I getting issue that ITIL user able to edit the other user details as he have ITIL roles ,Can anyone help me that how I restrict this
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-19-2016 11:25 PM
Hi,
I got some issue ,That ITIL user can edit or modify the details other ITIL user that breaches some security or its not desired as per requirement .
So how I able to restrict the ITIL user can edit only his details like on incident ticket he will able to edit only his ticket details if ticket assigned to other then only
then only whom to assigned or group they were able to to.
So any one can suggest on above.
Thanks,
Gaurav Rai
ctomasi Michael.Frysnowdevbtruong@ethosgroup.compradeepksharmasurendarmramireddylarstangerob.phillips
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-20-2016 01:07 AM
Hi Deepa ,
How on what condition i will set that above script start running.
Thanks,
Gaurav Rai
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-20-2016 01:13 AM
Hi Gaurav,
The condition I have given you , you have to write in the acl script part.( either create a new acl or add in the existing one).the script will return true if the condition fulfills..i.e user is part og group or in one the fields i.e opened by or caller. (u can modify fields accordingly )
Mark Correct if it solved your issue or hit Like and Helpful if you find my response worthy.
Thanks,
Deepa
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-20-2016 12:56 AM
Yes actually that was miss-understood by me. you can create ACL task table(or Incident/problem/change table).
In case of incident , your code will be like :
I am assuming below thing:
Group member can update the tickets:
whoever is requester(created the incident) can edit the ticket:
if((!current.assignment_group.nil()) { // in case of ticket not assigned to any group, it will be editable so that it can be assigend to any one, means before assignment it will be editable but if its assigned to someone then ticket will not be editable
if (gs.getUser().isMemberOf(current.assignment_group) || (current.assigned_to == gs.getUseID()) || current.requester =- gs.getUseID())) {
answer=true;
}
else {
answer = true;
}
}
else {
answer = true;
}
Please let me know in case of further assistance.
Thanks,
Param
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-20-2016 01:15 AM
Hi Param ,
There is issue is that when ticket assigned to any other group (like CRM_TL (group name) group role is ITIL) and like any other group (SAP_CRM (group name ) and role have ITIL ).On that CRM_TL is able to edit the SAP_CRM group details .
Please suggest How to restrict this .
Thanks,
Gaurav
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-20-2016 01:18 AM
gs.getUser().isMemberOf(current.assignment_group) will allow only its member to access the inc.so you can use this to restrict Gaurav.
Mark Correct if it solved your issue or hit Like and Helpful if you find my response worthy.
Thanks,
Deepa
