Process Definition script include

The Process Definition script include provides methods for defining a process definition.

Implement the constants, attributes, arrays, and method calls described here to customize a process definition script include.

Where to use

Use this script include to create a process definition.

Script include body

The script include body is composed of three sections:
  • Constants: initial state definitions
  • Security Incident and Response Task: process definition arrays
  • Method calls: retrieving information

Constants

Constants are used to define the initial states of security incidents and response tasks.

The use of constants is optional but encouraged for readability. For example:
INITIAL_INCIDENT_STATE: 10,
INITIAL_TASK_STATE: 1,

Which are later used by the following methods:

getInitialIncidentState: function() {
return this.INITIAL_INCIDENT_STATE;
},
getInitialTaskState: function() {
return this.INITIAL_TASK_STATE;
},

The next set of constants defines the states for both security incidents and response tasks.

Each array also contains the definition of which states are available when the incident or task is in a specific state.

For example:
TASK_STATES: [{state:1, label:"Draft", choice:[1, 10]},
 {state:10, label:"Ready", choice:[10, 16]},
 {state:16, label:"Assigned", choice:[16, 18]},
 {state:18, label:"Work in Progress", choice:[18, 3]},
 {state:3, label:"Close Complete", choice:[]},
 {state:7, label:"Cancelled", choice:[]},
 ],

The example is an array of objects. Each object defines a state and possible transition states.

The order of the state's object determines the desired order for the flow.

When the task is in the 'Draft' state (value 1), possible states are: 1 (Draft, which is no change) and 10 (Ready, the next step in the process).

There is no limit on the number of transitions out of a state. The 'Close Complete' and 'Canceled' state are final states and therefore have no possible state transitions.

The order of the attributes in the object is not important. If it makes the definition clearer, put the label first.

Attributes

Required attributes in a state definition object are:
  • state: numerical value of the state
  • label: human readable text associated with the state
  • choice: an array of state values the state can transition to (determines the content of the state dropdown)
Optional attributes are:
  • mandatory: list of field IDs that become mandatory in this state
  • readonly: list of field IDs that become read-only in this state
  • visible: list of field IDs that become visible in this state
  • notmandatory: list of field IDs that become non-mandatory in this state
  • notvisible: list of field IDs that would no longer be visible in this state
Note:

If optional attributes are used, it is the author's responsibility to ensure that fields are made visible/invisible, mandatory/non-mandatory, visible/hidden or readonly appropriately between states.

For example, hiding a field in one state does not make it visible in another state later unless the 'visible' attribute is used.

Process flow definition arrays

To define the information displayed in the process flow formatter (the bar at the top of the Security Incident and Response task forms), the system requires information on what to display for each state.

For example:
TASK_PF: [{label:"Draft", condition:"state=1^EQ", description:"<p>Security Incident Response Task is in draft</p>"},
 {label:"Ready", condition:"state=10^EQ", description:"<p>Security Incident Response Task is ready to be assigned</p>"},
 {label:"Assigned", condition:"state=16^EQ", description:"<p>Security Incident Response Task is assigned</p>"},
 {label:"Work in Progress", condition:"state=18^EQ", description:"<p>Work has started on this Security Incident Response Task</p>"},
 {label:"Closed", condition:"state=3^ORstate=4^ORstate=7^EQ", description:"<p>Security Incident Response Task is complete</p>"},
],

The TASK_PF array is a collection of labels, conditions, and descriptions used to determine the text displayed in the process formatter bar (including order and activity).

In the example, the text 'Ready' is the second item displayed. It ishighlighted when the task satisfied the condition 'state=10^EQ'.

When the pointer hovers over the text, the description 'Security Incident Response Task is ready to be assigned' is displayed.

Note:

States can be combined to a single formatter state.

In the example, both the 'Close Complete' and the 'Canceled' states show up as 'Closed' in the top bar.

Method calls

The following methods must be present in the script include as they are used by sn_si.ProcessDefinition:
Return type Method summary Description
String getInitialIncidentState: function() return the initial incident state numerical value
String getInitialTaskState: function(): return the initial task state numerical value
Array of string getIncidentStates: function(): return the incident state's array
Array of atring getTaskStates: function(): return the task state's array
Array of objects getIncidentProcessFlows: function(): return the incident process flow definition array
Array of objects getTaskProcessFlows: function(): return the task process flow definition array

The next set of methods are called whenever an incident or a task is updated and allows actions to be taken on specific change transitions.

Return type Method summary Description
void performIncidentStateChange: function(current, previous) In the examples, this method is used to set SM-related values and ensure that an incident advances out of 'Draft' once someone is assigned to it.
void performTaskStateChange: function(current, previous) In the example, this method is used to update timestamps (on assignment and closing) and advance the task from 'Ready' to 'Assigned' once the assigned_to field is filled.
The same actions performed by these two methods can be accomplished using a business rule. By defining them in the script include, switching process definitions is made easier.