Business Rule based on user's roles not working when role is inherited from group
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-17-2020 05:50 PM
Hi all,
I have a requirement to grant users a custom list layout based on whether they have a certain role which I achieve by building the list in sys_ui_list and sys_ui_list_element (and delete the records once the role is removed from the user). My assumption to run the business rule on sys_user_has_role appears to be incorrect, because that only seems to trigger when I add the role manually to the user. What table do I need to refer this BR to in order to trigger on inherited roles?
Basics of the code is below, I replaced it with just an info message onscreen to conclude the above observation.
//Check if user still has one of the special roles after that role was either inserted or deleted into sys_user_has_role
var gr = new GlideRecord('sys_user_has_role');
gr.addQuery('user', current.user);
gr.addQuery('role.name', 'ENDSWITH', 'special');
gr.query();
if(gr.next()){
//create sys_ui_list and sys_ui_list_element records
} else {
//delete all sys_ui_list and sys_ui_list for specififc table for that user
}
Edit: I've tracked down the script that creates the user role once a user is added to a group, script include RoleManager and within that the roles are indeed inserted into "sys_user_has_role", does anyone have an idea why a business rule triggering on insert/deletion might not work?
- Labels:
-
Scripting and Coding
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-17-2020 08:28 PM
Hi Sateesh,
Apologies if my question is a bit confusing but this isn't intended to trigger on the logged in user. As an admin I want to add someone to a group which contains the "special" role, and when I add them to the group I want to automatically set up the user's list view of a particular table.
The current.user in my code example is on the sys_user_has_role table which contains User, Role, State, Granted By. but my issue is triggering the Business Rule in the first place not the calculations happening in my script.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-17-2020 09:14 PM
Hi Ahmadelsaghir,
My bad I am sorry "sys_user_has_role" should have all the record even if the role is assigned through group assignment or role inheritance but may be the buiness rule didn't get triggered.
To answer your question , look for table "sys_group_has_role" and "sys_user_role_contains".
Regards,
Sateesh Kumar Devadoss.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-17-2020 09:37 PM
Hi Sateesh,
These tables have no connection to the users, I'm just going to have to run the BR on insert of any users into sys_user_grmember and both check if they have the special role and do not have existing personalisations on the table I'm customising for them.
