AnveshKumar M
Tera Sage
Options
- Post History
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
on â09-29-2023 02:37 AM
Motivated by most commonly asked questions in community, I thought of creating a Script Include which can address the most common needs for any Developer like checking whether the user has a role / any one of the roles specified / all roles and is member of a group / member of any one of the group / member of all specified groups etc.
I tried my best to keep the code as simple as possible and understandable, and here it is.
var CustomUserUtils = Class.create();
CustomUserUtils.prototype = {
initialize: function() {},
/*
Parameters:
user : sys_id of user
role : role name
Returns: boolean
- true : if the user have the exact role
- false : if the user does not have exact role
*/
hasRoleExactly: function(user, role) {
var roleGr = new GlideRecord('sys_user_has_role');
roleGr.addQuery('user', user);
roleGr.addQuery('role.name', role);
roleGr.addQuery('state', 'active');
roleGr.setLimit(1);
roleGr.query();
if (roleGr.next()) {
return true;
}
return false;
},
/*
Parameters:
user : sys_id of user
role : list of comma seperated roles
Returns: Boolean
- true : if the user have any one of the exact role
- false : if the user does not have any one of the exact role
*/
hasAnyRoleExactly: function(user, roles) {
var roleGr = new GlideRecord('sys_user_has_role');
roleGr.addQuery('user', user);
roleGr.addQuery('role.name', 'IN', roles);
roleGr.addQuery('state', 'active');
roleGr.setLimit(1);
roleGr.query();
if (roleGr.next()) {
return true;
}
return false;
},
/*
Parameters:
user : sys_id of user
role : list of comma seperated roles
Returns: Boolean
- true : if the user have all of the roles exactly
- false : if the user does not have any one of the role exactly
*/
hasAllRoles: function(user, roles) {
var roleGr = new GlideRecord('sys_user_has_role');
roleGr.addQuery('user', user);
roleGr.addQuery('role.name', 'IN', roles);
roleGr.addQuery('state', 'active');
roleGr.query();
var actual_roles = [];
while (roleGr.next()) {
actual_roles.push(roleGr.role.name + '');
}
var arrayUtil = new ArrayUtil();
actual_roles = arrayUtil.unique(actual_roles);
var query_roles = roles.split(',');
if (query_roles.length === actual_roles.length) {
return true;
}
return false;
},
/*
Parameters:
user : sys_id of user
group : group name
Returns: Boolean
- true : if the user is member of the group
- false : if the user is not member of the group
*/
isMemberOf: function(user, group) {
var grpGr = new GlideRecord('sys_user_grmember');
grpGr.addQuery('user', user);
grpGr.addQuery('group.name', group);
grpGr.setLimit(1);
grpGr.query();
if (grpGr.next()) {
return true;
}
return false;
},
/*
Parameters:
user : sys_id of user
groups : list of comma seperated group names
Returns: Boolean
- true : if the user is member of any of one of the groups
- false : if the user is not member of any groups specified
*/
isMemberOfAny: function(user, groups) {
var grpGr = new GlideRecord('sys_user_grmember');
grpGr.addQuery('user', user);
grpGr.addQuery('group.name', 'IN', groups);
grpGr.setLimit(1);
grpGr.query();
if (grpGr.next()) {
return true;
}
return false;
},
/*
Parameters:
user : sys_id of user
groups : list of comma seperated group names
Returns: Boolean
- true : if the user is member of all the groups specified
- false : if the user is not member of all the groups specified
*/
isMemberOfAll: function(user, groups) {
var grpGr = new GlideRecord('sys_user_grmember');
grpGr.addQuery('user', user);
grpGr.addQuery('group.name', 'IN', groups);
grpGr.query();
var query_groups = groups.split(',');
var actual_groups = [];
while (grpGr.next()) {
actual_groups.push(grpGr.group.name + '');
}
var arrayUtil = new ArrayUtil();
actual_groups = arrayUtil.unique(actual_groups);
if (query_groups.length === actual_groups.length) {
return true;
}
return false;
},
type: 'CustomUserUtils'
};
I did tested this for both happy cases and negative scenarios to make sure it is bug free. For this I chose Abel Tuter as test user added the roles itil & knowledge and made him the member of CAB Approval, Service Desk and Database groups. Still if you find any shoot me a comment.
var cuu = new CustomUserUtils();
//Has Role exactly - Happy case
gs.print(cuu.hasRoleExactly('62826bf03710200044e0bfc8bcbe5df1', 'itil'));
//Has Role exactly - Negative case
gs.print(cuu.hasRoleExactly('62826bf03710200044e0bfc8bcbe5df1', 'admin'));
//Has Any Role exactly - Happy case
gs.print(cuu.hasAnyRoleExactly('62826bf03710200044e0bfc8bcbe5df1', 'itil,knowledge'));
//Has Any Role exactly - Negative case
gs.print(cuu.hasAnyRoleExactly('62826bf03710200044e0bfc8bcbe5df1', 'admin,security_admin'));
//Has All Roles exactly - Happy case
gs.print(cuu.hasAllRoles('62826bf03710200044e0bfc8bcbe5df1', 'itil, knowledge'));
//Has All Roles exactly - Negative case
gs.print(cuu.hasAllRoles('62826bf03710200044e0bfc8bcbe5df1', 'admin,itil,knowledge'));
//Is Member of - Happy Case
gs.print(cuu.isMemberOf('62826bf03710200044e0bfc8bcbe5df1', 'Service Desk'));
//Is Member of - Negative Case
gs.print(cuu.isMemberOf('62826bf03710200044e0bfc8bcbe5df1', 'Hardware'));
//Is Member of Any - Happy Case
gs.print(cuu.isMemberOfAny('62826bf03710200044e0bfc8bcbe5df1', 'Service Desk, Hardware, Database'));
//Is Member of Any - Negative Case
gs.print(cuu.isMemberOfAny('62826bf03710200044e0bfc8bcbe5df1', 'Hardware,Software'));
//Is Member of All - Happy Case
gs.print(cuu.isMemberOfAll('62826bf03710200044e0bfc8bcbe5df1', 'Service Desk, CAB Approval,Database'));
//Is Member of All - Negative Case
gs.print(cuu.isMemberOfAll('62826bf03710200044e0bfc8bcbe5df1', 'Service Desk,CAB Approval,Database,Hardware,Software'));
I'll try extending the features of this Script Include and also create an extended class for accessing this from Client Side through GlideAjax.
Happy Coding đ
-- Anvesh
Labels:
- 1,150 Views
