Merge branch 'master' into Active_approval_user

SapphicFire · web-flow · commit 766c68164c66 · 2024-11-01T17:42:53.000+10:00
diff --git a/README.md b/README.md
@@ -11,10 +11,20 @@ Open-Sourced community contributed and owned repository for Instance Scan Defini
 # Checks in this repository
 
 ## Category: Manageability
-###Inactive user check : Approvals
+
+### Inactive user check: Approvals
 Check any approvals waiting in inactive users queue
 
-###Avoid gs.log()Statement
+### Inactive user check: Catalog task Assigned To
+Check any Catalog Tasks Assigned to Inactive user
+
+### Check any assets assigned to inactive user
+Check if any asset is assigned to inactive users.
+
+### Inactive User Check: Catalog Item
+We should ensure that inactive users are removed from being assigned as Catalog item owners.
+
+### Avoid gs.log()Statement
 Use Logging Levels: Instead of gs.log(), consider using more appropriate logging levels, such as:
 gs.info() for informative messages.
 gs.warn() for warnings that don’t break functionality but may need attention.
@@ -270,7 +280,8 @@ Select the check box to ignore flushing some server-side caches, thus flushing o
 Avoid using gs.sleep() in any script because it does not release session and will cause delays, and add logs to the script whenever gs.sleep() has to be used.
 
 ## Category: Security
-##Check Mandatory fields on incident
+
+### Check Mandatory fields on incident
 This check is used to find mandatory fields on incident
 
 ### Avoid using setBasicAuth for REST messages
@@ -339,7 +350,7 @@ Scripts in ACLs ARE executed regardless of whether or not the Advanced checked b
 ### Added a Number Prefix which already exists
 Creating new number records does not require uniqueness. Though having duplicate number records causes some ServiceNow core functionality not to behave as expected. For example, the search might return a record from another table the number prefix is also used on.
 
-## List Inactive users from active group 
+### List Inactive users from active group 
 List inactive users that still belongs to activate groups
 
 ### HTTP connection records not excluded on clones from Prod
diff --git a/ca8467c41b9abc10ce0f62c3b24bcbaa/update/scan_table_check_589b8c9283251210a765fecfeeaad37a.xml b/ca8467c41b9abc10ce0f62c3b24bcbaa/update/scan_table_check_589b8c9283251210a765fecfeeaad37a.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="UTF-8"?><record_update table="scan_table_check">
+    <scan_table_check action="INSERT_OR_UPDATE">
+        <active>true</active>
+        <advanced>false</advanced>
+        <category>manageability</category>
+        <conditions table="sc_task">assigned_to.active=false^EQ<item endquery="false" field="assigned_to.active" goto="false" newquery="false" operator="=" or="false" value="false"/>
+            <item endquery="true" field="" goto="false" newquery="false" operator="=" or="false" value=""/>
+        </conditions>
+        <description>Check any Catalog Tasks Assigned to Inactive user</description>
+        <documentation_url/>
+        <finding_type>scan_finding</finding_type>
+        <name>Inactive user : Cat task Assignment</name>
+        <priority>2</priority>
+        <resolution_details/>
+        <run_condition/>
+        <score_max>100</score_max>
+        <score_min>0</score_min>
+        <score_scale>1</score_scale>
+        <script><![CDATA[(function (engine) {
+
+    // Add your code here
+
+})(engine);]]></script>
+        <short_description>Check any Catalog Tasks Assigned to Inactive user</short_description>
+        <sys_class_name>scan_table_check</sys_class_name>
+        <sys_created_by>admin</sys_created_by>
+        <sys_created_on>2024-10-31 14:50:50</sys_created_on>
+        <sys_id>589b8c9283251210a765fecfeeaad37a</sys_id>
+        <sys_mod_count>0</sys_mod_count>
+        <sys_name>Inactive user : Cat task Assignment</sys_name>
+        <sys_package display_value="Example Instance Checks" source="x_appe_exa_checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_package>
+        <sys_policy/>
+        <sys_scope display_value="Example Instance Checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_scope>
+        <sys_update_name>scan_table_check_589b8c9283251210a765fecfeeaad37a</sys_update_name>
+        <sys_updated_by>admin</sys_updated_by>
+        <sys_updated_on>2024-10-31 14:50:50</sys_updated_on>
+        <table>sc_task</table>
+        <use_manifest>false</use_manifest>
+    </scan_table_check>
+    <sys_translated_text action="delete_multiple" query="documentkey=589b8c9283251210a765fecfeeaad37a"/>
+</record_update>
diff --git a/ca8467c41b9abc10ce0f62c3b24bcbaa/update/scan_table_check_a1544896c3211210d419de1d050131e8.xml b/ca8467c41b9abc10ce0f62c3b24bcbaa/update/scan_table_check_a1544896c3211210d419de1d050131e8.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="UTF-8"?><record_update table="scan_table_check">
+    <scan_table_check action="INSERT_OR_UPDATE">
+        <active>true</active>
+        <advanced>false</advanced>
+        <category>manageability</category>
+        <conditions table="alm_asset">assigned_to.active=false^EQ<item endquery="false" field="assigned_to.active" goto="false" newquery="false" operator="=" or="false" value="false"/>
+            <item endquery="true" field="" goto="false" newquery="false" operator="=" or="false" value=""/>
+        </conditions>
+        <description>Check any asset is assigned to inactive users.</description>
+        <documentation_url/>
+        <finding_type>scan_finding</finding_type>
+        <name>Inactive User check : Asset assigned to</name>
+        <priority>2</priority>
+        <resolution_details/>
+        <run_condition/>
+        <score_max>100</score_max>
+        <score_min>0</score_min>
+        <score_scale>1</score_scale>
+        <script><![CDATA[(function (engine) {
+
+    // Add your code here
+
+})(engine);]]></script>
+        <short_description>Check Asset is assigned to inactive user</short_description>
+        <sys_class_name>scan_table_check</sys_class_name>
+        <sys_created_by>admin</sys_created_by>
+        <sys_created_on>2024-10-31 14:22:55</sys_created_on>
+        <sys_id>a1544896c3211210d419de1d050131e8</sys_id>
+        <sys_mod_count>0</sys_mod_count>
+        <sys_name>Inactive User check : Asset assigned to</sys_name>
+        <sys_package display_value="Example Instance Checks" source="x_appe_exa_checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_package>
+        <sys_policy/>
+        <sys_scope display_value="Example Instance Checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_scope>
+        <sys_update_name>scan_table_check_a1544896c3211210d419de1d050131e8</sys_update_name>
+        <sys_updated_by>admin</sys_updated_by>
+        <sys_updated_on>2024-10-31 14:22:55</sys_updated_on>
+        <table>alm_asset</table>
+        <use_manifest>false</use_manifest>
+    </scan_table_check>
+    <sys_translated_text action="delete_multiple" query="documentkey=a1544896c3211210d419de1d050131e8"/>
+</record_update>
diff --git a/ca8467c41b9abc10ce0f62c3b24bcbaa/update/scan_table_check_dcd18896c3211210d419de1d05013128.xml b/ca8467c41b9abc10ce0f62c3b24bcbaa/update/scan_table_check_dcd18896c3211210d419de1d05013128.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="UTF-8"?><record_update table="scan_table_check">
+    <scan_table_check action="INSERT_OR_UPDATE">
+        <active>true</active>
+        <advanced>false</advanced>
+        <category>manageability</category>
+        <conditions table="sc_cat_item">owner.active=true^EQ<item endquery="false" field="owner.active" goto="false" newquery="false" operator="=" or="false" value="true"/>
+            <item endquery="true" field="" goto="false" newquery="false" operator="=" or="false" value=""/>
+        </conditions>
+        <description>We should ensure that inactive users are removed from being assigned as Catalog item owners.</description>
+        <documentation_url/>
+        <finding_type>scan_finding</finding_type>
+        <name>Inactive user check : Catalog Item</name>
+        <priority>2</priority>
+        <resolution_details/>
+        <run_condition/>
+        <score_max>100</score_max>
+        <score_min>0</score_min>
+        <score_scale>1</score_scale>
+        <script><![CDATA[(function (engine) {
+
+    // Add your code here
+
+})(engine);]]></script>
+        <short_description>Check Catalog Item owner is Active user </short_description>
+        <sys_class_name>scan_table_check</sys_class_name>
+        <sys_created_by>admin</sys_created_by>
+        <sys_created_on>2024-10-31 14:09:55</sys_created_on>
+        <sys_id>dcd18896c3211210d419de1d05013128</sys_id>
+        <sys_mod_count>0</sys_mod_count>
+        <sys_name>Inactive user check : Catalog Item</sys_name>
+        <sys_package display_value="Example Instance Checks" source="x_appe_exa_checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_package>
+        <sys_policy/>
+        <sys_scope display_value="Example Instance Checks">ca8467c41b9abc10ce0f62c3b24bcbaa</sys_scope>
+        <sys_update_name>scan_table_check_dcd18896c3211210d419de1d05013128</sys_update_name>
+        <sys_updated_by>admin</sys_updated_by>
+        <sys_updated_on>2024-10-31 14:09:55</sys_updated_on>
+        <table>sc_cat_item</table>
+        <use_manifest>false</use_manifest>
+    </scan_table_check>
+    <sys_translated_text action="delete_multiple" query="documentkey=dcd18896c3211210d419de1d05013128"/>
+</record_update>
