Find your people. Pick a challenge. Ship something real. The CreatorCon Hackathon is coming to the Community Pavilion for one epic night. Every skill level, every role welcome. Join us on May 5th and learn more here.

reference field ACL condition

JuanCarlosV
Tera Contributor

‎08-08-2025 03:41 PM

I have a table to which I want to apply an ACL, I want the requests to be displayed as long as the headquarters (field called sede of type reference to the cmn_location table) of the request is equal to the user's headquarters (field called u_sede of type reference to the cmn_location table)

 

I have already put some scripts but it does not return any data, these are the scripts I have used

 

answer = userRecord.u_sede.getDisplayValue().toLowerCase() == current.sede.getDisplayValue().toLowerCase();

----------------------------------------------------------------------------------------------------------------------------------------

var userRecord = gs.getUser().getRecord();

 

// Validar que ambos campos tengan valor

if (!userRecord.u_sede || !current.sede) {

    answer = false;

} else {

    // Comparar los nombres (display values) de las sedes

    answer = userRecord.u_sede.getDisplayValue() == current.sede.getDisplayValue();

}

---------------------------------------------------------------------------------------------------------------

answer = current.sede == gs.getUser().getRecord().u_sede;

0 Helpfuls
  • 1,824 Views
2 REPLIES 2

MishB
ServiceNow Employee

‎08-08-2025 05:07 PM - edited ‎08-08-2025 05:08 PM

Common Issues in Your Scripts

1. Using getDisplayValue() for comparison

You're comparing display values, which are strings. This can fail due to:

  • Case sensitivity
  • Formatting differences
  • Localization
  • Timing of data availability

2. Best Practice: Compare sys_id values

Since both sede and u_sede are reference fields, the most reliable way is to compare their sys_id values, not their display values.

Recommended Script for ACL

var userRecord = gs.getUser().getRecord();

 

if (!current.sede || !userRecord.u_sede) {
    answer = false;
} else {
    answer = current.sede.toString() == userRecord.u_sede.toString();
}

Why this works:

  • toString() on a reference field returns its sys_id.
  • This avoids issues with display values and ensures a direct match.

 How to Test It

  1. Use the Security Rules Debugger (System Security > Debug Security Rules) to test the ACL.
  2. Log in as a user with a known u_sede and check if they can see records with matching sede.
0 Helpfuls

MishB
ServiceNow Employee

‎08-08-2025 05:09 PM

Posting the script you should try : 

 

 

var userRecord = gs.getUser().getRecord();

if (!current.sede || !userRecord.u_sede) {
answer = false;
} else {
answer = current.sede.toString() == userRecord.u_sede.toString();
}

0 Helpfuls