Update users when removed from group

LRobinson · ‎05-16-2014

I need to update the user notification field based on the users removal from a specific group. I have considered a script to run on schedule that checks all users and determines whether or not they are a member of the group. I have also considered the possibility of a 'script action' to determine if the LDAP Group import Event removes a user from the group and updates the user record. Can anyone help me with a script to perform this function?

This is a version of something I've tried as a Business Rule on all sys_users, but it is not working:

Table: sys_user

When: after

updateNotification(current.user);

function updateNotification() {

var gr = new GlideRecord('sys_user');

gr.addQuery('sys_id','=',userSysID);

gr.query();

while (gr.next()) {

//Now see if they are a member of the group

var grpMbr = new GlideRecord('sys_user_grmember');

grpMbr.addQuery('name', 'Notification Disabled');

grpMbr.query();

if (grpMbr.next()) {

gr.notification = 1;

gr.update();

} else {

gr.notification = 2;

gr.update();

}

justin_drysdale · ‎05-16-2014

Hi, I made a generic function (member()) to check group membership. It takes a user sys id and a group name and returns true if they are in the group, false if they are not. It is tested/working in my instance.

This is meant to be used as a scheduled job, not a BR. You may have to change line 3 so it makes sense for your instance.

//Scheduled Job/Script:


var gr = new GlideRecord('sys_user');


       gr.addQuery('notification', '1');//querying all notification disabled users


       gr.query();


       while(gr.next()) {


           //iterating through disabled users, checking group membership:


           if( !member(gr.sys_id, 'Notification Disabled') ) {


           //if user is NOT a member of Notification Disabled:


               gr.notification = 2; //notification enabled


               gr.update();


           }


       }




function member(user_sys_id, group) {


           var group_check = new GlideRecord('sys_user_grmember');


                   group_check.addQuery('group.name', group);


                   group_check.addQuery('user', user_sys_id);


                   group_check.query();


                   if(group_check.next()) {


                       return true;


                   }else{


                       return false;


                   }


       }

View solution in original post

randrews · ‎05-16-2014

ok I understand.. and the scripts you are using should do it... I believe the query for group member is wrong...

grpMbr.addQuery('name', 'Notification Disabled'); should be grpMbr.addQuery('name', gr.name); <use the name field here>

so you are looking in the group member list for the persons name instead of for "Notification disabled"

LRobinson · ‎05-16-2014

I thought I needed to identify the group there, otherwise, how does it know which group member list I am searching?

randrews · ‎05-16-2014

you may be right.. looks like you need to add a query line for the member name.. to see if that person is a member of the group...

so you would need two query lines..

grpMbr.addQuery('name', "where you have the group name stored);

grpMbr.addQuery('user",gr.name);

randrews · ‎05-16-2014

and like a previous poster put you need to use "group" instead of "name"

LRobinson · ‎05-16-2014

Thanks, yes I have all that from Justin's 2nd post. But that one is returning an error. I know I am getting close so I really appreciate all the insight.