Make location accessible on SP but limit to those for the logged in users company

ts-jp · ‎03-22-2024

The cmn_location table stores location records with the "Company" defined (highlighted yellow below):

When creating a case as an agent the "Location" field is filtered by the selected Account/Company.

I have added "Location" to our SP case form for customer contacts to raise cases against specified locations. I had to modify the acl to permit "snc_external" access to the cmn_location table, before doing this the field was always blank/no records.

However, this acl currently grants read access to the entire table, meaning that customer contacts can see all locations for all customers, as shown:

How do I provide access on SP for the customer to select a location (from cmn_location) but limit this to be locations assigned to their company only?

Sohithanjan G · ‎03-22-2024

Hi @ts-jp ,

You can have the script in ACL to have access to specific record for where user's company

answer = false; 
var gr = new GlideRecord('sys_user');
gr.get(gs.getUserID());
if (current.company == gr.company) {
answer = true;
}

Please mark as Accepted Solution if this solves your query and HIT Helpful if you find my answer helped you. This will help other community mates too..:)

View solution in original post

SanjivMeher · ‎03-22-2024

One option is adding additional condition in the ACL to compare the company. So you need to check the Advanced box and then add you script to compare logged in users company with the location company.

The other option is adding reference qualifier to the Location field on you form, where you add condition to only show locations user part of

Please mark this response as correct or helpful if it assisted you with your question.

Sohithanjan G · ‎03-22-2024

Hi @ts-jp ,

You can have the script in ACL to have access to specific record for where user's company

answer = false; 
var gr = new GlideRecord('sys_user');
gr.get(gs.getUserID());
if (current.company == gr.company) {
answer = true;
}

Please mark as Accepted Solution if this solves your query and HIT Helpful if you find my answer helped you. This will help other community mates too..:)

ts-jp · ‎03-25-2024

Thanks for your help with this. I used this script but was still getting no results in the form field.
Using Security Debugging I found the field was loading and trying to apply that script against every single record before seemingly timing out, or perhaps reaching a list limit somewhere. Which makes sense as we have thousands of location entries and the particular user I was testing should only be able to see a handful of those.

I applied a reference qualifier as Sanjiv suggested. That works for the field but left me concerned if the user found their way somehow to another page they may still see more than I want them too.
So I've used a combination of both the ACL script and a reference qualifier. The reference qualifier does what I need to filter the list on the form, the ACL is a 'safetynet' to protect the records if the user does manage to navigate to them some other way.