"current.table" is empty in ACL script for metric instance table
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-31-2020 10:52 PM
I am using the below script in an ACL on the metric instance table to keep users who don't have the 'sn_si.read' role from viewing the metric data for security incident records by entering metric_instance.list in the left hand navigation filter and searching for records with table=sn_si_incident. When I impersonate a user who doesn't have the role and perform this action with security rule debugging on I can still view the records and the ACL with this script is allowing me to do this. When I go to the logs I can see that gs.hasRole('sn_si.read') evaluates to false so I know the script is running and is evaluating the user roles correctly. The issue is that current.table is apparently empty. Does anyone have any idea as to why that might be?
if(current.table=='sn_si_incident'&&!gs.hasRole('sn_si.read')){
answer = false;
gs.error('Security incidents hidden by ACL 91ffb701c0a801667f96049c6be622ca');
}
else{
answer=true;
gs.error('Security incidents shown by ACL 91ffb701c0a801667f96049c6be622ca');
gs.log('gs.hasRole: '+gs.hasRole('sn_si.read'));
gs.log('current.table: '+current.table);
gs.log('table: '+table);
}
- Labels:
-
Scripting and Coding
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-31-2020 10:57 PM
Hi,
Could you please try current.sys_class_name instead of current.table
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-31-2020 11:11 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-31-2020 11:11 PM
Hi,
current.table will give you the correct table name
just ensure that field is populated with correct table
Can you check for that record table is populated or not?
Regards
Ankur
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-31-2020 11:11 PM
Hi,
current.table will give you the correct table name
just ensure that field is populated with correct table
Can you check for that record table is populated or not
Regards
Ankur
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader