How to Create an ACL to restrict particular Incidents visibility to only one group users
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-14-2023 02:45 AM
Hi,
I have a custom field (checkbox) in incident table and i am trying to add ACL to restrict the incidents with this new field is 'True' to be visible to only group 'A'.
1. Only Group 'A' can able to view and edit this field.
2. Only group 'A' can able to view the tickets and other users it should not be visible even if ht euesr is having ITIL role.
Please suggest a best approach to achieve the above scenario.
I tried creating below ACL - the field visibility is working fine (only group A users can bale to view this field on incident )
==========================
READ ACL
Incident + custom field
Script:
var answer = false ;
if(gs.getUser().IsMemberOf('Sys_Id_of group A'))
{
answer =true;
}
===========================
The below ACL is not working as expected -
READ ACL
Incident + None
Script :
var answer = false ;
if(gs.getUser().IsMemberOf('Sys_Id_of group A'))
{
answer =true;
}
===================================
I tried login with user 'x' with itil role and user is not a member of group 'A' but still it is visible for the user.
Please help to create an ACL .
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-14-2023 03:05 AM
Hi,
i found only a working solution by using this script in a business rule.
If i used ACL, the listview shows the records, but the field are all empty.
Because of that, i found this advanced script in a business rule.
I think, you can edit it with your custom field.
(function executeRule(current, previous /*null when async*/ ) {
var grp = current.addNullQuery('assignment_group').addOrCondition('caller_id', gs.getUserID()).addOrCondition('assignment_group','!=','9647f4dc1b8d1150f66076e09b4bcb21');
})(current, previous);And in the condition
!gs.getUser().isMemberOf('9647f4dc1b8d1150f66076e09b4bcb21')&&!gs.getUser().hasRole('admin')
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-14-2023 05:26 AM - edited 11-14-2023 06:47 AM
Hi @Dirk D ,
Thanks for your reply.
For my case, i need to populate the incidents with Custom field 1 is false for all other users and hide incidents with custom field 1 = true
custom_field1 = true incidents will be visible only to the users belongs to Group 'A'.
So i have added a condition
!gs.getUser().isMemberOf('sys_id')&&!gs.getUser().hasRole('admin')
If a user is not part of the group 'A' and not an admin then the incidents with Custom Field = false only visible
SCript :
(function executeRule(current, previous /*null when async*/ ) {
current.addQuery('custom_field_1',false);
})(current, previous);
The above code is working as expected. please correct me if my understanding is wrong.
I need to create an ACL (READ) to make the custom field visible for group 'A" users and hidden for all other users except admin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-14-2023 07:31 AM
Hi,
at the moment, your custom field will be visible for all records in the table, no matter what the script says.
The solution for the custom field, i think, must be a ACL. On fields, it works perfect.
I would also prefer a Solution to restricted the record-view with ACL, but at the moment i have not find a practicable solution.
