ACL restriction based upon variable.

Chad Wilhelm1 · ‎08-06-2018

Hello,

We have a requirement to lock down records (REQ and RITM) to one catalog item Spot Bonus. Those can view would be those with a manager role as long the manger is not the one who getting the spot bonus. There is a variable called user receiving bonus. I am having issues restricting the manager from seeing it if they are the user in the variable. Any assistance is appreciated.

SanjivMeher · ‎08-07-2018

Use below script

if(current.request_item.variables.variablename!= gs.getUserID() )
answer=true;

Please mark this response as correct or helpful if it assisted you with your question.

View solution in original post

brianlan25 · ‎08-06-2018

I think you need to make you code != gs.getUserID();

Chad Wilhelm1 · ‎08-06-2018

Hello,

I tried the gliderecord query, but does not work. Manager cannot see any of the RITM's now even the ones they allowed to see.

var currentUser = gs.getUserID();
var queryString = "active=true^cat_item=22e96da3137297004de67e776144b0dd^variables.1b824ebb133e9700fa7c73076144b072ISNOTEMPTY";
var spotuser = new GlideRecord(sc_req_item);
addEncodedQuery(queryString);
while (spotuser.next()) {
   var comp = spotuser.getValue('1b824ebb133e9700fa7c73076144b072');
   gs.log("Chad " + comp);
   if(comp != currentUser);
   answer=true;
}
//gs.log(currentUser.getDisplayName());

brianlan25 · ‎08-06-2018

maybe change it to var queryString = 'active=true^variables.9e6ce1a44fe3130018888fe18110c7df!=' + currentUser;

Then in your while look you only need to answer = true;

brianlan25 · ‎08-06-2018

FYI... that sys_id is from my system so you have to update with your sys_id.