User Query by Domain

Go to solution
kchorny
Tera Guru

‎08-18-2017 11:24 AM

I'm building some sub-domains in our instance, and I've run into an issue with a user query business rule.   The requirement is that a user in the domain can see all other users in their domain as well as users in any domains that are children of their domain.   I've created the below before query business rule on the sys_user table in the sub-domain.   It fulfills the requirement, but when it's turned on, I can't impersonate anyone!   When I'm logged in with my admin account (which is in the global domain) and attempt to impersonate anyone in any domain, it just goes back to my admin account.

Is there a condition I can put in the rule that will keep it from running when changing impersonation?

Here is the current condition:

gs.hasRole("itil") && gs.getSession().isInteractive()

And the script:

var cDomain = gs.getUser().getDomainID();

var q = current.addQuery('sys_domain',cDomain);

var sd = new GlideRecord('domain');

sd.addQuery('parent',cDomain);

sd.query();

while (sd.next())

{

q.addOrCondition('sys_domain',sd.sys_id);

}

Thanks for any help!

0 Helpfuls
  • 1,593 Views
1 ACCEPTED SOLUTION

Go to solution
SanjivMeher
Kilo Patron
Kilo Patron
In response to kchorny

‎08-18-2017 11:47 AM

Use this instead.



gs.hasRole("itil") && gs.getSession().isInteractive() && !gs.getImpersonatingUserName()



Reference: Business Rule condition ignore if trying to impersonate



Please mark this response as correct or helpful if it assisted you with your question.

View solution in original post

0 Helpfuls
6 REPLIES 6

Go to solution
SanjivMeher
Kilo Patron
Kilo Patron

‎08-18-2017 11:30 AM

In the condition, you should try



gs.hasRole("itil") && gs.getSession().isInteractive() && !gs.hasRole("admin")



Please mark this response as correct or helpful if it assisted you with your question.

Go to solution
kchorny
Tera Guru
In response to SanjivMeher

‎08-18-2017 11:42 AM

That works to impersonate the first user, but then I can't go back and have to turn off the rule to get back to my admin acct.   Is there anything else I can do?


0 Helpfuls

Go to solution
SanjivMeher
Kilo Patron
Kilo Patron
In response to kchorny

‎08-18-2017 11:47 AM

Use this instead.



gs.hasRole("itil") && gs.getSession().isInteractive() && !gs.getImpersonatingUserName()



Reference: Business Rule condition ignore if trying to impersonate



Please mark this response as correct or helpful if it assisted you with your question.
0 Helpfuls

Go to solution
kchorny
Tera Guru
In response to SanjivMeher

‎08-18-2017 11:58 AM

That did it, thank you very much!


0 Helpfuls