Child role are not geting deleted when parent is removed
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-09-2024 03:45 AM
Hello All,
We are having the requirement that
1. If user is added to XYZ group then XXX role gets removed
2. If user is removed form XYZ group then XXX role gets add return.
We have return the business rule. But facing an issue to remove the role. The child role of XXX role is getting removed. Thats why the XXX role is not geting removed and getting below error.
com.glide.db.DBActionInterruptionException: Operation interrupted: explicit role collision.
Can anyonce help with this
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-09-2024 04:02 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-09-2024 07:22 AM - edited 12-09-2024 07:22 AM
We have use below code
(function executeRule(current, previous /*null when async*/ ) {
var customerserviceRole = gs.getProperty("role.sn.customerservice.customer");
var sncExternalRole = gs.getProperty("role.snc_external");
var num = 0;
if (current.operation() == 'insert' || current.operation() == 'update') {
var roles = new GlideRecord('sys_user_has_role');
roles.addQuery('role', customerserviceRole);
roles.addQuery('user', current.user);
roles.addQuery('inherits', false);
roles.queryNoDomain();
num = roles.getRowCount();
while (roles.next()) {
roles.deleteRecord();
}
if (num < 0) {
roles = new GlideRecord('sys_user_has_role');
roles.addQuery('role', sncExternalRole);
roles.addQuery('user', current.user);
roles.addQuery('inherits', false);
roles.queryNoDomain();
num = roles.getRowCount();
while (roles.next()) {
roles.deleteRecord();
}
}
} else if (current.operation() == 'delete') {
var role = new GlideRecord('sys_user_role');
role.addQuery('name', 'sn_customerservice.customer');
role.query();
if (role.next()) {
roleId = role.getValue('sys_id');
if (!userHasRole(current.user, roleId)) {
var uhr = new GlideRecord("sys_user_has_role");
uhr.initialize();
uhr.user = current.user;
uhr.role.setDisplayValue("sn_customerservice.customer");
uhr.insert();
}
}
}
})(current, typeof previous != 'undefined' ? previous : null);
function userHasRole(user, roleId) {
var num = 0;
var uhr = new GlideAggregate("sys_user_has_role");
uhr.addAggregate("COUNT");
uhr.addQuery("user", user);
if (roleId)
uhr.addQuery("role", roleId);
uhr.query();
if (uhr.next())
num = uhr.getAggregate("COUNT");
if (num > 0) {
return true;
}
return false;
}
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-09-2024 08:11 AM
Dealing with roles via script is super dangerous. Would not recommend.
Can you explain the paradigm that necessitates that users get roles *removed* when in a group, then added back when removed from group?
