
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-24-2018 05:18 AM
Hi there,
I have a requirement whereby i should only be able to see the HR cases assigned to my assignment group, I should be restricted to access those HR cases which doesn't belong to my group except the approvers etc.
Further there would be some users with some roles who would be able to access all the HR cases in the application
I know it can be done via ACL but changing the OOB ACL looks too complicated any easier solution on mind? or anyone had the same requirement before?
Tx
Solved! Go to Solution.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-29-2018 03:14 AM
I found the solution of the above requirement by writing a on before BR on case table. Below is the script
if (gs.isInteractive() || gs.getCallerScopeName() != 'sn_hr_le') {
var userId = gs.getUserID();
var myGroups = hr_Utils.myGroups;
current.addQuery("opened_by", userId)
.addOrCondition("opened_for", userId)
.addOrCondition("parent.ref_sn_hr_core_case.opened_for", userId)
.addOrCondition("watch_list", "CONTAINS", userId)
.addOrCondition("sys_id", "IN", hr_Utils.myCasesWithApprovals + ',' + hr_Utils.myCasesWithTasks)
.addOrCondition('assignment_group',myGroups)
.addOrCondition('hr_service.subject_person_access', true).addCondition('subject_person', userId);
}
Be careful with the code of myGroups in hr_Utils Script Include as the OOB code doesn't seems to work as desired on my instance so I modified it a bit. You can put logs to verify
Thanks

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-24-2018 05:38 AM
Hi Sachin,
It's better to use ACLs, but if want some other alternative....you can create a new module to get cases assigned to loggedin users group :
Navigate to modules under system definition > create a new module >
Name : Assigned to My Groups
Filter : Assignment group : is(dynamic) : one of my groups.
Table : Table name (sn_hr_core_case_total_rewards)
Link Type : List of records
Arguments : &sysparm_fixed_query=active=true // shows only active records and doesn't let to click all records from list view.
You can also specify roles under Visibility section.
Mark if Correct/Helpful.
Regards,
Ajay

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-24-2018 05:44 AM
Also, you can write a before query business rule, refer the link : Controlling record access using ‘Before Query’ business rules
Regards,
Ajay

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-29-2018 03:14 AM
I found the solution of the above requirement by writing a on before BR on case table. Below is the script
if (gs.isInteractive() || gs.getCallerScopeName() != 'sn_hr_le') {
var userId = gs.getUserID();
var myGroups = hr_Utils.myGroups;
current.addQuery("opened_by", userId)
.addOrCondition("opened_for", userId)
.addOrCondition("parent.ref_sn_hr_core_case.opened_for", userId)
.addOrCondition("watch_list", "CONTAINS", userId)
.addOrCondition("sys_id", "IN", hr_Utils.myCasesWithApprovals + ',' + hr_Utils.myCasesWithTasks)
.addOrCondition('assignment_group',myGroups)
.addOrCondition('hr_service.subject_person_access', true).addCondition('subject_person', userId);
}
Be careful with the code of myGroups in hr_Utils Script Include as the OOB code doesn't seems to work as desired on my instance so I modified it a bit. You can put logs to verify
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-26-2021 07:12 AM