@manyos/smileconnect-api 1.62.0 → 1.63.3

package/app.js

@@ -152,6 +152,8 @@ passport.use(
         const clientConfig = config.getClientConfig(clientId)
         clientConfig.clientId = clientId
 
+        req.clientId = clientId;
+
         const user = {
             'id': jwt_payload.sub,
             'azp': jwt_payload.azp,
@@ -196,7 +198,8 @@ const maxFilesize = process.env.MAX_FILESIZE || 5;
 
 app.use(fileUpload({
     limits: { fileSize: maxFilesize * 1024 * 1024 },
-    abortOnLimit: true
+    abortOnLimit: true,
+    debug: true
 }));
 
 //global check for compatibility
@@ -265,7 +268,8 @@ app.use(function (req, res, next) {
 app.use(function (req, res, next) {
     req.globalScriptParams = {
         query: req.query,
-        user: req.user
+        user: req.user,
+        log: log.child({req_id: req.id, clientId:req.clientId}, true)
     }
     // Für Scripte einen globalen parameter bereitstellen, der den org. Body enthält. Damit hat man auch noch in Post Scripten Zugriff auf customAttributes die beim Mapping entfernt werden.
     if (req.body) {

package/conf/clients.json

@@ -128,6 +128,9 @@
         "fields": [],
         "constants": [],
         "scripts": {}
+      },
+      "options": {
+        "translateSelectionFields": true
       }
     }
   },
@@ -135,7 +138,8 @@
     "name": "smileconnectGui",
     "config": {
       "options": {
-        "dateFormati": "dd.MM.yyyy HH:mm.ss"
+        "dateFormati": "dd.MM.yyyy HH:mm.ss",
+        "translateSelectionFields": true
       },
       "cmdbobject": {
         "basequery": "'Data Set Id' = \"BMC.ASSET\" AND ('Mark As Deleted' = \"No\" OR 'Mark As Deleted' = $NULL$)",
@@ -600,7 +604,8 @@
     "name": "ismsNeu",
     "config": {
       "options": {
-        "dateFormati": "dd.MM.yyyy HH:mm.ss"
+        "dateFormati": "dd.MM.yyyy HH:mm.ss",
+        "translateSelectionFields": true
       },
       "cmdbobject": {
         "basequery": "'Data Set Id' = \"BMC.ASSET\" AND ('Mark As Deleted' = \"No\" OR 'Mark As Deleted' = $NULL$)",
@@ -1060,7 +1065,8 @@
     "name": "ismsNeu2",
     "config": {
       "options": {
-        "dateFormat": "dd.MM.yyyy HH:mm.ss"
+        "dateFormat": "dd.MM.yyyy HH:mm.ss",
+        "translateSelectionFields": true
       },
       "cmdbobject": {
         "basequery": "'Data Set Id' = \"BMC.ASSET\" AND ('Mark As Deleted' = \"No\" OR 'Mark As Deleted' = $NULL$)",
@@ -1519,7 +1525,8 @@
     "name": "robert2",
     "config": {
       "options": {
-        "dateFormati": "dd.MM.yyyy HH:mm.ss"
+        "dateFormati": "dd.MM.yyyy HH:mm.ss",
+        "translateSelectionFields": true
       },
       "cmdbobject": {
         "basequery": "'Data Set Id' = \"BMC.ASSET\" AND ('Mark As Deleted' = \"No\" OR 'Mark As Deleted' = $NULL$)",
@@ -1982,7 +1989,8 @@
         "clientLimit": 100000,
         "impersonateUser": "rhannemann",
         "allowDynamicImpersonate": true,
-        "translateSelectionFieldsX": false
+        "translateSelectionFieldsX": false,
+        "translateSelectionFields": true
       },
       "custom_Sample:Enrollments": {
         "basequery": "1=1",
@@ -2389,9 +2397,7 @@
           },
           "PUT": {
             "preMapping": [],
-            "postMapping": [
-              "notFetchResult"
-            ],
+            "postMapping": [],
             "afterExecution": []
           }
         }

package/controller/scriptController.js

@@ -16,7 +16,13 @@ const {getClients, getClient, setClient} = require('../util/config');
 require('dotenv').config();
 const {NodeVM} = require('vm2');
 
-const adapterConfigScript = fs.readFileSync('conf/adapterConfig.js',{encoding: 'utf8'});
+//try to read adapterConfig
+let adapterConfigScript = `return {}`;
+try {
+    adapterConfigScript = fs.readFileSync('conf/adapterConfig.js',{encoding: 'utf8'});
+} catch (error) {
+    log.error(`Can't conf/adapterConfig.js - adapterFoundation not available.`, error);
+}
 
 const adapter = adapterFoundation.getAdapter(adapterConfigScript);
 
@@ -80,7 +86,7 @@ async function executeCode(code, requestData, params, logStream, executedByScrip
         requestData,
         params,
         adapter,
-        log,
+        log: globalScriptParams.log.child({script: scriptId}, true),
         clientId,
         xmlParser,
         script:executeScriptByScript,

package/controller/taskController.js

@@ -445,6 +445,9 @@ async function updateTask(clientConfig, id, taskData, globalScriptParams) {
         await scriptController.runScripts(scripts.postMapping, taskData, clientConfig.clientId, globalScriptParams);
     }
 
+    //remove ticket id to prevent change
+    delete taskData['Task ID'];
+
     const result = await arquery.updateEntry('TMS:Task', id, taskData, clientConfig.options);
 
     //flow update

package/controller/ticketController.js

@@ -309,12 +309,17 @@ async function updateTicket(ticketConfig, clientConfig, id, ticketData, globalSc
     if (scripts && scripts.postMapping) {
         await scriptController.runScripts(scripts.postMapping, ticketData, clientConfig.clientId, globalScriptParams);
     }
+
     const ticket = await getTicket(ticketConfig, myClientConfig, id, myMapping, undefined, globalScriptParams);
     log.debug('Ticket to Update', ticket);
     //keep businessService CI Relation
     if (ticket && ticket.data && ticket.data.serviceReconId && relations) {
         relations.keepCIs = [ticket.data.serviceReconId]
     }
+
+    //remove ticket id to prevent change
+    delete ticketData[ticketConfig.ticketIdField];
+
     //todo Abfangen wenn getTicket nichts liefert.
     const update = await arquery.updateEntry(ticketConfig.forms.regular, ticket.data.internalId, ticketData, clientConfig.options);
     relationErrors = await ticketCIRelationController.updateRelations(ticketConfig, clientConfig, id, relations);

package/docs/_sidebar.md

@@ -18,6 +18,12 @@
   - [Scripts](scripts)
   - [Adapter](adapter)
 
+- Getting started
+
+  - [Introduction](getting-started/introduction)
+  - [Hands on](getting-started/hands-on)
+  - [Tips & Tricks](getting-started/tips)
+
 - How-Tos
 
   - [Authentication](howto/token)

package/docs/adapter.md

@@ -584,6 +584,7 @@ The SMILEconnect adapter is an open source project.
 **secure**: Is secure communication use? True/False
 
 **auth.user**: User for SMTP Authentication
+
 **auth.pass**: Pass for SMTP Authentication
 
 ## Functions
@@ -626,6 +627,8 @@ const mailData = {
     text: "Hello world?", // plain text body
     html: "<b>Hello world?</b>", // html body
 }
+
+const result = adapter.mail.sendMail(mailData);
 ```
 
 # DeepL

package/docs/architecture.md

@@ -1,8 +1,15 @@
 # Architecture
 
-In this guide we will explain the different components of ISAPI and how you can use them.
+In this guide we will explain the different components of SMILEconnect and how you can use them.
+
+General logical architecture:
 
 ![architecure of smileconnect](_media/architecture.jpeg)
 
+Deployment architecture in Kubernetes / Docker:
+
+![architecure of smileconnect](_media/architecture-deployment.png)
+
+Dataflow incl. Authentication:
 
 ![architecure of smileconnect](_media/dataflow.png)

package/docs/configuration/config.md

@@ -156,6 +156,10 @@ Sample:
 
 Loglevel of the api. Defaults to *error*
 
+### LOG_REQUEST
+
+If set to true, the incoming request & headers will be written to the JsonValue field in the QueueForm. 
+
 ## Rate Limits
 
 ### RATE_LIMIT
@@ -387,6 +391,9 @@ Use REACT_APP_OIDC_TOKEN to choose the token to use. Default is access_token
 
 Use REACT_APP_OIDC_SCOPE to choose the oidc scope
 
+Use REACT_APP_CLIENT_SECRET to use confidential SSO client
+
+
 ## GUI
 
 ### REACT_APP_GUI_URL

package/docs/getting-started/hands-on.md

@@ -0,0 +1,59 @@
+# Hands-on Exercises
+
+## Setup Field Mapping
+
+In this exercise, participants will learn how to configure the global field mapping for all SMILEconnect interfaces with BMC HELIX ITSM. Global field mapping ensures that BMC field names are translated into valid REST-compatible values, promoting seamless data transfer between systems.
+
+SMILEconnect creates new records using the appropriate "Interface Create Forms." Occasionally, field names in BMC may differ between the standard forms and the "Interface Create Forms." To address this, SMILEconnect provides separate mappings for both the standard objects and the creation process. The system attempts to synchronize both mappings automatically to maintain consistency and data accuracy.
+
+### Review the mapping
+
+### Manage mappings
+
+### New vs. Normal Mappings
+
+## Configuring Clients
+
+In this exercise, participants will learn how to configure client applications to interact with the SMILEconnect integrated REST API with BMC HELIX ITSM. Efficient client configuration is crucial for seamless communication and data exchange between various systems.
+
+New clients are created by copying an existing client, which allows for the development of a library of clients. This library facilitates the rapid creation of new clients as needed, streamlining the process and reducing the time it takes to set up new connections.
+
+### View the client library
+
+### Copy a Client
+
+### Modify client configuration
+
+For each object in a client, a base query is defined to determine which objects the client can see. For example, a client might only have access to incidents within its own support groups. Then, for each object, the attributes that the client can view are specified.
+
+In addition to attribute visibility, constant values can be predefined for specific attributes. These constant values cannot be overwritten by the client. This feature can be used to:
+
+* Provide default values for certain attributes, reducing the need for the client to supply them (e.g., a template ID).
+
+* Restrict the client from modifying specific attributes, such as the ticket priority, ensuring that only authorized users or systems can make changes.
+
+### Setup Base query
+
+### Manage fields
+
+### Manage constants
+
+## Todo
+
+* Creating and Updating Tickets
+
+* Search for Data
+
+* Creating and Reading Worklogs
+
+* Handling Attachments
+
+* Querying Assets and Configuration Items (CIs)
+
+* Creating Outbound Events
+
+* Using Scripts for advanced workflows
+
+* Understanding Script Timing
+
+* Troubleshooting and Debugging

package/docs/getting-started/introduction.md

@@ -0,0 +1,56 @@
+# Introduction to SMILEconnect REST API
+
+## Overview of SMILEconnect
+
+The primary objective of integrating SMILEconnect with BMC HELIX ITSM is to provide ITSM departments with a powerful and flexible solution for creating and managing new interfaces rapidly. This integration focuses on the following key aspects:
+
+* Streamlined Interface Creation: With SMILEconnect, ITSM teams can create new interfaces in minutes, reducing the time and effort required to establish connections between various systems and applications.
+
+* Minimal Customization: SMILEconnect integration does not require any customization of the ITSM system, allowing for seamless implementation without altering the existing setup. This approach ensures smooth operation and compatibility with future updates.
+
+* Configurable Workflows: Despite the minimal customization requirements, SMILEconnect enables ITSM departments to design and configure complex workflows that cater to their specific needs. This flexibility ensures that organizations can adapt to changing requirements and streamline their processes.
+
+* Future-proof ITSM Systems: As interfaces play a crucial role in the evolution of ITSM systems, integrating SMILEconnect with BMC HELIX ITSM helps organizations stay ahead of the curve by providing a scalable and adaptable solution for managing various interfaces.
+
+* Enhanced Collaboration: The integration of SMILEconnect facilitates better communication and collaboration between different teams and departments within the organization. By offering a unified platform for managing interfaces, SMILEconnect fosters efficient information exchange and streamlined processes.
+
+* Automatic Documentation Generation: SMILEconnect is capable of automatically generating individual documentation for each interface created. This feature ensures that interface partners can quickly and efficiently implement the interface on their end. By providing comprehensive documentation, potential misunderstandings or misconfigurations can be minimized, resulting in faster implementation and a more reliable connection between systems.
+
+By addressing these objectives, the SMILEconnect integration with BMC HELIX ITSM aims to enhance the overall efficiency and effectiveness of ITSM departments, ensuring they can meet the ever-evolving needs of their organizations.
+
+## What is a REST API?
+
+This section provides an overview of the basic concepts and principles of REST APIs to help participants understand the underlying technology used in SMILEconnect and BMC HELIX ITSM integration.
+
+### What is a REST API?
+
+REST (Representational State Transfer) is an architectural style used for designing networked applications. A REST API (Application Programming Interface) allows communication between different software systems using standard HTTP methods. It is designed to be simple, stateless, and scalable, making it a popular choice for modern web services.
+
+### HTTP Methods and Status Codes
+
+REST APIs utilize HTTP methods to interact with resources. The most common HTTP methods include:
+
+* GET: Retrieves data from a specified resource.
+* POST: Submits new data to a resource, creating a new object.
+* PUT: Updates an existing resource with new data.
+* DELETE: Removes a specified resource.
+
+HTTP status codes are three-digit numbers that indicate the outcome of an HTTP request. Some common status codes include:
+
+* 200 OK: The request was successful.
+* 201 Created: The request has created a new resource.
+* 400 Bad Request: The request was malformed or invalid.
+* 401 Unauthorized: The request requires authentication.
+* 403 Forbidden: The requester lacks permission to access the resource.
+* 404 Not Found: The requested resource could not be found.
+* 500 Internal Server Error: The server encountered an error while processing the request.
+
+### Authentication and Authorization
+
+Security is crucial for REST APIs, and SMILEconnect uses OAuth for authentication. OAuth is a standardized method that allows users to grant third-party applications limited access without sharing their credentials. In most organizations, an Identity Provider (IdP) is already in place and can be used for OAuth authentication.
+
+### API Endpoints and Resources
+
+An API endpoint is a specific address (URL) used to access and interact with resources in an API. Resources are the data objects and services that the API provides access to. In SMILEconnect, automatically provided endpoints cover ITSM objects such as Incident, Problem, Change, Work Order, Task, Assets, and Worklogs. Each endpoint is associated with a specific HTTP method to perform actions such as creating, retrieving, updating, or deleting resources.
+
+In summary, understanding the fundamentals of REST APIs helps participants effectively utilize the SMILEconnect integration with BMC HELIX ITSM. Familiarity with these concepts, including OAuth authentication and the automatically provided endpoints, ensures that participants can design, configure, and maintain interfaces, optimizing their ITSM processes and adapting to ever-changing organizational needs.

package/docs/getting-started/tips.md

@@ -0,0 +1,7 @@
+# Best Practices and Tips
+
+* API Rate Limits and Performance
+* Data Validation and Cleansing
+* Maintenance and Updating the Integration
+* Useful Resources and Links 
+* Support and Contact Information

package/docs/openapi.json

@@ -2,7 +2,7 @@
     "openapi": "3.0.2",
     "info": {
         "title": "SMILEconnect",
-        "version": "1.47.0",
+        "version": "1.63.0",
         "contact": {
             "name": "manyos technology GmbH",
             "url": "https://manyos.it",
@@ -4536,6 +4536,34 @@
                     "required": true
                 }
             ]
+        },
+        "/health": {
+            "get": {
+                "tags": [
+                    "AppConfig"
+                ],
+                "responses": {
+                    "200": {
+                        "content": {
+                            "application/json": {
+                                "schema": {
+                                    "$ref": "#/components/schemas/HealthStatus"
+                                },
+                                "examples": {
+                                    "healthResponse": {
+                                        "value": {
+                                            "status": "ok"
+                                        }
+                                    }
+                                }
+                            }
+                        },
+                        "description": "Returns ok if API is up."
+                    }
+                },
+                "summary": "Get API health status",
+                "description": "Responds with 200 if API is ready. No auth needed."
+            }
         }
     },
     "components": {
@@ -16339,6 +16367,19 @@
                         "description": ""
                     }
                 }
+            },
+            "HealthStatus": {
+                "title": "Root Type for HealthStatus",
+                "description": "",
+                "type": "object",
+                "properties": {
+                    "status": {
+                        "type": "string"
+                    }
+                },
+                "example": {
+                    "status": "ok"
+                }
             }
         },
         "responses": {

package/docs/releases.md

@@ -1,6 +1,9 @@
 # Release Notes
 
 ## API
+### 1.63.0 - 10.01.23
+Security fix for jsonwebtoken https://github.com/advisories/GHSA-27h2-hvpr-p74q
+
 ### 1.62.0 - 18.11.22
 Add Deepl Translation Adapter
 
@@ -182,6 +185,9 @@ e.g.
 */v1/incidents?impersonateUser=abc123
 
 ## Event Manager
+### 1.29.1 - 10.01.23
+Security fix for jsonwebtoken https://github.com/advisories/GHSA-27h2-hvpr-p74q
+
 ### 1.29.0 - 18.11.22
 Add Deepl Translation Adapter
 
@@ -226,6 +232,12 @@ The eventmanager will check all outbound webhooks for an event. If one fails, th
 
 ## GUI
 
+### 1.11.0 - 05.04.23
+Feat: Add REACT_APP_CLIENT_SECRET Parameter to allow confidential SSO clients
+
+### 1.10.3 - 29.03.23
+Fixed: GUI crash when customForm name contains blank.
+
 ### 1.10.2 - 30.09.22
 Fixed: openApi page is not loading.
 

package/docs/scripts.md

@@ -266,6 +266,14 @@ const myInstanceId = uid();
 requestData['Instance Id'] = myInstanceId;
 ```
 
+## customHeaders
+
+Allows custom headers in outbound events.
+
+```javascript
+customHeaders['X-API-GATEWAYUSER'] = 'gatewayuser1';
+```
+
 # Returning values
 
 Values can be returned with the function *resolve()*
@@ -311,23 +319,25 @@ This script looks up the previous assignment group if an incident is set to "ass
 //lookup Previous Assigned Support Group for Incident
 // and assign this group if status is changed to "assigned", and assignedGroup is not set.
 
+if ( globalScriptParams && globalScriptParams.id && requestData['status']=="Assigned"  && !requestData.hasOwnProperty("assignedGroup") ) {
 
-if ( requestData['id'] && requestData['status']=="Assigned"  && !requestData.hasOwnProperty("assignedGroup") ) {
-    const remedyResult = await adapter.remedy.search("HPD:Help Desk Assignment Log", `'Incident Number' = "${requestData.id}"`, "Submit Date,Assigned Support Company,Assigned Support Organization,Assigned Group,Assigned Group ID")
-
-    if (remedyResult && remedyResult.data && Array.isArray(remedyResult.data)) {
-        const data = remedyResult.data;
-        let entry = 0;
-        if (data.length > 1) {
-            entry = data.length - 2;
-        }
-
-        if (data[entry] && data[entry].hasOwnProperty("Assigned Group ID")) {
-            requestData['assignedGroup'] = data[entry]['Assigned Group ID'];
-        } else {
-            reject("could not find previous group. automatic re-ssignement failed. set assigendGroup manually")
+    const remedyOptions = {
+        limit: 1,
+        sort: {
+            "Last Date Duration Calculated": -1
         }
-
+    }
+    
+    const remedyResult = await adapter.remedy.search("HPD:Help Desk Assignment Log", `'Incident Number' = "${globalScriptParams.id}"`, "Submit Date, Assigned Support Company, Assigned Support Organization, Assigned Group, Assigned Group ID", remedyOptions);
+
+    if (remedyResult && remedyResult.data && Array.isArray(remedyResult.data) && remedyResult.data.length > 0) {
+        const prevGroupData = remedyResult.data[0];
+        requestData.assignedGroup = prevGroupData['Assigned Group ID'];
+        requestData.assignedCompany = prevGroupData['Assigned Support Company'];
+        requestData.assignedSupportOrg = prevGroupData['Assigned Support Organization'];
+        requestData.assignedGroupName = prevGroupData['Assigned Group'];
+    } else {
+        reject("could not find previous group. automatic re-ssignement failed. set assigendGroup manually")
     }
 }
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@manyos/smileconnect-api",
-  "version": "1.62.0",
+  "version": "1.63.3",
   "description": "A proxy and abstraction layer for BMCs IT Service Management Suite",
   "main": "app.js",
   "scripts": {
@@ -10,6 +10,9 @@
   },
   "author": "Robert Hannemann",
   "license": "ISC",
+  "engines": {
+    "node": ">=0.10.3"
+  },
   "dependencies": {
     "@manyos/adapter-foundation": "^1.1.2",
     "@manyos/logger": "^1.3.0",
@@ -19,7 +22,7 @@
     "cors": "^2.8.4",
     "dotenv": "^4.0.0",
     "express": "^4.17.1",
-    "express-fileupload": "^1.2.1",
+    "express-fileupload": "^1.3.1",
     "express-rate-limit": "^5.2.6",
     "express-request-id": "^1.4.1",
     "express-validator": "^6.10.1",

package/routes/ticketWorkLogRoutes.js

@@ -2,6 +2,7 @@ const path = require('path');
 const log = require('@manyos/logger').setupLog('SMILEconnect_' + path.basename(__filename));
 const {body, validationResult, oneOf} = require('express-validator/check');
 const ticketWorkLogController = require('../controller/ticketWorkLogController');
+const ticketValidationUtil = require('../util/ticketValidationUtil');
 const eventLog = require('../controller/eventLogController');
 const CONSTANTS = require('../util/constants');
 
@@ -13,6 +14,25 @@ module.exports = (function() {
         return `${location}[${param}]: ${msg}`;
     };
 
+    ticketWorkLogRoutes.use(async function (req, res, next) {
+        const id = req.parentId;
+        log.debug('Check Ticket Access and Id');
+
+        const ticket = await ticketValidationUtil.checkTicket(req.ticketConfig, id, req.globalScriptParams);
+        log.error(ticket);
+
+        if (ticket && ticket.data) {
+            if (ticket.data.id) {
+                req.parentId = ticket.data.id;
+            }
+            log.error(ticket.data.id);
+            next();
+        } else {
+            req.errorStatus = 404;
+            next(`Ticket ${id} does not exist`);
+        }
+    });
+
     ticketWorkLogRoutes.get('/', function (req, res, next) {
             const id = req.parentId;
             eventLog.setEventData(

package/util/config.js

@@ -284,6 +284,15 @@ function checkClientConfig(client) {
             clientConfig[clientKey] = clientConfigItemTemplate;
         }
     });
+
+    if (!clientConfig.options) {
+        clientConfig.options = {};
+    }
+
+    if (clientConfig.options.translateSelectionFields === undefined) {
+        clientConfig.options.translateSelectionFields = true;
+    }
+
     client.config = clientConfig;
     //save
     setClient(client.name, client);

package/util/responsehandler.js

@@ -72,6 +72,19 @@ function eventQueueHandler(req, res, next) {
     //write to eventQueue if provided
     if (req.eventData) {
         const eventData = req.eventData;
+        if (process.env.LOG_REQUEST && (process.env.LOG_REQUEST === true || process.env.LOG_REQUEST.toLowerCase() === 'true')) {
+            if (!eventData.jsonData) {
+                eventData.jsonData = {};
+            }
+            eventData.jsonData['req'] = {
+                headers: req.headers,
+                body: req.body
+            }
+            // remove auth header
+            if (eventData.jsonData.req && eventData.jsonData.req.headers && eventData.jsonData.req.headers.authorization) {
+                eventData.jsonData.req.headers.authorization = '*** REMOVED ***';
+            }
+        }
         eventLog.createSuccessLog(
             req.id,
             req.user.config.clientId,

package/util/ticketValidationUtil.js

@@ -0,0 +1,36 @@
+const path = require('path');
+const ticketController = require("../controller/ticketController");
+const log = require('@manyos/logger').setupLog('SMILEconnect_' + path.basename(__filename));
+
+
+async function checkTicket(ticketConfig, id, globalScriptParams) {
+    const myClientConfig = {};
+    const fields = [];
+    const myMapping = [];
+    const requestType = ticketConfig.requestType;
+    if (requestType === 'incident') {
+        fields.push('Incident Number');
+        myMapping.push({"oldName":'Incident Number', "newName" :  "id"});
+    } else if (requestType === 'change') {
+        fields.push('Infrastructure Change ID');
+        myMapping.push({"oldName":'Infrastructure Change ID', "newName" :  "id"});
+    } else if (requestType === 'problem') {
+        fields.push('Problem Investigation ID');
+        myMapping.push({"oldName":'Problem Investigation ID', "newName" :  "id"});
+    } else if (requestType === 'workOrder') {
+        fields.push('Work Order ID');
+        myMapping.push({"oldName":'Work Order ID', "newName" :  "id"});
+    }
+
+    //An dieser Stelle könnte auch die Basequery vom User verwendet werden. Dann gibt es nur noch Zugriff auf Tickets die der User auch sieht. Am besten per Config steuern.
+
+    myClientConfig[ticketConfig.requestType] = {
+        baseQuery: '1=1',
+        fields
+    };
+    return await ticketController.getTicket(ticketConfig, myClientConfig, id, myMapping, undefined, globalScriptParams);
+};
+
+module.exports = {
+    checkTicket
+};