- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-15-2023 02:33 AM
Hi,
I have a requirement to determine if a user has (read) access to a knowledge article via a email notification script. I am assuming there is an OTTB script include for this but struggling to find anything.
Appreciate any suggestions.
Thanks.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-15-2023 06:48 AM
I'm afraid none of the other answers give you what you need, as methods like .canRead() automatically take the logged in user's sys_id to check access, and they do not accept any other parameter to check a different user. Furthermore, it is not recommended to call SNC classes, like KBKnowledgeSNC() directly. These classes always have an extended sibling which should be used, in this case it is KBKnowledge(). But as I mentioned, they only take the logged in user's ID, and therefore you should first impersonate your target user. So you will have to do something like this:
/*
*Check if the logged in user has access to the provided knowledge article
* @Param {string} - sys_id of the knowledge article to check
* @return {boolean} - true if the user has access to the article, false if not
*/
function kbAccess(kba) {
var kbGr = new GlideRecord('kb_knowledge');
kbGr.get(kba);
return (new KBKnowledge().canRead(kbGr));
}
var userToCheck = ''; // Add the sys_id of the user you want to check here
var originalUser = gs.getSession().impersonate(userToCheck ); // impersonate target user
var hasAccessToKBA = kbAccess(kba);
gs.getSession().impersonate(originalUser ); // impersonate back to the original user
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-15-2023 03:37 AM
Hi @Michael Todd ,
You can try to use UserCriteriaLoader. Its not part of SN official documentation though.
For reference:
UserCriteriaLoader - API to Evaluate User Criteria - ServiceNow Community
Please mark correct if this helped your issue.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-15-2023 04:14 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-15-2023 06:48 AM
I'm afraid none of the other answers give you what you need, as methods like .canRead() automatically take the logged in user's sys_id to check access, and they do not accept any other parameter to check a different user. Furthermore, it is not recommended to call SNC classes, like KBKnowledgeSNC() directly. These classes always have an extended sibling which should be used, in this case it is KBKnowledge(). But as I mentioned, they only take the logged in user's ID, and therefore you should first impersonate your target user. So you will have to do something like this:
/*
*Check if the logged in user has access to the provided knowledge article
* @Param {string} - sys_id of the knowledge article to check
* @return {boolean} - true if the user has access to the article, false if not
*/
function kbAccess(kba) {
var kbGr = new GlideRecord('kb_knowledge');
kbGr.get(kba);
return (new KBKnowledge().canRead(kbGr));
}
var userToCheck = ''; // Add the sys_id of the user you want to check here
var originalUser = gs.getSession().impersonate(userToCheck ); // impersonate target user
var hasAccessToKBA = kbAccess(kba);
gs.getSession().impersonate(originalUser ); // impersonate back to the original user
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-16-2023 01:53 AM
Many thanks Laszlo. I was indeed thinking about how to run this script for a given user, rather than the logged in user. Will test out the proposed solution and update this post with findings.
