The CreatorCon Call for Content is officially open! Get started here.

create ACL

Ak8977
Tera Expert

‎06-13-2024 04:24 AM

Hello all,
I would like to create an ACL  to see all the records created by any of my group members. Could anyone help me on this.
thanks,
note -  user don't have itil role.

 

let's assume I am member of A, B, C groups.

if a member from any of this group created an incident. I would like to see that incident.
actually if we don't have itil role we are only able to see incident created by me and requsted for me and assigned to one of my groups. But now I would like to see the tickets created by my team also.
thanks,

0 Helpfuls
  • 307 Views
2 REPLIES 2

Harish_K07
Giga Guru

‎06-13-2024 04:42 AM

Hi @Ak8977 

 

Please check the following article which is closely related to what you're looking for - https://www.servicenow.com/community/developer-articles/show-incidents-created-by-group-members-how-...

 

Mark as correct and helpful if it solved your query.

Regards,

Harish

0 Helpfuls

Mark Manders
Mega Patron

‎06-13-2024 04:48 AM

I would be very careful with this. If ServiceNow runs a scan and sees that you are circumventing the 'without a role you can only see your own tickets' mechanism, they could start charging you.
Next to that: do you really think a user will be happy with the fact that his overview of 'my tickets' is suddenly flooded with the tickets of all of his group members? 

Your scripted ACL could look something like this, but again: don't do it (just because you can, doesn't mean you should). Especially if you are working for a client and when you leave a huge bill is presented. They will never contract you again (and if it's your own company, be aware that you are going to limit the budget for the Christmas party, because of that bill):

// Get the current user's groups
var userGroups = gs.getUser().getMyGroups();
var userGroupsSet = new Set(userGroups);

// Get the groups of the user who created the ticket
var createdByUserId = current.sys_created_by;
var gr = new GlideRecord('sys_user_grmember');
gr.addQuery('user', createdByUserId);
gr.query();

var sharedGroup = false;
while (gr.next()) {
    if (userGroupsSet.has(gr.group.toString())) {
        sharedGroup = true;
        break;
    }
}

// Allow read access if there is a shared group
if (sharedGroup) {
    gs.info('User is allowed to read the ticket.');
    answer = true;
} else {
    gs.info('User is not allowed to read the ticket.');
    answer = false;
}

 


Please mark any helpful or correct solutions as such. That helps others find their solutions.
Mark
0 Helpfuls