Hide/show record as per roles

Aravind3 · ‎09-04-2018

I want to hide some records based on the roles..

If user has itil role,then particular records shouldn't visible, only admins should see all the records..

Josh Virelli · ‎09-04-2018

Yes, so I believe you will need two ACLs. One to allow ITIL users to see the records if the VPN access field is populated, and one to only allow admins to see the records if it's empty. Is this field on a custom table? If so, you should be able to just create these two ACLs. If it's on an existing table, you'll need to consider the already existing ACLs as well.

Here's an example of the two ACLs you'll have to create. Replace the Incident table with whatever table you are using and make sure the box next to it is -- None --.

ITIL ACL

Admin ACL

View solution in original post

Josh Virelli · ‎09-04-2018

Hi Avavind,

What you are looking for is the Access Control List (ACLs). This is how you can limit the ability to read/write/create/delete and a few other functions within ServiceNow. You can limit access by roles or, if the situation is more complex, with scripts.

If you are a little more specific with your request, I can help you further.

You can read up on ACLs in the documentation here:
https://docs.servicenow.com/bundle/london-platform-administration/page/administer/contextual-securit...

Thanks,
Josh

Aravind3 · ‎09-04-2018

Hi Josh, I have requirement like only admin should see records with "VPN access" (here VPN access is the field name in the form) If "VPN Access" field is empty,then I have to hide the records from ITIL user and end users.. want to write ACL or Business Rules?? Can you help on this??

Harsh Vardhan · ‎09-04-2018

you can create "read" acl on your field

and define the role admin there then field will only visible to admin user.

another scenario :

if you want to set the another condition to check if its empty or not then

use script in ACL

if(gs.hasRole('admin') && current.<field name> =='')
{
gs.log('if condition');
answer = true;
}
else {
gs.log('else condition');
answer = false;
}

try now

Josh Virelli · ‎09-04-2018

Yes, so I believe you will need two ACLs. One to allow ITIL users to see the records if the VPN access field is populated, and one to only allow admins to see the records if it's empty. Is this field on a custom table? If so, you should be able to just create these two ACLs. If it's on an existing table, you'll need to consider the already existing ACLs as well.

Here's an example of the two ACLs you'll have to create. Replace the Incident table with whatever table you are using and make sure the box next to it is -- None --.

ITIL ACL

Admin ACL