Mark HR case confidential and once its mark true then case should be visible to HR admin

aastha3
Giga Contributor

‎03-11-2020 11:43 PM

Created a check box for HR case confidential . When its checked- true then the HR case should be only visible to HR admin.

I dont want to go with ACL . Any other way to approach this?

Thanks

 

0 Helpfuls
  • 1,853 Views
14 REPLIES 14

Alok Das
Tera Guru

‎03-12-2020 01:19 AM

Hi Aastha,

Is there any specific business requirement that you can not use the ACL? Just curious to know because ACL would be the best way to achieve this requirement. However you could use the below script in your Before-Query business rule.

if (!gs.hasRole('hr_admin') && gs.getSession().isInteractive()) { //Check if the user has the 'hr_admin' role and if the session is an actual user session
	//If they DON'T have the 'hr_admin' role then do the following...
	current.addQuery('checkbox_name', false);//replace checkbox_name with the backend coulumn name of the checkbox. this will by default add the query for the non hr_admin users to show the records whose checkbox is false.
}

 

Kindly mark my answer as Correct and Helpful based on the Impact.

Regards,

Alok

0 Helpfuls

aastha3
Giga Contributor
In response to Alok Das

‎03-12-2020 01:26 AM

Hi Alok ,

 Also when the checkbox is checked I want the complete HR case form should be visible to hr_Admin role and opened for in that HR case.

But I am not able to achieve the above with your code.

I saw this post thats why said no to ACL

https://community.servicenow.com/community?id=community_question&sys_id=8dbbd015dba933c4a39a0b55ca96...

If ACL will cause any issue in future then that will be a problem

 

0 Helpfuls

Alok Das
Tera Guru
In response to aastha3

‎03-12-2020 01:48 AM

Yeah I just added the code to get the record visible only for the hr_admin not for the opened_for. Please find the below updated code which should work.

if (!(gs.hasRole('hr_admin')||current.opened_by==gs.getUser()) && gs.getSession().isInteractive()) { //Check if the user has the 'hr_admin' role or it's not an opened by of the record and if the session is an actual user session
   //If they DON'T have the 'hr_admin' role then do the following...
current.addQuery('checkbox_name', false).addOrCondition("opened_by", gs.getUserID());
}
0 Helpfuls

aastha3
Giga Contributor
In response to Alok Das

‎03-12-2020 02:28 AM

It is still showing for some ppl who are not having hr_admin role.

 

For one person she is  having sn_hr_core.admin she is able to see  the record. Or what I can do use the HR admin group instead.

 

I have used below info in BR

Before Query BR

When to Run: markconfidental = True

script

 

if (!gs.hasRole('hr_admin')||current.opened_for==gs.getUser()))

{ //because impersonating and checking


//current.addQuery('mark_confidential', false).addOrCondition("opened_for", gs.getUserID());
}

Correct me if I am wrong

0 Helpfuls

michaelj_sherid
ServiceNow Employee
ServiceNow Employee

‎03-12-2020 05:38 AM

Hi aastha,

You can use the new feature in Orlando COE ACL Security (I do see you are listed on New York). Nevertheless, the COE ACL Configuration allows you to set these types of access rules by way of configuration. Here is a link to the docs site to get additional details. This is an OOB way to approach your requirement.

Configuring HR Service Delivery Center of Excellence (COE) security policies

Regards,

Mike