- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-14-2023 10:35 AM
Hi,
I have a requirement to allow end users the ability to view their departments incidents and requests on the Service Portal. These users have no roles in the system.
I was able to figure out the incidents side of this requirement, however I am unable to figure out the requests.
I have created a custom ACL on the sc_request table that looks at the Request's requested for's department information and compares it to the logged in user's information.
I have the same ACL on the sc_req_item table for the requested items.
I am able to see the appropriate requests in the list.
However, when clicking on one of the requests for a member of my department I get a "Request not found" error.
If I navigate to the request on the platform side, I am able to see the request.
I am at a loss for what is causing this. Any help would be appreciated.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-14-2023 08:06 PM
Doing some more digging I was able to find I needed to create a 2nd ACL for sc_request.*". After creating that ACL everything worked as I would expect.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-19-2023 06:12 AM
I had to modify the "incident query" business rule. My requirements called for the user's department and their manager the ability to view their incidents, so I added the following code.
var user = gs.getUser();
var department = user.getDepartmentID();
var gr = new GlideRecord('incident');
var departmentAllowed;
var managerAllowed;
gr.get(current);
//Check to see if the logged in user has the same department as the caller.
if (gr.caller_id.department == department) {
departmentAllowed = true;
} else {
departmentAllowed = false;
}
//Check to see if the Caller's manager is the logged in user.
if (gr.caller_id.manager == gs.getUserID()) {
managerAllowed = true;
} else {
managerAllowed = false;
}
I then modified the if statement to read as the following.
if (!gs.hasRole("itil") && !gs.hasRole("sn_incident_read") && gs.isInteractive() && (departmentAllowed || managerAllowed))
This was in addition to creating 2 ACL rules for "incident" and "incident.*" Those ACLs looked at a script and that is also below.
ourUser = gs.getUser();
department = ourUser.getDepartmentID();
if (current.caller_id.department == department || current.caller_id.manager == gs.getUserID()){
answer = true;
}
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-11-2025 07:09 AM - edited 06-12-2025 12:54 AM
Hi Bri, for me using your solution is not working. Did you also change the widget?