I would try an after Insert and delete BR on table sys_group_has_role

with condition of

current.role.name.toLowerCase().indexOf('admin') != -1

 

Not fully tested but something like this should work

        var groupCheck = new GlideRecord('sys_user_group');
        if (groupCheck.get(current.group)) {

            if (current.operation() == 'insert') {
                //check the flag and set true if false
                if (groupCheck.customField == false) {
                    gs.info('Group customField was pdated as customField flag is false');
                    groupCheck.customField = true;
                    groupCheck.update();
                }
            }
        }
	
        if (current.operation() == 'delete') {
//need to check all roles related to the group and update the flag only if no other 'admin' role left
            var selfCheck = new GlideRecord('sys_group_has_role');
            selfCheck.addQuery('group', current.group);
            selfCheck.addQuery('role.name', 'CONTAINS', 'admin');
            selfCheck.setlimit(1);
            selfCheck.query();

            if (!selfCheck.next()) {
                gs.info('Group customField updated as no admin roles exist');
                groupCheck.customField = false;
                groupCheck.update();
            } else {
                gs.info('Group customField not updated as an admin role still exists');
            }

        }

 

View solution in original post