Secure and protect a processor

You can protect your processor against unauthorized use by using role restrictions, and protect it by requiring a CSRF token.

About this task

You can re-use a table's user role restrictions to protect it from access by your processor. This protection method assumes the processor will access table data.

Procedure

  1. Create or select a user role that has access to the table the processor script calls.
  2. Navigate to System Definition > Processors.
  3. In Script, add the following code block.
    var gr = new GlideRecord('your_table_name');
    // canRead() compares the table’s ACL to the user making this request, and returns true if the logged-in user has read access to this table
    if(gr.canRead())  
    { 
      // Perform table query here  
      g_processor.writeOutput('Success!'); 
    } else { 
      g_processor.writeOutput('You do not have permission to read table your_table_name'); 
    }
  4. Update the code block to use other access restrictions as needed.

    Available access functions include:

    • canCreate()
    • canRead()
    • canWrite()
    • canDelete()
  5. Click Update.

Protect a processor with a CSRF token

You can protect a processor by requiring a CSRF token.

About this task

Script type processors can require a CSRF token check before the processor runs.

Procedure

  1. Navigate to System Definition > Processors.
  2. Open a processor record.
  3. Select the CSRF protect option.
  4. Click Update.