Restrict the visibility of the incident records with ACL based on logged in user's location

Go to solution
Vijay Baokar
Kilo Sage

‎03-21-2025 06:50 AM

Hello Experts,

 

I have to restrict the visibility of the incident records in list view through ACL if logged-in user is not part of location in incident.

We have a custom field u_location on incident , Suppose there are 100 incidents out of which 10 incidents has location as "Canada" and if logged in user is part of Canada location then that user should see only 10 incidents not 100 in incident list view

We have below script in Read ACL, It is table level Table.None

 

 var user = gs.getUser();
        var userLocation = user.location;

        // Get the location of the record being accessed
        var currentRecordLocation = current.location;

        // Deny access if the user's location does not match the record's location
        if (userLocation != currentRecordLocation) {
            answer = false;
        } else {
            answer = true;
        }
still i am able to see all 100 incidents

 

0 Helpfuls
  • 1,008 Views
1 ACCEPTED SOLUTION

Go to solution
Rushi Savarkar
Kilo Sage

‎03-22-2025 02:02 AM

Hello @Vijay Baokar 

You can create before query business rule to achieve this requirement

(function executeRule(current, previous /*null when async*/ ) {

    if (!gs.hasRole("admin")) {
        var user = new GlideRecord('sys_user');
        user.addQuery('sys_id', gs.getUserID());
        user.query();
        if (user.next()) {
            var userlocation = user.location;
        }
        current.addQuery("u_user_location=" + userlocation);
    }

})(current, previous);
If my response helped you, please accept the solution and mark it as helpful.
Thank You!

View solution in original post

6 REPLIES 6

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron

‎03-22-2025 02:57 AM

@Vijay Baokar 

remember there is an OOB query business rule on incident table.

You should enhance it and then add your logic to it.

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader
0 Helpfuls

Go to solution
Rishi_11
Kilo Sage

‎03-22-2025 04:54 AM

Hi @Vijay Baokar ,

 

I would recommend going with a before query BR for this use case for a better user experience. But if you want to go with ACL, its should be fairly easy as well. If your instance is on Xanadu, you can try deny unless ACL and on lower versions you'll need to analyze all other ACLs(table level and field level) on incident and make sure none of them evaluate to true if you conditions are not met. Allow if ACLs will give access to the records even if any one them evaluate to true.

 

Please mark this response as correct or helpful if it assisted you with your question.

 

Thanks,

Rishi.