ACL for assignment_group.parent members

angel_jimenez · ‎09-23-2019

Hi community!

We have a requirement to allow read access to incidents for user who opened it, are the caller of record, are on the watch list or belongs to the parent of the assignment_group.

We have the following ACL condition:

if (current.opened_by == gs.getUserID() || current.caller_id == gs.getUserID() || current.watch_list.indexOf(gs.getUserID()) > -1 || gs.getUser().isMemberOf(current.assignment_group.parent)) {answer = true;}
else {answer = false;}

But the last condition is not working (the underlined one), so user who belongs to the parent of the assignment_group are not able to read incident records.

Any idea about what is wrong on the script condition?

Regards!

Neel Patel3 · ‎09-24-2019

Try gs.getUser().isMemberOf(parent.assignment_group.parent)

Ashutosh Munot1 · ‎09-24-2019

Hi,

Can you use this code:

var flag=false;

var gr = new GlideRecord('sys_user_grmember');

gr.addQuery('group', current.assignment_group.parent);

gr.addQuery('user',gs.getUserID());

gr.query();

if(gr.next()){

flag = true;

}

if (current.opened_by == gs.getUserID() || current.caller_id == gs.getUserID() || current.watch_list.indexOf(gs.getUserID()) > -1 || flag) {

answer = true;

}
else {

answer = false;

}

Thanks,
Ashutosh

angel_jimenez · ‎09-25-2019

Sounds good, but no luck... 😞

Ashutosh Munot1 · ‎09-26-2019

HI,

I just tested this. It is working good for me. Meaning opened by user, caller, parent group member and watchlist user can READ the incident.

You are trying to do this on list view or on form view?

Thanks,
Ashutosh

angel_jimenez · ‎09-26-2019

Hi!

I've configured ACL with your script:

But when I enter to the incident list view with a test user, I don’t see anything:

Regards!