How to restrict specific groups or categories of incidents to only its group members and the creator
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-05-2023 01:22 PM
I want to restrict some groups of Incidents to only its group members and the incident creators. I have found the below KB and it is working only for the group members, but the incident creator is unable to see the created incident. I have tried adding addOrCondition for the sys_creator_by, but it is not working. Please share some ideas to achieve this.
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0790987
Steps to Perform
- Create a Before -Query Business rule on 'Incident' table
- In the Advanced tab, set the condition as:
!gs.getUser().isMemberOf('<group name to be restricted for other users>') - In the script field, update sys_id of the group to be restricted
(function executeRule(current, previous /*null when async*/ ) {
var grp = current.addNullQuery('assignment_group').addOrCondition('assignment_group','!=','<sys_id of the group to be restricted for other users>');
})(current, previous);
This Before-Query Business rules restrict the incidents assigned to the specific group visible only to those group members
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎11-15-2023 01:31 AM
Could you share some example please.
i tried (active=true And assignment group is the one which needs the ticket to be sent)
but unfortunately the tickets are now visible to everyone .
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎11-15-2023 01:48 AM
Please find below example query which I have used.
var qc = current.addEncodedQuery("categoryNOT INCategory1,Category2,Category3,^ORopened_byDYNAMICsysId");
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎11-11-2023 11:05 AM
Update these two things in your code.
1. Condition
!gs.getUser().isMemberOf('<group name to be restricted for other users>') || current.opened_by == gs.getUserID()
2. update the script
var grp = current.addNullQuery('assignment_group').addOrCondition('assignment_group','!=','<sys_id of the group to be restricted for other users>').addOrCondition('opened_by',gs.getUserID());
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-13-2024 04:27 PM
it looks like this is only working one way for me. everyone outside the group cannot see the ticket which is good, but if I belong to the group I see all the tickets(only should see my groups).
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-14-2024 09:57 AM
I can get this to work when there is only a single group. How do I make this work if I own 7 groups and I only want the members of the 7 groups to see these tickets unless or until they are moved out of one of the 7 groups?
