What is the best alternative to GlideRecord in ACL ? Refer example below

Snehal13 · ‎07-03-2025

This read ACL is on sc_req_item table for allowing read access to approvers.

I want to replace using GlideRecord with a different approach as SN doesn't recommend using GlideRecord/GlideRecordSecure/GlideRecordAggregate in ACL

var gr_obj = new GlideRecord('sysapproval_approver');
gr_obj.addQuery('approver', gs.getUserID());
gr_obj.addQuery('sysapproval.parent', current.sys_id);
gr_obj.query();
if (gr_obj.next()) {
     return true;
}
return false;

Example 2

This read ACL is on sc_task table to allow read for all fields in sc_task

var task_gr = new GlideRecord('task');
task_gr.addQuery('parent', current.request_item.universal_request);
task_gr.query();
while (task_gr.next()) {
                   if (gs.getUser().isMemberOf(task_gr.assignment_group.getDisplayValue())) {
                   answer = true;
                   }
}

Ankur Bawiskar · ‎07-03-2025

@Snehal13

you can create a script include and function and then write that code there

Then call that script include in ACL advanced script.

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader

View solution in original post

Ankur Bawiskar · ‎07-04-2025

@Snehal13

Correct, the script include function will return true/false

Regards,
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader

View solution in original post

Snehal13 · ‎07-08-2025

ok @Ankur Bawiskar . Thanks. How about the 1st example provided in original question. I want to remove the usage of GlideRecord entirely from ACL and also not use a script include

Ankur Bawiskar · ‎07-08-2025

@Snehal13

1st one not possible without GlideRecord and without script include

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader

Snehal13 · ‎07-08-2025

@Ankur Bawiskar , For the 1st one "Allow read access for comments in sc_req_item for approvers.", I was thinking to use this

- Add Role "approver_user" role + ACL script answer = current.approvers.indexOf(gs.getUserID()) >= 0

Ankur Bawiskar · ‎07-08-2025

@Snehal13

you can try that

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader

Keara1122 · ‎07-14-2025

Instead of using GlideRecord in ACLs, consider using gs.hasRole(), current.isMemberOf(), or getRefRecord() for safer, more performant access checks. These are more efficient and align with ServiceNow's best practices for security and performance.