Before query business rule -restrict access to RITMs
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-21-2025 01:27 PM
I'm working on creating a query business rule so only the user with the correct role and the person that opened the request can view the RITM.
Currently the people with the correct role is working as intended, however I cannot get the user that opened the request to only see the RITM they opened
Here's what I have, (commented out the non-working portion):
(function executeRule(current, previous /*null when async*/ ) {
var qu = '';
if (gs.getUser().hasRole("iecr")) { //user is has role iecr
qu = current.addEncodedQuery("");
}
/*else if (gs.getUserID() == current.opened_by) { //person that opened request
qu = current.addEncodedQuery("");
}*/
else {
qu = current.addEncodedQuery("cat_item!=8b7d6b8e938c22503e61fce86cba1086");
}
return;
})(current, previous);
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-21-2025 02:11 PM
Hello @bekfro ,
Your Business Rule is just adding an empty query, so that's why it not actually doing something.
I believe you want users with the "iecr" role to see all RITM, except those that are for one particular Catalog Item. And everyone else shall only see the RITM where they are the "Opened by" user.
This would require the following script:
(function executeRule(current, previous /*null when async*/ ) {
if (gs.hasRole('iecr')) {
current.addQuery('cat_item', '!=', '8b7d6b8e938c22503e61fce86cba1086');
} else {
current.addQuery('opened_by', gs.getUserID());
}
})(current, previous);
Regards,
Robert
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-21-2025 07:21 PM
Would a new or modification to an existing ACL solve your issue? Within the ACL record, you can configure conditions, that when match as true, allows access to the target record. Of course you would need to elevate your session to security_admin.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-21-2025 08:32 PM - edited ‎04-21-2025 08:37 PM
the syntax is wrong, please update as per script shared by @Robert H
Also ensure table.None READ ACL is configured correctly for your requirement.
If my response helped please mark it correct and close the thread so that it benefits future readers.
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
