- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-24-2015 07:29 AM
I have a requirement as follows.
All users who are responsible for a system (u_cmdb_ci_service_system) should belong to the group "ServiceNow - System Responsible".
If you are removed as system responsible you should no longer belong to the group.
If you are added as system responsible for a system you should be added to the group (unless you already are a member, same user can be responsible for more then 1 system).
What is the best solution for this? Create a Business Rule when you change the field System Responsible (u_system_responsible) or have a scheduled script that runs every night?
I started with the scheduled script and it's working fine. Only thing I'm a bit worried about is if you delete/comment row 3 in the script, all users will lose their groups. Since we assign roles by groups they would also lose all their roles which is a very bad thing.
This is my scheduled script
//Remove all users in group ServiceNow - System Responsible
var remove= new GlideRecord('sys_user_grmember');
remove.addQuery('group','=', '4fb4d1866f3842006cd79cef8d3ee468'); //ServiceNow - System Responsible
remove.query();
while(remove.next()){
remove.deleteRecord();
}
//Add System Responsible to group "ServiceNow - System Responsible"
var system;
var group;
var user;
//Query all users at Company X
user = new GlideRecord('sys_user');
user.addQuery('company', '=', '7c401d5d15d66c40b84c3a16586bdce9'); //Company X
user.query();
while (user.next()) {
//Query all active systems where user is system responsible
system = new GlideRecord('u_cmdb_ci_service_system');
system.addQuery('install_status', '=', '101'); //101 = Active
system.addQuery('u_system_responsible', '=', user.sys_id);
system.query();
if(system.next()) {
//Create a new group relationship record for this user
group = new GlideRecord('sys_user_grmember');
group.initialize();
group.user = user.sys_id;
group.group.setDisplayValue('ServiceNow - System Responsible');
group.insert();
}
}
Any thoughts about best practice?
Or is there some way to modify my scheduled script to not risk removing all group relations for all users?
Solved! Go to Solution.
- Labels:
-
Scripting and Coding
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-08-2015 07:42 AM
These are the 2 scripts we use.
Business rule to add members and a scheduled script to remove users from the group.
BUSINESS RULE
Table: System [u_cmdb_ci_service_system]
Insert: True
Update: True
When: After
Filter Condition: "System responsible" changes
Script
//Get the new System Responsible
var user = current.u_system_responsible.sys_id;
//Create a new group relationship record for this user
var rec1 = new GlideRecord('sys_user_grmember');
rec1.initialize();
rec1.user = user;
rec1.group.setDisplayValue('ServiceNow - System Responsible');
rec1.insert();
SCHEDULED SCRIPT
Run: Daily
Time: Hours 00:10:00
Script
var users = new GlideRecord('sys_user_grmember');
users.addQuery('group','4fb4d1866f3842006cd79cef8d3ee468'); //ServiceNow - System Responsible
users.query();
while(users.next()){
if (! isResponsibleForSystem(users)) {
users.deleteRecord();
}
}
function isResponsibleForSystem(user) {
system = new GlideRecord('u_cmdb_ci_service_system');
system.addQuery('install_status', '=', '101'); //101 = Active
system.addQuery('u_system_responsible', user.user.sys_id);
system.query();
return system.hasNext();
}
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-24-2015 07:53 AM
I don't see any problem with doing that for each transaction. Scheduling it for scripted execution doesn't really win you anything. In the time between adding/removing someone from the responsible list for a CI, that CI could have an issue, and then I'm assuming your notifications / workflows will be targeting inappropriate users.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-24-2015 08:36 AM
Hello Frederik,
Instead of removing all the members from the group each day you can do something like this: (This will remove everyone that is not responsible for a system anymore)
var users = new GlideRecord('sys_user_grmember');
users.addQuery('group','=', '4fb4d1866f3842006cd79cef8d3ee468'); //ServiceNow - System Responsible
users.query();
while(users.next()){
if (! isResponsibleForSystem(users)) {
remove.deleteRecord();
}
}
function isResponsibleForSystem(user) {
system = new GlideRecord('u_cmdb_ci_service_system');
system.addQuery('install_status', '=', '101'); //101 = Active
system.addQuery('u_system_responsible', '=', user.sys_id);
system.query();
return system.hasNext();
}
Use the same code that you have for adding users to the group.
You can also create two business rules that should run on the service system table , one to add user to the group and one to delete the user from the group.
I think you will get the idea.
Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-08-2015 07:08 AM
I've decided to do 1 business rule to add users to the group when System Responsible Changes.
The Business Rule is working fine, but I need to a scheduled script to run every night to remove users from the group "ServiceNow - System Responsible" if they aren't assigned as System Responsible for any system.
I've been trying to work on this scheduled script now but can't get it to work.
It still removes all users from the group "ServiceNow - System Responsible", even if they are assigned as System Responsible for a system.
I've been trying to use the script posted above by Edwin Munoz but it's not working and I've tried to change it to get it to work but no luck.
This is what I've got at the moment
var rem = new GlideRecord('sys_user_grmember');
rem.addQuery('group','=', '4fb4d1866f3842006cd79cef8d3ee468'); //ServiceNow - System Responsible
rem.query();
while(rem.next()){
if (! isResponsibleForSystem(user)) {
rem.deleteRecord();
}
}
function isResponsibleForSystem(user) {
user = new GlideRecord('sys_user');
user.addQuery('company', '=', '7c401d5d15d66c40b84c3a16586bdce9'); //Company X
user.query();
while (user.next()) {
var system = new GlideRecord('u_cmdb_ci_service_system');
system.addQuery('install_status', '=', '101'); //101 = Active
system.addQuery('u_system_responsible', '=', user.sys_id);
system.query();
return system.hasNext();
}
}
Any help would be appreciated.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-08-2015 07:12 AM
This is the Business Rule we'll use to add users to the group "ServiceNow - System Responsible" if a system responsible changes for a system.
Table: System [u_cmdb_ci_service_system]
Insert: True
Update: True
When: After
Filter Condition: "System responsible" changes
Script
//Get the new System Responsible
var user = current.u_system_responsible.sys_id;
//Create a new group relationship record for this user
var rec1 = new GlideRecord('sys_user_grmember');
rec1.initialize();
rec1.user = user;
rec1.group.setDisplayValue('ServiceNow - System Responsible');
rec1.insert();