- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
4 weeks ago
Hi Experts ,
I need help in configuring an Deny unless ACL on sctask table , operation read.
Requirement is : For a particular catalog item let's call it 'abc', it should only be visible to users if assignment group is one of logged in user group.
before i was using data condition but then additional requirement came where we have to show the catalog item to either users having assignment group as one of their groups or to user who is part of xyz group.
Any help is appreciated
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
4 weeks ago
please use advanced script and use this
answer = gs.getUser().isMemberOf('XYZ Group') || gs.getUser().isMemberOf(current.assignment_group);
If my response helped please mark it correct and close the thread so that it benefits future readers.
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
4 weeks ago
Hi @Shivangi Singh2 ,
Allow read only if:
The logged-in user is a member of the task’s assignment_group, OR
The logged-in user is a member of the global exception group “xyz”.
All other sc_task for that item should be hidden.
Try below code snippet, leaving requires role blank.
(function () {
// allow read only if user is in the assignment group OR in the exception group "xyz"
// Check exception group first for a quick allow
if (gs.getUser().isMemberOf("xyz")) {
answer = true;
return;
}
// If there is no assignment group on the task, deny (no group to match)
if (!current.assignment_group) {
answer = false;
return;
}
// Allow if the user is a member of the task’s assignment group
if (gs.getUser().isMemberOf(current.assignment_group)) {
answer = true;
return;
}
// Otherwise, deny
answer = false;
})();
Before creating this ACL, ensure there no other ACL will affect for read role for the users.
Thanks,
Bhimashankar H
-------------------------------------------------------------------------------------------------
If my response points you in the right directions, please consider marking it as 'Helpful' & 'Correct'. Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
4 weeks ago
please use advanced script and use this
answer = gs.getUser().isMemberOf('XYZ Group') || gs.getUser().isMemberOf(current.assignment_group);
If my response helped please mark it correct and close the thread so that it benefits future readers.
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
4 weeks ago
Hope you are doing good.
Did my reply answer your question?
If my response helped please mark it correct and close the thread so that it benefits future readers.
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
4 weeks ago
Thank you for marking my response as helpful.
If my response helped please mark it correct and close the thread so that it benefits future readers.
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
4 weeks ago
Thank you for the help Ankur ,It worked , idk why i was over complicating the logic.