Merge branch 'ServiceNowDevProgram:main' into main

Author: prashantmrshine

Integration/Mail Scripts/Redact PII from outbound email body/README.md

@@ -0,0 +1,22 @@
+# Redact PII from outbound email body
+
+## What this solves
+Notifications sometimes leak personal data into emails. This mail script replaces common identifiers in the email body with redacted tokens before send.
+
+## Where to use
+Notification or Email Script record, Advanced view, "Mail script" field. Invoke the function to get a safe body string and print it.
+
+## How it works
+- Applies regex patterns to the email text for emails, phone numbers, IP addresses, NI number style patterns, and 16-digit card-like numbers
+- Replaces matches with descriptive placeholders
+- Leaves HTML tags intact by operating on the plain text portion you pass in
+
+## Configure
+- Extend or tighten patterns for your organisation
+- Toggle specific scrubs on or off in the config block
+
+## References
+- Email Scripts  
+  https://www.servicenow.com/docs/bundle/zurich-platform-administration/page/administer/notification/reference/email-scripts.html
+- Notifications  
+  https://www.servicenow.com/docs/bundle/zurich-platform-administration/page/administer/notification/concept/c_EmailNotifications.html

Integration/Mail Scripts/Redact PII from outbound email body/mail_redact_pii.js

@@ -0,0 +1,54 @@
+// Mail Script: Redact PII from outbound email body
+// Usage inside a Notification (Advanced view):
+//   var safe = redactPii(current.short_description + '\n\n' + current.description);
+//   template.print(safe);
+
+(function() {
+  function redactPii(text) {
+    if (!text) return '';
+
+    // Config: toggle specific redactions
+    var cfg = {
+      email: true,
+      phone: true,
+      ip: true,
+      niNumber: true,
+      card16: true
+    };
+
+    var out = String(text);
+
+    // Email addresses
+    if (cfg.email) {
+      out = out.replace(/\b[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,}\b/gi, '[redacted email]');
+    }
+
+    // Phone numbers (UK leaning, permissive, 7+ digits ignoring separators)
+    if (cfg.phone) {
+      out = out.replace(/\b(?:\+?\d{1,3}[\s-]?)?(?:\(?\d{3,5}\)?[\s-]?)?\d{3,4}[\s-]?\d{3,4}\b/g, '[redacted phone]');
+    }
+
+    // IPv4 addresses
+    if (cfg.ip) {
+      out = out.replace(/\b(?:(?:25[0-5]|2[0-4]\d|1?\d?\d)\.){3}(?:25[0-5]|2[0-4]\d|1?\d?\d)\b/g, '[redacted ip]');
+    }
+
+    // National Insurance number style (AA 00 00 00 A) simplified - UK Specific
+    if (cfg.niNumber) {
+      out = out.replace(/\b([A-CEGHJ-PR-TW-Z]{2}\s*\d{2}\s*\d{2}\s*\d{2}\s*[A-D])\b/gi, '[redacted ni]');
+    }
+
+    // 16 consecutive digits that look like a card (permit separators)
+    if (cfg.card16) {
+      out = out.replace(/\b(?:\d[ -]?){13,19}\b/g, function(match) {
+        var digits = match.replace(/[ -]/g, '');
+        return digits.length >= 13 && digits.length <= 19 ? '[redacted card]' : match;
+      });
+    }
+
+    return out;
+  }
+
+  // Expose function to the mail template scope
+  this.redactPii = redactPii;
+}).call(this);

Integration/Scripted REST Api/MID Server status JSON endpoint/README.md

@@ -0,0 +1,26 @@
+# MID Server status JSON endpoint
+
+## What this solves
+Operations teams often need a quick machine-readable view of MID Server health for dashboards and monitors. This Scripted REST API returns a compact JSON array of MID Servers with their status, last update time, and a simple "stale" flag if the record has not changed recently.
+
+## Where to use
+Create a Scripted REST API with a single Resource and paste this script as the Resource Script. Call it from monitoring tools, dashboards, or widgets.
+
+## How it works
+- Queries `ecc_agent` for active MID Servers
+- Returns `name`, `status`, `sys_id`, `sys_updated_on`, and a computed `stale` boolean based on a configurable `minutes_stale` query parameter (default 15)
+- Uses `gs.dateDiff` to compute minutes since last update
+
+## Configure
+- Pass `minutes_stale` as a query parameter to override the default, for example `...?minutes_stale=30`
+- Extend the payload as needed (for example add `version`, `ip_address`) if available in your instance
+
+## References
+- Scripted REST APIs  
+  https://www.servicenow.com/docs/bundle/zurich-application-development/page/build/applications/task/create-scripted-rest-api.html
+- MID Server overview  
+  https://www.servicenow.com/docs/bundle/zurich-servicenow-platform/page/product/mid-server/concept/c_MIDServer.html
+- GlideRecord API  
+  https://www.servicenow.com/docs/bundle/zurich-api-reference/page/app-store/dev_portal/API_reference/GlideRecord/concept/c_GlideRecordAPI.html
+- GlideDateTime and dateDiff  
+  https://www.servicenow.com/docs/bundle/zurich-api-reference/page/app-store/dev_portal/API_reference/GlideDateTime/concept/c_GlideDateTimeAPI.html

Integration/Scripted REST Api/MID Server status JSON endpoint/mid_server_status_api.js

@@ -0,0 +1,44 @@
+// Scripted REST API Resource Script: MID Server status JSON endpoint
+// Method: GET
+// Path: /mid/status
+
+(function process(/*RESTAPIRequest*/ request, /*RESTAPIResponse*/ response) {
+  try {
+    // Configurable staleness threshold in minutes via query param
+    var q = request.queryParams || {};
+    var minutesStale = parseInt((q.minutes_stale && q.minutes_stale[0]) || '15', 10);
+    if (!isFinite(minutesStale) || minutesStale <= 0) minutesStale = 15;
+
+    var now = new GlideDateTime();
+
+    var out = [];
+    var gr = new GlideRecord('ecc_agent'); // MID Server table
+    gr.addActiveQuery();
+    gr.orderBy('name');
+    gr.query();
+
+    while (gr.next()) {
+      var updated = String(gr.getValue('sys_updated_on') || '');
+      var minutesSince = 0;
+      if (updated) {
+        // gs.dateDiff returns seconds when third arg is true
+        minutesSince = Math.floor(gs.dateDiff(updated, now.getValue(), true) / 60);
+      }
+
+      out.push({
+        sys_id: gr.getUniqueValue(),
+        name: gr.getDisplayValue('name') || gr.getValue('name'),
+        status: gr.getDisplayValue('status') || gr.getValue('status'), // Up, Down, etc.
+        sys_updated_on: gr.getDisplayValue('sys_updated_on'),
+        minutes_since_update: minutesSince,
+        stale: minutesSince >= minutesStale
+      });
+    }
+
+    response.setStatus(200);
+    response.setBody(out);
+  } catch (e) {
+    response.setStatus(500);
+    response.setBody({ error: String(e) });
+  }
+})(request, response);

Modern Development/Service Portal Widgets/Open in Platform/README.md

@@ -1,6 +1,19 @@
 **This is an enhancement to the current code**
-1. Added "open in SOW" Button to open the record in service operations workspace, since it is gaining popularity now.
+1. Added "open in Workspace" Button to open the record in workspace(defined in option schema), since it is gaining popularity now.
 2. Enhanced the visibility condition so that the button is only visible on pages having sys_id and table in url.
 3. Enhanced css to improve visibility of button.
+4. This button wll look for the table to workspace mapping (in option schema) and create the URL to open record in respective workspace. If now mapping is found, the record is opened in SOW workspace(default).
+5. The button name has been changed to generic title "Open In Workspace"
 
-Widget will create a button that will only be visable to users with the itil role that will take them to the same record in platform. will work with the form and standard ticket pages (or anywhere with the table and sysId in the url.
+**Sample**
+{
+"name":"define_workspace",
+"type":"json",
+"label":"Define Table Workspace JSON Mapping",
+"value":{
+  "sn_grc_issue":"risk/privacy", // will open issue records in RISK workspace
+  "sn_si_incident":"sir" // will open security incidents in SIR workspace.
+}
+}
+
+Widget will create a button that will only be visible to users with the itil role that will take them to the same record in platform. will work with the form and standard ticket pages (or anywhere with the table and sysId in the url.

Modern Development/Service Portal Widgets/Open in Platform/body.html

@@ -1,6 +1,6 @@
 <div>
   <span class="btn-cntr" ng-if="::data.role==true">
     <a href="{{::data.platform_url}}" target='_blank'class='btn btn-default'>{{::options.open_in_platform}}</a><br> <!--Platform button configuration-->
-    <a href="{{::data.sow_url}}" target='_blank'class='btn btn-default'>{{::options.open_in_sow}}</a>  <!--SOW button configuration-->
+    <a href="{{::data.workspace_url}}" target='_blank'class='btn btn-default'>{{::options.open_in_workspace}}</a>  <!--Workspace button-->
   </span>
 </div>

Modern Development/Service Portal Widgets/Open in Platform/option schema.js

@@ -6,9 +6,18 @@
 "default_value":"Open in Platform"
 },
 {
-"name":"open_in_sow",
+"name":"open_in_workspace",
 "type":"string",
-"label":"Name for SOW Button",
-"default_value":"Open in SOW"
+"label":"Name for Workspace Button",
+"default_value":"Open In workspace"
+},
+{
+"name":"define_workspace",
+"type":"json",
+"label":"Define Table Workspace JSON Mapping",
+"value":{
+  "sn_grc_issue":"risk/privacy",
+  "sn_si_incident":"sir"
+}
 }
 ]

Modern Development/Service Portal Widgets/Open in Platform/server.js

@@ -1,13 +1,19 @@
 (function() {
     /*
-    Code will get table and sys_id parameter from url and create url for platform and sow.
+    Code will get table and sys_id parameter from url and create url for platform and workspace(defined in option schema).
     This widget can be used in any page having sys_id and table in url , eg: ticket page.
     */
-    data.table = input.table || $sp.getParameter("table"); // get table from url
-    data.sys_id = input.sys_id || $sp.getParameter("sys_id"); // get sys_id from url
+    data.table = $sp.getParameter("table"); // get table from url
+    data.sys_id = $sp.getParameter("sys_id"); // get sys_id from url
 
+    var tableWorkspaceMapping = JSON.parse(options.define_workspace); // get the table to workspace mapping from instance options.
+    Object.keys(tableWorkspaceMapping).forEach(function(key) {
+        if (key == data.table)
+            data.workspace_url = "now/" + tableWorkspaceMapping[key] + "/record/" + data.table + "/" + data.sys_id; // if table to workspce mapping is found, the create workspace URL.
+        else
+            data.workspace_url = "now/sow/record/" + data.table + "/" + data.sys_id; // open in SOW
+    });
     data.platform_url = "/nav_to.do?uri=" + data.table + ".do?sys_id=" + data.sys_id;
-    data.sow_url = "now/sow/record/" + data.table + "/" + data.sys_id;
 
     data.role = false;
     if (gs.hasRole("itil") && data.table && data.sys_id) { // only visible to users with itil role and if url has required parameters.

Modern Development/Service Portal Widgets/Signature Pad Widget/Client Controller.js

@@ -0,0 +1,80 @@
+api.controller = function($scope) {
+    var c = this;
+    var canvas, ctx;
+    var drawing = false;
+    var lastPos = { x: 0, y: 0 };
+
+    // Initialize after DOM is ready
+    c.$onInit = function() {
+        setTimeout(function() {
+            canvas = document.getElementById('signature-pad');
+            if (!canvas) return;
+
+            // Get 2D drawing context
+            ctx = canvas.getContext('2d');
+            ctx.lineWidth = 2;
+            ctx.strokeStyle = '#000';
+
+            // Mouse event listeners
+            canvas.addEventListener('mousedown', startDraw);
+            canvas.addEventListener('mousemove', draw);
+            canvas.addEventListener('mouseup', endDraw);
+
+            // Touch event listeners (for mobile/tablet)
+            canvas.addEventListener('touchstart', startDraw);
+            canvas.addEventListener('touchmove', draw);
+            canvas.addEventListener('touchend', endDraw);
+        }, 200);
+    };
+
+    // Get drawing position based on mouse or touch input
+    function getPosition(event) {
+        var rect = canvas.getBoundingClientRect();
+        if (event.touches && event.touches[0]) {
+            return {
+                x: event.touches[0].clientX - rect.left,
+                y: event.touches[0].clientY - rect.top
+            };
+        }
+        return {
+            x: event.clientX - rect.left,
+            y: event.clientY - rect.top
+        };
+    }
+
+    // Start drawing when mouse/touch pressed
+    function startDraw(e) {
+        drawing = true;
+        lastPos = getPosition(e);
+    }
+
+    // Draw line on canvas while dragging
+    function draw(e) {
+        if (!drawing) return;
+        e.preventDefault(); // Prevent page scrolling on touch
+        var pos = getPosition(e);
+        ctx.beginPath();
+        ctx.moveTo(lastPos.x, lastPos.y);
+        ctx.lineTo(pos.x, pos.y);
+        ctx.stroke();
+        lastPos = pos;
+    }
+
+    // Stop drawing when mouse/touch released
+    function endDraw() {
+        drawing = false;
+    }
+
+    // Clear the canvas
+    c.clearSignature = function() {
+        if (ctx) ctx.clearRect(0, 0, canvas.width, canvas.height);
+        drawing = false;
+    };
+
+    // Convert signature to base64 image and attach
+    c.attachSignature = function() {
+        if (!ctx) return alert("Canvas not initialized.");
+        var data = canvas.toDataURL('image/png'); // Get base64 encoded image
+        alert("Signature captured successfully. It will be attached after submission.\n\n" + data);
+    };
+};

Modern Development/Service Portal Widgets/Signature Pad Widget/HTML File.html

@@ -0,0 +1,12 @@
+<div class="text-center">
+  <!-- Canvas area for drawing signature -->
+  <canvas id="signature-pad" width="400" height="200"
+          style="border:1px solid #ccc; border-radius:8px; cursor:crosshair; touch-action:none;">
+  </canvas>
+
+  <!-- Action buttons -->
+  <div class="mt-3">
+    <button class="btn btn-primary" ng-click="c.clearSignature()">Clear</button>
+    <button class="btn btn-success" ng-click="c.attachSignature()">Attach Signature</button>
+  </div>
+</div>