SC_REQ_ITEM-DDD and XYZ country users should not able to view AAA country records.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Conditions:
1.DDD and XYZ country users should not able to view AAA country records.(example sc_req_item table)
2.Particular group member (example group name: Banking) should not able to view the "sc_req_item records)
3.Both are based on the field "requested_for"
Bug: previously the first condition is working fine..when I try to add the 2nd condition. it breaks.I have pasted the BR below.
(function executeRule(current, previous /*null when async*/ ) {
var groupMemberGR = new GlideRecord('sys_user_grmember');
groupMemberGR.addQuery('group', '21976e879f326210eeac95edygfkugli');
groupMemberGR.addQuery('user', gs.getUserID());
groupMemberGR.setLimit(1);
groupMemberGR.query();
if (groupMemberGR.next()) {
current.addEncodedQuery('requested_for.country!=AAA^requested_for.country!=BBB');
}
var restrictedCountries = ['DDD','XYZ'];
var userCountry = gs.getUser().getCountry();
if (groupMemberGR.next() || restrictedCountries.indexOf(userCountry) > -1) {
current.addEncodedQuery('requested_for.country!=AAA^requested_for.country!=BBB');
}
})(current, previous);
Please someone let me know ,what i need to modify/ what error i have made?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago - last edited 3 weeks ago
Hello @Udhayakumar_30
Please try with the below modified script
(function executeRule(current, previous /*null when async*/) {
var user = gs.getUser();
var userCountry = gs.getUser().getRecord().getValue('country');
var restrictedCountries = ['DDD', 'XYZ'];
var bankingGroupID = '21976e879f326210eeac95edygfkugli';
var isInBankingGroup = false;
var groupGR = new GlideRecord('sys_user_grmember');
groupGR.addQuery('user', gs.getUserID());
groupGR.addQuery('group', bankingGroupID);
groupGR.setLimit(1);
groupGR.query();
if (groupGR.next()) {
isInBankingGroup = true;
}
if (userCountry == 'AAA') {
return; // No filtering
}
if (isInBankingGroup || restrictedCountries.indexOf(userCountry) > -1) {
current.addQuery('requested_for.country', '!=', 'AAA');
return;
}
})(current, previous);
Please Mark Correct ✔️ if this solves your query and also mark Helpful 👍 if you find my response worthy based on the impact.
Regards,
Shruti
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hi @Shruti D ,
Thanks for your reply,
Here are some of the issues:
{i}Impersonated "DDD" country user(eg.Katherine), she is still able to see AAA (RITM) records
{2}Impersonated the "Banking group"member (eg.Kavin-whose is part of the group)-he can't able see any records.( not even DDD /XYZ- Says no record found).
Note:other than AAA country records, they can able to other country records
- DDD,XYZ -cannot view the AAA country records (sc_req_item) alone. They are able to see other country RITM.
- AAA country people can see all country records.(no restriction)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago - last edited 3 weeks ago
Hello @Udhayakumar_30 ,
I now have a clearer understanding of the requirement, and I've updated the script accordingly. Please review the revised version above.
Also verify that the field requested_for.country is correctly populated, and that the field name is accurate.
Regards,
Shruti
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hi @Udhayakumar_30,
have you tried or do you have a chance to achieve this by ACL?
/* If my response wasn’t a total disaster ↙️ ⭐ drop a Kudos or Accept as Solution ✅ ↘️ Cheers! */
