Required permissions for server script includes ?

JG6 · ‎01-07-2021

Hello Community,

I've got a script include which is called from a client ui script. Which is called in a catalog item. All put into a scoped application.

The problem is that this only works when the current user has the role admin or snc_internal. Which in my case is too much privileges for the users it is destined for. The server include script is set to be accessible from all application scopes.

My question is if there are fine-grained roles which can be used instead ?

Thx !

JG6 · ‎01-13-2021

It works, but I had to get the roles from somewhere else.

isPublic: function(){
  return gs.getUser().roles.indexOf('role name') > -1;
}

View solution in original post

Harsh Vardhan · ‎01-07-2021

include the below function in script include.

isPublic:function(){return true; },

Reference:

https://docs.servicenow.com/bundle/paris-platform-administration/page/administer/security/reference/...

JG6 · ‎01-11-2021

This solution works. However, I'd like some control over who actually is able to use this script. Because it's sensitive stuff.

Harsh Vardhan · ‎01-11-2021

you can include one if else condition .

Sample Code:

isPublic:function(){
		if(gs.getSession().getRoles().indexOf('role_name') >-1)
			return true;	
		else
			return false; 
	},

Or

Create one properties and set bunch of roles using comma separated based on your need.

Now call the properties inside script include function to check if logged in user has one of those role or not, check this part in if block , if user has those role then let them go inside script else return false.

JG6 · ‎01-13-2021

It works, but I had to get the roles from somewhere else.

isPublic: function(){
  return gs.getUser().roles.indexOf('role name') > -1;
}