Skip to main content

License tidy up: delete groups and standalone roles when user changes to active=false

flow designer may be the best way to handle but below is the business rule approach
replace internal integration user with a custom flag such as u_technical_user

business rule
:



can also raise a service request to flag tickets assigned

script:

(function executeRule(current, previous /*null when async*/ ) { //author: Ruen D Smith //--remove the user from groups and standalone roles //--raise a service request if the inactive user has tasks assigned //--raise a service request if the active user is a manager var sMsg = ''; var sServiceReqMsg = ''; var sUserQ = ''; var bTidyTasks = true; //--delete group and user memberships var grGrpMem = new GlideRecord('sys_user_grmember'); grGrpMem.addQuery('user', current.sys_id); grGrpMem.query(); while (grGrpMem.next()) { //if (grGrpMem.group != "631b89d0dbd59410fbd532f6f496192f") {//--external/internal sMsg = 'Group membership tidied up [user: ' + current.sys_id + '; group: ' + grGrpMem.group + ']'; gs.log(sMsg, 'MTH Remove Roles Inactive User'); gs.addInfoMessage(sMsg); grGrpMem.deleteRecord(); //} } //--mop up any remaining roles: var grRoles = new GlideRecord('sys_user_has_role'); grRoles.addQuery('user', current.sys_id); grRoles.deleteMultiple(); //--check if user was a manager var grUsers = new GlideRecord('sys_user'); grUsers.addQuery('manager', current.sys_id); grUsers.addActiveQuery(); grUsers.query(); var sTotal = grUsers.getRowCount(); if (sTotal) { sMsg = 'User is a manager of ' + sTotal + ' users'; gs.log(sMsg, 'MTH Remove Roles Inactive User'); //gs.addInfoMessage(sMsg); sServiceReqMsg = 'User ' + current.user_name + ' is now inactive in ServiceNow and is a manager of ' + sTotal + ' users\n'; while (grUsers.next()) { sServiceReqMsg += grUsers.user_name; sServiceReqMsg += '\n'; } } if (sServiceReqMsg != '') { sServiceReqMsg += '\n'; } if (bTidyTasks) { //--check if the user had tickets assigned: //--INCIDENTS: sUserQ = 'assigned_to=' + current.sys_id + '^ORcaller_id=' + current.sys_id; var grInc = new GlideRecord('incident'); grInc.addActiveQuery(); grInc.addQuery('state', '!=', '6'); //--not state resolved grInc.addQuery(sUserQ); grInc.query(); if (grInc.getRowCount() > 0) { sServiceReqMsg += 'Incidents assigned to inactive user ' + current.user_name + ':\n'; while (grInc.next()) { sServiceReqMsg += grInc.number; sServiceReqMsg += '\n'; } } //--CHANGES: sUserQ = 'assigned_to=' + current.sys_id; var grChg = new GlideRecord('change_request'); grChg.addActiveQuery(); grChg.addQuery(sUserQ); grChg.query(); if (grChg.getRowCount() > 0) { sServiceReqMsg += 'Changes assigned to inactive user ' + current.user_name + ':\n'; while (grChg.next()) { sServiceReqMsg += grChg.number; sServiceReqMsg += '\n'; } } var grChgTask = new GlideRecord('change_task'); grChgTask.addActiveQuery(); grChgTask.addQuery(sUserQ); grChgTask.query(); if (grChgTask.getRowCount() > 0) { sServiceReqMsg += 'Changes assigned to inactive user ' + current.user_name + ':\n'; while (grChgTask.next()) { sServiceReqMsg += grChgTask.number; sServiceReqMsg += '\n'; } } //--PROBLEM: var grPRB = new GlideRecord('problem'); grPRB.addActiveQuery(); grPRB.addQuery(sUserQ); grPRB.query(); if (grPRB.getRowCount() > 0) { sServiceReqMsg += 'Problems assigned to inactive user ' + current.user_name + ':\n'; while (grPRB.next()) { sServiceReqMsg += grPRB.number; sServiceReqMsg += '\n'; } } var grPRBtask = new GlideRecord('problem_task'); grPRBtask.addActiveQuery(); grPRBtask.addQuery(sUserQ); grPRBtask.query(); if (grPRBtask.getRowCount() > 0) { sServiceReqMsg += 'Problem tasks assigned to inactive user ' + current.user_name + ':\n'; while (grPRBtask.next()) { sServiceReqMsg += grPRBtask.number; sServiceReqMsg += '\n'; } } //--SERVICE REQUESTS: var grSCTask = new GlideRecord('sc_task'); grSCTask.addActiveQuery(); grSCTask.addQuery(sUserQ); grSCTask.query(); if (grSCTask.getRowCount() > 0) { sServiceReqMsg += 'Service catalogue tasks assigned to inactive user ' + current.user_name + ':\n'; while (grSCTask.next()) { sServiceReqMsg += grSCTask.number; sServiceReqMsg += '\n'; } } sUserQ = 'assigned_to=' + current.sys_id + '^ORrequested_for=' + current.sys_id; var grRITM = new GlideRecord('sc_req_item'); grRITM.addActiveQuery(); grRITM.addQuery(sUserQ); grRITM.query(); if (grRITM.getRowCount() > 0) { sServiceReqMsg += 'RITMs requested for or assigned to inactive user ' + current.user_name + ':\n'; while (grRITM.next()) { sServiceReqMsg += grRITM.number; sServiceReqMsg += '\n'; } } //--if appropriate raise a service request for further tidy up activity: if (sServiceReqMsg != "") { gs.log('Tickets assigned to or raised by user: ' + sServiceReqMsg, 'MTH Remove Roles Inactive User'); gs.addInfoMessage(sMsg); raiseSNREQ(current.sys_id, sServiceReqMsg); } } })(current, previous); function raiseSNREQ(userSYSID, itemDescription) { //--https://docs.servicenow.com/bundle/paris-application-development/page/script/server-scripting/reference/r_ServiceCatalogScriptAPI.html var cartId = GlideGuid.generate(null); var cart = new Cart(cartId); var item = cart.addItem('47c299ecdb6dd01011eaa0214b9619d8'); //--servicenow - other cart.setVariable(item, 'requested_for', userSYSID); cart.setVariable(item, 'description', itemDescription); var rc = cart.placeOrder(); gs.addInfoMessage(rc.number + ' raised to ServiceNow team to investigate records linked to this user'); rc.requested_for = userSYSID; rc.update(); var grRITM = new GlideRecord('sc_req_item'); if (grRITM.get('request', rc.sys_id)) { if (grRITM.requested_for != rc.requested_for) { grRITM.requested_for = rc.requested_for; grRITM.update(); gs.addInfoMessage(grRITM.number); } } }

Comments

Popular posts from this blog

ServiceNow check for null or nil or empty (or not)

Haven't tested these all recently within global/local scopes, so feel free to have a play! option 1 use an encoded query embedded in the GlideRecord , e.g.  var grProf = new GlideRecord ( 'x_cls_clear_skye_i_profile' ); grProf . addQuery ( 'status=1^ owner=NULL ' ); grProf . query (); even better use the glideRecord  addNotNullQuery or addNullQuery option 2 JSUtil.nil / notNil (this might be the most powerful. See this link ) example: if ( current . operation () == 'insert' && JSUtil . notNil ( current . parent ) && ! current . work_effort . nil ())  option 3 there might be times when you need to get inside the GlideRecord and perform the check there, for example if the code goes down 2 optional routes depending on null / not null can use gs.nil : var grAppr = new GlideRecord ( 'sysapproval_approver' ); var grUser = new GlideRecord ( 'sys_user' ); if ( grUser . get ( 'sys_id' , current . approver )){

Service Catalog: variable advanced reference qualifiers

Call a script include to apply a reference qualifier on a catalog item variable: - variable reference qualifier dependent on another variable selection, in this case a variable referencing sys_user (requested_for) On the catalog item form. variable name to apply ref qual filter : retail_equipment variable reference qualifier (on cmdb table ): javascript : new  refqual_functions (). lostStolen_getAssignedCIs (); client-callable script include ( refqual_functions)  function : lostStolen_getAssignedCIs : function (){         //--called from variable set client script, for lost/stolen request (service catalog)     gs . log ( current . variables . requested_for , 'retail_lostStolen_getAssignedCIs' );         return ( 'install_statusNOT IN8,7^owned_by=' + current . variables . requested_for );             //owned_by=1269b79937f1060041c5616043990e41^install_statusNOT IN8,7            },

Get URL Parameter - server side script (portal or classic UI)

Classic UI : var sURL_editparam = gs . action . getGlideURI (). getMap (). get ( ' sysparm_aparameter ' ); if ( sURL_editparam == 'true' ) { gs . addInfoMessage ( 'parameter passed ); } Portal : var sURL_editparam = $sp . getParameter ( " sysparm_aparameter " ); if ( sURL_editparam == 'true' ) { gs . addInfoMessage ( 'parameter passed ); }