID", "value" : "Allen"}
+        ]
+      }
+    }
+  }
+]
+```

package/docs/configuration/config.md

@@ -0,0 +1,323 @@
+# Global Application Settings
+
+All of the following global configuration options needs to be set as Environment Variables for the different containers.
+
+# API
+
+## AR Server Connection
+
+### BASEURL
+
+Base URL of the used arrestfulapi
+
+Sample:
+
+*BASEURL=http://localhost:8080*
+
+### AR_SERVER
+
+Remedy Server to connect to.
+
+Sample:
+
+*AR_SERVER=pier1*
+
+### AR_PORT
+
+Remedy Server TCP Port.
+
+Sample:
+
+*AR_PORT=1234*
+
+### AR_USER
+
+Remedy Admin User who is used for all queries.
+
+Sample:
+
+*AR_USER=Demo*
+
+### AR_PASSWORD
+
+Remedy Admin User password.
+
+Sample:
+
+*AR_PASSWORD=password*
+
+## SSO Connection
+
+For a minimum configuration only the SSO Public Key is required.
+
+### SSO_PUBLIC_KEY
+
+Public Key used to validate JWT tokens.
+
+Sample:
+
+*SSO_PUBLIC_KEY=1635rN5xkbubgmuNQCnKKFu7OlAD3QxiDwecg1bJvFhJW9Qj5YhOwGuX54sOSCjmdTcKT1mCHL61FJ5mzxtbrct97zVwXmi4F4KDKj2PsW+qxUg0Jz/06iTVjtv2H1yBq1*
+
+### SSO_AUDIENCE
+
+Audience (Clients) which are allowed to use JWT tokens. This parameter is optional. If it is not set, no check against the JWT token will be performed.
+
+Sample:
+
+*SSO_AUDIENCE=gihub, jira*
+
+### SSO_ISSUER
+
+Issuer (SSO Server) of the JWT tokens.
+
+Sample:
+
+*SSO_ISSUER=https://sso.mydomain.io/auth/realms/itsmproxy*
+
+### SSO_CLIENTNAME_ATTRIBUTE
+
+The attribute that contains the client name in the token.
+
+Default: *azp*
+
+Set this value if you only want to use a single client in the SSO and service accounts as clients in SMILEconnect. This can be used to manage your SMILEconnect clients via a directory service like LDAP/AD. [More Info](https://datatracker.ietf.org/doc/html/rfc6749#section-1.3.3)
+
+Sample:
+
+*SSO_CLIENTNAME_ATTRIBUTE = "preferred_username"*
+
+### ADMIN_USERS
+
+List of users who are allowed to access /v1/appconfig endpoints.
+
+Sample:
+ADMIN_USERS=username1, username2
+
+### MASTER_CLIENTS
+
+List of clients that can act on behalf of other clients.
+
+The URL Parameter *clientId* is used for this.
+
+Sample:
+MASTER_CLIENTS=idm,adminTool
+
+## Cache Settings
+
+### CACHETTL_CMDB
+Interval in seconds in which before cached CMDB Data is deleted from the cache.
+
+Default: *600*
+
+Sample:
+
+*CACHETTL_CMDB=2800*
+
+### CACHETTL_ORGDATA
+Interval in seconds in which before cached Org Data like People, Support Groups, Organisations are deleted from the cache.
+
+Default: *3600*
+
+Sample:
+
+*CACHETTL_ORGDATA=7200*
+
+### CACHETTL_TICKETS
+
+Interval in seconds in which before cached Ticket Data is deleted from the cache.
+
+Default: *1*
+
+Sample: 600
+
+### CACHETTL_TASK
+
+Interval in seconds in which before cached Task Data is deleted from the cache.
+
+Default: *1*
+
+Sample:
+
+*CACHETTL_TASK=600*
+
+## Logging
+
+### Loglevel
+
+Loglevel of the api. Defaults to *error*
+
+## Rate Limits
+
+### RATE_LIMIT
+
+Defines how many API requests from a single IP are allowed within a 15min timeframe.
+
+Default *10000*
+
+Sample:
+
+*RATE_LIMIT=600*
+
+### LIMIT_DEFAULT
+
+Limits the resultsize of all queries against the Remedy Server. Sets a default that can be overwritten by requests. Can be used to prevent performance issues.
+Affects also relations.
+
+Default *unlimited*
+
+Sample:
+
+*LIMIT_DEFAULT=100*
+
+### LIMIT_MAX
+
+Limits the resultsize of all queries against the Remedy Server. Defines a global maximum that can not be overwritten by requests. Will only be overwritten by Limits defined for certains clients. Can be used to prevent performance issues.
+Affects also relations.
+
+Default *unlimited*
+
+Sample:
+
+*LIMIT_MAX=100*
+
+### MAX_HTTP_SOCKETS
+
+Defines how many TCP Sockets are used for outgoing connections. (Parallel connections to the Remedy REST API.)
+
+Reduce this parameter if you see ECONNRESET or socket hang up errors.
+
+This parameter has direct impact on performance.
+
+Default *10*
+
+Sample:
+
+*MAX_HTTP_SOCKETS=15*
+
+
+# Event Manager
+
+## AR Server Connection
+
+### BASEURL
+
+Base URL of the used arrestfulapi
+
+Sample:
+
+*BASEURL=http://localhost:8080*
+
+### AR_SERVER
+
+Remedy Server to connect to.
+
+Sample:
+
+*AR_SERVER=pier1*
+
+### AR_PORT
+
+Remedy Server TCP Port.
+
+Sample:
+
+*AR_PORT=1234*
+
+### AR_USER
+
+Remedy Admin User who is used for all queries.
+
+Sample:
+
+*AR_USER=Demo*
+
+### AR_PASSWORD
+
+Remedy Admin User password.
+
+Sample:
+
+*AR_PASSWORD=password*
+
+## SSO Connection
+
+For a minimum configuration only the SSO Public Key is required.
+
+### SSO_PUBLIC_KEY
+
+Public Key used to validate JWT tokens.
+
+Sample:
+
+*SSO_PUBLIC_KEY=1635rN5xkbubgmuNQCnKKFu7OlAD3QxiDwecg1bJvFhJW9Qj5YhOwGuX54sOSCjmdTcKT1mCHL61FJ5mzxtbrct97zVwXmi4F4KDKj2PsW+qxUg0Jz/06iTVjtv2H1yBq1*
+
+### SSO_AUDIENCE
+
+Audience (Clients) which are allowed to use JWT tokens. This parameter is optional. If it is not set, no check against the JWT token will be performed.
+
+Sample:
+
+*SSO_AUDIENCE=gihub, jira*
+
+### SSO_ISSUER
+
+Issuer (SSO Server) of the JWT tokens.
+
+Sample:
+
+*SSO_ISSUER=https://sso.mydomain.io/auth/realms/itsmproxy*
+
+
+## Logging
+
+### Loglevel
+
+Loglevel of the api. Defaults to *error*
+
+# GUI
+
+## SMILEconnect
+
+### REACT_APP_API_URL
+
+The URL where the api is deployed.
+
+Sample:
+*REACT_APP_API_URL=https://sc-api.mydomain.io/*
+###
+
+Sample:
+*REACT_APP_TOKEN_REFRESHTIME=30*
+
+### REACT_APP_EVENTMGR_URL
+
+The URL where the eventmanager is deployed.
+
+Sample:
+*REACT_APP_EVENTMGR_URL=https://sc-event.mydomain.io/*
+
+
+## SSO
+
+### REACT_APP_SSO_URL
+
+The URL of the OIDC Provider for user authentication
+
+Sample:
+*REACT_APP_SSO_URL=https://sso.mydomain.io/auth/realms/itsmproxy*
+
+## GUI
+
+### REACT_APP_GUI_URL
+
+The Baseurl where the GUI is deployed.
+
+Sample:
+*REACT_APP_GUI_URL=https://sc-gui.mydomain.io/*
+
+### REACT_APP_WIZZARD_URL
+
+Url of the Midtier Appwizzard.
+
+Sample:
+*REACT_APP_WIZZARD_URL=https://midtier.mydomain.io/arsys/forms/arserver/MYS:SMILEconnect_NewVendor*

package/docs/{eventlog → configuration}/events.md

@@ -1,24 +1,27 @@
----
-layout: page
-title: API Queue Events
-subtitle: All events created / processed by the event manager
-use-site-title: true
----
+# Events
+
+The following events are generated by API and can be used to react on.
 
 # Change
 
 * CHG_Query
 
-* CHG_Created 
+* CHG_Created
+
+* CHG_Modified
+
+* CHG_Worklog_Created
 
 # Incident
 
-* INC_Worklog_Created
+* INC_Query
 
 * INC_Created
 
 * INC_Modified
 
+* INC_Worklog_Created
+
 # CMDB
 
 * CMDB_Query

package/docs/{general/field-management.md → configuration/mapping.md}

@@ -1,78 +1,8 @@
-# Client Config
-
-On a per client base it can be configured which fields are returned for each object and if a basequery is applied. This expose certain fields only dedicated clients. It also allows to define which rows a client can access. Clients are configured in conf/clients.json
-
-{% highlight json linenos %}
-[
-  {
-    "name": "jira",
-    "config": {
-      "options" : {
-        "dateFormat" : "dd.MM.yyyy HH:mm.ss",
-        "clientLimit": 100
-      },
-      "cmdbobject": {
-        "basequery": "'Data Set Id' = \"BMC.ASSET\" AND ('Mark As Deleted' = \"No\" OR 'Mark As Deleted' = $NULL$) AND 'Class Id' = \"BMC_COMPUTERSYSTEM\"",
-        "fields": [
-          "Instance Id",
-          "Tag Number",
-          "Name",
-          "AssetLifecycleStatus",
-          "Category",
-          "Item",
-          "Type",
-          "Availability",
-          "Confidentiality",
-          "Integrity",
-          "Authenticity",
-          "Model Number",
-          "Class Id",
-          "Reconciliation Identity"
-        ]
-      },
-      "orgdata": {
-        "basequeryPeople": "'Profile Status' = \"Enabled\"",
-        "basequeryOrganisation": "'Status'=\"Enabled\"",
-        "basequerySupportGroup": "'Status'=\"Enabled\""
-      },
-      "change": {
-        "fields": [
-          "Infrastructure Change ID",
-          "Categorization Tier 1",
-          "Categorization Tier 2",
-          "Categorization Tier 3",
-          "Product Cat Tier 1",
-          "Product Cat Tier 2",
-          "Product Cat Tier 3",
-          "Product Name (2)",
-          "Description",
-          "Detailed Description",
-          "Status Reason",
-          "Change Request Status",
-          "Requested Start Date",
-          "Requested End Date",
-          "Scheduled Start Date",
-          "Scheduled End Date",
-          "Support Group ID",
-          "Support Group ID 2",
-          "Customer Person ID"
-        ],
-        "constants" : [
-          {"name": "Location Company", "value" : "Calbro Services"},
-          {"name": "Company", "value" : "Calbro Services"},
-          {"name": "RequesterLoginID", "value" : "Allen"}
-        ]
-      }
-    }
-  }
-]
-{% endhighlight %}
-    
 # Field Mappings
 
 Field mappings are configured in conf/mapping.json and are used globally for all clients.
 
-{% highlight json linenos %}
+```json
 {
   "cmdbobject":[
     {"oldName":"Instance Id", "newName" : "id"},
@@ -116,4 +46,4 @@ Field mappings are configured in conf/mapping.json and are used globally for all
     {"oldName":"TemplateID", "newName" : "template"}
   ]
 }
-{% endhighlight %}
+```