Grant Admin Access Via Script
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-28-2020 05:06 AM
Hi All,
We have a catalog process where one can request for Admin access for a given window. This is generally used by our support teams to manage releases and issues on Production.
It was working fine but now it has stopped working after the version upgrade.
Here is the script that I am using, earlier this was in the workflow run script activity, i changed it to a script include and still it did not work, Now I changed this to a script action but it is still not working.
I am getting all the logs.
**************************************************
var usr = event.parm1;
gs.log('usr= '+usr);
//session.onlineImpersonate("admin");
var adminRole = '';
var roleGR = new GlideRecord('sys_user_role');
roleGR.addQuery('name', 'admin');
roleGR.query();
if (roleGR.next()) {
gs.log('2');
adminRole = roleGR.sys_id;
}
gs.log('adminRole= '+adminRole);
var grUserRoleGR = new GlideRecord("sys_user_has_role");
grUserRoleGR.intialize();
grUserRoleGR.user = usr;
grUserRoleGR.role = '' + adminRole;
grUserRoleGR.state = 'active';
grUserRoleGR.inherits = true;
gs.log('3');
grUserRoleGR.insert();
***********************************************
I think the issue is that now to give admin access one should have admin themselves, how to get past this?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-28-2020 07:09 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-28-2020 07:56 AM
After a lot of hit n try i was able to do it as per the blog. Even that is working for other roles but not 'admin' 😞
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-28-2020 08:18 AM
Can you please share the code? Let me see
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-28-2020 08:21 AM
Also can you please try one more thing? Add a timer before the run script activity in the workflow. You can set the timer to 5-10 sec. Basically, once the workflow enters a timer, the next activity set is run by the system. That may solve the issue.
Sorry for giving weird solutions. 🙂
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-28-2020 09:04 AM
Here is the code i tried, currently this is in a script action, i also tried to run this in workflow run script also.
var so = new ScheduleOnce();
so.script = "var adminRole = '';";
so.script += "var roleGR = new GlideRecord('sys_user_role');";
so.script += "roleGR.addQuery('name', 'admin');";
so.script += "roleGR.query();";
so.script += "if(roleGR.next()){";
so.script += "adminRole = roleGR.sys_id;";
so.script += "}";
so.script += "var grUserRoleGR = new GlideRecord('sys_user_has_role');";
so.script += "grUserRoleGR.intialize();";
so.script += "grUserRoleGR.user='" + usr + "';";
so.script += "grUserRoleGR.role = ''+adminRole;";
so.script += "grUserRoleGR.state = 'active';";
so.script += "grUserRoleGR.inherits = true;";
so.script += "grUserRoleGR.insert();";
so.schedule();
the timer idea i already implemented, my thought was to ensure that the workfow doesnt run in the user session, that was the first thing i tried, it is still there.
The above script runs if itry to assign other roles, but not assigning admin
