Name
global.RoleVerify
Description
Manage operations related to users / groups / roles and inheritance - Ability to rebuild roles based on a role
Script
gs.include("PrototypeServer");
var RoleVerify = Class.create();
RoleVerify.prototype = {
initialize: function() {
},
inheritRoles: function(parentRoleName, roleToAddName) {
if (roleToAddName == null) roleToAddName = parentRoleName;
var contains = new GlideRecord("sys_user_role_contains");
contains.addQuery("role.name", roleToAddName);
contains.query();
while (contains.next()) {
this._checkUsers(parentRoleName, roleToAddName, contains);
}
},
_checkUsers: function(parentRoleName, roleToAddName, contains) {
var userRole = this._getUserRole(parentRoleName, "");
while (userRole.next()) {
//see if user already has the inherited role
role = this._getUserRole(roleToAddName,userRole.user)
role.next();
var inhRole = new GlideRecord("sys_user_has_role");
inhRole.addQuery("user", userRole.user);
inhRole.addQuery("role", contains.contains);
inhRole.addQuery("inherited", true);
inhRole.addQuery("included_in_role", role.sys_id);
inhRole.query();
if (inhRole.next())
continue;
gs.log("**Adding role : "+contains.contains.name+" to user : " + userRole.user.name + " because of role : " + contains.role.name);
inhRole.initialize();
inhRole.user = userRole.user;
inhRole.role = contains.contains;
inhRole.granted_by = contains.granted_by;
inhRole.inherited = true;
inhRole.included_in_role = role.sys_id;
inhRole.included_in_role_instance = userRole.sys_id;
inhRole.insert();
}
},
_getUserRole: function(roleToLookup, user) {
var role = new GlideRecord("sys_user_has_role");
if (user != "") role.addQuery("user", user);
role.addQuery("role.name", roleToLookup);
role.query();
return role;
},
type: RoleVerify
}
Sys ID
7a571d703702100044e0bfc8bcbe5d66