Business Rule to add/remove Users to/from Group based on the field value.

Aki17 · ‎11-18-2021

When a sys_user record is created, I would like the user to be belonged to the corresponding Group(sys_user_group) based on "u_privilege" field value as below.

u_privilege = 3 --> Add the user to Group-3
u_privilege = 2 --> Add the user to Group-2
u_privilege = 1 --> Add the user to Group-1

Also, when the value of u_privilege is changed, the user needs to be removed from the old Group and then added to the new Group as below.

e.g. When the value of "u_privilege" is changed from 3 to 2, that user should be removed from Group-3 and then added to Group-2.

I think that one or two Business Rules needed, but could someone please give me the sample script for this requirements?

Best Regards,

Aki

Murthy Ch · ‎11-19-2021

Hi Aki,

I tried with two BR's, something like below

When User Created:

before insert BR

Condition:

current.u_privilege!=""  //map your field name

(function executeRule(current, previous /*null when async*/ ) {
    var grU = new GlideRecord('sys_user');
    grU.addQuery('sys_id', current.sys_id);
    grU.query();
    if (!grU.next()) {
        var privilege = current.u_privilege;
        var grp = new GlideRecord('sys_user_grmember');
        grp.initialize();
        grp.user = current.sys_id;
        if (privilege == 'p1') {
            grp.group = '019ad92ec7230010393d265c95c260dd'; //Analytics Settings Managers
        } else if (privilege == 'p2') {
            grp.group = '0a52d3dcd7011200f2d224837e6103f2'; //Application Development
        } else if (privilege == 'p3') {
            grp.group = '0c4e7b573b331300ad3cc9bb34efc461'; //Problem Analyzers
        }
        grp.insert();
    }
})(current, previous);

Now when changing to value of the privilege:

When to run: After update BR

Filter Condition Priority Changes

(function executeRule(current, previous /*null when async*/ ) {
    var enc = "group=019ad92ec7230010393d265c95c260dd^ORgroup=0c4e7b573b331300ad3cc9bb34efc461^ORgroup=0a52d3dcd7011200f2d224837e6103f2";
    var grM = new GlideRecord('sys_user_grmember');
    grM.addQuery('user', current.sys_id);
    grM.addEncodedQuery('enc'); //change your encoded query like Grp 1 is or Grp2 is or Grp3
    grM.query();
    if (grM.next()) {
        grM.deleteRecord();
    }
    var privilege = current.u_privilege;
    var grp = new GlideRecord('sys_user_grmember');
    grp.initialize();
    grp.user = current.sys_id;
    if (privilege != '') {
        if (privilege == 'p1') {
            grp.group = '019ad92ec7230010393d265c95c260dd'; //Grp1
        } else if (privilege == 'p2') {
            grp.group = '0a52d3dcd7011200f2d224837e6103f2'; //Grp2
        } else if (privilege == 'p3') {
            grp.group = '0c4e7b573b331300ad3cc9bb34efc461'; //Grp3
        }
        grp.insert();
    }

})(current, previous);

Hope it helps.

Thanks,

Murthy

Thanks,
Murthy

View solution in original post

Murthy Ch · ‎11-19-2021

Hi Aki,

I tried with two BR's, something like below

When User Created:

before insert BR

Condition:

current.u_privilege!=""  //map your field name

(function executeRule(current, previous /*null when async*/ ) {
    var grU = new GlideRecord('sys_user');
    grU.addQuery('sys_id', current.sys_id);
    grU.query();
    if (!grU.next()) {
        var privilege = current.u_privilege;
        var grp = new GlideRecord('sys_user_grmember');
        grp.initialize();
        grp.user = current.sys_id;
        if (privilege == 'p1') {
            grp.group = '019ad92ec7230010393d265c95c260dd'; //Analytics Settings Managers
        } else if (privilege == 'p2') {
            grp.group = '0a52d3dcd7011200f2d224837e6103f2'; //Application Development
        } else if (privilege == 'p3') {
            grp.group = '0c4e7b573b331300ad3cc9bb34efc461'; //Problem Analyzers
        }
        grp.insert();
    }
})(current, previous);

Now when changing to value of the privilege:

When to run: After update BR

Filter Condition Priority Changes

(function executeRule(current, previous /*null when async*/ ) {
    var enc = "group=019ad92ec7230010393d265c95c260dd^ORgroup=0c4e7b573b331300ad3cc9bb34efc461^ORgroup=0a52d3dcd7011200f2d224837e6103f2";
    var grM = new GlideRecord('sys_user_grmember');
    grM.addQuery('user', current.sys_id);
    grM.addEncodedQuery('enc'); //change your encoded query like Grp 1 is or Grp2 is or Grp3
    grM.query();
    if (grM.next()) {
        grM.deleteRecord();
    }
    var privilege = current.u_privilege;
    var grp = new GlideRecord('sys_user_grmember');
    grp.initialize();
    grp.user = current.sys_id;
    if (privilege != '') {
        if (privilege == 'p1') {
            grp.group = '019ad92ec7230010393d265c95c260dd'; //Grp1
        } else if (privilege == 'p2') {
            grp.group = '0a52d3dcd7011200f2d224837e6103f2'; //Grp2
        } else if (privilege == 'p3') {
            grp.group = '0c4e7b573b331300ad3cc9bb34efc461'; //Grp3
        }
        grp.insert();
    }

})(current, previous);

Hope it helps.

Thanks,

Murthy

Thanks,
Murthy

Aki17 · ‎11-19-2021

Hi Murthy,

Thank you so much for your script. After making a small change to the script, it worked perfectly!

Really appreciate it.

Murthy Ch · ‎11-19-2021

Thanks Aki.

Glad to help 🙂

-Murthy

Thanks,
Murthy

Ankur Bawiskar · ‎11-19-2021

Hi,

you can use 2 BR

1) after insert to add user to correct group

2) after update when u_privilege is Changed to remove user from previous group since you know the earlier value of u_privilege and then add to new group.

where re you stuck?

Regards
Ankur

Regards,
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader