- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-11-2018 07:59 AM
Is it possible to elevate to a privileged role via script?
I have a scheduled job that I would like to take an action that is currently only available to a user with a privileged role (security_admin). Even if I set the scheduled job to run as a user with the elevated role, it does not seem to be able to take the action. I suppose this is because the user context running the script has not actually elevated to the privileged role. Is it possible to do this via script, or is my only choice to add an ACL to make this function available to a non-privileged role?
Solved! Go to Solution.
- Labels:
-
Scripting and Coding
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-07-2019 07:37 AM
creativethinker,
Jason's response in that thread was not what I was looking for, but after an exchange with HI Support I got a satisfactory response:
I was able to impersonate a user in my script that had the security_admin role, and then was able to elevate to that role using a little known method:
var originalUserID = gs.getUserID();
gs.getSession().impersonate('ea898b00233ba610b22961b64254c0ab'); // impersonate user with security_admin role
GlideSecurityManager.get().enableElevatedRole('security_admin'); //elevate to security_admin
//do things here that require elevation
gs.getSession().impersonate(originalUserID); // impersonate original user
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-11-2018 08:35 AM
Hi,
https://community.servicenow.com/community?id=community_question&sys_id=69474f29db1cdbc01dcaf3231f9619a3
Check the response of Jason in above link try that code and let me know if it works
Mark my ANSWER as CORRECT and HELPFUL if it helped
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-07-2019 07:37 AM
creativethinker,
Jason's response in that thread was not what I was looking for, but after an exchange with HI Support I got a satisfactory response:
I was able to impersonate a user in my script that had the security_admin role, and then was able to elevate to that role using a little known method:
var originalUserID = gs.getUserID();
gs.getSession().impersonate('ea898b00233ba610b22961b64254c0ab'); // impersonate user with security_admin role
GlideSecurityManager.get().enableElevatedRole('security_admin'); //elevate to security_admin
//do things here that require elevation
gs.getSession().impersonate(originalUserID); // impersonate original user
