Make location accessible on SP but limit to those for the logged in users company

Go to solution
ts-jp
Tera Contributor

‎03-22-2024 09:04 AM

The cmn_location table stores location records with the "Company" defined (highlighted yellow below):

tsjp_0-1711123303993.png

 

When creating a case as an agent the "Location" field is filtered by the selected Account/Company.

 

I have added "Location" to our SP case form for customer contacts to raise cases against specified locations. I had to modify the acl to permit "snc_external" access to the cmn_location table, before doing this the field was always blank/no records.

tsjp_2-1711123412098.png

 

 

However, this acl currently grants read access to the entire table, meaning that customer contacts can see all locations for all customers, as shown:

tsjp_1-1711123359190.png

 

How do I provide access on SP for the customer to select a location (from cmn_location) but limit this to be locations assigned to their company only?

0 Helpfuls
  • 610 Views
1 ACCEPTED SOLUTION

Go to solution
Sohithanjan G
Kilo Sage
Kilo Sage

‎03-22-2024 10:31 AM

Hi @ts-jp , 

You can have the script in ACL to have access to specific record for where user's company

answer = false; 
var gr = new GlideRecord('sys_user');
gr.get(gs.getUserID());
if (current.company == gr.company) {
answer = true;
}

 

 

Please mark as Accepted Solution if this solves your query and HIT Helpful if you find my answer helped you. This will help other community mates too..:)

View solution in original post

3 REPLIES 3

Go to solution
SanjivMeher
Kilo Patron
Kilo Patron

‎03-22-2024 10:01 AM

One option is adding additional condition in the ACL to compare the company. So you need to check the Advanced box and then add you script to compare logged in users company with the location company.

 

The other option is adding reference qualifier to the Location field on you form, where you add condition to only show locations user part of


Please mark this response as correct or helpful if it assisted you with your question.

Go to solution
Sohithanjan G
Kilo Sage
Kilo Sage

‎03-22-2024 10:31 AM

Hi @ts-jp , 

You can have the script in ACL to have access to specific record for where user's company

answer = false; 
var gr = new GlideRecord('sys_user');
gr.get(gs.getUserID());
if (current.company == gr.company) {
answer = true;
}

 

 

Please mark as Accepted Solution if this solves your query and HIT Helpful if you find my answer helped you. This will help other community mates too..:)

Go to solution
ts-jp
Tera Contributor
In response to Sohithanjan G

‎03-25-2024 06:56 AM

Thanks for your help with this. I used this script but was still getting no results in the form field.
Using Security Debugging I found the field was loading and trying to apply that script against every single record before seemingly timing out, or perhaps reaching a list limit somewhere. Which makes sense as we have thousands of location entries and the particular user I was testing should only be able to see a handful of those.

I applied a reference qualifier as Sanjiv suggested. That works for the field but left me concerned if the user found their way somehow to another page they may still see more than I want them too.
So I've used a combination of both the ACL script and a reference qualifier. The reference qualifier does what I need to filter the list on the form, the ACL is a 'safetynet' to protect the records if the user does manage to navigate to them some other way.

0 Helpfuls