HI All

basha shaik
Tera Contributor

Hi All,

 

I Have one question Related to Incident table.

 

1.Suppose User create one incident, then user can see only Local IT group, he can not see other group

 

 

2.when local it will work in that incident then they can redirect that ticket to 'Raj Group' only. they can not see these group directly

 

Asia Servicenow Admin
CST
Platform
End user computing
Network Team

 

3. these group can see everything

 

Asia Servicenow Admin
CST
Platform
End user computing
Network Team
Raj Group

 

 

Thanks

2 REPLIES 2

Community Alums
Not applicable

Hi @basha shaik ,

Before-Query Business rules restrict the incidents assigned to the specific group visible only to those group members.

Use the script example :

https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0790987

 

User364122
Kilo Contributor

Hi @basha shaik,

 

To achieve the scenario described, you can configure the visibility and assignment of incidents  by using Business Rules, Access Control Rules, and Assignment Rules. Here's a step-by-step solution:

Restrict Incident Visibility to Local IT Group

1. Create an Access Control Rule:
  - Go to System Security > Access Control (ACL).
  - Create a new Access Control Rule for the Incident table (`incident`).
  - Set the Type to `record` and the Operation to `read`.
  - In the *Condition* field, add a condition to check if the user belongs to the `Local IT` group.
  - Set the *Advanced* script to restrict visibility for users outside the `Local IT` group.

  answer = gs.hasRole('itil') && gs.getUser().isMemberOf('Local IT');

2. Restrict Local IT Group to Redirect Incidents Only to Raj Group

1. Create a Business Rule:
  - Go to `System Definition > Business Rules`.
  - Create a new Business Rule on the Incident table.
  - Set the *When* field to `before` and *Insert` or `Update` operation.
  - In the *Condition* field, check if the incident is being assigned.
  - Add a script to restrict assignment to `Raj Group` only if the user is from the `Local IT` group.

  if (current.assignment_group.changes()) {
    var localITGroupID = gs.getUser().getUserByID().sys_id;
    var rajGroupID = 'sys_id_of_raj_group';

    if (gs.getUser().isMemberOf('Local IT') && current.assignment_group != rajGroupID) {
      gs.addErrorMessage('You can only assign this ticket to the Raj Group.');
      current.setAbortAction(true);
    }
  }


3. Allow Specific Groups to See Everything

1. **Create an Access Control Rule:**
  - Go to `System Security > Access Control (ACL)`.
  - Create a new Access Control Rule for the Incident table (`incident`).
  - Set the *Type* to `record` and the *Operation* to `read`.
  - In the *Condition* field, add conditions to allow users from specific groups to see all incidents.

  answer = gs.hasRole('itil') &&
           (gs.getUser().isMemberOf('Asia Servicenow Admin') ||
            gs.getUser().isMemberOf('CST') ||
            gs.getUser().isMemberOf('Platform') ||
            gs.getUser().isMemberOf('End user computing') ||
            gs.getUser().isMemberOf('Network Team') ||
            gs.getUser().isMemberOf('Raj Group'));

Summary:
- Create access control rules to restrict visibility based on user groups.
- Implement business rules to restrict assignment of incidents to specific groups.
- Ensure higher-level groups have full visibility by configuring appropriate access control rules.

This setup ensures that only authorized groups can see or assign incidents according to your requirements.

If I could help you with your Query then, please hit the Thumb Icon and mark as Correct !!

 

Thanks!

Abhishek