Disable renaming or delete/remove attachment option for a table

Go to solution
Community Alums
Not applicable

‎07-06-2022 01:59 AM

Hi All,

I have a requirement that "only the user who attached that attachment should be able to rename the attachment or delete/remove the attachment others shouldn't" for a particular table(custom table).

@Ankur Bawiskar Any idea?

 

Thanks,

Bala

Labels:
0 Helpfuls
  • 1,292 Views
1 ACCEPTED SOLUTION

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron

‎07-06-2022 02:28 AM

Hi,

you can try to use before update BR on sys_attachment and check if the logged in user is the created by of that sys_attachment

For Remove/Delete ensure you have correct table level DELETE ACL

Actually both your requirements can be handled via before update/delete business rule

BR: sys_attachment

Before Update AND Delete

Condition: current.table_name == 'incident'

Script:

(function executeRule(current, previous /*null when async*/) {

	// Add your code here
	if(gs.getUserName() != current.sys_created_by){
		gs.addErrorMessage("You are not allowed to update/delete the file as you are not the one who attached it");
		current.setAbortAction(true);
	}

})(current, previous);

regards
Ankur

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader

View solution in original post

0 Helpfuls
5 REPLIES 5

Go to solution
Chandu Telu
Tera Guru
Tera Guru

‎07-06-2022 02:07 AM

Hi Balaraju,

 

Check the below link to hide the rename option you can check the current user and method in below link will hide the Rename Option but it's best practice 

 

https://community.servicenow.com/community?id=community_question&sys_id=a823c3e1dbd8dbc01dcaf3231f961956

 

Thanks
Chandu Telu
Please Mark Correct/helpful, if applicable,

0 Helpfuls

Go to solution
Community Alums
Not applicable
In response to Chandu Telu

‎07-06-2022 02:16 AM

@Chandu Telu thsanks for replying and this won't solve my requirement

0 Helpfuls

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron

‎07-06-2022 02:28 AM

Hi,

you can try to use before update BR on sys_attachment and check if the logged in user is the created by of that sys_attachment

For Remove/Delete ensure you have correct table level DELETE ACL

Actually both your requirements can be handled via before update/delete business rule

BR: sys_attachment

Before Update AND Delete

Condition: current.table_name == 'incident'

Script:

(function executeRule(current, previous /*null when async*/) {

	// Add your code here
	if(gs.getUserName() != current.sys_created_by){
		gs.addErrorMessage("You are not allowed to update/delete the file as you are not the one who attached it");
		current.setAbortAction(true);
	}

})(current, previous);

regards
Ankur

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader
0 Helpfuls

Go to solution
Community Alums
Not applicable
In response to Ankur Bawiskar

‎07-06-2022 03:30 AM

Hi @Ankur Bawiskar Everything is fine but SetAbortAction is not working since we are working in scoped application

Is there any other way to abort?

0 Helpfuls