|
| 1 | +# User Impersonation Activity Logger |
| 2 | + |
| 3 | +A ServiceNow server-side utility that automatically creates a log when an action is performed under impersonation, helping distinguish between admin-added and user-added notes. |
| 4 | + |
| 5 | +# Challenge |
| 6 | + |
| 7 | +The challenge lies in distinguishing between actions performed by administrators impersonating users and those performed by the users themselves. Without a reliable way to track impersonation activity, it becomes difficult to ensure transparency and accountability in ticket histories. This lack of clarity can lead to confusion during audits, misinterpretation of updates, and potential compliance risks. Addressing this issue is critical to maintaining trust and operational efficiency. |
| 8 | + |
| 9 | +## Description |
| 10 | + |
| 11 | +This script identifies if the current user session is under impersonation (e.g., an admin impersonating another user). |
| 12 | +If true, it automatically appends a message in the **Logs** indicating that the note was added during impersonation. |
| 13 | +This improves auditability and clarity when reviewing ticket histories. |
| 14 | + |
| 15 | +## Functionality |
| 16 | + |
| 17 | +The User Impersonation Activity Logger provides the following capabilities: |
| 18 | +- Detects if the current user is impersonating another user |
| 19 | +- Automatically appends a log message stating the impersonation context |
| 20 | +- Works in **Business Rule** and Global Scoped Tables |
| 21 | +- Logs both actual user and impersonated user details |
| 22 | +- Provides clear distinction for audit and tracking |
| 23 | + |
| 24 | +## Usage Instructions |
| 25 | + |
| 26 | +### Add as Business Rule |
| 27 | + |
| 28 | +```javascript |
| 29 | +// When: before update |
| 30 | +// Table: incident |
| 31 | +// Script: |
| 32 | +(function executeRule(current, previous /*null when async*/) { |
| 33 | + if (new GlideImpersonate().isImpersonating()) { // Check if the user is impersonating |
| 34 | + if (current.comments.changes() || current.work_notes.changes()) { // Check if comments or work notes have changed |
| 35 | + let actualUserName = gs.getImpersonatingUserDisplayName(); |
| 36 | + let impersonatedUserName = gs.getUserDisplayName(); |
| 37 | + let logMessage = `User Impersonation Activity Detected: |
| 38 | + Timestamp : ${ new GlideDateTime()} |
| 39 | + Actual User: ${actualUserName} |
| 40 | + Impersonated User: ${impersonatedUserName} |
| 41 | + Comments added: ${current.comments || 'NA'} |
| 42 | + Work Notes added: ${current.work_notes || 'NA'}`; |
| 43 | + gs.info(logMessage); |
| 44 | + } |
| 45 | + } |
| 46 | +})(current, previous); |
| 47 | +``` |
| 48 | + |
| 49 | + |
| 50 | +## Prerequisites |
| 51 | + |
| 52 | +- Need admin access to check the impersonation logs later |
| 53 | + |
| 54 | + |
| 55 | +## Dependencies |
| 56 | + |
| 57 | +- GlideSystem API |
| 58 | +- GlideImpersonate API |
| 59 | +- gs.getSession() |
| 60 | +- GlideDateTime() API |
| 61 | + |
| 62 | + |
| 63 | +## Category |
| 64 | + |
| 65 | +Server-Side Components / Business Rules / User Impersonation Activity Logger |
| 66 | + |
| 67 | +## Hacktoberfest 2025 |
| 68 | + |
| 69 | +Created as first Contribution for ServiceNow Hacktoberfest 2025 🎃 |
| 70 | + |
| 71 | +## License |
| 72 | + |
| 73 | +MIT License |
0 commit comments