Hide Attachments based on Assignment Group

dandubay
Kilo Contributor

I have a request that I am trying to fulfill, but am having trouble coming up with something. Does anyone have any scripts or any ideas on how to make this happen?

I need to hide all attachments on an incident ticket when the Assignment Group= a certain group. In addition, I need the attachments to only be viewable for a certain role only. So basically when assignment group=xyz hide attachments, unless you are in role 'abc'.

Any ideas??

4 REPLIES 4

dandubay
Kilo Contributor

Figured it out....on load client script:

function onLoad() {

var assignment_group = g_form.getValue('assignment_group');
var isAdmin = g_user.hasRole('admin');

// sys_id is Network Group sys_id
if(!isAdmin && assignment_group=='287ebd7da9fe198100f92cc8d1d2154e'){
var attachment_header = document.getElementById('header_attachment_list');
attachment_header.style.display='none';
}

}


nikita_mironov
Kilo Guru

Is it possible to handle this in a more strict way. Hiding the header and related lists does not eleminate the possibility to use direct link to download the attachment. I've tried "Read" ACL over sys_attachment table but it seems not be working.


coolboy
Mega Expert

I need to hide attachments on Hr table based on Assignment grp and a field called Secured to.Below is my code but it is not working ideas..



getAttachmentReadAnswer();

function getAttachmentReadAnswer() {
if (current.table_name.nil())
return true;

var parentRecord = new GlideRecord(current.table_name);
if (!parentRecord.isValid())
return true;

if (!parentRecord.get(current.table_sys_id))
return true;

return parentRecord.canRead();
}




answer = Check();
function Check(){

var t= new GlideRecord('hr');
t.addQuery('sys_id',current.table_sys_id);
target.query(); // Issue the query to the database to get relevant records
while (target.next()) {
if(t.u_secured_to==15 && gs.getUser().isMemberOf(t.assignment_group)){
gs.log("Retuning True !!!");
answer= true;
}else {
answer=false;

}}}

I have modified oob the Read acl on attachmnet any help !!!


nikita_mironov
Kilo Guru

There is a small typo or mistake in your second script. You are defining glide record object "t" but then use methods ".query()" and ".next" with non-defined object "target". Possibly this will work:
answer = Check();
function Check(){
if (current.table_name=='hr')
{
var t= new GlideRecord('hr');
if ( t.get(current.table_sys_id))
{
if(t.u_secured_to==15 && gs.getUser().isMemberOf(t.assignment_group))
{
gs.log("Returning True !!!");
answer= true;
}else
{
answer=false;
}
}
else
{
// Error while reading data from hr table (unlikely to happen or may happen while creating new record with attachment)
answer = false;
}
}
else
{
// here we should define what do we do with other tables. Assuming "allow access".
answer = true;
// alternative would be to embed here the OOB Read ACL script for sys_attachment table
}
?>