Configuration records - how to set visibility

pironbi · ‎07-14-2015

Hi All -

I am trying to create a business rule that will effectively only allow records to be visible with certain criteria to certain groups.
I am not able to find how to do this at the record level and was hoping someone might have an idea.
I can find how to hide lists, etc... but filtering the records is giving me trouble.

Appreciate any help anyone can provide!

Thanks

Bill

bernyalvarado · ‎07-27-2015

Hi Bill, indeed it makes sense. The only changes you need to do then are:

Change the prior ACL you created so that its name instead of...

Server [cmdb_ci_server] it then becomes Server [cmdb_ci_server].install_status

By doing this change you will then ONLY apply the ACL to the field install_status of the cmdb_ci_server table.

As for the onBefore onQuery business rule, please make it inactive or delete it since we would not longer need it since that one will restrict all the record.

Thanks,

Berny

View solution in original post

bernyalvarado · ‎07-14-2015

Hi Bill, indeed you can also do it through an onBefore query business rule. The one i always use as a template is the out of the box incident query one:

https://yourinstancename.service-now.com/nav_to.do?uri=sys_script.do?sys_id=2bc2f9b1c0a801640199f9eb...

The code of the incident query onbefore query business rule is something like the following:

if (!gs.hasRole("itil") && gs.isInteractive()) {

var u = gs.getUserID();

var qc = current.addQuery("caller_id", u).addOrCondition("opened_by", u).addOrCondition("watch_list", "CONTAINS", u);

gs.print("query restricted to user: " + u);

}

Note that qc will hold the query condition on which your records will be filtered everything time there's a query against the incident table.

I hope this is helpful!

Thanks,

Berny

bernyalvarado · ‎07-14-2015

Perhaps to further explain the previous onBefore onQuery business rule:

For anyone that:

a) does not have an ITIL role and if it's a user that it's interacting with the ServiceNow UI

it will then allow to query the incident table if one of the following conditions are met:

1) The current user is the caller id

2) The current user opened the incident

3) The current user is part of the watch list of the incident

Thanks,

Berny

pironbi · ‎07-15-2015

Thank you Berny!

It is helpful! But what if I want to do it against configuration records and not the incident table?

Kind regards,

Bill

--

William A. Pirone | Automation, Efficiency & Quality Control | Global Infrastructure Services | IT Services

Ernst & Young LLP

Office: +1 201 872 0219 | Bill.Pirone@ey.com<mailto:Bill.Pirone@ey.com>

Thank you for considering the environmental impact of printing this email.

bernyalvarado · ‎07-15-2015

Hi Bill,

What do you mean by configuration records? Are you referring to the system properties? If so you can do it against the sys_properties table.

Keep in mind in ServiceNow almost everything is within a table

Thanks,

Berny

pironbi · ‎07-15-2015

Thank you, Berny!

Yes — that is what I am referring to. And yes, I completely understand and am going to try the ACL first â˜º

Thank you!

Kind regards,

Bill

--

William A. Pirone | Automation, Efficiency & Quality Control | Global Infrastructure Services | IT Services

Ernst & Young LLP

Office: +1 201 872 0219 | Bill.Pirone@ey.com<mailto:Bill.Pirone@ey.com>

Thank you for considering the environmental impact of printing this email.