Access control script help

Andrew_TND · ‎11-06-2024

Hello,

I cant seem to get this script to work, what I'm trying to achieve is...

I've created a custom table called u_nda_register, on that table it holds fields u_project (referenced to: pm_project) and u_authorized_group (referenced to: sys_user_group)

What I want to happen is if a user goes to the pm_project table and the project matches one which is on the u_nda_register table and is part of the assignment group populated in u_authorized group they will be able to view the record. Otherwise it wont be visible.

(function() {
    var ndagr = new GlideRecord('u_nda_register');
    ndagr.addQuery('u_project', current.sys_id);
    ndagr.query();
    if (ndagr.next()) {
        var authgroup = ndaRecord.u_authorized_group;
        var graccess = gs.getUser().isMemberOf(authorizedGroup);
        var userprj = gs.getUser().getPreference('current_project');

        if (current.sys_id == userprj && graccess) {
            answer = true;
            return;
        }
    }
    answer = false;
})();

Ankur Bawiskar · ‎11-06-2024

@Andrew_TND

what are you trying to check using this?

        var userprj = gs.getUser().getPreference('current_project');

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader

Andrew_TND · ‎11-06-2024

Ankur! Wow, still going strong on the community! Love the dedication.

With var userprj = gs.getUser().getPreference('current_project'); I was clutching at straws trying to get something to work.

I've tried the below script proposed by Runjay which to be honest is what I started with but worth another go. Any ideas would be great!

(function() {
    var ndagr = new GlideRecord('u_nda_register');
    ndagr.addQuery('u_project', current.sys_id);
    ndagr.query();
    if (ndagr.next()) {
        var authgroup = ndaRecord.u_authorized_group;
        var graccess = gs.getUser().isMemberOf(authgroup);

        if (graccess) 
            answer = true;
       else
          answer = false;
    }else
       answer = false;
})();

Runjay Patel · ‎11-06-2024

Hi @Andrew_TND ,

User below modified script.

(function() {
    var ndagr = new GlideRecord('u_nda_register');
    ndagr.addQuery('u_project', current.sys_id);
    ndagr.query();
    if (ndagr.next()) {
        var authgroup = ndaRecord.u_authorized_group;
        var graccess = gs.getUser().isMemberOf(authorizedGroup);

        if (graccess) 
            answer = true;
       else
          answer = false;
    }else
       answer = false;
})();

Not sure why are you doing this. Using GR you have already validated that project belongs to u_nda_register table or not.

 var userprj = gs.getUser().getPreference('current_project');

-------------------------------------------------------------------------

If you found my response helpful, please consider selecting "Accept as Solution" and marking it as "Helpful." This not only supports me but also benefits the community.

Regards
Runjay Patel - ServiceNow Solution Architect
YouTube: https://www.youtube.com/@RunjayP
LinkedIn: https://www.linkedin.com/in/runjay

-------------------------------------------------------------------------

Andrew_TND · ‎11-06-2024

I think that was me just clutching at straws to show for new records! 😀

I've tried this already but still not working.

(function() {
    var ndagr = new GlideRecord('u_nda_register');
    ndagr.addQuery('u_project', current.sys_id);
    ndagr.query();
    if (ndagr.next()) {
        var authgroup = ndaRecord.u_authorized_group;
        var graccess = gs.getUser().isMemberOf(authgroup);

        if (graccess) 
            answer = true;
       else
          answer = false;
    }else
       answer = false;
})();