Restrict the visibility of the incident records with ACL based on logged in user's location

Vijay Baokar · ‎03-21-2025

Hello Experts,

I have to restrict the visibility of the incident records in list view through ACL if logged-in user is not part of location in incident.

We have a custom field u_location on incident , Suppose there are 100 incidents out of which 10 incidents has location as "Canada" and if logged in user is part of Canada location then that user should see only 10 incidents not 100 in incident list view

We have below script in Read ACL, It is table level Table.None

var user = gs.getUser();

var userLocation = user.location;

// Get the location of the record being accessed

var currentRecordLocation = current.location;

// Deny access if the user's location does not match the record's location

if (userLocation != currentRecordLocation) {

answer = false;

} else {

answer = true;

}

still i am able to see all 100 incidents

Rushi Savarkar · ‎03-22-2025

Hello @Vijay Baokar

You can create before query business rule to achieve this requirement

(function executeRule(current, previous /*null when async*/ ) {

    if (!gs.hasRole("admin")) {
        var user = new GlideRecord('sys_user');
        user.addQuery('sys_id', gs.getUserID());
        user.query();
        if (user.next()) {
            var userlocation = user.location;
        }
        current.addQuery("u_user_location=" + userlocation);
    }

})(current, previous);

If my response helped you, please accept the solution and mark it as helpful.
Thank You!

View solution in original post

Ehab Pilloor · ‎03-21-2025

Hi @Vijay Baokar,

You need to add a Table.* read ACL too with same script.

Regards,

Ehab

Shivalika · ‎03-21-2025

Hello @Vijay Baokar

Add another table.* (All the fields) Level ACL. You must have seen there is "Deny Unless" after Xanadu. Here Deny condition is evaluated first. So add this as well in all the field ACLs on incident table.

Kindly mark my answer as helpful and accept solution if it helped you in anyway. This will help me be recognized for the efforts and also move this questions from unsolved to solved bucket.

Regards,

Shivalika

My LinkedIn - https://www.linkedin.com/in/shivalika-gupta-540346194

My youtube - https://youtube.com/playlist?list=PLsHuNzTdkE5Cn4PyS7HdV0Vg8JsfdgQlA&si=0WynLcOwNeEISQCY

maddalahemanth · ‎03-21-2025

Hii @Vijay Baokar ,

you can achieve it through before query business rule

can you try this and let me know if it works or not before and query business rule

Rushi Savarkar · ‎03-22-2025

Hello @Vijay Baokar

You can create before query business rule to achieve this requirement

(function executeRule(current, previous /*null when async*/ ) {

    if (!gs.hasRole("admin")) {
        var user = new GlideRecord('sys_user');
        user.addQuery('sys_id', gs.getUserID());
        user.query();
        if (user.next()) {
            var userlocation = user.location;
        }
        current.addQuery("u_user_location=" + userlocation);
    }

})(current, previous);

If my response helped you, please accept the solution and mark it as helpful.
Thank You!