Make All Incident Fields Read-Only When Impersonating the Assigned To User

DevYadav
Tera Contributor

‎06-24-2025 09:14 AM

I have a requirement to make all fields in the Incident table read-only when I impersonate the user who is set in the "Assigned to" field of that specific incident record. Essentially, when I impersonate the assigned user and view/edit that particular incident, all form fields should become read-only to prevent modifications. I need guidance on the most efficient approach to achieve this functionality - whether through UI Policy, Client Script, or Business Rule - that can detect when the current impersonated user matches the incident's assigned to field and dynamically make all fields read-only for that scenario. What would be the recommended method to implement this user-specific impersonation check and are there any performance considerations I should keep in mind?

 
 
0 Helpfuls
  • 364 Views
3 REPLIES 3

Chaitanya ILCR
Kilo Patron

‎06-24-2025 09:44 AM

Hi @DevYadav 

create a Deny unless write acl

ChaitanyaILCR_0-1750783426287.png

with script

var impObj = new GlideImpersonate();

answer = !(gs.getUserID() == current.getValue('assigned_to') && impObj.isImpersonating());

ChaitanyaILCR_1-1750783483507.png

 

 

Please mark my answer as helpful/correct if it resolves your query.

Regards,
Chaitanya

 

0 Helpfuls

Manoj89
Giga Sage

‎06-24-2025 10:17 AM

Hi,

 

Add a security attribute "Impersonating=false" to the table level write ACL of Incident table.

Manoj89_0-1750785394390.png

 

0 Helpfuls

tajinderpal
Tera Contributor

‎06-24-2025 11:51 AM

Hi @DevYadav 

 

You can create a new On Load client script:

 

(function executeRule(current, gForm, gUser, gSNC) {
// Check if impersonation is active
if (g_user.hasRole('admin')) return; // Skip admin users

var actualUser = g_user.userID; // The logged-in user (could be impersonated)
var assignedTo = gForm.getValue('assigned_to');

// Check if impersonating and user matches the "Assigned to" field
if (actualUser === assignedTo && top.NOW.user && top.NOW.user.impersonating) {
// Make all fields read-only
var allFields = gForm.getEditableFields();
for (var i = 0; i < allFields.length; i++) {
gForm.setReadOnly(allFields[i], true);
}
}
})(current, gForm, g_user, g_snc);

 

Thanks,

Tajinder

 

Please consider marking my answer as helpful and accepting it as the solution if it assisted you in any way.

0 Helpfuls