Cancellation rights

JVINAY · 18 hours ago

Hi Team,

I have written below script include script :

canCancelRequest: function(intakeID) {

var cir = new GlideRecord('u_cloud_request');

if (cir.get(intakeID)) {

if (gs.hasRole('u_cloud_admin')) return true;

var user = gs.getUserID();

var grmembership = new GlideRecord("sys_user_grmember");

grmembership.addQuery("user", user);

grmembership.addQuery("group", "98280b79db3d3740ee5c24f405961998" || "f383c41c1bd89850f08eba215b4bcbb8"); //* 98280b79db3d3740ee5c24f405961998 Cloud Sys ID and f383c41c1bd89850f08eba215b4bcbb8 AWS SYS ID*//

grmembership.query();

if (grmembership.hasNext()) return true;

For my requirement

"Enable Request Account cancellation rights to ServiceNow Assignment group: Cloud teamd and AWS Architecture Team "

This Script works for user have " u_cloud_admin" role and users belongs to either Cloud Team and not working for user belongs to AWS group

I want User don't have " u_cloud_admin" but belogs to either Cloud or AWS will allows to cancel the Request

Thanks.

ChallaR · 16 hours ago

HI @JVINAY ,

please find the below script i have modified few lines , hope its helpful-

canCancelRequest: function(intakeID) {
    var cir = new GlideRecord('u_cloud_request');
    if (cir.get(intakeID)) {
        // If user has u_cloud_admin role, allow
        if (gs.hasRole('u_cloud_admin')) return true;

        var user = gs.getUserID();
        var grmembership = new GlideRecord("sys_user_grmember");
        grmembership.addQuery("user", user);

        // Check if user belongs to either Cloud Team or AWS Architecture Team
        var groupCondition = grmembership.addQuery("group", "98280b79db3d3740ee5c24f405961998"); // Cloud Team
        groupCondition.addOrCondition("group", "f383c41c1bd89850f08eba215b4bcbb8"); // AWS Architecture Team

        grmembership.query();
        if (grmembership.hasNext()) return true;
    }
    return false;
}

NOTE -

addOrCondition() ensures the query checks both groups.
If the user is in either group, grmembership.hasNext() will return true.

Thanks,

Rithika.ch

View solution in original post

JVINAY · 16 hours ago

Hi @Ankur Bawiskar,

I want to allow users who are members of the AWS or Cloud groups to cancel the request, as well as users who have the Cloud Admin role.

First, we need to check if the user has the Cloud Admin role.
If the user does not have the Cloud Admin role but belongs to either the AWS or Cloud group, they should still be allowed to cancel the request.

Currently, the script works for Cloud group members only, but it's not working for AWS group members.

cloud sys_id : 98280b79db3d3740ee5c24f405961998

Aws Sys_id : f383c41c1bd89850f08eba215b4bcbb8

Please suggest changes.

Current script :

canCancelRequest: function(intakeID) {

var cir = new GlideRecord('u_cloud_request');

if (cir.get(intakeID)) {

if (gs.hasRole('u_cloud_admin')) return true;

var user = gs.getUserID();

var grmembership = new GlideRecord("sys_user_grmember");

grmembership.addQuery("user", user);

grmembership.addQuery("group", "98280b79db3d3740ee5c24f405961998" || "f383c41c1bd89850f08eba215b4bcbb8");

grmembership.query();

if (grmembership.hasNext())

return true;

Ankur Bawiskar · 16 hours ago

@JVINAY

try this which checks role and then group membership

canCancelRequest: function(intakeID) {
    var cir = new GlideRecord('u_cloud_intake_request');
    if (cir.get(intakeID)) {
        if (gs.hasRole('u_cloud_intake_admin'))
            return true;

        var user = gs.getUserID();
        var grmembership = new GlideRecord("sys_user_grmember");
        grmembership.addQuery("user", user);
        grmembership.addQuery("group", "98280b79db3d3740ee5c24f405961998");
        grmembership.addOrCondition("group", "f383c41c1bd89850f08eba215b4bcbb8");
        grmembership.query();
        if (grmembership.hasNext())
            return true;
    }
    return false;
}

💡 If my response helped, please mark it as correct ✅ and close the thread 🔒— this helps future readers find the solution faster! 🙏

Regards,
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader

JVINAY · 16 hours ago

@Ankur Bawiskar

Thanks for your reply

I have updated the Code but Not working on AWS group

Updated code :

canCancelRequest: function(intakeID) {

var cir = new GlideRecord('u_cloud_intake_request');

if (cir.get(intakeID)) {

if (gs.hasRole('u_cloud_intake_admin')) return true;

var user = gs.getUserID();

var grmembership = new GlideRecord("sys_user_grmember");

grmembership.addQuery("user", user);

grmembership.addQuery("group", "98280b79db3d3740ee5c24f405961998");

grmembership.addOrCondition("group", "f383c41c1bd89850f08eba215b4bcbb8");

grmembership.query();

if (grmembership.hasNext()) return true;

Please suggest any changes required.

Ankur Bawiskar · 16 hours ago

@JVINAY

it should work fine.

are you using correct group sysIds?

💡 If my response helped, please mark it as correct ✅ and close the thread 🔒— this helps future readers find the solution faster! 🙏

Regards,
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader

JVINAY · 15 hours ago

@Ankur Bawiskar

I have used 2 sys_id for Cloud and Aws But Only Cloud Group sys_id users have access but Aws users don't have access.

why Is not working ?