Background Script to Modify ACLs

Robbie Lacivita
Tera Guru

‎04-17-2019 10:02 AM

I am attempting to create a background script that will go through each ACL with a Delete operation, and add security_admin to the roles. Below is my code, but I can't get it to work. Can anyone offer any help?

var securityAdmin = 'b2d8f7130a0a0baa5bf52498ecaadeb4'
var allRoles = new GlideRecord('sys_security_acl');
var operation = new GlideRecord('sys_security_operation');
allRoles.query();
while (allRoles.next()){
	operation.addQuery('name','delete');
	operation.query();
	while (operation.next()); {
		addRole = new GlideRecord('sys_security_acl_role');
		addRole.addQuery(allRoles,securityAdmin);
		addRole.query;
		if(addRole.next()){
			for(var i=0;i<-1;i++){
				addRole.sys_user_role = splitroles[i];
				addRole.update();
			}
			
		}
	}
}

Thanks in advance!

Robbie

Labels:
0 Helpfuls
  • 1,181 Views
2 REPLIES 2

Rogers Cadenhe1
Giga Guru

‎04-17-2019 10:20 AM

I haven't examined the rest of the script, but I did see something erroneous here:

addRole.addQuery(allRoles,securityAdmin);

The first argument to addQuery() should be the name of a field as a string literal (such as 'sys_user_role' if you're looking at the Role field). You're giving it a GlideRecord object instead.

0 Helpfuls

Robbie Lacivita
Tera Guru
In response to Rogers Cadenhe1

‎04-17-2019 10:29 AM

Rogers,

I actually corrected my script, it functions now. I will paste it below. However, I didn't think about all of the ACLs already having roles assigned to them, and I want to remove all roles before adding security admin to them. Can you assist with that part?

var x = new GlideRecord('sys_security_acl);
x.addQuery('operation','delete');
x.query();
while(x.next()){
   var y = new GlideRecord('sys_security_acl_role');
   y.initialize();
   y.sys_security_acl = x.sys_id;
   y.sys_user_role = 'b2d8f7130a0a0baa5bf52498ecaadeb4';
   y.insert();
}

Thanks,

 

Robbie

0 Helpfuls