Reference Qualifier - If user has ITIL role, return full list. Else return only the user groups

Tungw
Tera Expert

For normal user, i can just use this script in Reference Qualifier to return only the groups they belong.

javascript: 'sys_idIN' + gs.getUser().getUserByID(current.variables.requested_for).getMyGroups().toArray().join()


but if i intend to provide ITIL users with additional right to see all groups.


I created a script as shown below but didn't get the result intended.

 

In my catalog item variable, my reference: Group[sys_user_group]

Reference qualifier: javascript:'u_itilRoleGroup='+getGroups(current.variables.requested_for)

 

Please help to check if my approach is right?

 

var u_itilRoleGroup = Class.create();

u_itilRoleGroup.prototype = {
    initialize: function() {
    },

getGroups: function(userSysId) {
 
   // Query the user_has_role table to check if the user has the 'ITIL' role
    var hasITILRole = false;
    var roleGr = new GlideRecord('sys_user');
    roleGr.addQuery('user', userSysId);
    roleGr.addQuery('Roles', 'itil');
    roleGr.query();
    if (roleGr.next()) {
        hasITILRole = true;
    }

    // Initialize the return string
    var groupSysIds;

    // If the user has the ITIL role, return every group in the sys_user_group table
    if (hasITILRole) {
        var allGroups = [];
        var groupGr = new GlideRecord('sys_user_group');
        groupGr.query();
        while (groupGr.next()) {
            allGroups.push(groupGr.getValue('sys_id'));
        }
        groupSysIds = allGroups.join();
    } else {
        // Otherwise, return only the groups the user belongs to
        var userGroups = gs.getUser().getUserByID(userSysId).getMyGroups().toArray();
        groupSysIds = userGroups.join();
    }

    // Return the appropriate sys_idIN string
    return 'sys_idIN' + groupSysIds;
    }
};

 

 

 

1 ACCEPTED SOLUTION

Amitoj Wadhera
Kilo Sage

Hi @Tungw ,

 

Here is the corrected version of your script:

 

var u_itilRoleGroup = Class.create();
u_itilRoleGroup.prototype = {
    initialize: function() {
    },

    getGroups: function(userSysId) {
        var hasITILRole = false;
        var roleGr = new GlideRecord('sys_user_has_role');
        roleGr.addQuery('user', userSysId);
        roleGr.addQuery('role.name', 'itil');
        roleGr.query();
        if (roleGr.next()) {
            hasITILRole = true;
        }

        var groupSysIds;

        if (hasITILRole) {
            var allGroups = [];
            var groupGr = new GlideRecord('sys_user_group');
            groupGr.query();
            while (groupGr.next()) {
                allGroups.push(groupGr.getValue('sys_id'));
            }
            groupSysIds = allGroups.join();
        } else {
            var userGroups = gs.getUser().getUserByID(userSysId).getMyGroups().toArray();
            groupSysIds = userGroups.join();
        }

        return 'sys_idIN' + groupSysIds;
    }
};

u_itilRoleGroup;

 

Make sure that the script include u_itilRoleGroup is client callable, and then use the following reference qualifier in your catalog item variable:

javascript: new u_itilRoleGroup().getGroups(current.variables.requested_for);

 

 

If you find my response helpful, please consider marking it as the 'Accepted Solution' and giving it a 'Helpful' rating. Your feedback not only supports the community but also encourages me to continue providing valuable assistance.

 

Thanks,

Amitoj Wadhera

 

View solution in original post

2 REPLIES 2

Amitoj Wadhera
Kilo Sage

Hi @Tungw ,

 

Here is the corrected version of your script:

 

var u_itilRoleGroup = Class.create();
u_itilRoleGroup.prototype = {
    initialize: function() {
    },

    getGroups: function(userSysId) {
        var hasITILRole = false;
        var roleGr = new GlideRecord('sys_user_has_role');
        roleGr.addQuery('user', userSysId);
        roleGr.addQuery('role.name', 'itil');
        roleGr.query();
        if (roleGr.next()) {
            hasITILRole = true;
        }

        var groupSysIds;

        if (hasITILRole) {
            var allGroups = [];
            var groupGr = new GlideRecord('sys_user_group');
            groupGr.query();
            while (groupGr.next()) {
                allGroups.push(groupGr.getValue('sys_id'));
            }
            groupSysIds = allGroups.join();
        } else {
            var userGroups = gs.getUser().getUserByID(userSysId).getMyGroups().toArray();
            groupSysIds = userGroups.join();
        }

        return 'sys_idIN' + groupSysIds;
    }
};

u_itilRoleGroup;

 

Make sure that the script include u_itilRoleGroup is client callable, and then use the following reference qualifier in your catalog item variable:

javascript: new u_itilRoleGroup().getGroups(current.variables.requested_for);

 

 

If you find my response helpful, please consider marking it as the 'Accepted Solution' and giving it a 'Helpful' rating. Your feedback not only supports the community but also encourages me to continue providing valuable assistance.

 

Thanks,

Amitoj Wadhera

 

Sandeep Rajput
Tera Patron
Tera Patron

@Tungw Please update your script as follows.

 

var u_itilRoleGroup = Class.create();

u_itilRoleGroup.prototype = {
    initialize: function() {
    },

getGroups: function(userSysId) {
 
   // Query the user_has_role table to check if the user has the 'ITIL' role
    var hasITILRole = gs.hasRole('itil'); //returns true of the user has itil role else return false.

    // Initialize the return string
    var groupSysIds;
    // If the user has the ITIL role, return every group in the sys_user_group table
    if (hasITILRole) {
        var allGroups = [];
        var groupGr = new GlideRecord('sys_user_group');
        groupGr.query();
        while (groupGr.next()) {
            allGroups.push(groupGr.getValue('sys_id'));
        }
        groupSysIds = allGroups.join();
    } else {
        // Otherwise, return only the groups the user belongs to
        var userGroups = gs.getUser().getUserByID(userSysId).getMyGroups().toArray();
        groupSysIds = userGroups.join();
    }

    // Return the appropriate sys_idIN string
    return 'sys_idIN' + groupSysIds;
    }
};

Hope this helps.