Restrict a Particular User From Appearing in the Impersonation List

Go to solution
sharatkandothna
Kilo Contributor

‎01-30-2018 08:15 PM

Hi ,

I have been checking ways to make sure a particular user , for e.g. X , does not come up in the impersonation list ( X is an ITIL user) . So, as admins we should be able to impersonate. But any other ITIL user , having an impersonator role should not be able to impersonate to the user X.

I have followed other threads similar to impersonation and tried modifying the scripts in UI page 'impersonate_dialog' , a UI macro 'impersonate_dialog' and a script include 'ImpersonateEvaluator' . I couldn't crack the solution.

Has anyone tried a similar thing?

Could you guys please have a look at this one? ctomasi pradeepksharma   bernyalvarado rfedoruk

Regards,

Sharat

0 Helpfuls
  • 4,997 Views
1 ACCEPTED SOLUTION

Go to solution
Pradeep Sharma
ServiceNow Employee
ServiceNow Employee

‎01-30-2018 08:34 PM

Hello Sharat,



I agree with rfedoruk. If you still want to go ahead you should be able to do it via script include "ImpersonateEvaluator". Refer to the method canImpersonate which can be modified per your req.


Script here: For some reason, an editor is not working so pasting it below in plan format.



var ImpersonateEvaluator = Class.create();


ImpersonateEvaluator.prototype = {


initialize: function() {},


      type: 'ImpersonateEvaluator',


canImpersonate: function(currentUser, impersonatedUser) {



var userImpersonated = impersonatedUser.getID();


if(userImpersonated == 'dd9b3742c37030009b5efcfc5bba8fb6') //dd9b3742c37030009b5efcfc5bba8fb6 refers to the sys_id of impersonated user


{


return false;


}


else


{


return true;


}


}


};




You can also add additional condition in the above script to check for current logged in user role or sys_id in the if condition. Please make sure to explicitly check for the user is not admin because all the roles will be true for admin


Get a user object



Screen Shot 2018-01-30 at 9.06.30 PM.png


View solution in original post

Preview file
36 KB
7 REPLIES 7

Go to solution
The SN Nerd
Giga Sage
Giga Sage
In response to sharatkandothna

‎01-30-2018 09:20 PM

Make sure that you merge any future changes to this script during upgrades.



ServiceNow Nerd
ServiceNow Developer MVP 2020-2022
ServiceNow Community MVP 2019-2022

Go to solution
cynlink1
Tera Expert
In response to Pradeep Sharma

‎03-08-2019 08:14 AM

Hi,

Is it possible to limit the list of available users to be impersonated to members of a specific group or users who are assigned a specific role versus excluding users by individual sys_id? If yes, would you share an example script for accomplishing this requirement?

Thanks,

Cyndi

 

0 Helpfuls

Go to solution
Susan F1
Tera Contributor

‎05-08-2020 12:09 PM

Hi

 

Thanks for the update.  It is BETA Testing.  I did try in the BETA instance after finding this article.  I gave a non admin - impersonate role, and had them log on in BETA to try to see if they could see me "Admin" and I was not even part of the drop down selection.  Thanks Susan

 

https://hi.service-now.com/kb_view.do?sysparm_article=KB0691915

0 Helpfuls