- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-06-2015 01:21 PM
Hi,
Need some help on restricting visibility of attachments. For the Self-Service view of an incident, we would like an ESS user to be able to see only attachments they've added themselves to their incident, but not the ones that others (like ITIL users) have added. But, the ITIL users should be able to see all attachments to incidents. Any suggestions on how we can do this?
Thanks,
Maria
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-06-2015 02:09 PM
I'm not completely sure that this will work but I think it is a good starting point
Create a business rule with the following information:
Name: Hide attachments to ESS users
Active: True
Advanced: True
Table: sys_attachment (Attachments)
Condition: !gs.hasRole("itil") && gs.getSession().isInteractive()
Script:
hideAttachments();
function hideAttachments(){
var answer = 'sys_created_by=' + gs.getUserName();
current.addEncodedQuery(answer);
}
EDIT: I just tested this, it works. Only problem is that users that doesn't have itil role will not be able to see attachment from others in the whole instance. Is this a problem? I'll think on how to fix this.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-19-2017 03:36 AM
That's an idea. However the assignee may also upload attachment that is for the assign grp reference and not for the caller.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-30-2017 07:05 PM
Hi Muhammad,
I do have a similar requirement,
Please let me know if you found the solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-06-2015 02:13 PM
Maria,
You can create a Query business rule which will run for ESS Users and will return only the ones created by them if the table is incident.
Business Rule Condition : !gs.hasRole('itil') && (current.table_name == 'incident')
Script:
current.addQuery("sys_created_by", gs.getUserID());
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-06-2015 02:16 PM
Maria,
a little change in script is:
Business Rule Condition : !gs.hasRole('itil') && (current.table_name == 'incident')
Script:
current.addQuery("sys_created_by", gs.getUserName());
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-10-2017 11:29 PM
Hi,
I referred your script to implement a similar requirement but I realized that the current record information is not accessible (may be because the record has not been queried yet).
Eg: current.table_name in the above code will return blank value.
Is there a way to access the current record information like sys_id or table name in Before query BR ?
Although the question is answered but any help on this is really appreciated.
Thanks,
Zeeshan
