Work notes only for ITIL users

Go to solution
Brian Lancaster
Tera Sage

‎10-30-2018 01:32 PM

We have a requirement to make a certain group of ITIL users to have write access to only work notes.  I was thinking of giving them an extra role that would prevent them to write to all fields except work notes.  This seems like a lot of ACLs to write.  Is there a better way to do this?  Am I overthinking how I would write my ACLs?

0 Helpfuls
  • 1,604 Views
1 ACCEPTED SOLUTION

Go to solution
Brian Lancaster
Tera Sage
In response to Brian Lancaster

‎11-01-2018 05:47 AM

I found something on the ServiceNow Guru site that let me get all fields that have change in an array.  It then allowed me to loop through them so I could determine if anything other then work notes was updated.

(function executeRule(current, previous /*null when async*/) {

	// Add your code here
	if (gs.hasRole('pmo_itil')){
		var gru = GlideScriptRecordUtil.get(current);
		var changedFields = gru.getChangedFieldNames().toString().split(',');
		//gs.log ("Changed Fields: " + changedFields);
		for (var i = 0; i < changedFields.length; i++){
			gs.log ("Changed Field: " + changedFields[i]);
			if (changedFields[i] != '[work_notes]'){
				gs.addErrorMessage('You do not have writes to change any fields but Work Notes');
				current.setAbortAction(true);
				return;
			}
		}
	}

})(current, previous);

 

View solution in original post

11 REPLIES 11

Go to solution
SanjivMeher
Kilo Patron
Kilo Patron

‎10-30-2018 01:49 PM

I think a new role will do. All you need to create is a read ACL on that table and then write ACL only for worknotes. But I am not sure, if we can do that's allowed and doesn't violate the licensing policy


Please mark this response as correct or helpful if it assisted you with your question.
0 Helpfuls

Go to solution
Brian Lancaster
Tera Sage
In response to SanjivMeher

‎10-30-2018 03:06 PM

That is the thing.  I cannot get another ACL to work by itself.  The user would need to have both ITIL and the new role.

0 Helpfuls

Go to solution
SanjivMeher
Kilo Patron
Kilo Patron
In response to Brian Lancaster

‎10-30-2018 03:28 PM

How about other tables? Should they have access to change request, problem etc.


Please mark this response as correct or helpful if it assisted you with your question.
0 Helpfuls

Go to solution
Brian Lancaster
Tera Sage
In response to SanjivMeher

‎10-31-2018 04:59 AM

We are only using incident, request, and problem.  The requirements are only on incident and request as they are customer facing.

0 Helpfuls