Should not allow to add ITIL or Admin roles to Contact users
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-17-2024 05:35 AM
If I try to add itil or admin role to Contact users, I want to abort the action. Kindly assist me.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-17-2024 06:16 AM
Create a before business rule on the 'sys_user_has_role' table with an abort if the class of the user is contact and the role is itil or admin.
Please mark any helpful or correct solutions as such. That helps others find their solutions.
Mark
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-17-2024 06:50 AM
Thank you for your quick reply. Also, I wante restrict from Group too. The ITIL or Admin role will inherited from groups also right?. Should restrict it. How to do that?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-18-2024 01:32 AM
(function executeRule(current, previous /*null when async*/) {
var gr = new GlideRecord('sys_user_group');
gr.addQuery('sys_id', current.group);
gr.query();
if (gr.next()) {
var roleQuery = gr.roles;
roleQuery.addQuery('name', 'IN', 'itil,admin');
roleQuery.query();
if (roleQuery.hasNext()) {
// Abort the insertion of the record
current.setAbortAction(true);
}
}
})(current, previous);
For groups you can use a before business rule on the sys_user_grmember table. Trigger on user class = contact and use this script:
Please mark any helpful or correct solutions as such. That helps others find their solutions.
Mark
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-18-2024 02:49 AM
Hi Mark,
I tried above script but still I can be able to add itil or admin roles if the group contains that roles. I am not understanding what is the issue with above script?