Creating a ServiceNow script include and a business rule
Business Requirement
Imagine the following business requirement:
Your requirement is to create a business rule to check if current logged-in user is a member of any of the child groups of a certain parent group.
If the user is a member of any of the groups, then the code can continue and display the appropriate message.
How can you achieve this?
Solution
To create a business rule to check if the current logged-in user is a member of any of the child groups of a certain parent group, you can use the following steps:
- First, you need to define the parent group name and the table name where you want to apply the business rule. For example, let's say the parent group name is "IT Service Desk" and the table name is "incident".
- Next, you need to create a script include that contains a function to get all the child groups of a given parent group. For example, you can create the script include "ChildGroups" with the function to "getChildGroups". You'd need to pass the parent group name as a parameter to the function and return an array of child group sys_ids:
var ChildGroups = Class.create();
ChildGroups.prototype = Object.extendsObject(AbstractAjaxProcessor, {
getChildGroups: function(parentGroupName) {
// create an array to store the child group sys_ids
var childGroups = [];
// get the sys_id of the parent group
var parentGroup = new GlideRecord('sys_user_group');
parentGroup.get('name', parentGroupName);
// query the group table for child groups
var grGroup = new GlideRecord('sys_user_group');
grGroup.addQuery('parent', parentGroup.sys_id);
grGroup.query();
// loop through the child groups and push their sys_ids to the array
while (grGroup.next()) {
childGroups.push(grGroup.sys_id.toString());
}
// return the child group sys_ids array
return childGroups;
},
type: 'ChildGroups'
});
- Then, you need to create a business rule on the table where you want to check the user group membership. You can use the "before" or "after" event depending on your use case. You also need to specify the conditions for the business rule to run, such as when to insert, update, or delete a record. For example, let's say you want to run the business rule before inserting or updating an incident record.
- In the script section of the business rule, you need to call the script include function to get the child group sys_ids of the parent group. You also need to get the current user object and use the isMemberOf() method to check if the user is a member of any of the child groups. If the user is a member, you can continue the code and display the appropriate message. If the user is not a member, you can abort the action and display an error message. The script should look something like this:
// get the current user object
var user = gs.getUser();
// get the child group sys_ids of the parent group
var childGroups = new ChildGroups().getChildGroups("IT Service Desk");
// create a flag to indicate if the user is a member of any child group
var isMember = false;
// loop through the child group sys_ids and check the user membership
for (var i = 0; i < childGroups.length; i++) {
if (user.isMemberOf(childGroups[i])) {
// the user is a member of a child group
isMember = true;
break;
}
}
// if the user is a member, continue the code and display a message
if (isMember) {
// do something
gs.addInfoMessage("You are a member of a child group of IT Service Desk");
}
// if the user is not a member, abort the action and display an error message
else {
// abort the action
current.setAbortAction(true);
// display an error message
gs.addErrorMessage("You are not a member of any child group of IT Service Desk");
}
- Finally, you need to save and activate the business rule. You can test the business rule by creating or updating an incident record and see if the user group membership is checked and the messages are displayed accordingly.
You may wonder why should I create a script include as well as a business rule for this case.
Advice:
- A script include is a way to create reusable code that can be called from different places in servicenow, such as business rules, workflows, UI actions, etc. By creating a script include, you can avoid duplicating the same code in multiple places and make it easier to maintain and update.
- A business rule is a way to execute a script when a record is displayed, inserted, updated, deleted, or queried in servicenow. By creating a business rule, you can apply the logic of checking the user group membership to the specific table and event that you want.
- By combining a script include and a business rule, you can achieve the functionality of checking the user group membership and displaying the appropriate message in a modular and efficient way. You can also reuse the script include function in other business rules or scripts if needed.
TLDR
- Defining the parent group name and the table name where the business rule will be applied.
- Creating a script include that contains a function to get all the child groups of a given parent group.
- Creating a business rule on the table and specifying the conditions and the event for the script to run.
- Calling the script include function from the business rule script and getting the current user object.
- Using the isMemberOf() method to check the user group membership and displaying the messages based on the result.
- GlideRecord: This is a way to talk to the database in SN. The database is like a big book that has many pages and each page has many rows and columns. Each page is called a table and each row is called a record. Each record has some information about something, such as a user, a group, a task, etc. Each column is called a field and it tells you what kind of information the record has, such as name, email, phone, etc. GlideRecord is like a magic wand that lets you find, read, write, or change the records in the database. You can use GlideRecord to ask questions like "show me all the users who work for ACME Corporation" or "change the status of this task to closed" or "create a new group called IT Service Desk". GlideRecord is very powerful and useful for scripting.
- AbstractAjaxProcessor: This is a way to make your script talk to the browser in SN. The browser is like a window that shows you what is happening in SN. You can see different things in the browser, such as forms, lists, charts, etc. Sometimes, you want to change what you see in the browser without refreshing the whole page. For example, you want to see the tasks that belong to your company when you select your company name from a drop-down list. AbstractAjaxProcessor is like a messenger that lets you send and receive messages between your script and the browser. You can use AbstractAjaxProcessor to tell the browser what to do or what to show, or to get some information from the browser. AbstractAjaxProcessor is very helpful for making your script interactive and dynamic.
- gs.getUser(): This is a way to get the current user in SN. The current user is the person who is using SN right now. You can see the current user's name and picture in the top right corner of the browser. Sometimes, you want to know more about the current user, such as their email, phone, role, group, company, etc. gs.getUser() is like a spyglass that lets you see the details of the current user. You can use gs.getUser() to get the current user's information or to check if they can do something or not. gs.getUser() is very handy for making your script personalized and secure.
- isMemberOf(): This is a way to check if the user is a member of a group in SN. A group is a collection of users who have something in common, such as their job, their department, their project, etc. For example, there is a group called IT Service Desk that has users who help other users with their IT problems. Sometimes, you want to know if the user is a member of a certain group or not, because that can affect what they can see or do in SN. For example, you want to show only the tasks that are assigned to the user's group, or you want to prevent the user from changing something that is not related to their group. isMemberOf() is like a membership card that lets you check if the user belongs to a group or not. You can use isMemberOf() to control the access or the visibility of the user.
- encoded queries: This is a way to filter the records in the database in SN. Filtering is like sorting or selecting the records that match some criteria, such as their name, status, date, etc. For example, you want to filter the tasks that are open, or the users that are active, or the groups that have a parent group. Encoded queries are like codes that tell the database what kind of records you want to see. You can use encoded queries to make your script more specific and efficient.
- https://www.servicenow.com/community/developer-forum/how-to-check-if-user-is-member-of-one-of-the-groups-from-a/m-p/1587779/page/2
Comments
Post a Comment