Restrict specific user to add attachment/delete the attachment when the case is in closed state

vincentzhen
Tera Contributor

‎09-16-2024 11:21 AM

The requirement is restrict the user that belongs to a specific group, they cannot add/delete the attachment for the closed case. What I already try is creating a new business rule in global application, modify it in Attachment table[sys_attachment], before insert and delete and with following script

(function executeRule(current, previous /*null when async*/) {
    // retrieve parent record
	gs.log('Business Rule has been triggered. Record: ' + current.number + " with table name?" + current.table_name);
    var parentRecord = new GlideRecord(current.table_name);
    if (parentRecord.get(current.table_sys_id)) {
        // check case status is closed
        if (parentRecord.getTableName() == 'sn_customerservice_case' && parentRecord.state == 'Closed') {
            // check user is belong to specific user group
            var userGroups = gs.getUser().getMyGroups();
            var restrictedGroup = 'Store';  

            
            if (userGroups.indexOf(restrictedGroup) > -1) {
                gs.addErrorMessage('You are not allowed to add or delete attachments when the case is closed.');
                current.setAbortAction(true);  // prevent to add/delete the attachment
            }
        }
    }
})(current, previous);

 

But still the user still can add/delete the attachment for the closed case...

 

0 Helpfuls
  • 782 Views
7 REPLIES 7

vincentzhen
Tera Contributor

‎09-16-2024 12:25 PM

OK, I figure it out due to the state is using 3 for Closed.. and use the sys id for the user groups...

 

Now it become have second question, on the UI level the paperclip button(for adding) and x button(for delete) exists, the BR is working fine but they don't accept it because it will make confuse to them. I need a way to hide it..

0 Helpfuls

Amit Verma
Kilo Patron
Kilo Patron
In response to vincentzhen

‎09-16-2024 11:06 PM

@vincentzhen 

 

Did you got a chance to go through g_form.disableAttachments() ? Refer below screenshots and set it up to get your requirement fulfilled :

 

Create an On-Load Client script on sn_customerservice_case table :

 

AmitVerma_0-1726553070056.png

function onLoad() {
   if(g_form.getValue('state') == '3'){
	g_form.disableAttachments();
   }
   
}

 Output :

AmitVerma_1-1726553165762.png

 


Please mark this response as correct and helpful if it assisted you with your question.
0 Helpfuls

SumanKumarM
Tera Contributor

‎09-16-2024 12:44 PM

Hi,

Pls try to replace var restrictedgroup with "sys_id" instead of 'store'.

 

Please mark helpful, it it works for you. 

 

Thanks,

Suman.

 

0 Helpfuls

Sumanth16
Kilo Patron

‎09-16-2024 01:41 PM

Hi @vincentzhen ,

 

Steps

1) Elevate your role to security_admin

2) Then create new Table level READ ACL on sys_attachment

3) Advanced checkbox true

4) Condition as table name -> sc_req_item

5) Script below

answer = checkCondition();

function checkCondition(){

	var isRequestedFor = false;
	var ritmSysId = current.table_sys_id;
	var rec = new GlideRecord('sc_req_item');
	rec.get(ritmSysId);

	if(gs.getUserID() == rec.request.requested_for){
		isRequestedFor = true;
	}

	var isMember = gs.getUser().isMemberOf('Group ABC');

	return (isRequestedFor ||isMember) ? true : false;
}

 

 

If I could help you with your Query then, please hit the Thumb Icon and mark it as Correct !!

 

Thanks & Regards,

Sumanth Meda

 

0 Helpfuls