How To Add A User To Multiple Groups via Script

Charlie Ward · ‎08-27-2015

I have a scenario where I need to frequently add users to multiple predefined groups. These groups have no roles assigned to them, but are used as "security" groups to allow viewing of certain "work order types" on our UI Page record producer. I think I have the right process started for what I want, but I'm not sure how to code it properly.

The reason I am in desperate need of this is because of employee turnover either by promotion or termination/quitting, I need to be able to click 1 box versus going into groups and then having to manually add them to 5 different groups.

Below is what I've done so far

1. Created a new True/False field to the User Table called "Authorized Requestor"

2. I created a Business Rule that when the "Authorized Requestor" box is True, then do such and such script

This is where I'm stuck. I'm still very new to coding and don't know what I'm needing to do. Also, I'm needing the script to reverse if "Authorized Requestor" is false/unchecked.

End Goal :

New Group Member

1. Go to User Record and find user

2. Check "Authorized Requestor" box and user gets added to the predetermined groups

Group Member Removal

1. Go to User Record

2. Check "Authorized Requestor" box and user gets removed from the predetermined groups.

Charlie Ward · ‎08-28-2015

Thijs, thank you for sending me in the right right direction with the coding. The code above didn't work to remove the users, but it put me on the right path.

I actually created two separate business rules, because I couldn't seem to accomplish in the same business rule which is fine with me. I'm just glad I got it working.

Here is what I did to solve my problem. I hope it maybe helps someone else having needing a similar solution.

I created a True/False Field on the User Table and called it Authorized Requestor
I created 2 business rules
- BR #1 Labeled : Authorized Requestor Box Checked = TRUE
  - Table - User [sys_user]
  - Active - Checked
  - When to Run
    - When - Before
    - Insert Box - Checked
    - Update Box - Checked
    - Filter Conditions
      - Authorized Requestor changes from false AND
      - Authorized Requestor changes to true
  - Actions
    - Advanced Box - Checked
  - Advanced
    - Script

function onBefore(current, previous) {




   var gm_evs = new GlideRecord('sys_user_grmember'); //This table is where the relationship between the groups and users is defined
   gm_evs.initialize();
   gm_evs.user = current.sys_id;
   gm_evs.group = 'group sys ID';//sys id of your group
   gm_evs.insert();
 
   var gm_pom = new GlideRecord('sys_user_grmember'); //This table is where the relationship between the groups and users is defined
   gm_pom.initialize();
   gm_pom.user = current.sys_id;
   gm_pom.group = 'group sys ID';//sys id of your group
   gm_pom.insert();
 
   var gm_sec = new GlideRecord('sys_user_grmember'); //This table is where the relationship between the groups and users is defined
   gm_sec.initialize();
   gm_sec.user = current.sys_id;
   gm_sec.group = 'group sys ID';//sys id of your group
   gm_sec.insert();
 
   var gm_sign = new GlideRecord('sys_user_grmember'); //This table is where the relationship between the groups and users is defined
   gm_sign.initialize();
   gm_sign.user = current.sys_id;
   gm_sign.group = 'group sys ID';//sys id of your group
   gm_sign.insert();
 
   gs.addInfoMessage("Any Message To Be Displayed At Top of Form");
}

BR #2 Labeled : Authorized Requestor Box Checked = False
- Table - User [sys_user]
- Active - Checked
- When to Run
  - When - Before
  - Insert Box - Checked
  - Update Box - Checked
  - Filter Conditions
    - Authorized Requestor changes from true AND
    - Authorized Requestor changes to false
- Actions
  - Advanced Box - Checked
- Advanced
  - Script

function onBefore(current, previous) {


   //This function will be automatically called when this rule is processed.




   RemoveFromGroups();




   function RemoveFromGroups() {


   var grMember = new GlideRecord('sys_user_grmember');


   grMember.addQuery('user', current.sys_id);


   grMember.query();


   var gc = grMember.addQuery('sys_id','your group sys id');


   gc.addOrCondition('sys_id','your group sys id');


   gc.addOrCondition('sys_id','your group sys id');


   gc.addOrConadition('sys_id','your group sys id');


   gc.query();




   // For each ServiceNow group, delete the membership.


   while (grMember.next()) {


   grMember.deleteRecord();


   }


   }


   gs.addInfoMessage("Any Message To Be Displayed At Top of Form");


}

Now when I go to the User Table and I can click on the Authorized Requestor box and click Save, the user gets added to the groups if the box is checked and are removed from the groups if the box is unchecked.

Thank you Tony and Thijs for pointing me in the right direction. I LOVE THE SN COMMUNITY!

View solution in original post

tonyshabani · ‎08-28-2015

When you select reply click on the "Use advanced editor" at the top right in blue. From the advanced editor you will see an icon with double arrows. Select that, go to syntax highlighting and pick the type of language you are highlighting.

Regards,

Tony

Charlie Ward · ‎08-28-2015

Thijs, thank you for sending me in the right right direction with the coding. The code above didn't work to remove the users, but it put me on the right path.

I actually created two separate business rules, because I couldn't seem to accomplish in the same business rule which is fine with me. I'm just glad I got it working.

Here is what I did to solve my problem. I hope it maybe helps someone else having needing a similar solution.

I created a True/False Field on the User Table and called it Authorized Requestor
I created 2 business rules
- BR #1 Labeled : Authorized Requestor Box Checked = TRUE
  - Table - User [sys_user]
  - Active - Checked
  - When to Run
    - When - Before
    - Insert Box - Checked
    - Update Box - Checked
    - Filter Conditions
      - Authorized Requestor changes from false AND
      - Authorized Requestor changes to true
  - Actions
    - Advanced Box - Checked
  - Advanced
    - Script

function onBefore(current, previous) {




   var gm_evs = new GlideRecord('sys_user_grmember'); //This table is where the relationship between the groups and users is defined
   gm_evs.initialize();
   gm_evs.user = current.sys_id;
   gm_evs.group = 'group sys ID';//sys id of your group
   gm_evs.insert();
 
   var gm_pom = new GlideRecord('sys_user_grmember'); //This table is where the relationship between the groups and users is defined
   gm_pom.initialize();
   gm_pom.user = current.sys_id;
   gm_pom.group = 'group sys ID';//sys id of your group
   gm_pom.insert();
 
   var gm_sec = new GlideRecord('sys_user_grmember'); //This table is where the relationship between the groups and users is defined
   gm_sec.initialize();
   gm_sec.user = current.sys_id;
   gm_sec.group = 'group sys ID';//sys id of your group
   gm_sec.insert();
 
   var gm_sign = new GlideRecord('sys_user_grmember'); //This table is where the relationship between the groups and users is defined
   gm_sign.initialize();
   gm_sign.user = current.sys_id;
   gm_sign.group = 'group sys ID';//sys id of your group
   gm_sign.insert();
 
   gs.addInfoMessage("Any Message To Be Displayed At Top of Form");
}

BR #2 Labeled : Authorized Requestor Box Checked = False
- Table - User [sys_user]
- Active - Checked
- When to Run
  - When - Before
  - Insert Box - Checked
  - Update Box - Checked
  - Filter Conditions
    - Authorized Requestor changes from true AND
    - Authorized Requestor changes to false
- Actions
  - Advanced Box - Checked
- Advanced
  - Script

function onBefore(current, previous) {


   //This function will be automatically called when this rule is processed.




   RemoveFromGroups();




   function RemoveFromGroups() {


   var grMember = new GlideRecord('sys_user_grmember');


   grMember.addQuery('user', current.sys_id);


   grMember.query();


   var gc = grMember.addQuery('sys_id','your group sys id');


   gc.addOrCondition('sys_id','your group sys id');


   gc.addOrCondition('sys_id','your group sys id');


   gc.addOrConadition('sys_id','your group sys id');


   gc.query();




   // For each ServiceNow group, delete the membership.


   while (grMember.next()) {


   grMember.deleteRecord();


   }


   }


   gs.addInfoMessage("Any Message To Be Displayed At Top of Form");


}

Now when I go to the User Table and I can click on the Authorized Requestor box and click Save, the user gets added to the groups if the box is checked and are removed from the groups if the box is unchecked.

Thank you Tony and Thijs for pointing me in the right direction. I LOVE THE SN COMMUNITY!

randrews · ‎08-28-2015

rather than code this... why not create a group name for this supergroup... then add your five groups to it.. now you just add/remove the person from one group and you are done.

Charlie Ward · ‎08-28-2015

Doug, I tried doing this by creating a parent group and adding these 5 groups. When I added the user to the parent group, the child groups weren't working.

We have a very unique instance. We are using this for facilities and have setup special groups so they can/can't see specific "types of workorders" on our front end record producer. It's too much to go into, but I did do this initially but it was not working.