Restrict P1 incident for the groups other than the respective groups

sai charan7 · ‎11-21-2022

Hi can anyone help me with the help for the code i have written

i want to restrict the p1 incident for selecting for the groups except the groups which i have written in the code, whats happening is that i have clicked on admin over rides and even i can see the error message. here is the following code :

if(gs.getUser().isMemberOf('9d0a216a0a0a3caa0115b93dfaf2ae56')||gs.getUser().isMemberOf('a0cc6d93db123340d8837fc88c96196e')||gs.getUser().isMemberOf('9d0a20990a0a3caa003f7be11bb58e93')||gs.getUser().isMemberOf('9d0a21960a0a3caa00e62aec0c92ba7f')||gs.getUser().isMemberOf('fc8122092dad344433e3a12e0d26d3bf')||gs.getUser().isMemberOf('1bc9942b394a5ec033e3e16ef1a2ae33')||gs.getUser().isMemberOf('de363e537d886d40fbb6296def8c2cf6')&&current.priority == '1')
{
answer = true;
}

else{
answer = false;
gs.addErrorMessage('You dont have the right to Create/Update P1 tickets');
}

Community Alums · ‎11-21-2022

You don't need to query the incident table. I believe the Before insert/update BR is on incident table and you need to check whether the logged in user is part of the groups or not like below:

(function executeRule(current, previous /*null when async*/ ) {
    if ((gs.getUser().isMemberOf('9d0a216a0a0a3caa0115b93dfaf2ae56') || gs.getUser().isMemberOf('a0cc6d93db123340d8837fc88c96196e') || gs.getUser().isMemberOf('9d0a20990a0a3caa003f7be11bb58e93') || gs.getUser().isMemberOf('9d0a21960a0a3caa00e62aec0c92ba7f') || gs.getUser().isMemberOf('fc8122092dad344433e3a12e0d26d3bf') || gs.getUser().isMemberOf('1bc9942b394a5ec033e3e16ef1a2ae33') || gs.getUser().isMemberOf('de363e537d886d40fbb6296def8c2cf6')) && current.priority.toString() == '1') {
        //do nothing
    } else {

        gs.addErrorMessage('You dont have the right to Create/Update P1 tickets');
        current.setAbortAction(true);
    }

})(current, previous);

View solution in original post

Voona Rohila · ‎11-22-2022

Hi @sai charan7

If the values are stored in a property then you can simply use below logic in 'Before Insert BR'

(function executeRule(current, previous /*null when async*/ ) {

    var isMember = false;
    var grp = gs.getProperty('get_groups').split(",");
    for (var x = 0; x < grp.length; x++) {
        isMember = gs.getUser().isMemberOf(grp[x]);
    }
    if (!isMember) {
        gs.addErrorMessage('You dont have the right to Create/Update P1 tickets');
        current.setAbortAction(true);
    }


})(current, previous);

Mark it helpful if this helps you to understand. Accept solution if this give you the answer you're looking for
Kind Regards,
Rohila V
2022-25 ServiceNow Community MVP

View solution in original post

Community Alums · ‎11-21-2022

@sai charan7 Okay.. If you don't want admins to see the error message - "You dont have the right to Create/Update P1 tickets" then add 1 more condition in the if block like gs.hasRole('admin')

Please mark my response as helpful/correct based on the impact

sai charan7 · ‎11-21-2022

actually its not working because other groups are able to set p1 by changing impact and urgency

Community Alums · ‎11-21-2022

Can you paste the code here? what's the exact requirement? Is this a field level ACL? Only few group members should be able to edit the impact / urgency and priority?