Restrict the HR case visibility using a Before-Query business rule

Go to solution
mnreddy
Mega Guru

‎10-13-2020 01:11 PM

Hello All,

I created a Before-Query business rule to restrict the HR case visibility based on the group membership. If you are a member of group "xyz" then you should see only the HR cases assigned to group "xyz". This is working as expected. However, when a member creates a new HR case with their group as the assignment group and saves the record, they are getting a message "Info Message You do not have permission to read the created record" even though the created record is for their group. When they search the record they can read the data as they have access to read as per the business rule. I am not sure why I am getting that information message as soon as I save the case? Any help is much appreciated. Thank you.

 

Regards,

Mnreddy.

0 Helpfuls
  • 2,148 Views
1 ACCEPTED SOLUTION

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron
In response to mnreddy

‎10-16-2020 06:13 AM

Hi,

on which table you are checking this

OOB there is 1 query BR on HR Case table

Regards
Ankur

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader

View solution in original post

0 Helpfuls
14 REPLIES 14

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron

‎10-15-2020 06:24 AM

@mnreddy 

Referring your comment on previous question

please update as below

Business rule condition- gs.isInteractive() && new hr_Utils().checkUserHasRole("sn_hr_core.basic") && !new hr_Utils().checkUserHasRole("sn_hr_core.admin")

Script:

(function executeRule(current, previous /*null when async*/) {

current.addQuery("assignment_group", j2js(gs.getUser().getMyGroups().toArray()));

})(current, previous);

Regards
Ankur

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader

Go to solution
mnreddy
Mega Guru
In response to Ankur Bawiskar

‎10-15-2020 07:58 AM

Thanks @Ankur Bawiskar . I tried your updated logic, however now users are able to see all the HR cases which they are not actually part of!!

 

Regards,

Mnreddy.

0 Helpfuls

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron
In response to mnreddy

‎10-15-2020 08:38 AM

@mnreddy 

as per above logic it would show all HR cases where assignment group is one of the logged in users group

Regards
Ankur

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader
0 Helpfuls

Go to solution
mnreddy
Mega Guru
In response to Ankur Bawiskar

‎10-15-2020 08:40 AM

@Ankur Bawiskar It is not working as you had mentioned. Instead it is showing all the HR cases where user is not a member of those assignment groups.

0 Helpfuls