ACL not working for Itil user

ABC6
Tera Contributor

‎11-28-2024 02:17 AM

Hi All,
I have a requirement where an itil user cannot be able to edit property field for which i have created a write ACL with below code and its not working, please help me to get this issue resolved

var checkRoles = gs.getSession().getRoles();
var userRole = current.getDisplayValue('u_property.u_company_roles');
var currentLoggedInUser = gs.getUser().hasRole('itil');
if (!current.isNewRecord()) {
     if (currentLoggedInUser && checkRoles.indexOf(userRole) == -1) {
        gs.log("razTest: Role " + userRole + " is not in session roles.");
        answer = false;
    }
    else if(checkRoles.indexOf(userRole) !== -1 ){
        answer=true
    }
}
0 Helpfuls
  • 589 Views
6 REPLIES 6

Runjay Patel
Giga Sage

‎11-28-2024 03:28 AM

Hi @ABC6 ,

 

Try using below code.

(function() {
    // Check if the record is not new
    if (!current.isNewRecord()) {
        // Get the current user's roles as an array
        var userRoles = gs.getSession().getRoles().split(',');
        
        // Get the role from the 'u_property.u_company_roles' field
        var requiredRole = current.u_property.u_company_roles;

        // Check if the current user has the 'itil' role
        var isItilUser = gs.getUser().hasRole('itil');

        // Verify if the user has the required role
        if (isItilUser && userRoles.indexOf(requiredRole) === -1) {
            gs.log("razTest: User does not have the required role: " + requiredRole);
            answer = false; // Deny access
        } else {
            answer = true; // Allow access
        }
    } else {
        answer = true; // Allow access for new records
    }
})();

 

-------------------------------------------------------------------------

If you found my response helpful, please consider selecting "Accept as Solution" and marking it as "Helpful." This not only supports me but also benefits the community.


Regards
Runjay Patel - ServiceNow Solution Architect
YouTube: https://www.youtube.com/@RunjayP
LinkedIn: https://www.linkedin.com/in/runjay

-------------------------------------------------------------------------

ABC6
Tera Contributor
In response to Runjay Patel

‎11-28-2024 06:33 AM

for user_adv_admin , field named property is grayed out i want user_adv_admin can access all the field over forms and itil property field should be grayed out, as its a dynamic solution that is why i am not using user_adv_admin, i am getting roles from company roles field

0 Helpfuls