GlideSecurityManager and Service Portal

Go to solution
petercawdron
Kilo Guru

‎02-09-2020 11:00 PM

Does anyone have any experience working with the GlideSecurityManager API?

I'm looking to update a user's roles dynamically without the need for them to sign out and then sign back in and came across some really interesting posts on the GlideSecurityManager but I cannot get it to work with the Service Portal.

If I make a really simple portal widget with the following code...

(function() {
	
	console.log('ROLES BEFORE')
	console.log(GlideSecurityManager.get().getRoles(true))
	
	GlideSecurityManager.get().setUser(gs.getUser())
	
	console.log('ROLES AFTER')
	console.log(GlideSecurityManager.get().getRoles(true))
	
	console.log('But this never registers with the GlideSession')
	console.log(gs.getUser().hasRole('itil'))

})();

And then sign in using an incognito window as the user in question with their old roles... if I update their roles from my admin session and refresh this portal page, I see...

find_real_file.png

In other words, the GlideSecurityManager appears to have worked and picked up the new roles (including ITIL), but they don't get set properly in the session so gs.getUser().hasRole('ITIL') fails

Refreshing the incognito session repeats the exact screenshot again (ie, the before roles are still the only recognized roles even though GlideSecurityManager.get().setUser() has already run once before and the roles were changed some time ago in my admin session.

Anyone got any ideas on how this could be done without terminating the user session and getting them to sign back in?

Preview file
54 KB
  • 4,527 Views
1 ACCEPTED SOLUTION

Go to solution
zhmur
Giga Contributor

‎06-21-2021 01:46 AM

Well... Better now than never. We found solution to the problem described by you: https://github.com/zhmur/servicenow-guides/blob/master/Dirty%20hacks.md .

View solution in original post

0 Helpfuls
4 REPLIES 4

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron

‎02-09-2020 11:09 PM

Hi,

refer below links:

https://community.servicenow.com/community?id=community_question&sys_id=9155ae2bdb06ab802e8c2183ca96...

https://snprotips.com/undocumented-servicenow-apis

https://snprotips.com/useful-scripts

Mark Correct if this solves your issue and also mark 👍 Helpful if you find my response worthy based on the impact.
Thanks
Ankur

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader
0 Helpfuls

Go to solution
petercawdron
Kilo Guru
In response to Ankur Bawiskar

‎02-10-2020 02:55 PM

Yeah, I saw these but they don't help unfortunately... the SN Pro Tip is where I found out about GlideSecurityManager, while the proposal to invalidate the session is precisely what I'm trying to avoid. 

The crazy thing is, as this example shows, it appears to work in that the roles change but the GlideSystem itself doesn't update

 

0 Helpfuls

Go to solution
zhmur
Giga Contributor

‎06-21-2021 01:46 AM

Well... Better now than never. We found solution to the problem described by you: https://github.com/zhmur/servicenow-guides/blob/master/Dirty%20hacks.md .

0 Helpfuls

Go to solution
petercawdron
Kilo Guru
In response to zhmur

‎06-21-2021 03:25 PM

Ah, very nice... thank you

// Refresh GlideSession object
var securityManager = GlideSecurityManager.get();
securityManager.setUser(user);

// Refresh GlideUser object (gs.getUser())
gs.getSession().loadUserByID(user.getID());