ServiceNow Is value in array?
//--RDS Jan2018
//--monthly job to remove group memberships & roles from users in
ServiceNow
//--where user.active=false
//--hence, licence tidy up task so that reporting reflects more accurate
license allocation
beforeChecks('');
beforeChecks('active=true');
beforeChecks('active=false');
//gs.print('set bDelete=true to run the actual deletions, otherwise safe
to run this script to spit out the numbers only');
var logSource='schJob:RolesTidyUp';
var grUserRoles= new GlideRecord('sys_user_has_role');
grUserRoles.addQuery('user.active=false');
grUserRoles.orderBy('user');
grUserRoles.query();
var rowCount=grUserRoles.getRowCount();
gs.log('START:: rowcount of inactive user> user roles in
ServiceNow: ' + rowCount, logSource);
if (rowCount>0){
var userArr=[];
while (grUserRoles.next()){
userArr.push(grUserRoles.user.sys_id);
}
var newarr = (function(userArr){
var m = {}, newarr = [];
for (var i=0; i<userArr.length; i++) {
var v = userArr[i];
if (!m[v]) {
newarr.push(v);
m[v]=true;
}
}
return newarr;
})(userArr);
gs.log(newarr.length + ' distinct inactive user records with roles',logSource);
//gs.print('##################################');
}else{
gs.log('inactive row
count is zero--no further action needed',logSource);
}
for (i=0;i<newarr.length;i++){
gs.log('inactive user
sysid: ' + newarr[i],logSource);
//--remove user from any groups
var bDelete=false;
//bDelete=true;//--comment this line out to hold off
deleting
removeUserFromGroups(newarr[i], bDelete);
mopUpRemainingRoles_nogroups(newarr[i], bDelete);
}
gs.log('::END',logSource);
function
removeUserFromGroups(userSYSID, bDelete){
//--this removes users from groups, which will auto-remove
any roles inherited from the groups
var userGroups=new GlideRecord('sys_user_grmember');
userGroups.addQuery('user.active', false); //belt-and-braces
userGroups.addQuery('user', userSYSID);
if (bDelete){
userGroups.deleteMultiple();
}else{
userGroups.query();
gs.log('TOTAL GROUPS: ' + userGroups.getRowCount(),logSource);
var i=0;
while (userGroups.next()){
if (i==0){
gs.log('USER: ' + userGroups.user.name + ' [' + userSYSID + ']',logSource);
}
gs.log(userGroups.user.name + ' [active=' + userGroups.user.active + '] member of group: ' + userGroups.group.name, logSource);
i++;
}
if (i==0){
gs.log('USER not in any
groups [' + userSYSID + ']',logSource);
}
}
}
function
mopUpRemainingRoles_nogroups(userSYSID, bDelete){
var grUserRoles= new GlideRecord('sys_user_has_role');
grUserRoles.addQuery('user.active=false');
grUserRoles.addQuery('user', userSYSID);
if (bDelete){
grUserRoles.deleteMultiple();
}else{
grUserRoles.query();
gs.log('TOTAL ROLES: ' + grUserRoles.getRowCount(),logSource);
var i=0;
while (grUserRoles.next()){
if (i==0){
gs.log('USER: ' + grUserRoles.user.name + ' [' + userSYSID + ']',logSource);
}
gs.log(grUserRoles.user.name + ' [active=' + grUserRoles.user.active + '] has role: ' + grUserRoles.role.name,logSource);
i++;
}
if (i==0){
gs.log('USER does not
have any roles [' + userSYSID + ']',logSource);
}
}
}
function
beforeChecks(s_query){
var grUserRoles= new GlideRecord('sys_user_has_role');
if (s_query!=''){
grUserRoles.addQuery('user.' + s_query);
}
grUserRoles.orderBy('user');
grUserRoles.query();
var rowCount=grUserRoles.getRowCount();
if (s_query==''){
s_query ='total ' ;
}
gs.log(s_query + ':: result total= ' + rowCount, logSource);
}
Comments
Post a Comment