restrict access to tickets

jna2756 · ‎07-11-2016

Hi All,

I am trying to restrict users from being able to read tickets if they are marked restricted(custom true/false field) unless they are member of the group the ticket is in or is the "requested for".

I believe the best method would be to use a on-before Query Business Rule however I am having trouble getting the "addQuery" right.

I want to do the following with addQuery rather than addEncodedQuery as the addEncodedQuery doesn't seem to work right in the script section.

Encoded Query: u_restrict=true^assignment_groupDYNAMICd6435e965f510100a9ad2572f2b47744^ORu_requested_forDYNAMIC90d1921e5f510100a9ad2572f2b477fe^NQu_restrict=false

is it possible to do this with an addQuery statement?

Any help would be appreciated.

Thanks,

Joshua Anderson

jna2756 · ‎07-11-2016

Yeah, so If I click on INC0010014 or INC0010012 it pulls up INC0000001 (which is also on the list).

Thanks,

Joshua

Chuck Tomasi · ‎07-11-2016

Thanks for the follow up Josh.

What release are you on? I'll see if I can reproduce it on my instance.

jna2756 · ‎07-11-2016

Im on my Personal Dev, which appears to be the latest instance of Geneva.

Geneva Patch 6 hotfix 2.

Thanks,

Joshua Anderson

jna2756 · ‎07-13-2016

Hey Chuck,

Were you ever able to reproduce it?

Thanks,

Joshua Anderson

Chuck Tomasi · ‎07-13-2016

Joshua,

Unfortunately I was not. I tried this on the cmdb_ci_computer table and made a simple query rule to show just the XP machines, but it always delivered the record I clicked.

I would start by stripping the query down to a single restriction and see if it still does that odd behavior on incidents.