RESTRICTING INC RECORD ACCESS TO SPECIFIC INDIVIDUAL(S)

adaptivert · ‎08-29-2023

Hello. I am trying to address a requirement that would restrict access to an INC record visible only to certain individual(s). The Universal Request integration - Incident Management plugin and the process behind it does not meet our straight forward requirement.

However, I encountered the following KBs and wondered if anyone one from the customer that wrote the KAs can help on how they implemented the capability. Thank you in advance.

https://berkeley.service-now.com/kb_view.do?sysparm_article=KB0010928

https://berkeley.service-now.com/kb_view.do?sysparm_article=KB0010927

@Terri Kouba @tangcov

adaptivert · ‎09-20-2023

Thank you, @Terri Kouba . I tried to share what I did earlier and it seems like it was not reaching you. Anyway, below is what I tried to do. I am sure I am not doing it as per your implementation and I am not embarrassed to say the red fonts tells me I am not sure what I am doing. Can you possibly help me further?

Dictionary Info: incident.u_restricted

Table	incident
Field	u_restricted
Type	boolean
Max Length	40

Dictionary Info: incident.u_restrict_grp

Table	incident
Field	u_restrict_grp
Type	glide_list
Reference	sys_user_group
Max Length	1024
Attributes	no_sort=true,slushbucket_ref_no_expand=true

Dictionary Info: incident.u_restrict_usr

Table	incident
Field	u_restrict_usr
Type	glide_list
Reference	sys_user
Max Length	1024
Attributes	no_sort=true,slushbucket_ref_no_expand=true

Business Rule:

System Property:

adaptivert · ‎09-18-2023

@tangcov

adaptivert · ‎09-18-2023

@Terri Kouba . I tried to implement a similar model for your version of the work and I did the below. However, I think I am not doing it as you would implement it specially for the part of auto-restricting. The utility you wrote; would I write that as a server side script? Thank you for the patient on my questions.

Dictionary Info: incident.u_restricted

Table	incident
Field	u_restricted
Type	boolean
Max Length	40

Dictionary Info: incident.u_restrict_grp

Table	incident
Field	u_restrict_grp
Type	glide_list
Reference	sys_user_group
Max Length	1024
Attributes	no_sort=true,slushbucket_ref_no_expand=true

Dictionary Info: incident.u_restrict_usr

Table	incident
Field	u_restrict_usr
Type	glide_list
Reference	sys_user
Max Length	1024
Attributes	no_sort=true,slushbucket_ref_no_expand=true

Business rule:

I also tried to write the BR with the below :

Advance Tab

Condition== current.u_restrict_grp.changes()&&current.u_restricted==true;

Script:

function onBefore(current, previous) {

// Add your code here

if (gs.getProperty('auto_restrict.insert_only') == 'true' && !current.isNewRecord()) {

return;

}

current.u_restricted = true;

gs.addInfoMessage(current.number + ' was automatically restricted after assignment to group ' + current.u_restrict_grp.name)

}

System property created:

adaptivert · ‎09-20-2023

@Terri Kouba . Thank you for your reply. Have you seen the information I posted in an attempt to replicate your solution? What are your thoughts on what I had tried to do so far. I am sure I am not doing it correctly.

Terri Kouba · ‎09-20-2023

Hi.

I suggest thinking about it from a functionality perspective before you think about it from a coding perspective.

If you don't want anyone to see a restricted incident that they don't have access to, where are the places where they could see incidents? the incident list view, the incident form, in a report, in the search results, on the related list of a Change, etc. If this is your requirement, then the solution would have to be available in all of those places. So where would the appropriate place be? On the incident table. Most likely as an Access Control List read record.

I hope that helps.

Thanks,

Terri