How can we restrict records on sc_task based on Role of logged in User without impacting the other ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-10-2023 10:20 AM
How can we restrict records on sc_task based on Role of logged in User without impacting the other ?
When we write ACL it stopped creating task for subflow which had the other role.
Please guide on restricting records on sc_task based on Role of logged in User?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-10-2023 10:23 AM
Did you just create a read ACL or did you do something else? What have you tried?
If you are trying to prevent someone from seeing the data in the variables then you can just set a read role for the variables and not mess with the sc_task table.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-13-2023 12:47 AM
But we need to restrict Admin and Others on Catalog Task, Requested Item and Request records?
Is it through ACL or any other way?
Please confirm how we write ACL to restrict Admin on Catalog Task, Requested Item and Request records?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-11-2023 10:12 AM
To restrict records on sc_task based on the role of the logged-in user without impacting the other users in ServiceNow, you can create an Access Control List (ACL) with a condition that checks the role of the logged-in user and applies the restriction only for that user role.
Here are the steps to create an ACL for restricting records on sc_task based on the role of the logged-in user:
Navigate to the "Access Control Rules" module in ServiceNow and click on "Create New".
Select the "Table" as "sc_task" and fill out the other required fields.
In the "Condition" tab, add a condition that checks the role of the logged-in user using the "gs.getUser().getRoles()" function. For example, if you want to restrict access for users with the "itil" role, you can use the following condition: "gs.getUser().getRoles().indexOf('itil') != -1"
In the "Script" tab, add the script to restrict the records based on the condition. For example, if you want to restrict access to only the tasks assigned to the user, you can use the following script:
if (current.assignment_group && current.assignment_group.manager == gs.getUserID()) {
// Allow access to tasks assigned to the user
answer = true;
} else {
// Deny access to other tasks
answer = false;
}
- Save the ACL and test it by logging in with a user with the restricted role and verifying that they can only access the appropriate records.
Note: Make sure to thoroughly test the ACL before implementing it in a production environment to ensure that it works as expected and does not impact other users.
Please mark my reply as Helpful and/or Accept Solution, if applicable. Thanks!
