Hide Requester details field in RITM and SCTASK form while preview.

nageswari1 · 3 weeks ago

Hi Team,

I have got a requirement that, there is one field (Password) in the catalog item called "Password reset". After ticket creation, we generally see the password field in the Requester details under RITM form. In that RITM form I want it to be visible only for the specific group members. for rest of group members, it should be hidden in the Requester details section.
Conditions:
1. The field should be visible only to the specific assignment group members rest of members should be hidden.

I have followed the below steps and I have hidden the field in Requester details (Variables) RITM and SCTASK form.

Step 1: Create a System Property

This will help you manage the group visibility without modifying scripts later.

Name: x.company.visible.password.group
Type: String
Value: (Enter the Sys ID of the assignment group whose members should see the field)

Step 2: Create a Display Business Rule on sc_req_item

This rule checks whether the logged-in user is a member of the allowed group and stores a flag in g_scratchpad.

(function executeRule(current, previous) {
    var allowedGroupSysId = gs.getProperty('x.company.visible.password.group');

    var isVisible = false;
    var groupMember = new GlideRecord('sys_user_grmember');
    groupMember.addQuery('user', gs.getUserID());
    groupMember.addQuery('group', allowedGroupSysId);
    groupMember.query();
    if (groupMember.hasNext()) {
        isVisible = true;
    }

    g_scratchpad.show_password = isVisible;
})(current, previous);

Step 3: Create an onLoad Client Script on sc_req_item

Use this script to control the visibility of the variable using the scratchpad value.

function onLoad() {
    // Replace 'new_password' with the name (not label) of your variable
    g_form.setDisplay('variables.new_password', g_scratchpad.show_password);
}

It worked and But when the RITM is previewed from the SCTASK form, the password field is visible to all the users.
It should not visible to all the users. It should be hidden in preview section as well.
Reference: Please find the screenshot I have attached (Taken example for User ID field)
Can you please help me with this how to achieve this

Thanks in advance.

Nageshwari P.

nageswari1 · a week ago

Hi @Aniket Chavan ,

I have tried the method which you have shared. but i am not able to hide the field under requester details when I am previewing the RITM from SCTASK.
generally the field is in the Requester details section and which is read only fields.
Can you please help me how to hide the fields on requester details on preview.

Best Regards,

Nageshwari P.

Rafael Batistot · 3 weeks ago

Hi @nageswari1

You’ve correctly hidden the password variable in the RITM form, but when users preview the RITM from within the SCTASK form (using the related list “Preview” feature / reference icon), the variable shows up for everyone because:

• That preview panel is rendered by the $sp.getForm / form renderer engine,

• It doesn’t run your Client Script (onLoad),

• And it doesn’t automatically respect g_scratchpad.

So we need to handle the preview rendering separately.

Variable Write ACL (Recommended & Secure)

Instead of relying only on display/client script, put a Read ACL on the variable:

Navigate to System Security → Access Control (ACL).
Create a new ACL for the variable field:

Table: sc_item_option_mtom (that’s where variable values are stored).
Field: value
Condition: Match the specific variable (new_password)

Script condition in ACL:

(function() {
var allowedGroup = gs.getProperty('x.company.visible.password.group');
if (!allowedGroup) return false;
return gs.getUser().isMemberOf(allowedGroup);
})();

This way, if the user is not in the allowed group, the variable’s value is never sent to the client, even in preview.