- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hello All,
I've a requirement, If any user from Network assignment opens incident list then incident under Network category and incidents assigned to Network group should only show to them. Can someone assist me to write an ACL with Script to achieve this?
Thanks in Advance!
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Three approaches possible
1. ACL
incident table , read operation
condition : gs.hasRole('itil')
Script :
var isNetworkUser = gs.getUser().isMemberOf('Network');
if (!isNetworkUser) {
// If not in Network group, allow normal ACL to apply
answer = true;
return;
}
// For Network group, filter query
var match = current.category == 'Network' || current.assignment_group.name == 'Network';
answer = match;
2. before Query business rule on incident table
table : incident , when : before
if (gs.getUser().isMemberOf('Network')) {
var qc = current.addQuery('category', 'Network');
qc.addOrCondition('assignment_group.name', 'Network');
}
3. USe separate view or module
Create a separate Incident list module under the application menu called “My Network Incidents.”
Add a fixed filter:
category=Network^ORassignment_group.name=Network
If this is a strict security requirement (users must never see other incidents, even via API): use Option 1 (ACL)
in combination with Option 2 (Query BR) for performance.
If it’s just a UI convenience (they can still search for others if needed): use Option 3 with a filtered module.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
try something like below
if (gs.getUser().isMemberOf('Network')) {
// Main condition for category
var mainQuery = current.addQuery('category', 'Network');
// Create a nested OR condition for assignment group
var orCond = current.addQuery('assignment_group.name', 'Network');
orCond.addOrCondition('assignment_group.name', 'Cloud');
// Now mainQuery AND (orCond)
// ServiceNow GlideRecord automatically ANDs separate addQuery() calls
}
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hello @Ct111
Query Business worked well. Thanks so much! I need add onething in the query condition. Can you assist me to update the below query as If (category is Network) AND (Assignemnt group is Network or Cloud)
if (gs.getUser().isMemberOf('Network')) {
var qc = current.addQuery('category', 'Network');
qc.addOrCondition('assignment_group.name', 'Network');
}
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
try something like below
if (gs.getUser().isMemberOf('Network')) {
// Main condition for category
var mainQuery = current.addQuery('category', 'Network');
// Create a nested OR condition for assignment group
var orCond = current.addQuery('assignment_group.name', 'Network');
orCond.addOrCondition('assignment_group.name', 'Cloud');
// Now mainQuery AND (orCond)
// ServiceNow GlideRecord automatically ANDs separate addQuery() calls
}
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago - last edited 3 weeks ago
Hi @Ct111 ,
It worked, thank you! but there is one thing. I restricted network category inc to only visible to network group member, this is working fine but if user opened an incident(or as a caller) under Network category then those INCs not showing service portal or in the list view because of the Network category condition.
If there any possibility in the below script to show the INCs regardless of category if any user opens an INC as caller, opened or watch list under any category then those should
show
Trying to use this condition in Else condition but not working
Need to add if a user in opened by, caller or watch list then regardless of category those INCs should show in the below script.