Restricting view of Incidents (ACL)

jayson5
ServiceNow Employee
ServiceNow Employee

‎06-09-2016 08:12 AM

Hello Community,

The Incident form has a lot of ACLs, However I need to lock down All HR Incidents to users with an HR Role...I've put the following in for a Read ACL, however it locks everyone out of the Incidents

if the "Functional Area" = Human Resources I want to restrict those Incidents to only users with that role

ACL Script:

current.u_functional_area = 'HUMAN RESOURCES';

Requires Role:

HR

Labels:
0 Helpfuls
  • 7,336 Views
33 REPLIES 33

jayson5
ServiceNow Employee
ServiceNow Employee
In response to Deepak Ingale1

‎06-09-2016 12:59 PM

Thanks Deepak for the reply! So I'm going to the BR route since their are so many ACLs on the Incident form.



I have my Before Query business rule as follows which queries




if(!gs.hasRole('hrRelatedRole')){


current.addQuery('u_functional_area ','!=','HUMAN RESOURCES');


}



However what blocks access for users that don't have the HR role? I've never done access restriction outside of ACLs


0 Helpfuls

Deepak Ingale1
Mega Sage
In response to jayson5

‎06-09-2016 10:16 PM

Hi Jason,



Query Business rule is one the Business rule which queries against the "table" you have configured it on.


This rule queries the table and fetches the records based on what we define inside it.



/* Query the incident table and restrict access to records with

u_functional_area == "Human Resources" to only HR person

*/

if(!gs.hasRole('hrRelatedRole')){ // if user does not have hrRelatedRole

current.addQuery('u_functional_area ','!=','HUMAN RESOURCES');// , then bring records where functional area is not human resources

}

0 Helpfuls

jayson5
ServiceNow Employee
ServiceNow Employee
In response to Deepak Ingale1

‎06-10-2016 06:55 AM

Deepak,


I have created the Before query BR and I've logged in with a user that doesn't have the HR role, they are still able to see the HUMAN RESOURCES Incidents. I'm also using the following ACL on the Incident table.



Screen Shot 2016-06-10 at 9.54.31 AM.png


Preview file
99 KB
0 Helpfuls

jayson5
ServiceNow Employee
ServiceNow Employee
In response to Deepak Ingale1

‎06-10-2016 07:18 AM

Deepak the Business Rule has seem to work! Just have to do some more testing to confirm.



Thank you for your support everyone and Deepak!







Thank you!




Jason


0 Helpfuls

Deepak Ingale1
Mega Sage
In response to jayson5

‎06-10-2016 10:59 AM

Hi Jason,



Great to know that it worked for you.


Kindly do not forget mark the appropriate post as helpful/correct once you are done with the testing.