Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

How to create ACL to restrict visibility of a field so that some users and groups can view this field

Go to solution
Nikita40
Tera Contributor

‎01-05-2021 12:49 AM

I want to create an ACL for cmdb_ci_server table so that for a field, for which I need to restrict visibility so some users and groups will be able to see that field. So How can I create script in ACL to add this users and groups ?

Thanks in advance.

0 Helpfuls
  • 3,915 Views
1 ACCEPTED SOLUTION

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron
In response to Nikita40

‎01-06-2021 11:40 PM

Hi,

So it should be shown when logged in user is member of CAB Approval or that logged in user is present in list of sys_ids in that system property

Is that system property holding multiple user sys_ids with comma separation

then update as this

answer=false;

if(gs.getUser().isMemberOf('CAB Approval') || gs.getProperty('cmdb_ci_server.os.user.visibility').indexOf(gs.getUserID()) > -1 )
{
answer=true;
}
else{
answer=false;
}

Regards
Ankur

Regards,
Ankur
✨ Certified Technical Architect  ||  ✨ 9x ServiceNow MVP  ||  ✨ ServiceNow Community Leader

View solution in original post

25 REPLIES 25

Go to solution
Sam Ogden
Tera Guru

‎01-05-2021 12:54 AM

Hi Nikita,

You could create a custom role and then make a read ACL that requires that role.  Then just assign the role to the groups/users that need to have visibility - this way you shouldn't need to write a script.

As per best practice you may be best to create a new group and assign the role to the group and then add the users to this group - rather than manually assigning the role to individual users.

Hope this helps

Thanks

Sam

0 Helpfuls

Go to solution
Nikita40
Tera Contributor
In response to Sam Ogden

‎01-05-2021 12:56 AM

Thanks for your reply. But I want to do this without creating role.I want to do this using script in ACL.

0 Helpfuls

Go to solution
Community Alums
Not applicable

‎01-05-2021 12:59 AM

Hi Nikita,

I have attached a video which will guide you in implementing the exact above scenario and even help you to understand ACL.

 

ACL Video

//You can do it through code or adding all to the same group

var answer = false; //Restrict access by default
if(gs.hasRole('user_admin') || current.group.manager == gs.getUserID()){
   answer = true; //Allow access if user has 'user_admin' role or is group manager
}

 Please mark the solution as helpful and correct if it helps you.

 

Regards,

Akshay

0 Helpfuls

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron

‎01-05-2021 01:00 AM

Hi,

In the Field Level READ ACL Set

-> Advanced checkbox as true

-> Give this script

Ensure you give Group Names and Valid User SysIds for whom it should be seen

answer = checkCondition();

function checkCondition(){

if(gs.getUser().isMemberOf('Group ABC') || gs.getUser().isMemberOf('Group DEF') || gs.getUserID() == "User A SysId" || gs.getUserID() == "User B SysId"){
return true;
}
else{
return false;
}
}

Regards
Ankur

Regards,
Ankur
✨ Certified Technical Architect  ||  ✨ 9x ServiceNow MVP  ||  ✨ ServiceNow Community Leader
0 Helpfuls