restricting assignment group while creating incident

Raviteja K · ‎09-15-2016

I have a requirement, I have 10 groups which start with same prefix. While creating new INCs we need to restrict assigning assignment groups. Only members of those 10 groups can only assign new INCs to those 10 groups. Other group members while creating new INCs should receive a error message.

Thanks in advance

conmic · ‎09-15-2016

Hello Raviteja,

I would avoid working with Client Scripts in this case. ServiceNow does not recommend this for data validation purposes.

To achieve your requirements you can use a business rule. However looking into an advanced reference qualifier would be more useful.

The reference qualifier would only return the assignment groups that are allowed to be selected at the time being. However you'd need to add a script part to check if the current record is new or already existing.

Anyway, let me first guide you through the business rule and if you want to look into reference qualifiers, let me know and I'll help you.

Business Rule

Create a new "onBefore" business rule that runs only on inserts.

The condition should check if the assigment_group.name starts with your values

Then add a simple abort action that will trigger if the condition is true

View solution in original post

Raviteja K · ‎09-15-2016

Thank You Michel, but members of those groups should able to create INCs will this be achieved?

tanumoy · ‎09-15-2016

I don't think they can create a INC with that BR.

conmic · ‎09-15-2016

I read through this again and I think I missed the point that you want only members of certain groups to be able to open the Incident. The name of such groups are prefixed.

In that case use the same onBefore insert business rule, without a condition (except if you have any special requirements for the BR to run).

Then you add the following code. It will check if the current user creating the Incident is member of a group which name starts with the desired prefix.

(function executeRule(current, previous /*null when async*/) {

       var myPrefix = "my_prefix";   //set your prefix here

       var currentUserId = gs.getUserID();   //checks for the current user. currentUserId contain a sys_user sys_id

       

       var isMember = isUserMemberOfPrefixGroup(currentUserId,myPrefix)


       if(!isMember){

               gs.addInfoMessage('You are not entitled to open an Incident');

               current.setAbortAction(true);

       }


       function isUserMemberOfPrefixGroup(userId,prefix){

               var gr = new GlideRecord('sys_user_grmember');

               gr.addQuery('user',userId);

               gr.addQuery('group.name','STARTSWITH',prefix);

               gr.query();

               if(gr.next()){

                       return true;

               }

               return false;

       }

})(current, previous);

tanumoy · ‎09-15-2016

The requirement is they can create the incident but not able to fill the Assignment Group, if I understand correctly.

Raviteja, Could you please confirm.

jagarnathn · ‎09-15-2016

Your script could achieve the requirement. There is an alternative script which could do the same .

Consider the prefix is IT . Here it is for caller , not for the logged in user.

var gr = new GlideRecord('sys_user_group');

gr.addEncodedQuery('nameSTARTSWITHIT');

gr.query();

var groups=[];

while(gr.next()){

groups.push(gr.sys_id.toString());

}

var gr1= new GlideRecord('sys_user_grmember');

gr1.addQuery('group.sys_id', groups);

gr1.query();

var members=[]

while(gr1.next()){

members.push(gr1.user + ");

}

var arrayUtil = new ArrayUtil();

var new_members=[];

new_members=arrayUtil.unique(members);

if((arrayUtil.contains(new_members, current.caller.toString()) == false){

current.setAbortAction(true);

}