How do I restrict users to only see records assigned to Assignment groups they are members of?

Malin1
Tera Contributor

Hi,

 

how do I restrict users to only see records (incidents, xxTasks, problems, changes ) assigned to Assignment groups they are members of and caller to? I have created a specific role since the restriction should not apply to users with the role itil. 

 

Why we would like to have this restriction is that we have supportgroups out in the business that should not be able to see and work with all incidents, SCTasks, problems and so on. 

 

I am thinking maybe BR or ACL?

 

New to Servicenow and developing so any help would be highly appreciated, thanks

5 REPLIES 5

AndersBGS
Tera Patron
Tera Patron

Hi @Malin1 ,

 

Please see the KB article from 2022 which describes the answer to your question: https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0748356

 

If my answer has helped with your question, please mark my answer as accepted solution and give a thumb up.

 

best regards

Anders

If my answer has helped with your question, please mark my answer as the accepted solution and give a thumbs up.

Best regards
Anders

Rising star 2024
MVP 2025
linkedIn: https://www.linkedin.com/in/andersskovbjerg/

Community Alums
Not applicable

Hi @Malin1 ,

You can write a BR on the particu;ar table, with condition 

Condition: gs.getUser().isMemberOf("YourGroupNameHere")

Steps to Perform

  1. Create a Before -Query Business rule on 'Incident' table
  2. In the Advanced tab, set the condition as:
    !gs.getUser().isMemberOf('<group name to be restricted for other users>') 
  3. In the script field, update sys_id of the group to be restricted

 

(function executeRule(current, previous /*null when async*/ ) {
var grp = current.addNullQuery('assignment_group').addOrCondition('assignment_group','!=','<sys_id of the group to be restricted for other users>');
})(current, previous);

 

This Before-Query Business rules restrict the incidents assigned to the specific group visible only to those group members

 

 

 

 

Hi,

 

thank you for your quick response and guidance. I have managed to create this BR and it works. But is it possible to make the BR to apply to all Assignment groups the user is member of and not just one?

 

Thanks!

Community Alums
Not applicable

Hi @Malin1 ,

It's always recommended to do it group level not user level.