Need help with a custom script

prashant111111
Tera Contributor

Hi Community, We are passing 2 parameters ProjectID and psNo in a Scripted Rest API GET resource. The requirement is to grant access to anyone who has the 4 project titles(u_project.project_manager,u_project.u_delivery_manager, u_project.u_additional_pm,u_project.u_account.u_key_delivery_manager) OR any other user who has the role 'itbm_read_only' from sys_user_has_role table based on the psNo paremeter, please suggest what can be done in this script.

In the current form, it is not working for users with itbm_read_only role.

(function process(/*RESTAPIRequest*/ request, /*RESTAPIResponse*/ response) {
    // Get the query parameters
    var projectID = request.queryParams.ProjectID;
    var psNo = request.queryParams.PSno;

    // gs.info('ProjectID: ' + projectID);
    // gs.info('PSno: ' + psNo);

    var smdata = [];
    var smrt = new GlideRecord('u_smr_transaction_data');
    var query = 'sys_created_onONLast 6 months@javascript:gs.beginningOfLast6Months()@javascript:gs.endOfLast6Months()';

    // Add the projectID to the query if provided
    if (projectID) {
        query += '^u_project_id=' + projectID;
    }

    // Add the psNo to the query with OR conditions
    if (psNo) {
        query += '^u_project.project_manager.employee_number=' + psNo +
                 '^ORu_project.u_delivery_manager.employee_number=' + psNo +
                 '^ORu_project.u_additional_pm.employee_number=' + psNo +
                 '^ORu_project.u_account.u_key_delivery_manager.employee_number=' + psNo;
    }

    // Query sys_user_has_role table for itbm_read_only role
    var userRole = new GlideRecord('sys_user_has_role');
    userRole.addQuery('role.name', 'itbm_read_only');
    userRole.query();

    var userIds = [];
    while (userRole.next()) {
        userIds.push(userRole.user.sys_id.toString());
    }

    if (userIds.length > 0) {
        query += '^ORu_project.u_account.u_key_delivery_manager.sys_idIN' + userIds.join(',');
    }

    gs.info('Encoded Query: ' + query);
    smrt.addEncodedQuery(query);
    smrt.query();

    while (smrt.next()) {
        var sm = {};
        sm.SMRnumber = smrt.getValue('u_smr_number');
        sm.ProjectID = smrt.getValue('u_project_id');
        sm.PSNo = smrt.getDisplayValue('u_project.project_manager.employee_number');
        sm.Month = smrt.getDisplayValue('u_reporting_month') + " " + smrt.getDisplayValue('u_reporting_year');
        sm.Level = smrt.getValue('u_level_1');
        sm.Parameter = smrt.getValue('u_parameter');
        sm.LSL = smrt.getDisplayValue('u_lsl');
        sm.USL = smrt.getDisplayValue('u_usl');
        sm.Goal = smrt.getDisplayValue('u_goal');
        sm.Technology = smrt.getDisplayValue('u_technology');
        sm.Sprint = smrt.getDisplayValue('u_sprint');
        sm.SMRType = smrt.getDisplayValue('u_smr_type');
        sm.TargetValue = smrt.getDisplayValue('u_target_value');
        sm.ActualValue = smrt.getDisplayValue('u_actual_value');
        sm.RAGStatus = smrt.getDisplayValue('u_rag_status');
        sm.PMRemarks = smrt.getDisplayValue('u_remarks');
        sm.SMRemarks = smrt.getDisplayValue('u_sm_remarks');
        sm.Trends = smrt.getValue('u_trends');
        sm.Link = smrt.getValue('u_link');
        sm.ProjectType = smrt.getDisplayValue('u_project.u_project_category');

        // Fetch data from u_smr_table
        var smrTable = new GlideRecord('u_smr_table');
        smrTable.addQuery('u_number', smrt.getValue('u_smr_number'));
        smrTable.query();
        if (smrTable.next()) {
            sm.GoverningUnit = smrTable.getDisplayValue('u_governance_practice');
        }
        smdata.push(sm);
    }
    response.setBody(smdata);

})(request, response);

 

1 REPLY 1

Brad Bowman
Kilo Patron
Kilo Patron

Is the expected value seen in your log of psNo?  You'll also want to log 'query' after the if(psNo) block, and/or after the userRole GR, and match that with a manual filtering of your custom table, then right-click the last breadcrumb in the filter navigation to copy the query.  This will also confirm that the expected users are added to the query.  I'm not following why you are doing the userRole GR outside of any if conditions if this is based on the psNo parameter, so if psNo doesn't have anything to do with the role then skip that part - whatever makes sense to you.