GlideSecurityManager and Service Portal

petercawdron
Kilo Guru

Does anyone have any experience working with the GlideSecurityManager API?

I'm looking to update a user's roles dynamically without the need for them to sign out and then sign back in and came across some really interesting posts on the GlideSecurityManager but I cannot get it to work with the Service Portal.

If I make a really simple portal widget with the following code...

(function() {
	
	console.log('ROLES BEFORE')
	console.log(GlideSecurityManager.get().getRoles(true))
	
	GlideSecurityManager.get().setUser(gs.getUser())
	
	console.log('ROLES AFTER')
	console.log(GlideSecurityManager.get().getRoles(true))
	
	console.log('But this never registers with the GlideSession')
	console.log(gs.getUser().hasRole('itil'))

})();

And then sign in using an incognito window as the user in question with their old roles... if I update their roles from my admin session and refresh this portal page, I see...

find_real_file.png

In other words, the GlideSecurityManager appears to have worked and picked up the new roles (including ITIL), but they don't get set properly in the session so gs.getUser().hasRole('ITIL') fails

Refreshing the incognito session repeats the exact screenshot again (ie, the before roles are still the only recognized roles even though GlideSecurityManager.get().setUser() has already run once before and the roles were changed some time ago in my admin session.

Anyone got any ideas on how this could be done without terminating the user session and getting them to sign back in?

1 ACCEPTED SOLUTION

zhmur
Giga Contributor

Well... Better now than never. We found solution to the problem described by you: https://github.com/zhmur/servicenow-guides/blob/master/Dirty%20hacks.md .

View solution in original post

4 REPLIES 4

Ankur Bawiskar
Tera Patron
Tera Patron

Hi,

refer below links:

https://community.servicenow.com/community?id=community_question&sys_id=9155ae2bdb06ab802e8c2183ca96...

https://snprotips.com/undocumented-servicenow-apis

https://snprotips.com/useful-scripts

Mark Correct if this solves your issue and also mark 👍 Helpful if you find my response worthy based on the impact.
Thanks
Ankur

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader

Yeah, I saw these but they don't help unfortunately... the SN Pro Tip is where I found out about GlideSecurityManager, while the proposal to invalidate the session is precisely what I'm trying to avoid. 

The crazy thing is, as this example shows, it appears to work in that the roles change but the GlideSystem itself doesn't update

 

zhmur
Giga Contributor

Well... Better now than never. We found solution to the problem described by you: https://github.com/zhmur/servicenow-guides/blob/master/Dirty%20hacks.md .

Ah, very nice... thank you

// Refresh GlideSession object
var securityManager = GlideSecurityManager.get();
securityManager.setUser(user);

// Refresh GlideUser object (gs.getUser())
gs.getSession().loadUserByID(user.getID());