Can you restrict access to a specific Knowledge Base for users with admin role?

RP2 · ‎06-01-2018

Is it possible to restrict admin access to specific KB within Knowledge/Service portal?

User criteria definition restricts all users as specified, except if they have 'admin' role - then restriction is bypassed.

Commenting admin override code in script include where canRead and canContribute functions are defined does not provide desired results.

Has anyone ever implemented this type of requirement?

SN version - Kingston
Knowledge v3

Thank you.

Bhojraj Dhakate · ‎06-01-2018

Hi Rupa,

Find below attachment

In Above user criteria form "Match all" checkbox is there it must be true.

create a group and load all the "User have admin role"

and add this group in the "User Criteria".

If all the Conditions are match then this user not able/able to see knowledge base or vice versa

Thanks,

Bhojraj

RP2 · ‎06-01-2018

Hi Bhojraj,

I have tried that, however, the 'admin' role bypasses this user criteria definition. The knowledge portal still shows the KB and related articles for anyone with 'admin' role.

I added canRead attribute for a specific role 'elite' and cannot Read for 'admin' role as you stated above.

Users without elite role cannot access the KB, if one of those users is granted the 'admin' role, then the restrictions set are bypassed and they can read the KB articles.

Regards.

Rupa

Mark233 · ‎06-01-2018

Hi Rupa,

If you're using a script for the User Criteria you could do something similar to the hasRoleExactly from this post:

https://joshneri.us/serverside-hasroleexactly-in-servicenow/

RP2 · ‎06-04-2018

It appears the internal java code in SN is creating access with an admin override - I'll implement the Service side hasRoleExactly() function you mentioned to verify... Thanks.