ACL check for groups

samadam
Kilo Sage

I have a requirement to allow write access if user is a member of TEST_GROUP or a groups parent is TEST_GROUP. How can I set in in ACL?

Thanks

Sam

1 ACCEPTED SOLUTION

Hi Michael,



you can use the below script:



if(gs.getUser().isMemberOf('TEST_GROUP')   &&   checkParent())


{


  answer = true;


}


else


{


  answer = false;


}



function checkParent()


{


var gr = new GlideRecord('sys_user_grmember');


gr.addQuery('user', gs.getUserID());


gr.query();


while(gr.next())


  {


          if(gr.group.parent.getDisplayValue() == 'TEST_GROUP')


            {


                return true;


            }


    }


}


View solution in original post

3 REPLIES 3

Michael Fry1
Kilo Patron

Add this to the script part of the ACL:



answer = gs.getUser().isMemberOf('TEST_GROUP') || current.assignment_group.parent.getDisplayvalue = 'TEST_GROUP';


Thanks Michael, To clarify For the parent I am looking at if the user belongs to a group whose parent is TEST_GROUP not the assignment_group parent.


Hi Michael,



you can use the below script:



if(gs.getUser().isMemberOf('TEST_GROUP')   &&   checkParent())


{


  answer = true;


}


else


{


  answer = false;


}



function checkParent()


{


var gr = new GlideRecord('sys_user_grmember');


gr.addQuery('user', gs.getUserID());


gr.query();


while(gr.next())


  {


          if(gr.group.parent.getDisplayValue() == 'TEST_GROUP')


            {


                return true;


            }


    }


}