Hi @mynedisanjana ,

Here is the sample code you can give a try

(function executeRule(current, previous, /*null when async*/) {
  var userRoles = gs.getUser().getRoles(); // Get the roles of the currently logged-in user

  // Get the assignment group's roles
  var assignmentGroup = new GlideRecord('sys_user_group');
  if (assignmentGroup.get('sys_id', current.assignment_group)) {
    var assignmentGroupRoles = assignmentGroup.getValue('roles');

    // Check if the user has a role in common with the assignment group
    var hasCommonRole = false;
    for (var i = 0; i < userRoles.size(); i++) {
      if (assignmentGroupRoles.indexOf(userRoles.get(i)) !== -1) {
        hasCommonRole = true;
        break;
      }
    }

    // If there is no common role, restrict access to the incident
    if (!hasCommonRole) {
      current.setWorkflow(false); // Prevent saving the incident
      gs.addErrorMessage('You do not have the required access to this incident.');
    }
  }
})(current, previous);

when a user tries to insert or update an incident record, the Business Rule checks if the user has a role in common with the assignment group. If there is no common role, access to the incident is restricted, and the incident is not saved. An error message is also displayed to indicate the lack of access.

Regards,

Shravan

Please mark this as correct and helpful if it solved your query