License tidy up: delete groups and standalone roles when user changes to active=false

flow designer may be the best way to handle but below is the business rule approach

replace internal integration user with a custom flag such as u_technical_user

business rule:

can also raise a service request to flag tickets assigned

script:

(function executeRule(current, previous /*null when async*/ ) { //author: Ruen D Smith //--remove the user from groups and standalone roles //--raise a service request if the inactive user has tasks assigned //--raise a service request if the active user is a manager var sMsg = ''; var sServiceReqMsg = ''; var sUserQ = ''; var bTidyTasks = true; //--delete group and user memberships var grGrpMem = new GlideRecord('sys_user_grmember'); grGrpMem.addQuery('user', current.sys_id); grGrpMem.query(); while (grGrpMem.next()) { //if (grGrpMem.group != "631b89d0dbd59410fbd532f6f496192f") {//--external/internal sMsg = 'Group membership tidied up [user: ' + current.sys_id + '; group: ' + grGrpMem.group + ']'; gs.log(sMsg, 'MTH Remove Roles Inactive User'); gs.addInfoMessage(sMsg); grGrpMem.deleteRecord(); //} } //--mop up any remaining roles: var grRoles = new GlideRecord('sys_user_has_role'); grRoles.addQuery('user', current.sys_id); grRoles.deleteMultiple(); //--check if user was a manager var grUsers = new GlideRecord('sys_user'); grUsers.addQuery('manager', current.sys_id); grUsers.addActiveQuery(); grUsers.query(); var sTotal = grUsers.getRowCount(); if (sTotal) { sMsg = 'User is a manager of ' + sTotal + ' users'; gs.log(sMsg, 'MTH Remove Roles Inactive User'); //gs.addInfoMessage(sMsg); sServiceReqMsg = 'User ' + current.user_name + ' is now inactive in ServiceNow and is a manager of ' + sTotal + ' users\n'; while (grUsers.next()) { sServiceReqMsg += grUsers.user_name; sServiceReqMsg += '\n'; } } if (sServiceReqMsg != '') { sServiceReqMsg += '\n'; } if (bTidyTasks) { //--check if the user had tickets assigned: //--INCIDENTS: sUserQ = 'assigned_to=' + current.sys_id + '^ORcaller_id=' + current.sys_id; var grInc = new GlideRecord('incident'); grInc.addActiveQuery(); grInc.addQuery('state', '!=', '6'); //--not state resolved grInc.addQuery(sUserQ); grInc.query(); if (grInc.getRowCount() > 0) { sServiceReqMsg += 'Incidents assigned to inactive user ' + current.user_name + ':\n'; while (grInc.next()) { sServiceReqMsg += grInc.number; sServiceReqMsg += '\n'; } } //--CHANGES: sUserQ = 'assigned_to=' + current.sys_id; var grChg = new GlideRecord('change_request'); grChg.addActiveQuery(); grChg.addQuery(sUserQ); grChg.query(); if (grChg.getRowCount() > 0) { sServiceReqMsg += 'Changes assigned to inactive user ' + current.user_name + ':\n'; while (grChg.next()) { sServiceReqMsg += grChg.number; sServiceReqMsg += '\n'; } } var grChgTask = new GlideRecord('change_task'); grChgTask.addActiveQuery(); grChgTask.addQuery(sUserQ); grChgTask.query(); if (grChgTask.getRowCount() > 0) { sServiceReqMsg += 'Changes assigned to inactive user ' + current.user_name + ':\n'; while (grChgTask.next()) { sServiceReqMsg += grChgTask.number; sServiceReqMsg += '\n'; } } //--PROBLEM: var grPRB = new GlideRecord('problem'); grPRB.addActiveQuery(); grPRB.addQuery(sUserQ); grPRB.query(); if (grPRB.getRowCount() > 0) { sServiceReqMsg += 'Problems assigned to inactive user ' + current.user_name + ':\n'; while (grPRB.next()) { sServiceReqMsg += grPRB.number; sServiceReqMsg += '\n'; } } var grPRBtask = new GlideRecord('problem_task'); grPRBtask.addActiveQuery(); grPRBtask.addQuery(sUserQ); grPRBtask.query(); if (grPRBtask.getRowCount() > 0) { sServiceReqMsg += 'Problem tasks assigned to inactive user ' + current.user_name + ':\n'; while (grPRBtask.next()) { sServiceReqMsg += grPRBtask.number; sServiceReqMsg += '\n'; } } //--SERVICE REQUESTS: var grSCTask = new GlideRecord('sc_task'); grSCTask.addActiveQuery(); grSCTask.addQuery(sUserQ); grSCTask.query(); if (grSCTask.getRowCount() > 0) { sServiceReqMsg += 'Service catalogue tasks assigned to inactive user ' + current.user_name + ':\n'; while (grSCTask.next()) { sServiceReqMsg += grSCTask.number; sServiceReqMsg += '\n'; } } sUserQ = 'assigned_to=' + current.sys_id + '^ORrequested_for=' + current.sys_id; var grRITM = new GlideRecord('sc_req_item'); grRITM.addActiveQuery(); grRITM.addQuery(sUserQ); grRITM.query(); if (grRITM.getRowCount() > 0) { sServiceReqMsg += 'RITMs requested for or assigned to inactive user ' + current.user_name + ':\n'; while (grRITM.next()) { sServiceReqMsg += grRITM.number; sServiceReqMsg += '\n'; } } //--if appropriate raise a service request for further tidy up activity: if (sServiceReqMsg != "") { gs.log('Tickets assigned to or raised by user: ' + sServiceReqMsg, 'MTH Remove Roles Inactive User'); gs.addInfoMessage(sMsg); raiseSNREQ(current.sys_id, sServiceReqMsg); } } })(current, previous); function raiseSNREQ(userSYSID, itemDescription) { //--https://docs.servicenow.com/bundle/paris-application-development/page/script/server-scripting/reference/r_ServiceCatalogScriptAPI.html var cartId = GlideGuid.generate(null); var cart = new Cart(cartId); var item = cart.addItem('47c299ecdb6dd01011eaa0214b9619d8'); //--servicenow - other cart.setVariable(item, 'requested_for', userSYSID); cart.setVariable(item, 'description', itemDescription); var rc = cart.placeOrder(); gs.addInfoMessage(rc.number + ' raised to ServiceNow team to investigate records linked to this user'); rc.requested_for = userSYSID; rc.update(); var grRITM = new GlideRecord('sc_req_item'); if (grRITM.get('request', rc.sys_id)) { if (grRITM.requested_for != rc.requested_for) { grRITM.requested_for = rc.requested_for; grRITM.update(); gs.addInfoMessage(grRITM.number); } } }