ACL script

Selva Arun
Mega Sage
Mega Sage

‎11-30-2023 11:53 AM

Hi All, I have a requirement where only support group members should be able to edit records on the application(cmdb_ci_appl) table. I'm getting lost while writing the script on the ACL as I'm still learning to code. Can anyone help me with the script, please? Thank you.

0 Helpfuls
  • 276 Views
5 REPLIES 5

Amit Gujarathi
Giga Sage
Giga Sage

‎11-30-2023 06:49 PM

Hi @Selva Arun ,
I trust you are doing great.
Please find the sample code for the same

(function() {
    // Replace 'support_group_sys_id' with the actual sys_id of your support group
    var supportGroupSysId = 'support_group_sys_id'; 
    var userGrpMember = new GlideRecord('sys_user_grmember');
    userGrpMember.addQuery('group', supportGroupSysId);
    userGrpMember.addQuery('user', gs.getUserID());
    userGrpMember.query();

    return userGrpMember.hasNext(); // Returns true if the user is a member of the group
})();

Was this answer helpful?


Please consider marking it correct or helpful.


Your feedback helps us improve!


Thank you!


Regards,


Amit Gujrathi



0 Helpfuls

Anand Kumar P
Giga Patron
Giga Patron

‎11-30-2023 09:53 PM

Hi @Selva Arun ,

Create write acl on cmdb_ci_appl table and use below script

var currentUserID = gs.getUserID();
var grMember = new GlideRecord('sys_user_grmember');
grMember.addQuery('user', currentUserID);
grMember.addQuery('group.name', 'Support Group'); //update with group name
grMember.query();
if (grMember.next()) {
    answer = true; // Allow access
} else {
    answer = false; // Deny access
}

Please mark it as helpful and solution proposed if it serves your purpose.

Thanks,

Anand

0 Helpfuls

Ankur Bawiskar
Tera Patron
Tera Patron

‎11-30-2023 10:50 PM

@Selva Arun 

you should ensure table level WRITE ACL has that script and there should be only 1 table level WRITE

what did you start with and where are you stuck?

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader
0 Helpfuls

Dipen Wadhwana
Giga Guru

‎12-01-2023 01:29 AM

Hi @Selva Arun ,

 

Please try the below code:

if (gs.getUser().isMemberOf('supportGroupName')) {
    answer = true; // Allow access
} else {
    answer = false; // Deny access
}

Please mark this response as helpful if your question has been answered correctly.

0 Helpfuls