Restricting Access to Incident Records based on Role and Business Service

RakshithaM
Tera Contributor

yesterday

Hi All,

 

I have a requirement to restrict access to particular incident records based on Role and Business service.

The incidents created from "Payroll Issues" record producer must be visible only for the users having Role- ( payroll + itil ) and having Business service as "Payroll Issues". 

And the " itil " role users must not be able to see this record in incident record list and it must be restricted.

 

But the below code in ACL isn't working as per requirement. Can someone guide me where I need to correct. Thanks in advance.

 

Incident Read ACL:

 

Screenshot 2025-09-11 183253.png

 

 

 

 

Script:

 

(function() {

    var salaryBS = '27d3f35cc0a8000b001df42d019a418f';     //sys_id of "payroll issues" Business service

 

    if (current.business_service != salaryBS) {

        return gs.hasRole('itil');

    }

 

    if (current.business_service == salaryBS) {

        return gs.hasRole('itil') && gs.hasRole('payroll_issue');

    }

 

    return false;

})();

 

 

 

0 Helpfuls
  • 256 Views
5 REPLIES 5

AndersBGS
Tera Patron
Tera Patron

yesterday

Hi @RakshithaM ,

 

Have you looked into data security filters instead: https://www.servicenow.com/docs/bundle/yokohama-platform-security/page/administer/security/concept/s...

 

If my answer has helped with your question, please mark my answer as the accepted solution and give a thumbs up.

Best regards
Anders

Rising star 2024
MVP 2025
linkedIn: https://www.linkedin.com/in/andersskovbjerg/

0 Helpfuls