- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-09-2025 11:50 AM
I have business rule to restrict any unit managers from add/removing users to groups the unit managers do not belong to except to the units the unit manager belongs to. I have the code snippet below but it's now working:
(function executeRule(current, previous /*null when async*/) {
var userID = gs.getUserID();
// Skip for admins
if (gs.hasRole('admin')) {
return;
}
// Only proceed if user has u_unit_manager role
if (!gs.hasRole('u_unit_manager')) {
return;
}
// Ensure group is not empty
if (!current.group.nil()) {
var groupGR = new GlideRecord('sys_user_group');
if (groupGR.get(current.group.toString())) {
// Check if user is one of the unit managers (list field check)
var unitManagers = groupGR.u_unit_managers.toString().split(',');
if (unitManagers.indexOf(userID) === -1) {
gs.addErrorMessage("You must be one of the Unit Managers of the group to assign users.");
current.setAbortAction(true);
return;
}
// Check if current user is a member of the group
var membershipGR = new GlideRecord('sys_user_grmember');
membershipGR.addQuery('user', userID);
membershipGR.addQuery('group', current.group.toString());
membershipGR.query();
if (!membershipGR.hasNext()) {
gs.addErrorMessage("You can only assign users to groups you are a member of.");
current.setAbortAction(true);
}
}
}
})(current, previous);
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-09-2025 11:13 PM - edited 07-09-2025 11:15 PM
Hi @Adeshola
Try this code
(function executeRule(current, previous /*null when async*/ ) {
var userID = gs.getUserID();
// Check if user is one of the unit managers (list field check)
var unitManagers = current.group.u_unit_managers.toString();
if (unitManagers.indexOf(userID) == -1) {
gs.addErrorMessage("You must be one of the Unit Managers of the group to assign users.");
current.setAbortAction(true);
return;
}
// Check if current user is a member of the group
if (!gs.getUser().isMemberOf(current.group.toString())) {
gs.addErrorMessage("You can only assign users to groups you are a member of.");
current.setAbortAction(true);
}
})(current, previous);
I have moved the roles check and group empty check to conditions part of the BR.
Please check below: //change your field names accordingly.
Mark it helpful if this helps you to understand. Accept solution if this give you the answer you're looking for
Kind Regards,
Rohila V
2022-25 ServiceNow Community MVP

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-10-2025 12:33 AM
try with this ...!
(function executeRule(current, previous) {
var userID = gs.getUserID();
if (gs.hasRole('admin')) {
return;
}
if (!gs.hasRole('u_unit_manager')) {
return;
}
if (!current.group.nil()) {
var groupGR = new GlideRecord('sys_user_group');
if (groupGR.get(current.group.toString())) {
// Check if user is in u_unit_managers list (reference field)
var unitManagerGR = new GlideRecord('sys_user_group_manager');
unitManagerGR.addQuery('group', groupGR.sys_id);
unitManagerGR.addQuery('manager', userID);
unitManagerGR.query();
if (!unitManagerGR.hasNext()) {
gs.addErrorMessage("You must be one of the Unit Managers of the group to assign users.");
current.setAbortAction(true);
return;
}
// Check if user is a member of the group
var membershipGR = new GlideRecord('sys_user_grmember');
membershipGR.addQuery('user', userID);
membershipGR.addQuery('group', groupGR.sys_id);
membershipGR.query();
if (!membershipGR.hasNext()) {
gs.addErrorMessage("You can only assign users to groups you are a member of.");
current.setAbortAction(true);
}
}
}
})(current, previous);
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-10-2025 12:47 AM
We don't need to query group member table again, we already have .isMemberOf() method available which checks if user is part of group or not.
Mark it helpful if this helps you to understand. Accept solution if this give you the answer you're looking for
Kind Regards,
Rohila V
2022-25 ServiceNow Community MVP
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-10-2025 07:48 AM
Thank you @Community Alums! This solution also works