blap
Novice

How to check if user is member of a role via an AD-group

I have made the following method i a 5.2 invironment.

 

In the first method call I check if the user is a member of a particular role using the IsUserMemberOfRole method.

I use the output from IsUserMemberOfRole as input to the next methow call which throws an exception if the input is not true.

This will stop the execution of the method if the user is not the member of the role I am checking since the method is set to stop the transactionon a fail, but allow the last call if the user is a member of the role I a checking since no exception will be thrown.

 

8912iE1F7CB5BE8B33138.png

This works fine as long as the user has been added directly to the role, but if the user is a member of the role via an AD-group added to the role, the method IsUserMemberOfRole returns false and the user is prevented from making the last method call - the read.

Is there a way to make a call that returns true if the user is a member of the role EITHER directly OR via an AD-group?

0 Kudos
Reply
2 Replies
blap
Novice

Re: How to check if user is member of a role via an AD-group

For some reason the image I uploaded does not seem to be shown.

I hope my question makes sense even without the image

0 Kudos
Reply
ConradMc
Scout

Re: How to check if user is member of a role via an AD-group

If I understand, you need to cover the scenario whereby a K2 Role contains an Active Directory Group. You need to obtain the individual users from within the AD group too, to check against.

 

Have you tried using the Get Roles Users method from the UMUser SmartObject (found under System > Management > User Management > SmartObjects)?

 

This returns all users in the role, including users from any AD Groups.

0 Kudos
Reply