Trigger for Adding and removing User to Permission set based on User roles
trigger AssignPermissionSet on User (after insert,after Update) {
PermissionSet pereset = [SELECT Id FROM PermissionSet WHERE Label ='SBU Impact Visible'];
Set<ID> addIds = new Set<Id>(),
removeIds = new Set<Id>(),
roleIds = new Map<Id, UserRole>([
SELECT Id FROM UserRole
WHERE Name LIKE '%E&C%' OR Name LIKE '%Commerical Ops%' OR Name LIKE '%Energy & Chemicals%' OR Name LIKE '%All Fluor%'
]).keySet();
for(User record: Trigger.new) {
(record.IsActive && roleIds.contains(record.UserRoleId)? addIds: removeIds).add(record.Id);
}
PermissionSetAssignment[] permissionSetList = new PermissionSetAssignment[0];
addIds.removeAll(new Map<Id, AggregateResult>([SELECT AssigneeId Id FROM PermissionSetAssignment
WHERE AssigneeId = :addIds AND PermissionSetId = :pereset.Id GROUP BY AssigneeId]).keySet());
for(Id userId: addIds) {
permissionSetList.add(new PermissionSetAssignment(PermissionSetId = pereset.id, AssigneeId = userId));
}
upsert permissionSetList;
delete [SELECT Id FROM PermissionSetAssignment WHERE AssigneeId = :removeIds AND PermissionSetId = :pereset.Id];
}
PermissionSet pereset = [SELECT Id FROM PermissionSet WHERE Label ='SBU Impact Visible'];
Set<ID> addIds = new Set<Id>(),
removeIds = new Set<Id>(),
roleIds = new Map<Id, UserRole>([
SELECT Id FROM UserRole
WHERE Name LIKE '%E&C%' OR Name LIKE '%Commerical Ops%' OR Name LIKE '%Energy & Chemicals%' OR Name LIKE '%All Fluor%'
]).keySet();
for(User record: Trigger.new) {
(record.IsActive && roleIds.contains(record.UserRoleId)? addIds: removeIds).add(record.Id);
}
PermissionSetAssignment[] permissionSetList = new PermissionSetAssignment[0];
addIds.removeAll(new Map<Id, AggregateResult>([SELECT AssigneeId Id FROM PermissionSetAssignment
WHERE AssigneeId = :addIds AND PermissionSetId = :pereset.Id GROUP BY AssigneeId]).keySet());
for(Id userId: addIds) {
permissionSetList.add(new PermissionSetAssignment(PermissionSetId = pereset.id, AssigneeId = userId));
}
upsert permissionSetList;
delete [SELECT Id FROM PermissionSetAssignment WHERE AssigneeId = :removeIds AND PermissionSetId = :pereset.Id];
}
No comments:
Post a Comment