How to sync Parent group members to Child groups

billi_lumley · ‎05-10-2016

Hello! Looking for a business rule or SI to sync parent group members to child groups when a new members is added to a parent group. I had created a business rule on the group member table; however I'm not having any luck.

//check if group is a Parent
var grp = new GlideRecord("sys_user_group");
grp.addQuery("parent", current.group);
grp.addQuery('type', 'CONTAINS', '7e741272efe2010047920fa3f8225643'); //human_resources
grp.addQuery('active', true);
grp.query();
//if group exists as parent, assign new user to the child groups
while (grp.next()) {
   var mem = new GlideRecord("sys_user_grmember");
   mem.addQuery("user", current.user);
   mem.addQuery("group", grp.group);
   mem.query();
   //This is checking to see if group record already exists? - What if they were added to the group prior to this rule being instituted?
   if (!mem.next()) {
   mem.user = current.user;
   mem.group = grp.group;
   mem.insert();
   }
}

Chuck Tomasi · ‎05-11-2016

Here you go Billi. No charge for the PS time. 🙂 Comments at the top indicate how to set up the business rule. This thing adds AND deletes members from the child tables. 🙂 Don't forget to dump this stuff inside the existing wrapper function that comes with default AFTER business rules.

// Table sys_user_grmember
// Insert: true
// Update: true
// When: After
// Condition current.group.getDisplayValue() == 'HR Parent'

//find active child groups
var childArr = [];
var thisUser = current.getValue('user');
var grp = new GlideRecord('sys_user_group');

grp.addEncodedQuery('active=true^parent=' + current.getValue('group'));
grp.query();
gs.print('count=' + grp.getRowCount());

while (grp.next()) {
	childArr.push(grp.getValue('sys_id'));
	gs.print(grp.getDisplayValue());
}

// Add user to the child groups
if (current.operation() == 'insert') {
	gs.print('INSERT');
	for (var i = 0; i < childArr.length; i++) {
		if (userInGroup(thisUser, childArr[i])) {
			gs.print('user is already in the group ' + childArr[i]);
			continue;
		}
		addUserToGroup(thisUser, childArr[i]);
	}
}

// Remove user from child groups
if (current.operation() == 'delete') {
	gs.print('DELETE');
	for (var i = 0; i < childArr.length; i++) {
		if (!userInGroup(thisUser, childArr[i])) {
			gs.print('user is NOT in the group ' + childArr[i]);
			continue;
		}
		deleteUserFromGroup(thisUser, childArr[i]);
	}
}

function userInGroup(user, group) {

	var ug = new GlideRecord('sys_user_grmember');
	var q = 'user=' + user + '^group=' + group;
	// user=46d44a23a9fe19810012d100cca80666^group=dc8d86c213d31200ae44b4622244b03d // HR Child1 (want to see)
	// user=46d44a23a9fe19810012d100cca80666^group=a49d86c213d31200ae44b4622244b0e9 // Got (3)
	ug.addEncodedQuery(q);
	ug.query();
	gs.print('userInGroup(): q=' + q + ' count=' + ug.getRowCount());

	return ug.hasNext();

}

function deleteUserFromGroup(user, group) {

	if (!user)
		return;

	if (!group)
		return;

	var ug = new GlideRecord('sys_user_grmember');
	var q = 'user=' + user + '^group=' + group;
	// user=46d44a23a9fe19810012d100cca80666^group=dc8d86c213d31200ae44b4622244b03d // HR Child1 (want to see)
	// user=46d44a23a9fe19810012d100cca80666^group=a49d86c213d31200ae44b4622244b0e9 // Got (3)
	ug.addEncodedQuery(q);
	ug.query();
	gs.print('deleteUserFromGroup(): q=' + q + ' count=' + ug.getRowCount());

	if (ug.next()) {
		gs.print('delete');
		ug.deleteRecord();
	}
}

function addUserToGroup(user, group) {

	if (!user)
		return;

	if (!group)
		return;

	var ug = new GlideRecord('sys_user_grmember');

	ug.newRecord();
	ug.user = user;
	ug.group = group;
	ug.insert();
	gs.print('insert');
}

View solution in original post

Chuck Tomasi · ‎05-11-2016

Here you go Billi. No charge for the PS time. 🙂 Comments at the top indicate how to set up the business rule. This thing adds AND deletes members from the child tables. 🙂 Don't forget to dump this stuff inside the existing wrapper function that comes with default AFTER business rules.

// Table sys_user_grmember
// Insert: true
// Update: true
// When: After
// Condition current.group.getDisplayValue() == 'HR Parent'

//find active child groups
var childArr = [];
var thisUser = current.getValue('user');
var grp = new GlideRecord('sys_user_group');

grp.addEncodedQuery('active=true^parent=' + current.getValue('group'));
grp.query();
gs.print('count=' + grp.getRowCount());

while (grp.next()) {
	childArr.push(grp.getValue('sys_id'));
	gs.print(grp.getDisplayValue());
}

// Add user to the child groups
if (current.operation() == 'insert') {
	gs.print('INSERT');
	for (var i = 0; i < childArr.length; i++) {
		if (userInGroup(thisUser, childArr[i])) {
			gs.print('user is already in the group ' + childArr[i]);
			continue;
		}
		addUserToGroup(thisUser, childArr[i]);
	}
}

// Remove user from child groups
if (current.operation() == 'delete') {
	gs.print('DELETE');
	for (var i = 0; i < childArr.length; i++) {
		if (!userInGroup(thisUser, childArr[i])) {
			gs.print('user is NOT in the group ' + childArr[i]);
			continue;
		}
		deleteUserFromGroup(thisUser, childArr[i]);
	}
}

function userInGroup(user, group) {

	var ug = new GlideRecord('sys_user_grmember');
	var q = 'user=' + user + '^group=' + group;
	// user=46d44a23a9fe19810012d100cca80666^group=dc8d86c213d31200ae44b4622244b03d // HR Child1 (want to see)
	// user=46d44a23a9fe19810012d100cca80666^group=a49d86c213d31200ae44b4622244b0e9 // Got (3)
	ug.addEncodedQuery(q);
	ug.query();
	gs.print('userInGroup(): q=' + q + ' count=' + ug.getRowCount());

	return ug.hasNext();

}

function deleteUserFromGroup(user, group) {

	if (!user)
		return;

	if (!group)
		return;

	var ug = new GlideRecord('sys_user_grmember');
	var q = 'user=' + user + '^group=' + group;
	// user=46d44a23a9fe19810012d100cca80666^group=dc8d86c213d31200ae44b4622244b03d // HR Child1 (want to see)
	// user=46d44a23a9fe19810012d100cca80666^group=a49d86c213d31200ae44b4622244b0e9 // Got (3)
	ug.addEncodedQuery(q);
	ug.query();
	gs.print('deleteUserFromGroup(): q=' + q + ' count=' + ug.getRowCount());

	if (ug.next()) {
		gs.print('delete');
		ug.deleteRecord();
	}
}

function addUserToGroup(user, group) {

	if (!user)
		return;

	if (!group)
		return;

	var ug = new GlideRecord('sys_user_grmember');

	ug.newRecord();
	ug.user = user;
	ug.group = group;
	ug.insert();
	gs.print('insert');
}

billi_lumley · ‎05-12-2016

Works like a charm! Thanks Chuck!!!!

Chuck Tomasi · ‎05-12-2016

Glad I could help (and that it worked.) It was a good challenge.

lrossy31 · ‎02-05-2019

Hello Chuck,

Wanted to ask if this could also be retrofitted to work the other way around. I am working with LDAP imports and a group is passed which contains two child groups. There are no members on the parent group but there are in the child groups and I want to sync those members up to the parent group. Will appreciate if you can provide any guidance on this scenario.

Thanks a lot,

Luis

billi_lumley · ‎05-31-2016

Needed to update the Business Rule to fire on Insert and Delete; if not it would not remove the members. Thanks!