jlrjr/myACLUtils.js

## myACLUtils.js
var table = "";
var roleName = "";
//call is after class definition

var myACLUtils = Class.create();
myACLUtils.prototype = {
    initialize: function() {},

    createDefaultTableACLs: function(table, roleName) {

        if (gs.nil(table) || gs.nil(roleName)) {
        gs.info("Missing table and/or roleName parameter");
        return;
      }
        var roleID = this._getRoleID(roleName);

        var ops = ["read", "create", "write", "delete"];
        for (var i = 0; i < ops.length; i++) {
            var name = table;
            var acl = this._createACL(name, ops[i], roleID);

            var name = table + ".*";
            var acl = this._createACL(name, ops[i], roleID);
        }
    },

    _createACL: function(name, operation, role) {
        //no need for delete on columns
        if (name.indexOf(".*") > 0 && operation == "delete")
            return;

        var gr = new GlideRecord("sys_security_acl");
        gr.name = name.trim();
        gr.operation = operation;
        gr.type = "record";
        gr.description = "Default access control on " + name;
        var acl = gr.insert();
        gs.info("Created ACL for {0}:{1}", name, operation);

        this._createACLRole(acl, role);
    },

        _createACLRole: function(acl, role) {
        var gr = new GlideRecord("sys_security_acl_role");
        gr.sys_security_acl = acl;
        gr.sys_user_role = role;
        gr.insert();
        gs.info("\tAdded role {0}", role);
    },


        _getRoleID: function(roleName) {
        var gr = new GlideRecord("sys_user_role");
        if (gr.get("name", roleName))
            return gr.getUniqueValue();
    },

    type: 'myACLUtils'
};

new myACLUtils().createDefaultTableACLs(table, roleName);
	var table = "";
	var roleName = "";
	//call is after class definition

	var myACLUtils = Class.create();
	myACLUtils.prototype = {
	initialize: function() {},

	createDefaultTableACLs: function(table, roleName) {

	if (gs.nil(table) \|\| gs.nil(roleName)) {
	gs.info("Missing table and/or roleName parameter");
	return;
	}
	var roleID = this._getRoleID(roleName);

	var ops = ["read", "create", "write", "delete"];
	for (var i = 0; i < ops.length; i++) {
	var name = table;
	var acl = this._createACL(name, ops[i], roleID);

	var name = table + ".*";
	var acl = this._createACL(name, ops[i], roleID);
	}
	},

	_createACL: function(name, operation, role) {
	//no need for delete on columns
	if (name.indexOf(".*") > 0 && operation == "delete")
	return;

	var gr = new GlideRecord("sys_security_acl");
	gr.name = name.trim();
	gr.operation = operation;
	gr.type = "record";
	gr.description = "Default access control on " + name;
	var acl = gr.insert();
	gs.info("Created ACL for {0}:{1}", name, operation);

	this._createACLRole(acl, role);
	},

	_createACLRole: function(acl, role) {
	var gr = new GlideRecord("sys_security_acl_role");
	gr.sys_security_acl = acl;
	gr.sys_user_role = role;
	gr.insert();
	gs.info("\tAdded role {0}", role);
	},


	_getRoleID: function(roleName) {
	var gr = new GlideRecord("sys_user_role");
	if (gr.get("name", roleName))
	return gr.getUniqueValue();
	},

	type: 'myACLUtils'
	};

	new myACLUtils().createDefaultTableACLs(table, roleName);