How to prevent users from seeing other RITM request by going into sc_req_item.list

Peter Williams · ‎07-31-2024

Good Day,

i need to be able to restrict users that is non-itil to prevent them from seeing other ritm request when they go into sc_req_item.list

at the moment they can see this:

i want them to only see items they submitted or of they are apart of the watch list.

i tried the ACL but it doesnt filter the list for it

how can i do this please?

Sumanth16 · ‎07-31-2024

Hi @Peter Williams ,

ACLs, while normally the perfect answer to security questions, always result in the 'Number of rows removed' issue when using a 'Read' operation for records.

In order to avoid this, you need to use a 'before query' business rule on the 'sc_req_item' table. A script like this should do the trick...it's based off of the out-of-box 'incident query' business rule that does the same thing for incidents.

if (!gs.hasRole("itil") && gs.isInteractive()) {

var u = gs.getUserID();

var qc = current.addQuery("request.requested_for", u).addOrCondition("opened_by", u).addOrCondition("watch_list", "CONTAINS", u);

gs.print("query restricted to user: " + u);

}

Plz mark my solution as Accept, If you find it helpful.

Thanks & Regards,

Sumanth meda

View solution in original post

jMarshal · ‎07-31-2024

It's something you have to install, but provided by ServiceNow. It think you can find it in plugins - try this link with your instance:

https://INSTANCE-NAME.service-now.com/now/app-manager/home/plugin/id/com.glide.data_filtration/details