Clone - Cleanup Scripts to give admin role to a group after clone on target instances
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-21-2024 12:49 PM
Hi Everyone,
We have a Group "Group Dev Admin" with users added. We what to give this group admin role on target instances(Dev /UAT) after the clone.
Put the following code in post clone script.
- Labels:
-
Architect
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-22-2024 03:44 AM
Hi, May you can use 'Background script' once clone is completed. You can run your code in background script and enable the privilege for your required group.
Suresh.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-22-2024 12:42 PM - edited 10-22-2024 12:53 PM
TLDR: assign the admin role to a group manually and then let it not be cloned over ever again (point 3)...
- First option is to grant the roles by script.
Perhaps a fix script or scheduled job would be better in terms of maintenance of the code to the future than a background script, both of these scripts can be executed manually on demand. - Or you can have the group in the Source environment (PROD) and import it via XML after the clone is done (filter and export the desired data in following tables: Group [sys_user_group], Group Roles [sys_group_has_role], and Group Members [sys_user_grmember]).
- Another option is to make exception from being cloned over - there are two options Exclude tables [clone_data_exclude] (you will select tables that will not be cloned from the source env), and/or the Data Preserves [clone_data_preserver] where you can select a table, give it soem conditions and these particular set of data will remain untouched...
/* If my response wasn’t a total disaster ↙️ ⭐ drop a Kudos or Accept as Solution ✅ ↘️ Cheers! */
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-22-2024 04:50 PM
I do not think the roles in sys_group_has_role are cascaded to users unless a UI update triggers the business rules(Role inheritance)
It would be good if you could read the users in the group and update the admin to individual users on sys_user_has_role, which should solve the issue.
Also, please ensure the admin sys_user_role sys_id is the same across all instances.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-23-2024 07:45 AM
can we create a flow to add the roles to the users list and call that in cleanup script?