Users on watchlist of RITM's are able to view the RITM but not the attachment.

Nitesh Balusu · ‎07-10-2018

Hello,

We have non ITIL users who are added to watchlist on RITM's. These users even without ITIL role are able to view the RITM but are unable to view the attachments on the RITM. Is this something out of box that servicenow allows partial access to the RITM's?

Aren't non ITIL users even denied viewing access? Please let me know how we could solve this problem and allow users to view the attachments as well. We do not want to give too much access to these users as well where they could end up looking at attachments on all tables if they are given access to the attachment table.

Thanks.

Rahul Shandily3 · ‎07-10-2018

Hi Sree,

By default ServiceNow provides two Read ACL's. You may want to create a custom ACL to read attachments in sc_req_item table for non itil users.

Best Regards,

Rahul

Please mark this as correct/helpful if it resolved your query.

Nitesh Balusu · ‎07-10-2018

Hey Rahul,

Yeah, but won't the ACL's allow users to look at all the attachments present on all forms including incident, problem, etc etc?

Brian Lancaster · ‎07-10-2018

You need to create a custom read ACL on the sys_attachment table so that users who are not the requested for can read the record. Code like this should work.

answer = getSCAttachmentReadAnswer();

function getSCAttachmentReadAnswer() {
	var u = gs.getUserID();
	if (current.watch_list.indexOf(u) > -1){
		return true;
	}
	else {
		return flase;
	}
}

As it is coded it will work for any table that has attachment and a watch list.

Nitesh Balusu · ‎07-10-2018

Hey Bricast,

Do you think this ACL will allow watchlist users to access all attachments in the entire attachment table, i only want them to look at attachments on RITM's and nowhere else.

thanks.