Mark HR case confidential and once its mark true then case should be visible to HR admin

aastha3
Giga Contributor

Created a check box for HR case confidential . When its checked- true then the HR case should be only visible to HR admin.

I dont want to go with ACL . Any other way to approach this?

Thanks

 

14 REPLIES 14

Alok Das
Tera Guru

Hi Aastha,

Is there any specific business requirement that you can not use the ACL? Just curious to know because ACL would be the best way to achieve this requirement. However you could use the below script in your Before-Query business rule.

if (!gs.hasRole('hr_admin') && gs.getSession().isInteractive()) { //Check if the user has the 'hr_admin' role and if the session is an actual user session
	//If they DON'T have the 'hr_admin' role then do the following...
	current.addQuery('checkbox_name', false);//replace checkbox_name with the backend coulumn name of the checkbox. this will by default add the query for the non hr_admin users to show the records whose checkbox is false.
}

 

Kindly mark my answer as Correct and Helpful based on the Impact.

Regards,

Alok

aastha3
Giga Contributor

Hi Alok ,

 Also when the checkbox is checked I want the complete HR case form should be visible to hr_Admin role and opened for in that HR case.

But I am not able to achieve the above with your code.

I saw this post thats why said no to ACL

https://community.servicenow.com/community?id=community_question&sys_id=8dbbd015dba933c4a39a0b55ca96...

If ACL will cause any issue in future then that will be a problem

 

Yeah I just added the code to get the record visible only for the hr_admin not for the opened_for. Please find the below updated code which should work.

if (!(gs.hasRole('hr_admin')||current.opened_by==gs.getUser()) && gs.getSession().isInteractive()) { //Check if the user has the 'hr_admin' role or it's not an opened by of the record and if the session is an actual user session
   //If they DON'T have the 'hr_admin' role then do the following...
current.addQuery('checkbox_name', false).addOrCondition("opened_by", gs.getUserID());
}

aastha3
Giga Contributor

It is still showing for some ppl who are not having hr_admin role.

 

For one person she is  having sn_hr_core.admin she is able to see  the record. Or what I can do use the HR admin group instead.

 

I have used below info in BR

Before Query BR

When to Run: markconfidental = True

script

 

if (!gs.hasRole('hr_admin')||current.opened_for==gs.getUser()))

{ //because impersonating and checking


//current.addQuery('mark_confidential', false).addOrCondition("opened_for", gs.getUserID());
}

Correct me if I am wrong

michaelj_sherid
ServiceNow Employee
ServiceNow Employee

Hi aastha,

You can use the new feature in Orlando COE ACL Security (I do see you are listed on New York). Nevertheless, the COE ACL Configuration allows you to set these types of access rules by way of configuration. Here is a link to the docs site to get additional details. This is an OOB way to approach your requirement.

Configuring HR Service Delivery Center of Excellence (COE) security policies

Regards,

Mike