How to remove a user's role when the user is no longer a group manager

ss123
Tera Contributor

Hi everyone!

I would like to ask your assistance, I have this requirement wherein when a user is placed as a Group Manager it will automatically grant an "approver_user" role. However, I would also like to revert once the user is no longer a Group Manager.

 

Currently I am using this BR script to assign an "approver_user" role to a user placed as Group Manager. I would like also like to modify this script to remove the "approver_user" role once the user is no longer a Group Manager.

(function executeRule(current, previous /*null when async*/ ) {

    // Add your code here
    var gr = new GlideRecord("sys_user_has_role");
    gr.addQuery("user", current.manager);
    gr.addQuery("role.name", "approver_user");
    gr.query();
    if (!gr.hasNext()) {
        gr.initialize();
        gr.user = current.manager;
        gr.setDisplayValue("role", "approver_user");
        gr.insert();
    }

})(current, previous);

 

Thank you in advance!! 🙂

1 ACCEPTED SOLUTION

MrMuhammad
Giga Sage

Hey,

There are multiple ways to achieve this.

1. You can achieve this using flow designer without writing the script. [Highly recommended]

Documentation: https://docs.servicenow.com/bundle/quebec-servicenow-platform/page/administer/flow-designer/concept/...

2. Create an After Update Business rule on the Group table.

When to Run: Manager [changes]

Advance:

(function executeRule(current, previous /*null when async*/) {

	// Add your code here
	var gr = new GlideRecord("sys_user_has_role");
	gr.addQuery("user", previous.manager);
	gr.addQuery("role.name", "approver_user");
         gr.setLimit(1);
	gr.query();
	if (gr.next()) {
		gr.deleteRecord();
	}

})(current, previous);

Hope that helps!

Regards,

Muhammad 

 

 

 

Regards,
Muhammad

View solution in original post

6 REPLIES 6

Ankur Bawiskar
Tera Patron
Tera Patron

Hi,

Is the role not getting removed automatically when user is removed from group?

If not then check this

you can use before delete business rule on sys_user_gr_member

Condition: current.group.name == 'Security' && current.user == current.group.manager

Script:

(function executeRule(current, previous /*null when async*/ ) {

	// Add your code here
	var gr = new GlideRecord("sys_user_has_role");
	gr.addQuery("user", current.user);
	gr.addQuery("role.name", "approver_user");
	gr.query();
	if (gr.next()) {
		gr.deleteRecord();
	}

})(current, previous);

Regards
Ankur

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader

Harish KM
Kilo Patron
Kilo Patron

Hi use the below script to delete a record

 var gr = new GlideRecord("sys_user_has_role");
    gr.addQuery("user",  current.manager);
    gr.addQuery("role.name",  "approver_user");
    gr.query();
    if (gr.next()) {
gr.inherited = false; 
        gr.deleteRecord();
    }

Regards
Harish

MrMuhammad
Giga Sage

Hey,

There are multiple ways to achieve this.

1. You can achieve this using flow designer without writing the script. [Highly recommended]

Documentation: https://docs.servicenow.com/bundle/quebec-servicenow-platform/page/administer/flow-designer/concept/...

2. Create an After Update Business rule on the Group table.

When to Run: Manager [changes]

Advance:

(function executeRule(current, previous /*null when async*/) {

	// Add your code here
	var gr = new GlideRecord("sys_user_has_role");
	gr.addQuery("user", previous.manager);
	gr.addQuery("role.name", "approver_user");
         gr.setLimit(1);
	gr.query();
	if (gr.next()) {
		gr.deleteRecord();
	}

})(current, previous);

Hope that helps!

Regards,

Muhammad 

 

 

 

Regards,
Muhammad

ss123
Tera Contributor

Hi Muhammad,

I will try this solution you provided. I'll keep you posted once this is confirmed. 🙂

 

Thanks!

Sab