Before Query Business rule Restriction on the Request Item table

Go to solution
Rhonda9
Tera Expert

‎04-19-2024 05:44 AM

Hello ,

 

I created a before query business rule to restrict anyone that is not a member of the Sensitive Data group from access  Request Items in the Sensitive Data Request Item.   I have been able to create a BR that will not allow anyone who is not a member of the Sensitive Data group to access the restricted records but I want to allow the person who created the request item (opened_by) to be able to view the sensitive data record.   I am having an issue with this and need help. 

 

Here is the business rule that I have created:

 

 condition:  !gs.getUser().isMemberOf('bdb5c97bdbeb90940a2bf381399619eb') 

(function executeRule(current, previous /*null when async*/) {
var u = gs.getUserID(); //Get the sys_id value of the current user
       if(!gs.getUser().hasRole("special request") && !gs.getUser().isMemberOf('bdb5c97bdbeb90940a2bf381399619eb')); { //the user is not a member of sensitive data or an admin
    var qu = current.addEncodedQuery("cat_item!=626cadb11b41ce90d058c992604bcbd5"());
      }
}
)(current, previous);
0 Helpfuls
  • 821 Views
1 ACCEPTED SOLUTION

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron

‎04-19-2024 05:48 AM

@Rhonda9 

no need to add this again inside script as you already have it in condition field; so remove it

!gs.getUser().isMemberOf('bdb5c97bdbeb90940a2bf381399619eb')

use OR condition

(function executeRule(current, previous /*null when async*/) {
	var u = gs.getUserID(); //Get the sys_id value of the current user
	if(!gs.getUser().hasRole("special request")); { //the user is not a member of sensitive data or an admin
		current.addQuery("cat_item", "!=", "626cadb11b41ce90d058c992604bcbd5").addOrCondition("opened_by", gs.getUserID());
	}
}
)(current, previous);

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader

View solution in original post

3 REPLIES 3

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron

‎04-19-2024 05:48 AM

@Rhonda9 

no need to add this again inside script as you already have it in condition field; so remove it

!gs.getUser().isMemberOf('bdb5c97bdbeb90940a2bf381399619eb')

use OR condition

(function executeRule(current, previous /*null when async*/) {
	var u = gs.getUserID(); //Get the sys_id value of the current user
	if(!gs.getUser().hasRole("special request")); { //the user is not a member of sensitive data or an admin
		current.addQuery("cat_item", "!=", "626cadb11b41ce90d058c992604bcbd5").addOrCondition("opened_by", gs.getUserID());
	}
}
)(current, previous);

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader

Go to solution
Rhonda9
Tera Expert
In response to Ankur Bawiskar

‎04-19-2024 05:53 AM

Thank you so much.  It work!

0 Helpfuls

Go to solution
maria03
Tera Contributor
In response to Ankur Bawiskar

‎06-26-2025 02:29 PM

thank you so much! (you should add this to your youtube channel or blog etc as it should be obvious the person who submitted the information should be allowed to see it, but all examples i found did not include the addorcondition from your query). thanks again.

0 Helpfuls