Restricting users to access incidents opened by them

Go to solution
Sarva
Tera Contributor

‎02-27-2023 07:38 AM

I would like to have a user group to restrict accessing incident assigned to their group as well as view tickets opened by them. I was able to create the below Business Rule to restrict the users to access incidents assigned to their group. Now they are able to view only Incidents opened by their assignment group.

 

Sarva_1-1677512144387.png

 

But the problem is they are not able to view incidents which were opened by them. Can someone suggest how can I proceed with this as it's critical for users to view incidents opened by them. Thanks!

 

0 Helpfuls
  • 1,256 Views
1 ACCEPTED SOLUTION

Go to solution
Sonali Nimbalk1
Giga Guru

‎02-27-2023 09:45 PM

Hi @Sarva 

 

Incident with specific assignment group(s) to restrict visibility only to it group members. Though this can be achieved using read ACLs, but it may force restricted users to get access through other read ACLs or OOB readACLs on that table.

Since it is not suggested to disable other ACLs, we can restrict incidents of specific group from visibility via before-query business rule

 

Steps to Perform

  1. Create a Before -Query Business rule on 'Incident' table
  2. In the Advanced tab, set the condition as:
    !gs.getUser().isMemberOf('<group name to be restricted for other users>')
  3. In the script field, update sys_id of the group to be restricted

 

(function executeRule(current, previous /*null when async*/ ) {
var grp = current.addNullQuery('assignment_group').addOrCondition('assignment_group','!=','<sys_id of the group to be restricted for other users>');
})(current, previous);

 

This Before-Query Business rules restrict the incidents assigned to the specific group visible only to those group members

 

Please hit like and mark my response as correct if that helps
Regards,
Sonali Nimbalkar

View solution in original post

2 REPLIES 2

Go to solution
Sonali Nimbalk1
Giga Guru

‎02-27-2023 09:45 PM

Hi @Sarva 

 

Incident with specific assignment group(s) to restrict visibility only to it group members. Though this can be achieved using read ACLs, but it may force restricted users to get access through other read ACLs or OOB readACLs on that table.

Since it is not suggested to disable other ACLs, we can restrict incidents of specific group from visibility via before-query business rule

 

Steps to Perform

  1. Create a Before -Query Business rule on 'Incident' table
  2. In the Advanced tab, set the condition as:
    !gs.getUser().isMemberOf('<group name to be restricted for other users>')
  3. In the script field, update sys_id of the group to be restricted

 

(function executeRule(current, previous /*null when async*/ ) {
var grp = current.addNullQuery('assignment_group').addOrCondition('assignment_group','!=','<sys_id of the group to be restricted for other users>');
})(current, previous);

 

This Before-Query Business rules restrict the incidents assigned to the specific group visible only to those group members

 

Please hit like and mark my response as correct if that helps
Regards,
Sonali Nimbalkar

Go to solution
Sarva
Tera Contributor
In response to Sonali Nimbalk1

‎02-28-2023 01:14 PM

Thank you so much for sharing this information @Sonali Nimbalk1 ðŸ˜Š

0 Helpfuls