Thank you for your feedback.
Form temporarily unavailable. Please try again or contact docfeedback@servicenow.com to submit your comments.
Versions
  • London
  • Kingston
  • Jakarta
  • Istanbul
  • Helsinki
  • Geneva
  • Store
Close

Upgrade to Contextual Security: Role Management V2

Upgrade to Contextual Security: Role Management V2

Contextual Security: Role Management V2 is automatically installed on new instances. You can upgrade from Contextual Security: Role Management to Contextual Security: Role Management V2 to eliminate duplicate roles in the User Roles table and prevent future duplicates.

Before you begin

Role required: admin

About this task

If not already active, Contextual Security: Role Management V2 activates these related plugins.
Table 1. Plugins for Contextual Security: Role Management V2
Plugin Description
Contextual Security: Role Management V2

[com.glide.role_management.inh_count]

Prevents duplicate entries in the User Roles [sys_user_has_role] table.
Contextual Security: Role Management V2 REST API

[com.glide.role_management.inh_count.rest_api]

Enables API functionality for role management.

Before upgrading from Contextual Security: Role Management to Contextual Security: Role Management V2, test the results of an upgrade by running the script. The script returns a list of changes that an upgrade will perform. If the changes are acceptable, install the Contextual Security: Role Management V2 plugin. If the changes are not acceptable, do not install the Contextual Security: Role Management V2 plugin. Alternatively, you can perform the upgrade and then manually make any necessary changes.

Procedure

  1. Test the impact of an upgrade prior to upgrading by running the following script.
    1. Navigate to System Definition > Scripts - Background.
    2. Run the following script in global scope.
      new RoleManagementVerify().verifyInheritedRoles();
      For large sys_user_has_role tables, the execution may take up to several hours to complete. Do not edit or add user roles during this time.
      Example result based on test data:
      *** Script: 2016-12-01 19:58:54 Starting checking of inherited roles for all users... 
      *** Script: User: itam, inherited roles to be ADDED: financial_mgmt_user 
      *** Script: User: bernard.laboy, inherited roles to be DELETED: api_analytics_read,pa_viewer,rest_api_explorer,a123 
      *** Script: User: bernard.laboy, inherited roles to be ADDED: dependency_views 
      *** Script: Number of inherited-role records in sys_user_has role, current: 260, after re-calculation: 258 
      *** Script: Number of users with discrepancies for inherited roles: 2 
      *** Script: 2016-12-01 19:58:55 Finished checking of inherited roles for all users!
    3. Evaluate the script results to determine whether the proposed changes are acceptable.
  2. Activate the Contextual Security: Role Management V2 plugin.
    1. Navigate to System Definition > Plugins.
    2. Find and click the plugin name.
    3. On the System Plugin form, review the plugin details and then click the Activate/Upgrade related link.
    4. Click Activate.

Result

After activating Role Management V2, the changes outlined in the script result are enacted. The Inheritance Count (inh_count) column in the User Roles table is read-only and automatically reflects the number of times the user inherits a role.