allow a single user to have permission to create tasks by using a "new" button from the RITM form /list control?

heidiyablonski · ‎05-13-2017

I am brand spanking new to ServiceNow.

I have a request to allow just one user the access to create tasks. He has the ITIL role but we have disabled the ability for users to create tasks in our ITIL role. I don't want to give him the admin role to allow him to create tasks. Being that I'm a newbie I dont know if I should do this with a UI action, a policy, list control? I dont really know where to begin. What is the right/best way to meet the request?

Suggestions greatly appreciated.

Thank you,

Heidi

Goran WitchDoc · ‎05-13-2017

Hi Heidi,

well, it kind of depends on how you disabled the ability for the users. Easiest way is just just add a condition for this user on the same place to keep everything in the same place. Makes it a bit easier to administrate.

How have you disabled the ability to create new tasks?

//Göran

naveenaechan · ‎05-14-2017

Hi Heidi,

You can add a scripted ACL as below to check for specific user or if user has an "Admin" role (if you wish to give admin access for creating). Make sure you remove all additional roles added as part of this ACL and just maintain the script.

Ofcourse, you can still update the above condition to also include users with "catalog_admin" role to also create RITM, if required.

Thanks

Naveen

PS: Hit like, Helpful or Correct depending on the impact of the response

Goran WitchDoc · ‎05-14-2017

Please don't put in a user sys_id like this. Will be hard to administrate in the future. At least create a group for this purpose and check if the user is in that group. By doing like this you can easy just add another user in the group without needed to modify the ACL. Also meaning you can administrate this without having to do a update to the ACL and put it through all the dev->test->prod thingie.

//Göran

naveenaechan · ‎05-14-2017

Yes, Goran. I agree !

1. create a group and add the required users in that group, then update the ACL (or)

2. we can even create a custom role for the desired user and update the ACL accordingly. Here we can check if user has that custom role or if user is an admin etc.

Thanks

Naveen