Hiding specific attachments?

othews · ‎09-12-2018

Hi,

Is there any way to hide specific attachments or only show specific attachments to end users?

We enable end users to look at their incidents and Requested Items throught the ess view in Servicenow. We do not use the portal solution yet due to various reasons and we will not be doing so for at least a year.
We need to be able to hide specific attachments or only show specific attachments for our end users. Currently they see all of the attachments in their ticket and the attachments that we receive from partners or from assignment groups might contain sensitive information. We do not utilize incident tasks or Catalog tasks in our system. If we did we could of course keep sensitive attachments in the tasks and not on the main incident/RITM. But we dont.

However, we still need to show some attachments to the end users. For example guides or just showing them the documents that they've uploaded themselves.

Is there for example a way to create a new field where you place only certain attachments? Is there any way for Servicenow to recognize different upload sources for attachments?
Is there any way at all for us to solve this?

Best regards
Ola Thews

Chalan B L · ‎09-12-2018

Hello Othews,

1) Create an custom table "u_internal_attachments" and add two fields "Attachment" & DP Reference(reference to parent table.

2) Create a related list - select a view and give a related list

3) Create an UI action "Create new internal attachment"

check the List banner input and list action

Condition : current.canCreate() && !RP.getListControl().isOmitNewButton() && RP.isRelatedList()

Script:

CreateNewInternalAttachment();

--------------------------------------------------------------------------

4)Hide the save button for this table since only "Submit" button should be visible - create a save action

5) Give the specific access by using ACLs

6) Write the BR to check whether attachment is made

(function executeRule(current, previous /*null when async*/) {

try{
var currentsysid = current.sys_id;

var attach = new GlideRecord('sys_attachment');
attach.addQuery('table_sys_id', currentsysid);
attach.query();

//Gliding current Table to create NEW records for Each Attachments.
var gr = new GlideRecord("u_internal_attachments");
var count = 1;

while(attach.next()){
//If only one Attachment attached.
if(count == 1){
current.u_attachment_reference = attach.sys_id;
}

//If more than one Attachment attached
else{
gr.initialize();
gr.u_dp_reference = current.u_dp_reference; //Check out the fields here
gr.u_attachment_reference = attach.sys_id;
gr.insert();

attach.table_sys_id = gr.sys_id;
attach.update();

}
count++;
}
gs.setRedirect('u_aero.do?sys_id='+current.u_dp_reference.sys_id); // after attachment is made basically it returns to the parent id

}

catch (e){
gs.log(">>>'Business Rule - DPInternalAttach - Populate Attachment : " + e + ' - ' + e.message, ">>>Business Rule<<<");
}

})(current, previous);

7) Write Client script - onLoad

---------------------------------------------------------------------------

😎 write one onSubmit client script and call script include.

--------------------------------

queryMultipleResults_EncodedQuery : function () {
try {
var response = '';
var table = this.getParameter('sysparm_table');
var encodedQuery = this.getParameter('sysparm_encodedQuery');
var returnField = this.getParameter('sysparm_returnField');
var displayValue = this.getParameter('sysparm_displayValue') == 'true' ? true : false;

var gr = new GlideRecord(table);
gr.addEncodedQuery(encodedQuery);
gr.query();

while (gr.next()) {
response += (displayValue ? gr[returnField].getDisplayValue().toString() : gr[returnField].toString());
response += (gr.hasNext() ? '|' : '');
}

gs.log("Invocation DynamicAjaxQuery.queryMultipleResults_EncodedQuery() param {table:" + table + ", encodedQuery:" + encodedQuery + ", returnField:" + returnField + "} response: " + response, ">>>Script Include<<<");
return response;
}
catch (e) {
gs.log("'DynamicAjaxQuery' ERROR: " + e + ' - ' + e.message, ">>>Script Include<<<");
}
},

------------------------------------------------------------------

1) Refer the 1st screenshot in my 1st reply ..thats how it looks in related list

2) in form view and if you try to submit then it throws an alert as in client script

View solution in original post

Spence90 · ‎06-19-2020

@cyndim

Were you able to get this working for yourself? Let me know and I can help where needed!

cynlink1 · ‎06-29-2020

Sorry for the delayed response, I was out of the office last week. I wasn't able to get this working myself. I am definitely going to give it another shot with the steps you posted. Thank you so much for circling back with me. I will reach out if I need additional assistance. Have a terrific day!

Neelu2 · ‎11-10-2020

Hi spencerreed,

I tried this solution, however, it did not work for me. I've updated the ACLs still End user is unable to see the attachment link(click here to attach) and for Admin after selecting the attachment it remains on the same form, it did not redirect to parent form.

Can you please assist?

Thanks!

Spencer Reed · ‎11-19-2020

Hi Neelu,

Sorry for the delay in response - it's been quite busy.

My work with the attachments wasn't supposed to allow end-users to see attachments - quite opposite, in fact. Since the attachments table allows end users to see them my client wanted the ability to have certain attachments to their cases to be only viewable by other agents. The new attachment table was supposed to be blocked off so end-users couldn't see them, but I had to add that new table as a related list to the cases so agents could use those to manage their attachments internally.

Android · ‎06-29-2020

شكرا