Users on watchlist of RITM's are able to view the RITM but not the attachment.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-10-2018 08:34 AM
Hello,
We have non ITIL users who are added to watchlist on RITM's. These users even without ITIL role are able to view the RITM but are unable to view the attachments on the RITM. Is this something out of box that servicenow allows partial access to the RITM's?
Aren't non ITIL users even denied viewing access? Please let me know how we could solve this problem and allow users to view the attachments as well. We do not want to give too much access to these users as well where they could end up looking at attachments on all tables if they are given access to the attachment table.
Thanks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-12-2018 08:51 AM
But we are copy pasting the the sys ID of just one particular incident record right? or are we doing something else here?
Also, i am not quite sure if the script would return true because a watchlist user will have a very limited view of the incident with not all fields showing up. I am not sure if that would make a difference.
Will try debugging.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-12-2018 09:00 AM
The script is using data from the attachment record to dynamically look up the incident, catalog task, requested item, etc. related to the attachment.
So when the ACl is evaluated for a particular attachment, it is going to look at the record linked to that attachment.
canRead returns whether the user can read the record at all, regardless of which fields, when it is called from the GlideRecord.
