Permissions to view templates regardless of Assignment Group

LaraReddy · ‎11-20-2023

Hiii,

Can anyone please help us how to provide the access to view all incident templates to one particular user??

Currently user is able to see only his group templates.

Thanks,
LARA

Tai Vu · ‎11-21-2023

Hi @LaraReddy

Certainly, we need the ACL to provide access to the record initially.

Regarding the OOTB business rule, customization is required.

Below is for the requirement custom role [temp_access] user able to see only incident related templates.

(function executeRule(current, previous /*null when async*/ ) {

    if (gs.hasRole("temp_access")) {
        current.addEncodedQuery('table=incident');
        return;
    }
    roTemplates();

})(current, previous);


function roTemplates() {
    var query = "global=true^ORuser=" + gs.getUserID() + "^ORgroups=javascript&colon;gs.getUser().getMyGroups()";
    current.addEncodedQuery(query);
}

If you want to grant access to all templates in the Incident table and also allow users to access templates shared with them, use the adjusted code below:

(function executeRule(current, previous /*null when async*/ ) {

    roTemplates();

})(current, previous);


function roTemplates() {
    var query = "global=true^ORuser=" + gs.getUserID() + "^ORgroups=javascript&colon;gs.getUser().getMyGroups()";
    if (gs.hasRole("temp_access")) {
        query += '^ORtable=incident';
    }
    current.addEncodedQuery(query);
}

Cheers,

Tai Vu

View solution in original post

Tai Vu · ‎11-20-2023

Hi @LaraReddy

You can define an ACL Read in the Templates [sys_template] table, which have the condition as Table is Incident.

Then you can add the dedicated Role for the above ACL and grant the Users that Role.

Cheers,

Tai Vu

LaraReddy · ‎11-21-2023

Hi Tai,
Thanks for the response.

We tried your suggestion but still user is not able to access all the incident templates.

Thanks,
Lara

Tai Vu · ‎11-21-2023

Hey @LaraReddy

There's one more Before Query Business Rule we need to update. You can find below.

Name: SNC Template Query

URL: https://<instance_name>/sys_script.do?sys_id=f5ab8f060a0a0bc50013f5ab4b8315c1

Just exclude your custom role in the Business Rule.

Sample.

Let me know if it works for you.

Cheers,

Tai Vu

LaraReddy · ‎11-21-2023

Hi Tai,
Many thanks for the response.

As you mentioned, we have created read ACL on Template table level with custom role [temp_access ]and conditon as Table startswith Incident and same role [temp_access] has been added on BR script level.
Post making these changes user is seeing other table templates as well.

But as per the requirement custom role [temp_access] user able to see only incident related templates.

Advance thanks,
Lara