Hi Team ,
can any one please help me on this request?
Incidents which are assigned to CFS-CFSEdge-SUP limit view to the Opened By and the Caller and CFS-CFSEdge-SUP grp members
I have configured :- Before - query
condition - !gs.getUser().isMemberOf('CFS-CFSEdge-SUP')
(function executeRule(current, previous /*null when async*/ ) {
if (!gs.getUser().isMemberOf('CFS-CFSEdge-SUP')) {
// Check if the incident assignment group is not CFS-CFSEdge-SUP
var grpCondition = current.addNullQuery('assignment_group').addOrCondition('assignment_group', '!=', '6b9033d187c72550141931140cbb35e1');
// Check if the business service is not CFS Edge Production
// SNC Debug - start
//current.addQuery('business_service', '!=', 'CFS Edge Production');
current.addNullQuery('business_service').addOrCondition('business_service', '!=', 'CFS Edge Production');
// SNC Debug - end
}
//gs.addInfoMessage(current.getEncodedQuery());
})(current, previous);
If any end user - raising incident from the portal ,
coming below error ,
can anyone please modify my script . so that end user can see their incident ,
then update as this in OOB query BR "incident query"
restrictIncidents();
function restrictIncidents() {
if (!gs.hasRole("itil") && !gs.hasRole("sn_incident_read") && gs.isInteractive()) {
// if member then do this else use the OOB logic
if (gs.getUser().isMemberOf('CFS-CFSEdge-SUP')) {
var u = gs.getUserID();
current.addQuery("caller_id", u).addOrCondition("opened_by", u).addOrCondition("assignment_group.name", "CFS-CFSEdge-SUP");
} else {
//Do NOT restrict Incidents if SPM premium plugin is active AND user has the service_viewer role.
if (GlidePluginManager.isActive('com.snc.spm') && gs.hasRole('service_viewer'))
return;
if (GlidePluginManager.isActive('sn_fsm_itsm_mng') && gs.hasRole('wm_ext_agent'))
return;
// STRY52118544: ham_user is added to support incident read for reporting on HAM store app
if (GlidePluginManager.isActive('com.sn_hamp') && gs.hasRole('sn_hamp.ham_user')) {
return;
}
// DEF0330091: Allow query on OT Incident with sn_ot_incident_read role
if (GlidePluginManager.isActive('com.sn_ot_inc_mgmt') && gs.hasRole("sn_ot_incident_read"))
return;
// Responders should be able to access all incidents
if (gs.hasRole("sn_sow_srm.srm_responder")) {
return;
}
var u = gs.getUserID();
current.addQuery("caller_id", u).addOrCondition("opened_by", u).addOrCondition("watch_list", "CONTAINS", u);
}
}
}Something like this in OOB Table level READ ACL
https://instanceName.service-now.com/nav_to.do?uri=sys_security_acl.do?sys_id=7da3bda1c0a801667dc88c1e9527f776
if (gs.getUser().isMemberOf('CFS-CFSEdge-SUP')) {
current.opened_by == gs.getUserID() || current.caller_id == gs.getUserID() || current.assignment_group.name == 'CFS-CFSEdge-SUP';
} else {
current.opened_by == gs.getUserID() || current.caller_id == gs.getUserID() || current.watch_list.indexOf(gs.getUserID()) > -1;
}
If my response helped please mark it correct and close the thread so that it benefits future readers.
