How to automatically remove roles and groups of a user after 14 days from the deactivation ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-19-2024 06:57 AM
HI,
I have two ways.
1. Flow designer
2. Created BR to store the timestamp of active changes to false to a custom and Then a schedule job to run. -
When i run this scheduled job script as background, it is not waiting for the time specified. It immediatly runs and removes the roles and groups. same with when i run the schedule job.
Here is the code. In schedule job the same code is days replaced with minutes. Please help me on this.
Background script:
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-19-2024 07:09 AM
Hi @Thej1 ,
Does this user need to be wiped of groups and roles immediately on 14 days?
If it doesn't a daily scheduled job with a gliderecord query on the user table with the conditions of active = false, deactivated time is greater than 14 days will pick up all users deactivated over 14 days ago and wipe them.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-19-2024 09:24 PM
HI,
After the user deactivated, it should wait for 14 days and then removes groups and roles which he is a part of.
Any code changes required ?
The above code is not waiting for 14days, when i run schedule job it is removing roles and groups immediatley.
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-19-2024 10:15 PM
Hi @Thej1 Try below code
(function() {
var DEACTIVATION_MINUTES = 2;
var now = new GlideDateTime();
var cutoffDateTime = new GlideDateTime();
cutoffDateTime.addMinutesUTC(-DEACTIVATION_MINUTES);
var userId = '16d3034787f8c6d09772cb76cebb35ad';
var userGR = new GlideRecord('sys_user');
userGR.addQuery('sys_id', userId);
userGR.addQuery('active', false);
userGR.addQuery('u_inactivated_time', '<=', cutoffDateTime);
userGR.query();
if (userGR.next()) {
// Remove user from groups
var groupMemberGR = new GlideRecord('sys_user_grmember');
groupMemberGR.addQuery('user', userId);
groupMemberGR.query();
while (groupMemberGR.next()) {
groupMemberGR.deleteRecord();
}
var userRoleGR = new GlideRecord('sys_user_has_role');
userRoleGR.addQuery('user', userId);
userRoleGR.query();
while (userRoleGR.next()) {
userRoleGR.deleteRecord();
}
gs.info('User ' + userGR.name + ' roles and groups removed.');
} else {
gs.info('No deactivated user found or user not eligible for removal.');
}
})();