I can't seem to get this business rule to work correctly.   I created a Business Rule with the following conditions:

Active = True

Advanced = True

When = before

Query = True

Advanced script:

/* Query the incident table and restrict access to records with

assignment_group == "IT Security" to only IT Security

*/  

if(!gs.hasRole('SN-Security')){ // if user does not have the security role

  current.addQuery('assignment_group','!=','IT Security');// , then bring records where functional area is not human resources  

}  

I'm testing it with a person's account that has an ITIL license, but not the role of SN-Security.   Then when going to all open incidents list I still see all of the security incidents.   We are on Helsinki Version Patch 3.

Hi David,

You will require to provide the sys_id of the group in your query

if(!gs.hasRole('SN-Security'){

  current.addQuery('assignment_group','!=','sys_idOFGroup');

}

if you require it a display value, then it should be

current.addQuery('assignment_group.name','!=','DisplayNameOfGroup');

}

One question related to this approach. I have a similar requirement to only allow users with "ABC" role to see tickets with a category of "ABC".   The challenge is this prevents self services users without roles from viewing tickets they create with the category of "ABC". How could you use the before business rule to allow users view their tickets with a category of ABC but at the same time restricts others who do not have this role.

Hi Deepak,

Is there a way to allow self service users to view these restricted tickets if they were the affected user.   The issue with this approach is that if you don't have the role you are not able to view your own ticket