Help with Script Include to get Roles Based on Group and User

patricial · ‎08-23-2017

Ok I need some help please!

I am jammed up with getting this to work.

I have a catItem that adds a user to Group

I need to first check what roles the group has

Check what roles the user has

If the group has itil and the user has itil = success

If the group has appover_user and user has approver_user = success

If group has itil and user does not have itil = fail

If group has approver_user and user does not have approver user = fail

If group does not have either itil or approver_user = success (regardless of what roles user has)

Here is my script Include (My client script follows) in my client script I need to return a message based on which role the user failed on

So if the user does not have ITIL (User does not have ITIL message)

If the user does not have approver_user (User does not have approver_user message)

/******* script include *********/

var getRolesAjax = Class.create();

getRolesAjax.prototype = Object.extendsObject(AbstractAjaxProcessor, {

getRole: function(){

gs.log('>>>DEBUG: returnGroup Role() started...');

var list = [];

var grp = this.getParameter('sysparm_group');

gs.log(grp,'shipra0');

var grGroup = new GlideRecord('sys_group_has_role');

grGroup.addQuery('group', grp);

grGroup.addQuery('role.name', 'itil');//itil

grGroup.query();

while(!grGroup.next()){

//var rol = grGroup.role.getDisplayValue(); //group itil

//return 'success';

//continue;

var gr2Group = new GlideRecord('sys_group_has_role');

gr2Group.addQuery('group', grp);

gr2Group.addQuery('role.name', 'approver_user');//approver user

gr2Group.query();

while(!gr2Group.next()){

//var rol2 = gr2Group.role.getDisplayValue(); //group approver_user

//gs.log('>>>TRICIA Query GROUP APPROVER:' +urol);

return 'success';

//continue;

}

var rol = grGroup.role.getDisplayValue(); //group itil

var rol2 = gr2Group.role.getDisplayValue(); //group approver_user

var usr = this.getParameter('sysparm_requestedby');

var grUser = new GlideRecord('sys_user_has_role');

grUser.addQuery('user', usr);

grUser.addQuery('role.name', rol); //itil from group

grUser.query();

while (grUser.next()) {

var urol = grUser.role.getDisplayValue(); //itil role

var usr2 = this.getParameter('sysparm_requestedby');

var gr2User = new GlideRecord('sys_user_has_role');

gr2User.addQuery('user', usr);

gr2User.addQuery('role.name', rol2); //approver_user role

gr2User.query();

while (gr2User.next()) {

var urol2 = gr2User.role.getDisplayValue(); //approver user

gs.log('>>>TRICIA Query USER ITIL:'+rol + " " +urol);

if(rol == urol || rol == ''){

gs.log('>>>TRICIA Query USER ITIL:'+rol + " " +urol);

continue;

//return 'success';

}

if(rol2 == urol2 || rol2 == ''){

gs.log('>>>TRICIA Query for USER APPROVER:'+rol2 + " " +urol2);

return 'success';

}

},

type: 'getRolesAjax'

});

/*******Client Script*********/

function onChange(control, oldValue, newValue, isLoading, isTemplate) {

if (isLoading || newValue === '') {

return;

}

g_form.setValue('no_license', 'false');

g_form.setValue('request_license', 'No');

var grp = g_form.getValue('group_name');

var usr = g_form.getValue('requested_by');

alert('Calling getRole... ' + grp);

var ga = new GlideAjax('getRolesAjax');

ga.addParam('sysparm_name','getRole');

ga.addParam('sysparm_group', grp);

ga.addParam('sysparm_requestedby', usr);

ga.getXML(AsyncCall);

}

function AsyncCall(response) {

var answer = response.responseXML.documentElement.getAttribute("answer");

if (answer == 'success') {

g_form.setValue('no_license', 'false');

g_form.setValue('request_license', 'Yes');

alert(answer);

}

else{

g_form.addInfoMessage('ITIL Role is required for Group Access.');

g_form.setValue('no_license', 'true');

}

Shishir Srivast · ‎08-25-2017

Please check if this helps..

Script Include:

var getRolesAjax = Class.create();

getRolesAjax.prototype = Object.extendsObject(AbstractAjaxProcessor, {

getRole: function(){

var isITIL, isAPUSER, isANYGRPROLE;

var grGroup = new GlideRecord('sys_group_has_role');

grGroup.addQuery('group', this.getParameter('sysparm_group'));

grGroup.query();

while(grGroup.next()){

var grUser = new GlideRecord('sys_user_has_role');

grUser.addQuery('user', this.getParameter('sysparm_requestedby'));

if((grGroup.getDisplayValue('role') == 'itil')){

grUser.addQuery('role', grGroup.getValue('role'));

grUser.query();

if(grUser.next()){

if((grUser.getDisplayValue('role') == 'itil')){

gs.log('isITIL = true');

isITIL = true;

}

}

else

isITIL = false;

}

if((grGroup.getDisplayValue('role') == 'approver_user')){

grUser.addQuery('role', grGroup.getValue('role'));

grUser.query();

if(grUser.next()){

if((grUser.getDisplayValue('role') == 'approver_user')){

gs.log('isAPUSER = true');

isAPUSER = true;

}

}

else

isAPUSER = false;

}

if(grGroup.getDisplayValue('role') != 'approver_user' && grGroup.getDisplayValue('role') != 'itil')

isANYGRPROLE = true;

}

if(isITIL == true || isAPUSER == true || isANYGRPROLE == true)

return 'Success';

else if(isITIL == false && isAPUSER == false)

return 'Approver User and ITIL Role is required for Group Access.';

else if(isITIL == false || isAPUSER == false)

{

if(isITIL == false)

return 'ITIL Role is required for Group Access.';

else if(isAPUSER == false)

return 'Approver User Role is required for Group Access.';

}

},

type: 'getRolesAjax'

});

Client Script:

function onChange(control, oldValue, newValue, isLoading, isTemplate) {

if (isLoading || newValue === '') {

return;

}

var ga = new GlideAjax('getRolesAjax');

ga.addParam('sysparm_name','getRole');

ga.addParam('sysparm_group', g_form.getValue('assignment_group'));

ga.addParam('sysparm_requestedby', g_form.getValue('requested_by'));

ga.getXML(AsyncCall);

}

function AsyncCall(response) {

var answer = response.responseXML.documentElement.getAttribute("answer");

g_form.addInfoMessage(answer);

}

View solution in original post

patricial · ‎08-24-2017

Ok I will try this now

Thank you so much Shishir

I will let you know how it works

patricial · ‎08-24-2017

Shishir

I added some logging it's still not working

So the group has just approver_user and the user has no role

it comes back success

gs.log("Tricia this is the last group role " + grpname_itil + " " +grUser_itil + " " +grpname_au + " "+grUser_au + " " +grpname_any + " "+ grUser_any);

Tricia this is the last group role undefined undefined approver_user undefined undefined undefined

Shishir Srivast · ‎08-24-2017

Please try with below script, i just tested and it works for me.

var getRolesAjax = Class.create();

getRolesAjax.prototype = Object.extendsObject(AbstractAjaxProcessor, {

getRole: function(){

var isITIL = false, isAPUSER = false, isANYGRPROLE;

var grGroup = new GlideRecord('sys_group_has_role');

grGroup.addQuery('group', this.getParameter('sysparm_group'));

grGroup.query();

while(grGroup.next()){

var grUser = new GlideRecord('sys_user_has_role');

grUser.addQuery('user', this.getParameter('sysparm_requestedby'));

if((grGroup.getDisplayValue('role') == 'itil')){

grUser.addQuery('role', grGroup.getValue('role'));

grUser.query();

if(grUser.next()){

if((grUser.getDisplayValue('role') == 'itil'))

isITIL = true;

}

else if((grGroup.getDisplayValue('role') == 'approver_user')){

grUser.addQuery('role', grGroup.getValue('role'));

grUser.query();

if(grUser.next()){

if((grUser.getDisplayValue('role') == 'approver_user'))

isITIL = true;

}

else if(grGroup.getDisplayValue('role') != 'approver_user' || grGroup.getDisplayValue('role') != 'itil'){

if(isITIL == false && isAPUSER == false)

isANYGRPROLE = true;

}

if(isITIL == true || isAPUSER == true || isANYGRPROLE == true){

return 'success';

}

},

type: 'getRolesAjax'

});

Scenario I tested:

group and user has itil role: success

group and user has approver_user role: success

group has itil role but user didn't have itil role : fail

group and approver_user but user didn't have approver_user role : fail

group has just neither itil not approver_user: success

patricial · ‎08-25-2017

thank you so much Shishir,

I will test it now this morning

patricial · ‎08-25-2017

Shishir,

Thank you so much this is working. I added loggin and I see the correct roles.

How can I get the response to return specific message in the client script

So if the user doesn't have the itil role and the group does Return message

g_form.addInfoMessage('ITIL Role is required for Group Access.');

and then if the Group has approver_user and the user doesn't return message

g_form.addInfoMessage('Approver User Role is required for Group Access.');

If group has both and user doesn't have any

g_form.addInfoMessage('Approver User and ITIL Role is required for Group Access.');

Similar to this but I am not sure I understand how this is getting passed back?

ga.getXML(AsyncCall);

}

function AsyncCall(response) {

var hasNotRole = response.responseXML.documentElement.getAttribute("answer");

if (hasNotRole) {

var singular = "User {0} will be assigned the {1} role after adding"

var plural = "User {0} will be assigned the {2} roles after adding"

// Extracting the translated message and replacing the parameters

var keys = [singular, plural];

var msgs = getMessages(keys);

var msg = msgs[singular];

if(hasNotRole.indexOf(",") != -1)

msg = msgs[plural];

g_form.showFieldMsg('group_name', new GwtMessage().format(msg, hasNotRole, "itil"), 'info');

g_form.showFieldMsg('group_name', new GwtMessage().format(msg, hasNotRole, "approver_user"), 'info');

g_form.showFieldMsg('group_name', new GwtMessage().format(msg, hasNotRole, "approver_user, itil"), 'info');

}