Make field editable when group is eligible
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-23-2025 12:44 AM - edited 06-26-2025 12:48 AM
Hi All,
Please help me on below ACL Part
there 3-groups in system property and a field (time_worked) on incident list am trying to create write ACL to make field editable for user who is part the group in system property, when i try to make field edit for any other groups which is not there in system property then (time_worked) field should be readonly.
Can any one assist me on this
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-23-2025 01:32 AM
Hi @jaip3040,
You can try the following script in your ACL script.
var allowedGroups = gs.getProperty('time_worked_grps', ''); // add your system property instead of time_worked_grps
if (!allowedGroups) {
answer = false;
} else {
var groupList = allowedGroups.split(',');
for (var i = 0; i < groupList.length; i++) {
if (gs.getUser().isMemberOf(groupList[i].trim())) {
answer = true;
break;
}
}
if (answer !== true) {
answer = false;
}
}Regards,
Ehab Pilloor
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-23-2025 01:33 AM
- In the Script section of the ACL, add the following script to check if the user belongs to any of the eligible groups.
Retrieve the Sys IDs of the eligible groups from the 'youre_system_propert_name'system property.
then checks if the current user belongs to any of the eligible groups.
If the user is part of one of those groups, it returns true, allowing the user to edit the time_worked field.
If the user is not part of any of the eligible groups, it returns false, making the field readonly.
var eligibleGroups = gs.getProperty('youre_system_propert_name' '');
// Split the Sys IDs into an array
eligibleGroups = eligibleGroups.split(',');
// Get the groups of the current logged-in user
var userGroups = gs.getUser().getMyGroups();
var isEligible = false;
// Check if any of the user's groups match the eligible groups
for (var i = 0; i < userGroups.length; i++) {
if (eligibleGroups.indexOf(userGroups[i]) !== -1) {
isEligible = true;
break;
}
}
// Return true (editable) if user is in an eligible group, otherwise false (readonly)
isEligible;
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-26-2025 04:13 AM
that system property contains group sysId?
If yes then use this advanced script on your field level WRITE ACL
If that property contains group name then dot walk name field in addQuery instead of sys_id
var gr = new GlideRecord("sys_user_grmember");
gr.addQuery("user", gs.getUserID());
gr.addQuery('group.sys_id', 'IN', gs.getProperty('propertyName'));
gr.setLimit(1);
gr.query();
answer = gr.hasNext();If my response helped please mark it correct and close the thread so that it benefits future readers.
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-26-2025 08:23 PM
Hope you are doing good.
Did my reply answer your question?
If my response helped please mark it correct and close the thread so that it benefits future readers.
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
