RESTRICTING INC RECORD ACCESS TO SPECIFIC INDIVIDUAL(S)

adaptivert
Giga Guru

‎08-29-2023 09:15 AM - edited ‎08-29-2023 09:16 AM

Hello.  I am trying to address a requirement that would restrict access to an INC record visible only to certain individual(s).  The Universal Request integration - Incident Management plugin and the process behind it does not meet our straight forward requirement.

 

However, I encountered the following KBs and wondered if anyone one from the customer that wrote the KAs can help on how they implemented the capability.  Thank you in advance.

 

https://berkeley.service-now.com/kb_view.do?sysparm_article=KB0010928

https://berkeley.service-now.com/kb_view.do?sysparm_article=KB0010927

 

@Terri Kouba @tangcov 

Labels:
0 Helpfuls
  • 1,016 Views
14 REPLIES 14

adaptivert
Giga Guru
In response to Terri Kouba

‎09-14-2023 06:29 AM

@Terri Kouba .  Thank you for the feedback.  Do you have any associated business rule or data policy that you wrote to support the custom field?  Would you be able to share such code?  Appreciate the help.  Best regards.

0 Helpfuls

Terri Kouba
Tera Expert
In response to adaptivert

‎09-14-2023 08:28 AM

We have a business rule on the Incident table.

TerriKouba_0-1694705070588.png

 

TerriKouba_1-1694705093418.png

 

We also have a utility that checks to see if this person is a member of the appropriate group to see this incident.  

var BerkeleyViewRestrictionUtility = Class.create();
BerkeleyViewRestrictionUtility.prototype = {
	
	type: 'BerkeleyViewRestrictionUtility',
	
	_currentUser: null,
	
	initialize: function(userOverride) {
		this._currentUser = gs.getUser();
		if (JSUtil.notNil(userOverride)) {
			this._currentUser = this._currentUser.getUserByID(userOverride);
			gs.print('Overriding user to ' + this._currentUser.getFullName());
		}
	},
	
	currentUserIsMemberOfGroupList: function(groupList) {
		var result = false;
		var listUtility = new Berkeley_ListUtility();
		var groupListArray = listUtility.convertListToArray(groupList);
		for(var i in groupListArray) {
			if (this._currentUser.isMemberOf(groupListArray[i])) {
				result = true;
				break;
			}
		}
		return result;
	},
	
	currentUserIsMemberOfUserList: function(userList) {
		var result = false;
		if (typeof userList === 'string') {
			result = (userList.indexOf(this._currentUser.getID()) > -1);
		}
		return result;
	},
	
	currentUserIsMemberOfGroup: function(groupID) {
		var result = false;
		if (JSUtil.notNil(groupID)) {
			result = this._currentUser.isMemberOf(groupID);
		}
		return result;
	},
	
	currentUserIs: function(userID) {
		var result = false;
		if (JSUtil.notNil(userID)) {
			result = (this._currentUser.getID() == userID);
		}
		return result;
	},
	
	currentUserHasRole: function(roleName) {
		var result = false;
		if (JSUtil.notNil(roleName)) {
			result = this._currentUser.hasRole(roleName);
		}
		return result;
	}
};

 

I hope this helps.

 

Thanks,

 

Terri

0 Helpfuls

adaptivert
Giga Guru
In response to Terri Kouba

‎09-14-2023 08:39 AM

Thank you for this @Terri Kouba .  I will try this out on our end and will give you feedback.

0 Helpfuls

adaptivert
Giga Guru
In response to Terri Kouba

‎09-14-2023 09:49 AM

@Terri Kouba .  Pardon me for this.  Are the below all custom attributes you created?  I am also trying to follow the code and I did not see the utility called in the BR as shown in the screenshot you shared.    Do you have a different code for the BR to restrict on individual selected users?

 

TerriKouba_0-1694036140729.png

 

 

0 Helpfuls

Terri Kouba
Tera Expert
In response to adaptivert

‎09-20-2023 08:52 AM

Yes, these are custom fields we created.

0 Helpfuls