All I can say is that this has been a frustrating search for a solution. Granted, I am NOT a developer. At one point I had resigned myself to having to create a Business Rule, Catalog UI Policy, or a Catalog Client Script and found that path a bit intimidating because it can be challenging to find example code that would fit my purpose. I also found many of the of the 'solution' providers were lacking true information related to the question or issue and I think were they make assumptions on the readers experience or skill level by using acronyms or vague references. But none the less, people in the forums are genuinely interested in trying to help, which I know is appreciated by all.
In my situation, I needed to create a new store catalog with items for our internal users. I wanted to include the ability for some people to submit an order for other staff members, but didn't want that ability for everyone.
I created the catalog, I created the item, I created some variables (color, or size) as simple variables, but then I created a variable set called "Requested For" referencing the sys_user table, and then found, low and behold, that there is an Out of the Box reference type just for this purpose!
I created a group called 'store admin' and added specific users into that group. I created a role called store_admins, and assigned that role to the group. Then I set the variable permissions to include that role. It would have been nice if I could have been able to select ROLE - or - GROUP but oh well.
It did take some trial and error, but I eventually got it work the way I wanted.
** Initially I had only entered the role under WRITE, and left READ empty. According to their rules, if READ is empty, that means it's TRUE no matter what because there's no validation happening so the variable was always visible. By including the ROLE in both permissions it resolved the frustration I was having. And I can now manage the group rather than individual users, or dealing with client scripts, sys_id's, or policy and business rule logic.
Variable set > variable:
Catalog store page: (*note: color option variables available)
Catalog store page: as seen by the user with the store_admin role:
I hope others may find this useful. ServiceNow has dozens of ways to accomplish the same goals. This was the path I chose.
God bless!
