How to use a before query business rule to hide records if certain catalog item

Go to solution
Blair5
Tera Guru

‎07-31-2020 07:57 AM

I have a requirement to hide an RITM from one catalog request for everyone unless they are the submitter. Additionally, task needs to be hidden to everyone except users in a particular assignment group or the submitter. 

I was going down the ACL path, but since this is such a small use case, I'd rather use an on before query business rule. Any help appreciated!

Labels:
0 Helpfuls
  • 5,454 Views
1 ACCEPTED SOLUTION

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron
In response to Blair5

‎07-31-2020 09:49 AM

@Blair Reinhart 

In query BR you won't know the RITM's catalog item name using the current object

It will add generic query.

In the case of ACL you will have to create new one and update the existing ones so that they don't work for your catalog item.

But note they will be able to see other RITMs belonging to other catalog item as per your requirement.

Example:

1) New ACL

Condition: Catalog Item [IS] Your Catalog item && Request.Requested For [IS] Dynamic Me

find_real_file.png

2) Older ACLs update

Condition: Catalog Item [IS NOT] Your Catalog item

find_real_file.png

Regards
Ankur

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader

View solution in original post

Preview file
92 KB
Preview file
91 KB
9 REPLIES 9

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron

‎07-31-2020 08:08 AM

Hi Blair,

sample query BR below should do the trick

Table: sc_req_item

Condition: gs.getSession().isInteractive() && !gs.hasRole("admin")

Script:

Ensure you give the catalog item sys_id for which it should work

current.addEncodedQuery('cat_item=512d045a076f8010540bf2508c1ed0d4^sys_created_by=' + gs.getUserName());

Regards
Ankur

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader

Go to solution
ying zeng
Tera Contributor
In response to Ankur Bawiskar

‎02-10-2023 02:15 AM

hi 

can you tell me how to create a before BR  to hide the record only if the login user is assignment group member pls..

0 Helpfuls

Go to solution
Jaspal Singh
Mega Patron
Mega Patron

‎07-31-2020 08:24 AM

Hi Blair,

 

Getting business rule created would require more efforts than ACL as in Query business rule you need to esure it does not break existing functionality of visibility & works only for required item.

Better would be an ACL approach for Table level with script as below.

find_real_file.png

Script:

if(current.cat_item=="sys_id_of_catalog_item")
{
	if(current.request.requested_for==gs.getUserID()){
		answer=true;
	}
	else{
		answer=false;
	}
}

Somethig similar for Catalog tasks. But this will have ACL message of 'Security constraint....' which will relatively be only specific case for Query Business Rule

Preview file
31 KB

Go to solution
Blair5
Tera Guru
In response to Jaspal Singh

‎07-31-2020 08:38 AM

What if there are already 5 table level read ACLs defined? Do each of those need to be updated to include this script?

0 Helpfuls