- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-17-2024 08:41 PM
<p>want to write a script which will allow only the “ requested by “ . “ assigned to “ and “ Change manager role” users to edit the close code fields, even for the admin users that field should be read-only , if the admin user is the requested by / assigned to then only during that time they should be able to edit it.</p>
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-17-2024 09:14 PM
Hi @BoyaGaneshkumar ,
Create write ACL with admin override unchecked, use below code in your ACL script.
// Allow write access if the user is the requested_by, assigned_to, or has the 'change_manager' role
(function() {
// Get the current user
var currentUser = gs.getUserID();
// Check if the user is the "requested by"
if (current.requested_by == currentUser) {
return true;
}
// Check if the user is the "assigned to"
if (current.assigned_to == currentUser) {
return true;
}
// Check if the user has the 'change_manager' role
if (gs.hasRoleExactly('change_manager')) {
return true;
}
// Deny access by default
return false;
})();
-------------------------------------------------------------------------
If you found my response helpful, please consider selecting "Accept as Solution" and marking it as "Helpful." This not only supports me but also benefits the community.
Regards
Runjay Patel - ServiceNow Solution Architect
YouTube: https://www.youtube.com/@RunjayP
LinkedIn: https://www.linkedin.com/in/runjay
-------------------------------------------------------------------------
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-17-2024 10:19 PM
Hello @BoyaGaneshkumar
In addition to creating ACL's, UI policy and data policy could be another way to meet the requirements.
If you want to restrict users from editing the Close Code field on the form, you can achieve this using a UI Policy.
Steps to Implement on Form:
Create a UI Policy:
- Navigate to System UI > UI Policies and create a new UI Policy on the Change Request table.
- Add a condition that always evaluates to true (e.g., state is not empty).
- Set the Close Code field to be read-only by default.
Add a UI Policy Script:
- Use the following script to dynamically evaluate user permissions and control the editability of the field:
(function executeRule() {
var canEdit = false;
var userSysId = g_user.userID;
var requestedBy = g_form.getValue('requested_by');
var assignedTo = g_form.getValue('assigned_to');
// Allow users in the "Change Manager" role to edit
if (g_user.hasRole('change_manager')) {
canEdit = true;
}
// Allow users if they are the requested_by or assigned_to
if (userSysId === requestedBy || userSysId === assignedTo) {
canEdit = true;
}
// Set the read-only state of the Close Code field
g_form.setReadonly('close_code', !canEdit);
})();
For List View:
If you want to enforce the same restrictions in the list view, you can use a Data Policy:
- Create a Data Policy on the Change Request table.
- Set the Close Code field to read-only by default.
- Add conditions to make it editable only for:
- The Requested By user.
- The Assigned To user.
- Users with the Change Manager role.
Outcome:
- The Close Code field will be read-only for all users except:
- Requested By
- Assigned To
- Users with the Change Manager role
- Even admins will not be able to edit the field unless they meet one of the above conditions.
"If you found my answer helpful, please like and mark it as an "accepted solution". It helps others find the solution more easily and supports the community!"
Thank You
Juhi Poddar
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-18-2024 12:47 AM
Thank you for marking my response as helpful.
As per new community feature you can mark multiple responses as correct.
If my response helped please mark it correct as well so that it benefits future readers.
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-17-2024 08:57 PM
you can use field level WRITE ACL and use advanced script section
Ensure admin overrides is unchecked
Something like this in script
var userId = gs.getUserID();
var isRequestedBy = (current.requested_by == userId);
var isAssignedTo = (current.assigned_to == userId);
var isChangeManager = gs.hasRole('change_manager');
answer = isRequestedBy || isAssignedTo || isChangeManager;
If my response helped please mark it correct and close the thread so that it benefits future readers.
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-18-2024 12:47 AM
Thank you for marking my response as helpful.
As per new community feature you can mark multiple responses as correct.
If my response helped please mark it correct as well so that it benefits future readers.
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-17-2024 09:14 PM
Hi @BoyaGaneshkumar ,
Create write ACL with admin override unchecked, use below code in your ACL script.
// Allow write access if the user is the requested_by, assigned_to, or has the 'change_manager' role
(function() {
// Get the current user
var currentUser = gs.getUserID();
// Check if the user is the "requested by"
if (current.requested_by == currentUser) {
return true;
}
// Check if the user is the "assigned to"
if (current.assigned_to == currentUser) {
return true;
}
// Check if the user has the 'change_manager' role
if (gs.hasRoleExactly('change_manager')) {
return true;
}
// Deny access by default
return false;
})();
-------------------------------------------------------------------------
If you found my response helpful, please consider selecting "Accept as Solution" and marking it as "Helpful." This not only supports me but also benefits the community.
Regards
Runjay Patel - ServiceNow Solution Architect
YouTube: https://www.youtube.com/@RunjayP
LinkedIn: https://www.linkedin.com/in/runjay
-------------------------------------------------------------------------
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-17-2024 10:19 PM
Hello @BoyaGaneshkumar
In addition to creating ACL's, UI policy and data policy could be another way to meet the requirements.
If you want to restrict users from editing the Close Code field on the form, you can achieve this using a UI Policy.
Steps to Implement on Form:
Create a UI Policy:
- Navigate to System UI > UI Policies and create a new UI Policy on the Change Request table.
- Add a condition that always evaluates to true (e.g., state is not empty).
- Set the Close Code field to be read-only by default.
Add a UI Policy Script:
- Use the following script to dynamically evaluate user permissions and control the editability of the field:
(function executeRule() {
var canEdit = false;
var userSysId = g_user.userID;
var requestedBy = g_form.getValue('requested_by');
var assignedTo = g_form.getValue('assigned_to');
// Allow users in the "Change Manager" role to edit
if (g_user.hasRole('change_manager')) {
canEdit = true;
}
// Allow users if they are the requested_by or assigned_to
if (userSysId === requestedBy || userSysId === assignedTo) {
canEdit = true;
}
// Set the read-only state of the Close Code field
g_form.setReadonly('close_code', !canEdit);
})();
For List View:
If you want to enforce the same restrictions in the list view, you can use a Data Policy:
- Create a Data Policy on the Change Request table.
- Set the Close Code field to read-only by default.
- Add conditions to make it editable only for:
- The Requested By user.
- The Assigned To user.
- Users with the Change Manager role.
Outcome:
- The Close Code field will be read-only for all users except:
- Requested By
- Assigned To
- Users with the Change Manager role
- Even admins will not be able to edit the field unless they meet one of the above conditions.
"If you found my answer helpful, please like and mark it as an "accepted solution". It helps others find the solution more easily and supports the community!"
Thank You
Juhi Poddar