How to restrict specific groups or categories of incidents to only its group members and the creator

Muhammed Udhuma · ‎10-05-2023

I want to restrict some groups of Incidents to only its group members and the incident creators. I have found the below KB and it is working only for the group members, but the incident creator is unable to see the created incident. I have tried adding addOrCondition for the sys_creator_by, but it is not working. Please share some ideas to achieve this.

https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0790987

Steps to Perform

Create a Before -Query Business rule on 'Incident' table

In the Advanced tab, set the condition as:

!gs.getUser().isMemberOf('<group name to be restricted for other users>')

In the script field, update sys_id of the group to be restricted

(function executeRule(current, previous /*null when async*/ ) {
var grp = current.addNullQuery('assignment_group').addOrCondition('assignment_group','!=','<sys_id of the group to be restricted for other users>');
})(current, previous);

This Before-Query Business rules restrict the incidents assigned to the specific group visible only to those group members

Peter Bodelier · ‎10-16-2023

@Muhammed Udhuma,

Good to hear. Please close the thread by marking my response as correct.

Help others to find a correct solution by marking the appropriate response as accepted solution and helpful.

Renu4 · ‎10-30-2023

Hi Muhammed Udhuma,

Can you guide me please.

Trying to accomplish the same task and followed the KB article you mentioned in your query .

Unfortunately i am still stuck.

Please find my code below.

i have attached as screen shots and code as well.

PREVIEW

(function executeRule(current, previous /*null when async*/ ) {
var grp = current.addNullQuery('assignment_group').addOrCondition('assignment_group','!=','c5a6de591b18e5906eea64a5604bcb79');
})(current, previous);

Muhammed Udhuma · ‎11-11-2023

Hi @Renu4 ,

I am using the below code and it is working. Please try and let me know.

==========================================

(function executeRule(current, previous /*null when async*/ ) {

if (gs.isInteractive()) {

testSec();

}

function testSec() {

var testGroups = gs.getProperty('<sys property group name>');

var myGroupsArr = getMyGroups().toArray();

var restrictRecord = true;

for (var i = 0; i < myGroupsArr.length; i++) {

if (testGroups.indexOf(myGroupsArr[i]) >= 0) {

restrictRecord = false;

}

if (restrictRecord == true) {

var qc = current.addEncodedQuery("<add the filtered query here>");

}

})(current, previous);

==========================================

Renu4 · ‎11-14-2023

Hi Udhuma,

What should i be adding in the filtered query?

also what should go into condition field.

if (restrictRecord == true) {
                    var qc = current.addEncodedQuery("<add the filtered query here>");         
                }
            }
        })(current, previous);

Muhammed Udhuma · ‎11-15-2023

Hi @Renu4 ,

Filtered query (<add the filtered query here>): Please go to your incident list and filter your required list and then right click on the filter and click "copy query" and paste that query into that place.

Conditions: !gs.getUser().isMemberOf(gs.getProperty('sys property group name'))