ServiceNow (SIR) role authorization

itspezi1
Tera Guru

‎10-29-2024 04:26 AM

Hello team, which role is suitable so that a group (group member) can only see their own security incidents?

 

itspezi1_0-1730201187430.png

 

0 Helpfuls
  • 293 Views
2 REPLIES 2

Moin Kazi
Kilo Sage
Kilo Sage

‎10-29-2024 04:44 AM

Hi @itspezi1 ,

 

In that situation, you don't need to assign any roles; instead, you can create an ACL or a Query Business Rule. However, OOB in ServiceNow, users can view their own incidents if they opened them, are the callers of the record, or are on the watchlist.

 

See the image below OOB ACL is present for owned incident access ;

MoinKazi_0-1730201771757.png

 

You can append this (https://dev273238.service-now.com/sys_security_acl.do?sys_id=7da3bda1c0a801667dc88c1e9527f776&syspar...) in you your Instance URL and check it. and if it not present then you can create it new ACL with below details -

MoinKazi_0-1730201771757.png

MoinKazi_1-1730201942461.png

 

If you want to provide write access too then you can create 1 more ACL with same details and operation field value is write -

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

If you found my response **helpful**, I’d appreciate it if you could take a moment to select **"Accept as Solution"** and **"Helpful"** Your support not only benefits me but also enriches the community.

 

Thank you!
Moin Kazi
www.linkedin.com/in/moinuddinkazi

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

0 Helpfuls

Moin Kazi
Kilo Sage
Kilo Sage

‎10-29-2024 05:01 AM

Hi @itspezi1 ,

 

If group members can only access incidents assigned to their group, you can create a Query Business Rule with specific conditions. For example, if admins need full access or you want to grant complete access to others, you can add the relevant conditions.

See Images -

In the filter condition, specify the security incident criteria, ensuring it only applies to security incidents.

MoinKazi_1-1730203143429.png

 

MoinKazi_0-1730203013172.png

(function executeRule(current, previous /*null when async*/ ) {

    var groups = [];
    var gr = new GlideRecord('sys_user_grmember');
    gr.addQuery('user', gs.getUserID());
    gr.query();
    while (gr.next()) {
        groups.push(gr.group.getDisplayValue());
    }
    current.addQuery('assignment_group.name', 'IN', groups);

})(current, previous);

Now logged in user can only access those incident which is assigned to their group or they don't have admin role.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

If you found my response **helpful**, I’d appreciate it if you could take a moment to select **"Accept as Solution"** and **"Helpful"** Your support not only benefits me but also enriches the community.

 

Thank you!
Moin Kazi
www.linkedin.com/in/moinuddinkazi

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

0 Helpfuls