make it so the approver of an request has read access to the RITM

Brian Lancaster · ‎02-01-2017

How can I setup and ACL on the RITM table so that the approver has Read only access?

Brian Lancaster · ‎02-27-2017

I finally got a response from Hi. I have made the Original ACL inactive and crated a new one with the following code. So far it seems to be working in my dev instance.

isHisApproval();



function isHisApproval(){

   if(current.isNewRecord() || current.opened_by == gs.getUserID() || current.request.requested_for == gs.getUserID() || 

       gs.hasRole('itil')){

   return true;

   }

   var lv_app_obj = new GlideRecord('sysapproval_approver');

   lv_app_obj.addQuery('approver', gs.getUserID());

   lv_app_obj.addQuery('sysapproval', current.sys_id);

   lv_app_obj.query();

   if(lv_app_obj.next()){

   return true;

   }

   return false;

}

View solution in original post

dvp · ‎02-01-2017

I'm not sure where the glide.approval is

But, are there any read ACL's with * on request item table. Can you check that?

Brian Lancaster · ‎02-01-2017

There are not read ACL with a * on the table.

Brian Dailey1 · ‎02-01-2017

Also check for a record ACL with read permissions on Requested Item, this would appear as table_name only (i.e., no *) in the ACL list.

e.g., 'sc_req_item' / '--none--'

Thanks,

-Brian

Brian Lancaster · ‎02-02-2017

None of them have a * they are all just table name except for a few that are sc_req_item.something. If you mean having a read ACL with no roles that would allow everybody to see anybodies RITM which is not allowed.

BryanS413339635 · ‎02-02-2017

We are having the same issue. I'm about to enter a HI ticket as it seems like the OOB ACL isn't working.