Hide Attachments on HR LE Case both in native view and portal view

Veera6
Tera Contributor

HI - I cannot hide attachments on the HR LE Case to 'opened_for' if he is the 'subject_person' manager in the portal view as well in the native view. I tried to create an ACL, but several other ACLs allow access to opened_for. Query Business Rule would not work.

Data Filtration does not have a sys_attachment table listed. It is not an excluded list. What would be the best approach to achieve my use case? Can someone please advise?

3 REPLIES 3

Ankur Bawiskar
Tera Patron
Tera Patron

@Veera6 

you will have to tweak the sys_attachment.READ ACL to handle this.

In native you can hide it using g_form.disableAttachments() but that may or may not work on portal, that needs to be checked

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
✨ Certified Technical Architect  ||  ✨ 9x ServiceNow MVP  ||  ✨ ServiceNow Community Leader

Thanks for your response Ankur,I tweaked the OOTB READ ACL below line no: 90 ,  but did not work, There are like 40 read ACLs on attachments. It is hard to tell which ACL is giving access.
"<https://your-instance.service-now.com>/now/nav/ui/classic/params/target/sys_security_acl.do%3Fsys_id%3D0bcf23740a6a38d400c7e02590038464
line no : 90

Created a new  READ ACL:

answer = getHRAttachmentReadAnswer();

function getHRAttachmentReadAnswer() {
gs.log('Veera 01 HR Case ACL read');
var tableName = current.table_name;
var parentRecord = new GlideRecord(tableName);
gs.log('Veera 02 sysid ' + current.table_sys_id + 'table name' + tableName);
// parentRecord.setWorkflow(false);
if (parentRecord.get(current.table_sys_id)) {
if (parentRecord.sys_class_name == 'sn_hr_le_case' || parentRecord.sys_class_name == 'sn_hr_core_case') {
gs.log('Veera 03 isCreatedBy ' + parentRecord.opened_for.getDisplayValue() + '==' + parentRecord.subject_person.u_manager_name);
if ( parentRecord.opened_for == gs.getUserID() && parentRecord.opened_for.getDisplayValue() == parentRecord.subject_person.u_manager_name)
return false;
} else {
return true;
}

}
}

Veera6
Tera Contributor

Also tried Query BR :

(function executeRule(current, previous /*null when async*/ ) {
try {
var arr = [];
gs.addInfoMessage("hello from Veera BR")
var tableName = current.table_name;
var parentRecord = new GlideRecord(tableName);
parentRecord.setWorkflow(false);
if (parentRecord.get(current.table_sys_id)) {
var sp = new GlideRecord('sn_hr_core_profile');
sp.get(parentRecord.subject_person);
var usr = new GlideRecord('sys_user');
usr.get(sp.user);
if (parentRecord.opened_for == gs.getUserID() && parentRecord.opened_for == usr.manager)
{
//return false;
gs.addInfoMessage('Query BR for Attachment HR LE Case 2');
}
} else {
arr.push(current.sys_id.toString());
}
 
current.addEncodedQuery('sys_idIN' + arr.join(','));
 

} catch (err) {
gs.warn('Failed BR on LE Case: ' + err, 'LE Case');
}
})(current, previous);