cross-scope access policy

hoisuk jung · ‎08-22-2022

Hello, I ask for your help.
I added a business rule to the application and created a script to get the values of the tables of other applications.However, an error similar to the phrase below appears.

Access to api 'setValue(x_cdltd_loaner_req_loaner_request.state)' from scope 'x_cdltd_testing_ap' has been refused due to the api's cross-scope access policy

While looking for workarounds, I found a way to add a record to cross-scope privileges.

However, status is not changed to allowed. Does anyone know how to do it?

(function executeRule(current, previous /*null when async*/) {

// When closed complete is triggerd it also inactivates the task
var loanerRecs = new GlideRecord('x_cdltd_loaner_req_loaner_request');
loanerRecs.addQuery('state','!=',3);//not closed complete
loanerRecs.query();

while(loanerRecs.next()){
loanerRecs.setValue('state',3);
loanerRecs.update();
}

})(current, previous);

Vamsi Sreenivas · ‎08-22-2022

Hi @hoisuk jung , on the left navigation go to System Applications-->Restricted Caller Access Privileges and search for the source scope as 'x_cdltd_testing_ap' and update the status to Allowed.

You should update the status to Allowed manually.

Mark my answer as HELPFUL / CORRECT if this help resolve your issue.

Regards,

Vamsi S

MrMuhammad · ‎08-22-2022

There are couple ways to do this.

You can keep your code in script include (GLOBAL SCOPE) and call it from Business rule.

Example:

Business rule

(function executeRule(current, previous /*null when async*/) {

   var scriptInclude = new loanerRequestUtil();
   scriptInclude.loaner();
   
})(current, previous);

Script include

Name - loanerRequestUtil

Application - Global

Accessible from - All application scope

 var loanerRequestUtil = Class.create();
loanerRequestUtil.prototype = Object.extendsObject(AbstractAjaxProcessor, {

	loaner: function(){
		var loanerRecs = new GlideRecord('x_cdltd_loaner_req_loaner_request');
                 loanerRecs.addQuery('state','!=',3);//not closed complete
                 loanerRecs.query();

        while(loanerRecs.next()){
              loanerRecs.setValue('state',3);
              loanerRecs.update();
	},
    type: 'loanerRequestUtil'
});
   
    }

The other one was already mentioned by @Vamsi Sreenivas. Please try that and let us know if you still face any issues.

Regards,

Muhammad

Regards,
Muhammad

hoisuk jung · ‎08-22-2022

Saved to global scope but does not resolve the issue.
The following error message appears.

Error Message

Write operation against 'x_cdltd_loaner_req_loaner_request' from scope 'rhino.global' has been refused due to the table's cross-scope access policy

MrMuhammad · ‎08-23-2022

Please define the cross Scope privilege. Read the following article Cross-scope privilege record | Servicenow Docs to understand it better. Application cross scope creation will fix this issue.

Regards,
Muhammad