- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-27-2026 05:10 AM
Hi All,
I have a requirement only opened by should able to see the Req and RITM not other even requested for should not able to see the request for particular catalog item.
I tried restricted via ACL and Query BR but still requested for and other ITIL users able to see the RITM and REQ.
Please guide me which is the best approach.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-27-2026 10:56 PM
you can enhance that
something like this
(function executeRule(current, previous /*null when async*/ ) {
if (!gs.getSession().isInteractive() || gs.hasRole('admin')) {
return;
}
var catItemId = 'PUT_CATALOG_ITEM_SYS_ID_HERE';
var allowedGroupId = 'PUT_GROUP_SYS_ID_HERE';
var userId = gs.getUserID();
// If user is in the allowed group, allow full access to this catalog item's RITMs
if (gs.getUser().isMemberOf(allowedGroupId)) {
return;
}
// For the restricted catalog item:
// show only records where request.opened_by is current user
// all other catalog items remain visible as usual
current.addEncodedQuery(
'cat_item!=' + catItemId +
'^NQcat_item=' + catItemId + '^request.opened_by=' + userId
);
})(current, previous);💡 If my response helped, please mark it as correct ✅ and close the thread 🔒— this helps future readers find the solution faster! 🙏
Ankur
✨ Certified Technical Architect || ✨ 10x ServiceNow MVP || ✨ ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-28-2026 02:02 AM
I tried but not working .
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-28-2026 09:32 PM
The code is not working it is going to the else loop.
(function executeRule(current, previous /*null when async*/ ) {
var restrictegrp = 'sys_id';
if (!gs.getSession().isInteractive() || gs.hasRole('admin') || gs.getUser().isMemberOf(restrictegrp)) {
return;
}
var userId = gs.getUserID();
var restrictedItemSysId = 'sys_id';
var ritmGr = new GlideRecord('sc_req_item');
ritmGr.addQuery('cat_item', restrictedItemSysId);
ritmGr.addQuery('opened_by', '!=', userId);
ritmGr.query();
var hiddenReqIds = [];
while (ritmGr.next()) {
gs.info('Found RITM: ' + ritmGr.sys_id + ' request: ' + ritmGr.request);
if (ritmGr.request) {
hiddenReqIds.push(ritmGr.request.toString());
}
}
if (hiddenReqIds.length > 0) {
gs.info('Hiding requests: ' + hiddenReqIds.join(','));
current.addQuery('sys_id', 'NOT IN', hiddenReqIds.join(','));
} else {
gs.info('No restricted RITMs found for user ' + userId);
}
})(current, previous);
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-30-2026 03:45 AM
I tried this code in Request table but it not hidding only for particular item its hidding all the catalog item if opened by is not the logged in.
(function executeRule(current, previous /*null when async*/ ) {
var restrictegrp = 'sys_id';
if ( gs.hasRole('admin') || gs.getUser().isMemberOf(restrictegrp)) {
return;
}
var userId = gs.getUserID();
var catItemId = 'sys_id';
var disable = current.addJoinQuery('sc_req_item', 'request'); // request is the reference field on sc_req_item
disable.addCondition('cat_item', catItemId);
current.addEncodedQuery('opened_by=' + userId + '^NQrequest_item.cat_item!=' + catItemId);
})(current, previous);
Even i mentioned only item need to be restricted, all sc_request got restricted for all users
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-30-2026 04:00 AM
your syntax is wrong
current.addJoinQuery()
💡 If my response helped, please mark it as correct ✅ and close the thread 🔒— this helps future readers find the solution faster! 🙏
Ankur
✨ Certified Technical Architect || ✨ 10x ServiceNow MVP || ✨ ServiceNow Community Leader
