UNPKG

@servicenow/sdk

Version:

ServiceNow SDK

www.servicenow.com/docs/csh

132 lines (92 loc) 3.18 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
--- tags: [Role, role, user role, sys_user_role, permission, access, security, authorization] --- # Role Creates a Role -- a named permission that can be assigned to users and groups to control access to application features, data, and APIs (`sys_user_role`). Roles are referenced by ACLs, UI Actions, and other access-controlled entities. ## Signature ```typescript fluent Role(config) ``` ## Parameters ### config `Role & Meta` an object containing the following properties: **Properties:** - **name** (required): `string` Name for the role beginning with the application scope in the format: `<scope>.<name>`. - **assignableBy** (optional): `string` Other roles that can assign this role to users. - **canDelegate** (optional): `boolean` Indicates if the role can be delegated to other users. - **containsRoles** (optional): `(string | Role)[]` Other roles that this role contains. - **description** (optional): `string` A description of what the role can access. - **elevatedPrivilege** (optional): `boolean` Indicates whether manually accepting the responsibility of using the role before accessing its features is required. - **grantable** (optional): `boolean` Indicates whether the role can be granted independently. - **scopedAdmin** (optional): `boolean` Indicates whether the role is an Application Administrator role. - **$meta** (optional): `object` - **installMethod**: `'first install' | 'demo' | 'once'` Map a record to an output folder that loads only in specific circumstances. 'first install' -> 'unload', 'demo' -> 'unload.demo' ## See - https://docs.servicenow.com/csh?topicname=role-api-now-ts.html&version=latest ## Examples ### Basic Role Create a simple application role with description ```typescript fluent /** * @title Basic Role * @description Create a simple application role with description */ import { Role } from '@servicenow/sdk/core' Role({ name: 'x_myapp.activity_admin', description: 'Activity admin role for my application', }) ``` ### Multiple Access Levels Create viewer, editor, and admin roles for tiered permissions ```typescript fluent /** * @title Multiple Access Levels * @description Create viewer, editor, and admin roles for tiered permissions */ import { Role } from '@servicenow/sdk/core' export const viewer = Role({ name: 'x_myapp.viewer', description: 'Read-only access to application data', }) export const editor = Role({ name: 'x_myapp.editor', description: 'Can edit records in the application', }) export const admin = Role({ name: 'x_myapp.admin', description: 'Full administrative access', }) ``` ### Role with ACL Create a role and use it in an access control rule ```typescript fluent /** * @title Role with ACL * @description Create a role and use it in an access control rule */ import { Acl, Role } from '@servicenow/sdk/core' export const sampleAdmin = Role({ name: 'x_acl_sample.admin', }) Acl({ $id: Now.ID['create_acl'], localOrExisting: 'Existing', type: 'record', operation: 'create', roles: [sampleAdmin, 'x_other_scope.manager'], table: 'x_acl_sample_table', }) ```