Write ACL for sys_user_grmember table

Alon Grod
Tera Expert

‎11-19-2023 08:38 AM

Why Im getting 101 matching conditions and not only one? What am I doing wrong?

Screenshot 2023-11-19 at 18.37.48.png

Screenshot 2023-11-19 at 18.38.28.png

 

0 Helpfuls
  • 411 Views
8 REPLIES 8

Dr Atul G- LNG
Tera Patron
Tera Patron

‎11-19-2023 08:46 AM

Hi @Alon Grod 

 

Surprise, I tried the same and I can see 401 records 😞 

 

*************************************************************************************************************
If my response proves useful, please indicate its helpfulness by selecting " Accept as Solution" and " Helpful." This action benefits both the community and me.

Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/atul_grover_lng [ Connect for 1-1 Session]

****************************************************************************************************************

Sandeep Rajput
Tera Patron
Tera Patron

‎11-19-2023 09:07 AM - edited ‎11-19-2023 09:08 AM

@Alon Grod the count of 101 shows on the screen because the count depends on the conditions configured in the condition field. Since there are no conditions at the moment, it is showing 101 records (it is an indication that your sys_user_grmember table contains 101 records). 

 

Record count is only dependent on the conditions configured within condition field and it has no relation with the script configured in the script field.

 

Also, please configure your ACL as follows via conditions and you would no longer need to write the script, only conditions would suffice in this case.

 

Screenshot 2023-11-19 at 10.31.49 PM.png

0 Helpfuls

Alon Grod
Tera Expert
In response to Sandeep Rajput

‎11-19-2023 09:15 AM

@Sandeep Rajput the goal is :

if(current.group.manager == gs.getUserID() || gs.hasRole('local_manager'))
{
  answer = true;
}

is there anyway to achieve these two conditions without a script?

0 Helpfuls

Sandeep Rajput
Tera Patron
Tera Patron
In response to Alon Grod

‎11-19-2023 09:26 AM

@Alon Grod First part current.group.manager == gs.getUserID() can be replaced via the condition I shared before, but for the second part gs.hasRole('local_manager')) you will need scripting (if you choose to combine both of these conditions in a single ACL).

 

However, if you are open to create two ACLs then in your first ACL, you can have the following condition.

Screenshot 2023-11-19 at 10.31.49 PM.png

 

And in the second ACL you can specify the role local_manager in the role list.

Screenshot 2023-11-19 at 10.52.53 PM.png

The advantage of having these two ACLs is that you do not have to run any script (which has a performance impact as script evaluation takes more time) and both the group manager and user with local_manager will have access to the Group Member table via separate ACLs.

0 Helpfuls