Catalog to check the selected group already has a role or not.

SatyamV
Tera Contributor

I am trying to build a cataloge where a group will be selected from the refernce. further Users and Roles will addedd to the group. Need to write script to check if the user is already a part of the group and to check if the group already have the selected role added. Motive is to check the duplicacy.

 

2 REPLIES 2

Mark Manders
Mega Patron

What do you already have? And do you want to check after selecting a user/role and then provide a warning, or should the reference qualifier 'hide' the role/user if they already exist? 

 

One point to consider: adding users to groups through a request can be a good thing. Adding roles to groups could be a bad thing, because you would be granting the rights to all users in there. If I want Jack to be part of group XYZ and add the ITIL role to it, you are granting that role to not only Jack, but to all the 200 users inside of group XYZ. I assume you have approvals in place, but still: I wouldn't use this for role assignment.


Please mark any helpful or correct solutions as such. That helps others find their solutions.
Mark

johnfeist
Mega Sage
Mega Sage

Hi SatyamV,

The process for checking is very similar for both criteria.  To check if the user is already part of the group you need to look to the table sys_user_grmember.  To check if the group already has a role included, you need to look to sys_group_has_role.  Your script(s) look something like this:

 

checkGroupMember : function() {
   var grpMember = new GlideRecord("sys_user_grmember");
   grpMember.addQuery("group", <sys-id of the group in question>");
   grpMember.addQuery("user", "<sys_id of the user requesting membership>");
   grpMember.query();
   if (grpMember.hasNext()) {
      return true;
   }
   return false;
}
checkGroupRole : function() {
   theGrpRole = new GLideRecord("sys_group_has_role");
   theGrpRole.addQuery("group", "<the sys_id of hte group being checked>");
   theGrpRole.addQuery("role", "<the sys_id of hte role in question>");
   theGrpRole.query();
   if (theGrpRole.hasNext()) {
      return true;
   }
   return false;
}

I may have a fat finger in the above code.  I wrote this assuming that the code will be in a script include.  You need to determine how you will be calling the functions and either add parameters or this.getParameter() statements so that the functions  know the user, group and role.

Hope that helps.

:{)

Helpful and Correct tags are appreciated and help others to find information faster