Secure and protect a processor You can protect your processor against unauthorized use by using role restrictions, and protect it by requiring a CSRF token. About this task You can re-use a table's user role restrictions to protect it from access by your processor. This protection method assumes the processor will access table data. Procedure Create or select a user role that has access to the table the processor script calls. Navigate to System Definition > Processors. In Script, add the following code block. var gr = new GlideRecord('your_table_name'); // canRead() compares the table’s ACL to the user making this request, and returns true if the logged-in user has read access to this table if(gr.canRead()) { // Perform table query here g_processor.writeOutput('Success!'); } else { g_processor.writeOutput('You do not have permission to read table your_table_name'); } Update the code block to use other access restrictions as needed. Available access functions include: canCreate() canRead() canWrite() canDelete() Click Update. Protect a processor with a CSRF token You can protect a processor by requiring a CSRF token. About this task Script type processors can require a CSRF token check before the processor runs. Procedure Navigate to System Definition > Processors. Open a processor record. Select the CSRF protect option. Click Update.
Secure and protect a processor You can protect your processor against unauthorized use by using role restrictions, and protect it by requiring a CSRF token. About this task You can re-use a table's user role restrictions to protect it from access by your processor. This protection method assumes the processor will access table data. Procedure Create or select a user role that has access to the table the processor script calls. Navigate to System Definition > Processors. In Script, add the following code block. var gr = new GlideRecord('your_table_name'); // canRead() compares the table’s ACL to the user making this request, and returns true if the logged-in user has read access to this table if(gr.canRead()) { // Perform table query here g_processor.writeOutput('Success!'); } else { g_processor.writeOutput('You do not have permission to read table your_table_name'); } Update the code block to use other access restrictions as needed. Available access functions include: canCreate() canRead() canWrite() canDelete() Click Update. Protect a processor with a CSRF token You can protect a processor by requiring a CSRF token. About this task Script type processors can require a CSRF token check before the processor runs. Procedure Navigate to System Definition > Processors. Open a processor record. Select the CSRF protect option. Click Update.
Secure and protect a processor You can protect your processor against unauthorized use by using role restrictions, and protect it by requiring a CSRF token. About this task You can re-use a table's user role restrictions to protect it from access by your processor. This protection method assumes the processor will access table data. Procedure Create or select a user role that has access to the table the processor script calls. Navigate to System Definition > Processors. In Script, add the following code block. var gr = new GlideRecord('your_table_name'); // canRead() compares the table’s ACL to the user making this request, and returns true if the logged-in user has read access to this table if(gr.canRead()) { // Perform table query here g_processor.writeOutput('Success!'); } else { g_processor.writeOutput('You do not have permission to read table your_table_name'); } Update the code block to use other access restrictions as needed. Available access functions include: canCreate() canRead() canWrite() canDelete() Click Update. Protect a processor with a CSRF token You can protect a processor by requiring a CSRF token. About this task Script type processors can require a CSRF token check before the processor runs. Procedure Navigate to System Definition > Processors. Open a processor record. Select the CSRF protect option. Click Update.
Protect a processor with a CSRF token You can protect a processor by requiring a CSRF token. About this task Script type processors can require a CSRF token check before the processor runs. Procedure Navigate to System Definition > Processors. Open a processor record. Select the CSRF protect option. Click Update.
