ensure that assignment group members only have access to the HR cases assigned to their Group

Satyam123 · ‎04-17-2025

I'm working with HR cases in ServiceNow and I want to restrict access so that users can only view HR cases assigned to their own assignment group. What's the best way to configure this access control? if they search another group case number they won't able to access that.
Thank you

J Siva · ‎04-18-2025

Hi @Satyam123

Create one Deny unless Read ACL on each COE & core table.

In the condition, use assignment group is dynamic (one of my groups) & see.

Regards,

Siva

RohitKV · ‎04-18-2025

@Satyam123

You can use the COE Security Policies and can specify the COE's and Services you want to apply this policy to.
In the Applies when condition, select the Assignment group as required.
For more information on the COE security policy, Please review the docs below
https://www.servicenow.com/docs/csh?topicname=hr-create-coe-security-policy.html&version=latest

Satyam123 · ‎04-21-2025

Query Business rule: on Hr case table.
before:
code:

// (function executeRule(current, previous) {

// // Get the current user's groups as an array

// var userGroups = gs.getUser().getMyGroups();

// // If user has no groups, return no records

// if (userGroups.length === 0) {

// current.addQuery('sys_id', 'NONE');

// return;

// }

// // Filter cases where assignment_group is in the user's groups

// current.addQuery('assignment_group', 'IN', userGroups);

// })(current, previous);