Get current user's role(s)...?

uluerje
Mega Expert

‎09-17-2015 10:25 AM

Does anyone know how to get a list of the current user's roles by sys_id?   I've tried using the getRole() function but it doesn't return anything.   According to the wiki article Getting a User Object - ServiceNow Wiki "getUserRoles() -- returns the roles explicitly granted to the current user" & "getRoles() -- returns all of the roles of the current user" but when I run them, I get nothing.   I am able to get a list of roles by name using the gs.getSession().getRoles() function, but what I need is something that'll return a list roles by sys_id because the custom list field I'm checking against references the Roles table and therefore holds the sys_id.   I even tried to set the reference key on my List field to 'name' so I could possibly just use gs.getSession().getRoles(), but apparently you can't use the reference key with a list as SN has a UI policy to hide it when type is List.   I'm totally confused as to why the other functions (getUserRoles & getRoles) aren't returning anything.      

Scenario:

We have an application menu that we grant access to via the OOB "Roles" field, however we have specific no-role users who also need access to that application menu and modules.   I could just remove the role but then it would be open to everyone, which we don't want.   So what I've done to avoid opening the application menu up to the system when the role is removed is create a "Group Access" List field on the sys_app_application table that grants app access to the group members via a before query business rule.   I should point out that this only works if the "Roles" field is empty as I don't know how SN is granting access to app menus/modules with the "Roles" field b/c I've disabled the write ACL on the sys_app_application table which appeared to be granting access based on the Roles field, but after disabling it, users still had access to the application if they had one of the roles, also, if you personalize dictionary on the Roles field, you'll see that the type is "User Roles" which I've never seen before.   So since I haven't figured out how to control the oob "Roles" field, I just created my own "Role Access" List type field on the sys_app_application table that references the Roles table that I'm hoping I can use in place of the oob Roles field when working with application menus that have specific role/no-role users who need to access it.   So basically what I'm trying to figure out is how to use the "Group Access" field to grant access to no-role users AND still have a role field where I can grant access to the application menu for users who have a role.   Therefore I need a "fast" way to check if the current user has one of the roles in the "Role Access" field, which I thought would be quick and easy using one of the getUserRoles & getRoles functions but of course it's not "working" as expected.  

0 Helpfuls
  • 23,380 Views
9 REPLIES 9

Pradeep Sharma
ServiceNow Employee
ServiceNow Employee

‎09-17-2015 10:35 AM

HI Jessica,



Can you please try the below script in case you want the sys_id of the roles for current user.


var gr = new GlideRecord('sys_user_has_role');



gr.addQuery('user', gs.getUserID());



gr.query();



while(gr.next())



{



var role = gr.role; //Will give the sys_id of the roles



}

yetesh_ch
ServiceNow Employee
ServiceNow Employee

‎09-17-2015 10:49 AM

Hi,


I am not sure but gs.getUser().roles should work.


Pradeep Sharma
ServiceNow Employee
ServiceNow Employee
In response to yetesh_ch

‎09-17-2015 10:51 AM

That will not print the sys_id..right?


I've tested this Yetesh and it was giving me names of the roles.


0 Helpfuls

yetesh_ch
ServiceNow Employee
ServiceNow Employee
In response to Pradeep Sharma

‎09-17-2015 10:54 AM

Yep thats what it is.


0 Helpfuls