Incident record(eg:INC0010001) need to visible only for the particular Assignment group members.

Go to solution
praveen1231
Tera Contributor

‎10-03-2023 12:23 AM

Hi,

My scenario is- I had created new Record Producer and submitted the record (INC0010001). I added the Record Producer script to set the Assignment group. When I impersonate with another user who is not in assignment group, the record (INC0010001) need not to be displayed. Incident record (INC0010001) is only visible to assignment group members, who is in the incident table assignment group filed. Please let me know if you have any idea regarding this. Thanks

0 Helpfuls
  • 1,264 Views
2 ACCEPTED SOLUTIONS

Go to solution
Peter Bodelier
Giga Sage
In response to praveen1231

‎10-03-2023 12:55 AM

In that case, you are going to need to review your ACL's.

 

All Read ACL's which contain some relationship to a user in a group or a group itself will need to be checked.

In condition you can add Assignment group , Is dynamic , One of my groups.

 

Please make sure you don't edit the ACL's related to for example the caller, watchlist etc, because you will limit the user to see and update their own records.


Help others to find a correct solution by marking the appropriate response as accepted solution and helpful.

View solution in original post

0 Helpfuls

Go to solution
Peter Bodelier
Giga Sage
In response to praveen1231

‎10-03-2023 01:31 AM

Hi @praveen1231,

 

Have you gone through all other incident ACL's? Just creating a new one is not enough.

If any ACL's matches it will give access, so the OOTB ACL's, are now probably just saying, this user has itil or incident_read role, so that user can see all incidents.


Help others to find a correct solution by marking the appropriate response as accepted solution and helpful.

View solution in original post

26 REPLIES 26

Go to solution
Peter Bodelier
Giga Sage
In response to praveen1231

‎10-03-2023 02:55 AM

Good to hear, happy to help 🙂


Help others to find a correct solution by marking the appropriate response as accepted solution and helpful.
0 Helpfuls

Go to solution
Anand Kumar P
Giga Patron
Giga Patron

‎10-03-2023 12:54 AM

Hi @praveen1231 ,

Create read acl on incident table and in script  use below script.

if(gs.getUser().isMemberOf(current.assignment_group)){
answer=true;
}else{
answer=false
}

Thanks,

Anand 

0 Helpfuls

Go to solution
Peter Bodelier
Giga Sage
In response to Anand Kumar P

‎10-03-2023 12:56 AM - edited ‎10-03-2023 12:56 AM

Hi @Anand Kumar P@praveen1231,

 

This will not work. Existing ACL's will still allow access. Other than that, it's not needed to script this. Just use condition builder.


Help others to find a correct solution by marking the appropriate response as accepted solution and helpful.
0 Helpfuls

Go to solution
praveen1231
Tera Contributor
In response to Anand Kumar P

‎10-03-2023 01:32 AM

@Anand Kumar P  I'm sorry to say this but it couldn't work. Please refer the following screen short weather I make any error.

praveen1231_1-1696321953549.pngpraveen1231_2-1696321963745.png

 

0 Helpfuls

Go to solution
Anand Kumar P
Giga Patron
Giga Patron
In response to praveen1231

‎10-03-2023 03:11 AM

Hi @praveen1231 ,

As suggested by @Peter Bodelier, if there is any out-of-the-box (OOB) ACL in place, it may restrict permissions, and you should also review any existing ACLs to ensure they do not conflict with the desired access permissions.

Thanks,

Anand