ACL - Allow write to Incident if member of the assignment group (and not parent assignment group)

Go to solution
David Harris1
Tera Contributor

2 weeks ago

I have setup and ACL which allows write to any incidents for members of the assignment group it is assigned to.

They have read access to all other incidents.

The only problem is that they also have write access to incidents assigned to the parent assignment group of the one they are assigned to.

How do I modify it to allow 'Only' to incidents assigned to the group they are in?

 

ACL - Incident.png

 

0 Helpfuls
  • 617 Views
1 ACCEPTED SOLUTION

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron
In response to David Harris1

2 weeks ago

@David Harris1 

then use GlideRecord on sys_user_grmember and check direct membership

var gr = new GlideRecord('sys_user_grmember');
gr.addQuery('user', gs.getUserID());
gr.addQuery('group', current.assignment_group.toString());
gr.query();
var isMember = gr.hasNext();

answer = current.caller_id == gs.getUserID() || current.caller_id == '' || isMember;

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
✨ Certified Technical Architect  ||  ✨ 9x ServiceNow MVP  ||  ✨ ServiceNow Community Leader

View solution in original post

7 REPLIES 7

Go to solution
David Harris1
Tera Contributor
In response to Ankur Bawiskar

2 weeks ago

Thanks but managed to get it working just before your replied using the following.

 

(function executeCondition() {
    var userID = gs.getUserID();
    var groupID = current.assignment_group;

    if (!groupID) {
        return false; // no assignment group
    }

    var gm = new GlideRecord('sys_user_grmember');
    gm.addQuery('user', userID);
    gm.addQuery('group', groupID);
    gm.query();
    if (gm.next()) {
        return true; // user is a member of the assignment group
    }
    return false;
})();
0 Helpfuls

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron
In response to David Harris1

2 weeks ago

@David Harris1 

Glad to know.

I believe I also shared the correct solution.

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
✨ Certified Technical Architect  ||  ✨ 9x ServiceNow MVP  ||  ✨ ServiceNow Community Leader

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron
In response to Ankur Bawiskar

2 weeks ago

@David Harris1 

Hope you are doing good.

Did my reply answer your question?

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
✨ Certified Technical Architect  ||  ✨ 9x ServiceNow MVP  ||  ✨ ServiceNow Community Leader