how to restrict agent as being approver?

Sri56 · ‎11-29-2022

Hi Team,

we have approver field, which is a reference to a user table as related tab on sc_task table from agent workspace (as below)

where we need to restrict the agent (assigned_to) user on sc_task table as shown below in approver field

Is it feasible? If yes, how?

Please help me!

Thanks,

Sri

Mohith Devatte · ‎11-30-2022

Hello @Sri56 ,

In this case what you can do is write a before insert Business rule on sysapproval_approver and write a code like below

var gr = new GlideRecord('sc_req_item');

gr.addQuery('sys_id',current.sysapproval);

gr.query();

if(gr.next())

{

if(current.approver=gr.assigned_to.toString())

{

gs.addErrorMessage('You cannot add yourself as an approver');

current.setAbortAction(true);

}
}

Hope this helps

Mark my answer correct if this helps you

Thanks

View solution in original post

Community Alums · ‎11-29-2022

Hi @Sri56 ,

By default, we have two options for an Approval activity: User and Group. Who this is assigned to depends on the workflow generating the approval action for your given RITM.

Once this is generated, it can only be approved or rejected by the Approver user - this is expected behavior. Example: If Susy has an approval, John should not be able to go in and approve it.

When using a Group approval, no one outside of that group can approve. No users (with the exception of admins) will have approval permissions beyond approving something assigned to them in the sysapproval_approver table.

If anyone has access to approve any record, that is a larger issue with ACLs. You would need to identify what roles the users have along with auditing table ACLs to find the misconfiguration.

Sri56 · ‎11-29-2022

Hi Sandeep,

Yes i'm with you.

But here in our scenario, we are using a manual approval concept, where the agent can add the approvers whom they want,

Here we need to exclude agent himself.

This is the requirement.

Please help me on achieving this.