Catalog Item variables not auto-populating for non-ITIL user

Go to solution
joymorales
Giga Guru

‎11-03-2020 09:41 AM

Hi Team.

I have a variable set for catalog items that auto-populate with basic user information based on who is logged into SN.  It pulls data from the user table. The user should be able to change the user's name in the "Who is this request for?" field if submitting the request on behalf of another person.  The rest of the fields should update automatically with the new user's information.

I am able to successfully do this when impersonating an ITIL user, but not when I impersonate a regular non-ITIL user.  With the non-ITIL user, I am able to change the "Who is this request for?" field, but the other fields do not update.  The organization's field is blank and the Phone number and Email address fields get populated with "Undefined".  I have attached screenshots.

I looked through the Service Catalog properties, Catalog UI Policies and ACLs, but I did not find one that could be impacting the variable auto-population for non-ITIL users.

Any information/suggestion that you can provide me will be greatly appreciated.

Thank you.

Preview file
56 KB
0 Helpfuls
  • 2,901 Views
1 ACCEPTED SOLUTION

Go to solution
Brian Lancaster
Tera Sage
In response to joymorales

‎11-05-2020 10:11 AM

EDIT: Made some changes to the code below in the script include for company.  Instead of a reference variable make company a string.  Then you will not have to worry about ACLs.

 

Here is a script include along with the updated client script.  Note this still doesn't now work for company as it appears the core_company table has a read ACL on it with a bunch or roles.  Not sure why.  You may want to contact your ServiceNow account rep to see if it is a licensing issue to remove the roles from that ACL.

Script Include:  Make sure the name of the script include is GetUserData and that you check client callable.  

var GetUserData = Class.create();
GetUserData.prototype = Object.extendsObject(AbstractAjaxProcessor, {
		
	getCompany: function () {
		gs.log('in company funcation');
		var gr = new GlideRecord('sys_user');
		var sys_id = this.getParameter('user_sys_id');
		gr.addQuery('sys_id', sys_id);
		gr.query();
		if (gr.next()){
			return gr.getDisplayValue('company');
		}
	},
	
	getPhone: function () {
		var gr = new GlideRecord('sys_user');
		var sys_id = this.getParameter('user_sys_id');
		gr.addQuery('sys_id', sys_id);
		gr.query();
		if (gr.next()){
			return gr.phone;
		}
	},
	
	getEmail: function (){
		var gr = new GlideRecord('sys_user');
		var sys_id = this.getParameter('user_sys_id');
		gr.addQuery('sys_id', sys_id);
		gr.query();
		if (gr.next()){
			return gr.email;
		}
	},
	
    type: 'GetUserData'
});

Updated Client script:

function onChange(control, oldValue, newValue, isLoading) {
    if (newValue == '') {
        return;
    }
	
	var user = g_form.getValue('requested_for');
	
	var userCompany = new GlideAjax('GetUserData');
	userCompany.addParam('sysparm_name', 'getCompany');
	userCompany.addParam('user_sys_id', user);
	userCompany.getXML(Company);
	
	var userPhone = new GlideAjax('GetUserData');
	userPhone.addParam('sysparm_name', 'getPhone');
	userPhone.addParam('user_sys_id', user);
	userPhone.getXML(Phone);
	
	var userEmail = new GlideAjax('GetUserData');
	userEmail.addParam('sysparm_name', 'getEmail');
	userEmail.addParam('user_sys_id', user);
	userEmail.getXML(Email);
}

function Company(response){
    var answer = response.responseXML.documentElement.getAttribute("answer");
	g_form.setValue('company', answer);
}

function Phone(response){
	var answer = response.responseXML.documentElement.getAttribute("answer");
	g_form.setValue('phone', answer);
}

function Email(response){
	var answer = response.responseXML.documentElement.getAttribute("answer");
	g_form.setValue('email', answer);
}

View solution in original post

21 REPLIES 21

Go to solution
Willem
Giga Sage
Giga Sage
In response to rahulpandey

‎11-03-2020 10:06 AM

I would highly advice against this. Depending on your license agreement this could be seen as trying to circumvent licensing and that is not a good idea.

Go to solution
Brian Lancaster
Tera Sage
In response to Willem

‎11-03-2020 10:30 AM

I agree that this is not a good idea.

0 Helpfuls

Go to solution
rahulpandey
Kilo Sage
In response to Willem

‎11-03-2020 10:54 AM

Hey Williem,

 

I beg to differ on this because of following

- GlideRecord doesn't abide ACLs anyways, I don't know if, Joy has used GlideRecordSecure for fetching, it should have worked anyways except HRSD tables.

- Non interactive calls such as an API can do the same if you pass an ITIL user credentials as basic auth.

Anyways, this is just to get information scripted way, though this can be consulted with account manager if one has any doubts.

0 Helpfuls

Go to solution
Brian Lancaster
Tera Sage
In response to rahulpandey

‎11-03-2020 11:23 AM

Glide Record is one thing but you were saying to use a script to impersonate an ITIL user.  That is what he was talking about.

0 Helpfuls

Go to solution
rahulpandey
Kilo Sage
In response to Brian Lancaster

‎11-03-2020 11:46 AM

Hi Brian,

I see your point, however, I see it differently. If it is about changing user context, then a rest call does the same thing i.e. change of user context.

My suggestion can be literally be translated as an API without impersonation, which can further be called from same instance providing dummy ITIL user creds as basicAuth.

Also, I see couple of places this happens OOTB, for example a timer activity in workflow, it changes user context from current user to system.

However, I agree, this is not a best option to choose rather last resort.

Though, the best one to comment on this would be servicenow.

0 Helpfuls