Why is my client side abort record submission script not working?

bookman1502 · ‎08-12-2015

I've been doing these exercises in my personal instance to improve my ServiceNow skills. I'm working on "Stop the submission of any Priority 1 incident created by a user without the 'itil' role. Alert the user when this happens." This page is from 2010, and so it's a little dated and nowadays personal development instances come out of the box giving non-itil users only the ability to edit the impact, so I that's what I used in the below script:

function onSubmit() {

//check to see if user doesn't have itil and if impact is 1

if(!g_user.hasRole('itil') && g_form.getValue('impact') == 1){

alert('Record submission aborted because it is high priority and you do not have itil role');

//Make sure dirty form still works

g_form.submitted = false;

//Abort submission

return false;

}

For whatever reason, whenever I impersonate Joe Employee (who has no roles), I can still submit an incident with an impact of 1. Can someone help me out here?

Thanks

coryseering · ‎08-12-2015

Hi Robert,

You are going to want your script in two places- on the Incident form itself (because navigating by URL is more common than you think), and on the Record Producer itself.

Revert your script to the working version you had before- the one where Admin could submit- and test (again, on /incident.do?sys_id=-1) with Joe User to make sure it blocks correctly. Keep that on the Incident form.

Then go to Service Catalog > Catalog Policies > Catalog Client Scripts. Create a New script with a similar name to the one on the Incident form. It should apply to "A Catalog Item", be Active, and UI Type "Desktop".

Type is still onSubmit, and the Catalog Item is "Create Incident" (that's the one Joe Employee uses out-of-box when he clicks on "New" from the Incident list).

The script will be basically the same:

function onSubmit() {


       if(!g_user.hasRole('itil') && g_form.getValue('impact') == 1){


               alert('Record submission aborted because it is high priority and you do not have itil role');


               //Make sure dirty form still works


               g_form.submitted = false;




               //Abort submission


               return false;


       }


}

That should cover both cases where that user might be submitting an incident.

View solution in original post

coryseering · ‎08-12-2015

Hi Robert,

Your script looks good. I tried it out on my own instance, and it works fine.

I suspect that either your Joe Employee user does actually have roles, or you were not actually impersonating them when attempting this (did your session expire maybe?).

When you load up the Incident form as Joe User, open your Dev Tools console (for whatever browser you use) and inspect the g_user object in the main frame. Alternatively, open the incident form in it's own window while impersonating (gor directly to incident.do?sys_id=-1) and inspect the same g_user object. It should have an array containing all the roles that user has (as client-side GlideUser sees them, which is what is making the determination for whether your conditional passes).

You should also validate that the Joe User user has no roles server-side.

Finally, try clearing both your server cache (by navigating to /cache.do) and your browser cache (hold down shift and click the Refresh button) before attempting to recreate the problem again.

Thanks

Cory

bookman1502 · ‎08-12-2015

Cory,

I'm not really an experienced enough web dev (in fact I'm very new) to know exactly what you mean when you say "inspect the g_user object in the main frame." I suspect you mean something like using Firebug if I'm in Firefox, which I have installed but need to read more about regarding how to use. I also installed some developer add-ons to Firefox (the main browser I use) from here, and under View Source I clicked View Generated Source, did Ctrl+F "role" when I was impersonating Joe Employee and found this line:

window.NOW.user.roles = '';

When I did the same as an admin, I found this:

window.NOW.user.roles = 'admin';

This would seem to confirm that Joe Employee has no roles on the client side. I had already looked at his user record to ensure he had no roles before posting this, so I believe that should cover the server side. I've cleared my cache and tried using Google chrome and still I was able to submit an incident as Joe Employee. Interestingly, when I comment out the if statement and the associated curly brace as Berny suggested below, the script works and nobody can submit an incident. I validated that my Impact 1 choice has a value of 1 and tried different non-itil users and I'm still able to submit an incident even as them.

EDIT: I just started playing around with Firebug and when I go to the Scripts tab I see the exact same thing as when I did View Generated Source, so there's that.

bernyalvarado · ‎08-12-2015

Hi Robert, some thoughts of things you may want to check:

a) Make sure that your impact 1 choice has a value of 1

b) Make sure your client script was created in the incident table

c) Check your browser console to see if there's any other errors that may be affecting the execution of your script

d) For troubleshooting purposes try removing the if statement with its curly brackets and check if the alert is coming up. If not, then the onSubmit client script is not getting triggered.

Thanks,

Berny

bookman1502 · ‎08-12-2015

Berny,

Please see my reply to Cory above.