- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-05-2022 06:29 PM
I am a novice developer.
Please help me with the following question.
I created an application A with catalog items.
After I created it, I noticed that the items in Application A contain items with a high level of confidentiality.
So I would like to restrict the access rights of the records related to Application A in the Catalog Task Table.
Is it possible to make it so that only the system administrator and the staff members who belong to the group that is set as the group to which application A is assigned cannot see the corresponding record?
However, I would like to make the records in the catalog task table other than Application A available to other people in the group in charge who have ITIL roles.
Please let me know if there are any articles that would be helpful.
By the way, the version is Tokyo.
Best regards.
Solved! Go to Solution.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-05-2022 08:00 PM
If you can get away with it, try to use Variable Visibility on the Permission tab of the Variable to accomplish this instead of ACLs on the table. Using ACLs in this way is likely to cause issues for you. You can use variable visibility to ensure that only people with certain roles can read the variables entered by the user. You can also add new variables specifically for the fulfiller team to enter further confidential information if needed (as opposed to work notes). Simply hide these extra variables on the catalog form in the portal with UI policies.
More info on how this works is explained near the bottom of this docs page https://docs.servicenow.com/bundle/tokyo-servicenow-platform/page/product/service-catalog-management...
If you must restrict the entire record, make sure you read and understand the complexities of Access Controls before attempting to write a new control
You will need to write a scripted ACLs on the catalog task table to accomplish the type of restriction you are asking for
An example might look like:
if(gs.hasRole("admin") || gs.getUser().isMemberOf(current.getValue("assignment_group")){
return true;
} else {
return false
}

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-05-2022 08:00 PM
If you can get away with it, try to use Variable Visibility on the Permission tab of the Variable to accomplish this instead of ACLs on the table. Using ACLs in this way is likely to cause issues for you. You can use variable visibility to ensure that only people with certain roles can read the variables entered by the user. You can also add new variables specifically for the fulfiller team to enter further confidential information if needed (as opposed to work notes). Simply hide these extra variables on the catalog form in the portal with UI policies.
More info on how this works is explained near the bottom of this docs page https://docs.servicenow.com/bundle/tokyo-servicenow-platform/page/product/service-catalog-management...
If you must restrict the entire record, make sure you read and understand the complexities of Access Controls before attempting to write a new control
You will need to write a scripted ACLs on the catalog task table to accomplish the type of restriction you are asking for
An example might look like:
if(gs.hasRole("admin") || gs.getUser().isMemberOf(current.getValue("assignment_group")){
return true;
} else {
return false
}
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-10-2022 11:31 PM - edited ‎10-11-2022 12:27 AM
Mr. Luke Van Epen
Thank you for your response.
I will try with the information you provided.
We are currently busy with other tasks.
It may take some time for us to report the result.
I will report back in this chat once the problem is solved.
Thank you for your continued support.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-14-2024 10:40 PM
I have forgotten to reply to your message.
Please forgive me.
I was able to do it by following the procedure you taught me.
Thanks for the one year delay.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-05-2022 09:01 PM
Hello,
The Application A is it a group of variables which you want to restrict or is it fields on the catalog task form. Can you paste some screenshots it would be easier to assist you.
Thanks.