- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-18-2015 01:30 AM
Hello all,
I am trying to build an application which is used globally but limit visibility by regions and I am currently looking at using roles.
I want users to be able to see the records created (or opened) by a person with the same role. For example, I create a record and I have a role called "Europe". Other users with the same role should see and edit those records. But a user without the role should not see records I have created.
ACL for the table is probably the way to go but how do I script checking of the role?
Thanks,
Henrikki
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-20-2015 04:18 AM
gs.getUser().getLocation() returns a sys_id of a cnm_location record. You'll need to retrieve the record first before dot-walking.
var gr = new GlideRecord('cnm_location');
gr.get(gs.getUser().getLocation());
gr.parent.parent; // return region
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-20-2015 04:18 AM
gs.getUser().getLocation() returns a sys_id of a cnm_location record. You'll need to retrieve the record first before dot-walking.
var gr = new GlideRecord('cnm_location');
gr.get(gs.getUser().getLocation());
gr.parent.parent; // return region
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-20-2015 06:30 AM
This finally worked:
var currentLocation = gs.getUser().getLocation();
var loc = new GlideRecord('cmn_location');
loc.get(currentLocation);
var currentRegion = loc.parent.parent;
var users = [];
var otherUsers = new GlideRecord('sys_user');
otherUsers.addQuery('location.parent.parent',currentRegion);
otherUsers.addQuery('roles', "x_nyrs2_xtra_tasks.user");
otherUsers.addActiveQuery();
otherUsers.query();
while(otherUsers.next())
{
users.push(otherUsers.getValue('sys_id'));
}
gs.log('HH: '+users.toString());
Thanks for Tanaji and Kalaiarasan for your help!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-18-2015 03:10 AM
Using ACL will give you Access Restricted or similar message on the list view and may result in showing only few records on the each page..
This might make the users to click next several times to get their records.
For e.g. If your list page can show 20 records at a time, then because of ACL restriction may show 3 on the first then 5 on the next and so on...
Even though ACLs are more secure you can also use before query business rule. It will filter the records and show only those records which pass the filter overcoming the problem with ACLs
I would recommend writing both, before query BR and ACLs, to be more secure and flexible for the same.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-18-2015 03:12 AM
How about that BR script then?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-18-2015 03:13 AM
It will show you 20 filtered records on each page.
