- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-18-2015 01:30 AM
Hello all,
I am trying to build an application which is used globally but limit visibility by regions and I am currently looking at using roles.
I want users to be able to see the records created (or opened) by a person with the same role. For example, I create a record and I have a role called "Europe". Other users with the same role should see and edit those records. But a user without the role should not see records I have created.
ACL for the table is probably the way to go but how do I script checking of the role?
Thanks,
Henrikki
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-20-2015 04:18 AM
gs.getUser().getLocation() returns a sys_id of a cnm_location record. You'll need to retrieve the record first before dot-walking.
var gr = new GlideRecord('cnm_location');
gr.get(gs.getUser().getLocation());
gr.parent.parent; // return region
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-18-2015 03:25 AM
But I would need ACL to prevent users from other regions to simply enter a record number or sys_id to view a record not opened by a user from his/her region?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-18-2015 03:34 AM
Even the before query business rule will not allow you to do this. It will filter out the records created by users of other regions. Where as ACL will restrict the records created by users of other regions.
Both will make the same set of records visible. Only thing is how they are shown.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-18-2015 03:35 AM
This post might help you - ACL verses Before Query Business Rule
