What is SNC.RoleManagementAPI() used for?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-25-2021 07:00 PM
I see below script in a create ACL on grmember table. Need help to know what it is doing actually.
var rmAPI = new SNC.RoleManagementAPI();
if (!rmAPI.isAllowedToGrantGroup(current.group))
answer = false;
else
answer = true;
- Labels:
-
Scripting and Coding
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-25-2021 07:03 PM
Hi,
Anytime you see "SNC" like that, it's referring to a protected, but out of box script controlled by ServiceNow. In this case, it's a script include that we simply don't have access to and from the context here, it's utilizing that to quickly check and see if the user has the appropriate permission allowed to grant access to this group. So it's basically a short-cut crafted by ServiceNow to check. There really isn't much other documentation on this as it's controlled by ServiceNow, so my apologies for not being able to provide more. This question was also asked almost a year ago and unfortunately, there isn't much else to provide at this time. https://community.servicenow.com/community?id=community_question&sys_id=96cca458dbbc9c10d58ea345ca96...
If you want to make adjustments, you can create a new "create" ACL for the sys_user_grmember table to accomplish what you need as that would leave this unaffected and be in addition to instead of replacing.
Please mark reply as Helpful/Correct, if applicable. Thanks!
Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-25-2021 07:15 PM
Thanks for response Allen.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-25-2021 07:29 PM
It is used to eliminate duplicate roles in the User Roles table and prevent future duplicates.
Helps manage user groups and roles to protect information through role-based access controls. Efficiently consolidates duplicate entries for inherited roles.
More info here:
https://docs.servicenow.com/bundle/paris-platform-administration/page/administer/roles/task/Role-Mgmt-V2-Upgrade.html
More about the process checking the files from the plugins:
<>.service-now.com/v_plugin_list.do?sysparm_query=idSTARTSWITHcom.glide.role_management.inh_count&sysparm_first_row=1&sysparm_view=&sysparm_choice_query_raw=&sysparm_list_header_search=true
Please mark as helpful and/or correct if this helps you
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-24-2023 11:07 AM
The question was what "SNC.RoleManagementAPI()" does. It seems to handle a lot of different role management functions. Allen Andreas is correct that we don't have details on what it does.
However, what Mario is describing is a separate plugin called "Contextual Security: Role Management V2". The "V2" part adds role de-duplication functionality.
The actual "SNC.RoleManagementAPI()" utility, however, does other things. It'd be nice if we knew more clearly what it does, other than learning through script review.
