HI All
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-29-2024 10:10 PM
Hi All,
I Have one question Related to Incident table.
1.Suppose User create one incident, then user can see only Local IT group, he can not see other group
2.when local it will work in that incident then they can redirect that ticket to 'Raj Group' only. they can not see these group directly
Asia Servicenow Admin
CST
Platform
End user computing
Network Team
3. these group can see everything
Asia Servicenow Admin
CST
Platform
End user computing
Network Team
Raj Group
Thanks

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-29-2024 10:15 PM
Hi @basha shaik ,
Before-Query Business rules restrict the incidents assigned to the specific group visible only to those group members.
Use the script example :
https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0790987
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-30-2024 12:29 AM
Hi @basha shaik,
To achieve the scenario described, you can configure the visibility and assignment of incidents by using Business Rules, Access Control Rules, and Assignment Rules. Here's a step-by-step solution:
Restrict Incident Visibility to Local IT Group
1. Create an Access Control Rule:
- Go to System Security > Access Control (ACL).
- Create a new Access Control Rule for the Incident table (`incident`).
- Set the Type to `record` and the Operation to `read`.
- In the *Condition* field, add a condition to check if the user belongs to the `Local IT` group.
- Set the *Advanced* script to restrict visibility for users outside the `Local IT` group.
answer = gs.hasRole('itil') && gs.getUser().isMemberOf('Local IT');
2. Restrict Local IT Group to Redirect Incidents Only to Raj Group
1. Create a Business Rule:
- Go to `System Definition > Business Rules`.
- Create a new Business Rule on the Incident table.
- Set the *When* field to `before` and *Insert` or `Update` operation.
- In the *Condition* field, check if the incident is being assigned.
- Add a script to restrict assignment to `Raj Group` only if the user is from the `Local IT` group.
if (current.assignment_group.changes()) {
var localITGroupID = gs.getUser().getUserByID().sys_id;
var rajGroupID = 'sys_id_of_raj_group';
if (gs.getUser().isMemberOf('Local IT') && current.assignment_group != rajGroupID) {
gs.addErrorMessage('You can only assign this ticket to the Raj Group.');
current.setAbortAction(true);
}
}
3. Allow Specific Groups to See Everything
1. **Create an Access Control Rule:**
- Go to `System Security > Access Control (ACL)`.
- Create a new Access Control Rule for the Incident table (`incident`).
- Set the *Type* to `record` and the *Operation* to `read`.
- In the *Condition* field, add conditions to allow users from specific groups to see all incidents.
answer = gs.hasRole('itil') &&
(gs.getUser().isMemberOf('Asia Servicenow Admin') ||
gs.getUser().isMemberOf('CST') ||
gs.getUser().isMemberOf('Platform') ||
gs.getUser().isMemberOf('End user computing') ||
gs.getUser().isMemberOf('Network Team') ||
gs.getUser().isMemberOf('Raj Group'));
Summary:
- Create access control rules to restrict visibility based on user groups.
- Implement business rules to restrict assignment of incidents to specific groups.
- Ensure higher-level groups have full visibility by configuring appropriate access control rules.
This setup ensures that only authorized groups can see or assign incidents according to your requirements.
If I could help you with your Query then, please hit the Thumb Icon and mark as Correct !!
Thanks!
Abhishek