- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-31-2015 05:55 AM
I am writing an ACL script to prevent users from other locations to see records.
For example, European users cannot view records created by a user in APAC.
However, I keep running into a weird warning in the system log and the ACL script is not working.
Here is my script:
answer = validateRegion();
function validateRegion()
{
var currentLocation = gs.getUser().getLocation();
var loc = new GlideRecord('cmn_location');
loc.get(currentLocation);
var currentRegion = loc.parent.parent;
var users = [];
var otherUsers = new GlideRecord('sys_user');
otherUsers.addQuery('location.parent.parent',currentRegion);
otherUsers.addQuery('roles', "x_nyrs2_xtra_tasks.user");
otherUsers.addActiveQuery();
otherUsers.query();
while(otherUsers.next())
{
users.push(otherUsers.getValue('sys_id'));
}
if(users.toString().indexOf(gs.getUserID()) > -1)
{
return true;
}
else
{
return false;
}
}
This is in the system log as a warning:
org.mozilla.javascript.EcmaError: undefined is not a function.
Caused by error in <refname> at line 5
2:
3: function validateRegion()
4: {
==> 5: var currentLocation = gs.getUser().getLocation();
6: var loc = new GlideRecord('cmn_location');
7: loc.get(currentLocation);
Can someone point me to the right direction?
Best,
Hena
8:
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-03-2015 02:48 AM
Also replace this
while(otherUsers.next())
{
users.push(otherUsers.getValue('sys_id'));
}
with
while(otherUsers.next())
{
users.push(otherUsers.getValue('user_name'));
}
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-31-2015 06:20 AM
Hello Henrikki,
I tried to print this in background script against my account, gs.getUser().getLocation() it provided the blank result.though I had a loation field set against my account. I am not sure why this is so.
Try with below code and check if it works for you by replacing the above code.
gs.getUser().getRecord().getValue('location');
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-31-2015 07:18 AM
Hi Deepak,
Thanks for replying.
However, the error message persists:
org.mozilla.javascript.EcmaError: undefined is not a function.
Caused by error in <refname> at line 6
3: function validateRegion()
4: {
5: // var currentLocation = gs.getUser().getLocation();
==> 6: var currentLocation = gs.getUser().getRecord().getValue('location');
7: var loc = new GlideRecord('cmn_location');
8: loc.get(currentLocation);
9:
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-31-2015 11:08 AM
Hi Henrikki,
Seems like you are trying to create this ACL in Scoped App.
gs.getUser() in a scoped app returns 'ScopedUser'. It has limited methods when compared to global scope. In your case i think you need to write an additional GlideRecord to User table. Something like this.
var kr=new GlideRecord('sys_user');
kr.addQuery('user_name',gs.getUser().getID());
kr.query()
if(kr.next()){
gs.print(kr.location)
}
You can find more about scoped apis here. Scoped GlideSystem API Reference - ServiceNow Wiki
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-03-2015 02:28 AM
I am still on it. I switched from scoped app to global app.
I now have created a query business rule:
function onBefore(current, previous) {
//This function will be automatically called when this rule is processed.
var currentLocation = gs.getUser().getLocation();
var loc = new GlideRecord('cmn_location');
loc.get(currentLocation);
var currentRegion = loc.parent.parent;
gs.log(currentRegion);
var users = [];
var otherUsers = new GlideRecord('sys_user');
otherUsers.addQuery('location.parent.parent',currentRegion);
otherUsers.addQuery('roles', "infra_tasks.user");
otherUsers.addActiveQuery();
otherUsers.query();
while(otherUsers.next())
{
users.push(otherUsers.getValue('sys_id'));
}
var filter = users.toString();
var qc = current.addQuery("sys_created_by", "IN", "filter");
gs.log("sys_created_by = "+current.sys_created_by);
gs.log("Filter = "+filter);
gs.log("Query = "+qc);
}
The log entries are:
sys_created_by =
Filter = 0ee70434c9a84100ce3758ece776afb7,695ce9872083310061eb0a0ad7f79c10....
Query = sys_created_byINnull
Why is current.sys_created_by empty?
Why is qc "sys_created_byINnull" even though filter is a comma-delimeted string as required?
