The CreatorCon Call for Content is officially open! Get started here.

Allow user with certain role to Update an incident assigned to specific assignment group.

Cindy Sim
Tera Expert

3 weeks ago

I have created Custom Role "update_a". I need to allow only users with this role to update incident assigned to assignment group "B".  I am trying to use business rules for this. Any Suggestions how can I achieve this. 

0 Helpfuls
  • 712 Views
4 REPLIES 4

AshishKM
Kilo Patron
Kilo Patron

3 weeks ago

Hi @Cindy Sim ,

Create write ACL on incident record and write code in script section to check following conditions.

1) logged in user has role "update_a"

2) current record's (i.e. incident) assignment group is "B"

 

// Check if user has role 'uupdate_a' and assignment_group is 'B'
gs.hasRole('update_a') && current.assignment_group.name == 'B';

 

-Thanks,

AshishKM


Please mark this response as correct and helpful if it helps you can mark more that one reply as accepted solution
0 Helpfuls

Rafael Batistot
Kilo Patron

3 weeks ago

Hi @Cindy Sim 

May you try via Client script > onSubmit

function onSubmit() {
    var groupName = g_form.getDisplayValue('assignment_group');

    if (groupName === 'B') {
        var hasRole = g_user.hasRole('update_a');

        if (!hasRole) {
            g_form.addErrorMessage("You are not allowed to update incidents assigned to group B."); //optional
            return false; // Not allow submit
        }
    }

    return true; // Allow submit
}

 

If you found this response helpful, please mark it as Helpful. If it fully answered your question, consider marking it as Correct. Doing so helps other users find accurate and useful information more easily.
0 Helpfuls

kaushal_snow
Mega Sage

3 weeks ago

Hi @Cindy Sim ,

 

Create a before update Business Rule on the incident table with a condition that current.assignment_group == 'group_sys_id' (or match by name) and !gs.hasRole('update_a'), and in the script, if both conditions are true, call current.setAbortAction(true); and gs.addErrorMessage("You are not permitted to update this incident."); so that any user lacking the update_a role cannot make changes when the incident is assigned to that group....

 

If you found my response helpful, please mark it as ‘Accept as Solution’ and ‘Helpful’. This helps other community members find the right answer more easily and supports the community.

 

Thanks and Regards,
Kaushal Kumar Jha - ServiceNow Consultant - Lets connect on Linkedin: https://www.linkedin.com/in/kaushalkrjha/
0 Helpfuls

Anand2799
Tera Guru

3 weeks ago

Hi @Cindy Sim ,

 

You can create a Deny Unless - Write ACL, in the applies to section add your condition - Assignment group is "B", in the requires roles section add your role "update_a".

Note: If you create Allow if type of ACL, uses may still be able to edit assigned to field because of the other ACLs which provide access of the field.

Anand2799_0-1758869031988.png

 

 

Thanks

Anand

0 Helpfuls