Here is the logic to add users to 'KM Dashboard' group when the 'knowledge' role is added to a user (record is created in the sys_user_has_role table).
(function executeRule(current, previous /*null when async*/) {
// Add your code here
var roleName = current.role.getDisplayValue();
var userID = current.user;
gs.addInfoMessage("User: " + userID.getDisplayValue() + " now has role: " + roleName);
// logic to add user to group if assigned the knowledge role. Repeat for each role and group desired
if (roleName == 'knowledge') {
var grpMember = new GlideRecord('sys_user_grmember');
grpMember.addQuery('user', userID.toString());
grpMember.addQuery('group', 'KM Dashboard');
grpMember.query();
gs.addInfoMessage("Found " + grpMember.getRowCount() + " records for user: " + userID + " and group KM Dashboard");
if (grpMember.getRowCount() == 0) {
gs.addInfoMessage("Will add " + userID + " to group KM Dashboard");
grpMember.initialize();
grpMember.user = userID;
grpMember.group = 'f9820f3fdbd2a110cbb0651e13961972'; // sys_id of the sys_uer_group record for KM Dashboard, may be different in the instance.
grpMember.insert();
}
}
})(current, previous);
The business rule is defined on the 'sys_user_has_role' table, runs 'After' and on "insert' and 'Update'. See screenshot:
The result of my test follows:
This is not advised to do if you have the "Contextual Security: Role Management" and "Contextual Security: Role management V2" plugins (as most instances have). As this will break 'Role inheritance'. Also, you may want logic for when the 'knowledge' role is removed from a user to remove the user from the 'KM Dashboard' group.
I'm having trouble searching the docs site for related documentation. But I encourage you to do that, and evaluate current behavior around assigning users to groups, assigning roles to users, etc.
