- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-13-2020 02:40 AM
Hi All,
my requirement is to show the HR cases to the agents which belongs to Case assignment group.
scenario:
HRC1233562 is assigned to "Xyz" group.
HRC2324342 is assigned to "Qwerty" group.
HRC8954854 is assigned to "Test" group.
HRC1233562 should be visible to "Xyz" group and should not show to other groups. like wise for all HR cases to should show to Case assignment group members. this should be both in list view and form view.How can we restrict HR cases access or view by using assignment group?
Thanks in Advance!!
Solved! Go to Solution.
- Labels:
-
Case and Knowledge Management
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-13-2020 10:29 AM
As
It is important to note that HRSD ships with several query business rules already named "restrict query". These are there to restrict access to cases for general employees and NOT HR agents. You can create a new one and I would recommend following the similar name as I called it Restrict query Agents:
Then on the advanced tab set the condition to:
gs.isInteractive() && new hr_Utils().checkUserHasRole("sn_hr_core.basic") && !new hr_Utils().checkUserHasRole("sn_hr_core.admin")
This query will only fire with an "interactive" session meaning using the UI versus an interface- this is important for integrations and other background processes querying for cases. Then it checks to see if the user HAS the sn_hr_core.basic user and does NOT have the sn_hr_core.admin role. This way admin's can still query for all cases.
Then set the script to the following:
(function executeRule(current, previous /*null when async*/) {
current.addQuery("assignment_group", "javascript:getMyGroups()");
})(current, previous);
This will insert a behind the scenes query of assignment group matching any group that the logged in user is a member of.
Remember that this query can and will fire for every single query to the HR Case table. So regression testing is super important!
Please mark this post as helpful or the correct answer if applicable so others viewing may benefit.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-13-2020 05:28 AM
Hi.
Thank you for information.
i have understood the COE data model.but my scenario is different.
for example, under the Payroll table i have 5 different assignment groups. as per my business requirement i want to restrict the data between those groups .
if you have any idea on this, please help me.
Thanks
Dileep

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-13-2020 05:29 AM
The Orlando release that took place this week introduces a new feature called COE ACL Security where you have the ability to set access based on a configuration. I would recommend to look into this deeper to solve your use case. This will allow you to remain out of the box and reduce customizations. Here is a link to the docs site that details this feature:
Configuring HR Service Delivery Center of Excellence (COE) security policies
Regards,
Mike
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-13-2020 05:47 AM
Hi.
my version is newyork
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-13-2020 10:29 AM
As
It is important to note that HRSD ships with several query business rules already named "restrict query". These are there to restrict access to cases for general employees and NOT HR agents. You can create a new one and I would recommend following the similar name as I called it Restrict query Agents:
Then on the advanced tab set the condition to:
gs.isInteractive() && new hr_Utils().checkUserHasRole("sn_hr_core.basic") && !new hr_Utils().checkUserHasRole("sn_hr_core.admin")
This query will only fire with an "interactive" session meaning using the UI versus an interface- this is important for integrations and other background processes querying for cases. Then it checks to see if the user HAS the sn_hr_core.basic user and does NOT have the sn_hr_core.admin role. This way admin's can still query for all cases.
Then set the script to the following:
(function executeRule(current, previous /*null when async*/) {
current.addQuery("assignment_group", "javascript:getMyGroups()");
})(current, previous);
This will insert a behind the scenes query of assignment group matching any group that the logged in user is a member of.
Remember that this query can and will fire for every single query to the HR Case table. So regression testing is super important!
Please mark this post as helpful or the correct answer if applicable so others viewing may benefit.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-14-2020 07:41 PM
thank you for reply. this is working as expected. please let me know how can i mark it is correct?