
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-20-2020 06:52 PM
Hi community,
Got an ACL script that I'm trying to augment to allow the current user to read a requested item if s/he is one of the approver(s) of that requested item. I'm pretty green at creating and calling functions and I think that may be where I've made an error. Having a hard time finding examples to help me fix it though, especially from within an ACL.
The ACL script before I got to it was
(note: line breaks added here for readability... hopefully it's not confusing)
current.isNewRecord() || current.opened_by == gs.getUserID() ||
current.request.requested_for == gs.getUserID() ||
gs.hasRole('itil,sn_request_write') ||
current.watch_list.indexOf(gs.getUserID()) > -1;
and it worked fine. In fact if I add the 'itli' role (one of the conditions above) to my test user I have verified he can read the record in question.
If possible, I need one more OR condition to determine if the current user is one of the approvers of the current record, and if so, allow him to read it / if not disallow reading.
This is the modified script I came up with but isn't working
current.isNewRecord() || current.opened_by == gs.getUserID() ||
current.request.requested_for == gs.getUserID() ||
gs.hasRole('itil,sn_request_write') ||
current.watch_list.indexOf(gs.getUserID()) > -1 ||
isApprover(gs.getUserID());
function isApprover(cu) {
var sa = new GlideRecord('sysapproval_approver');
sa.addQuery('sysapproval',current.sys_id);
sa.addQuery('approver',cu);
sa.query();
if (sa.next()) {
return true;
}
else {
return false;
}
}
I did a little testing by taking the GlideRecord query bit, used it in a background script, modified slightly to pass a specific sc_req_item sys_id, changed 'cu' in line 6-ish to gs.getUserID(), and it did give me the right result back.
If any other details would help let me know please and thanks in advance for anything you can offer!
Solved! Go to Solution.
- Labels:
-
Request Management
-
Service Catalog

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-21-2020 04:34 PM
I figured it out and you were right
I think w/out you pushing me to keep at it I'd not have thought to check other areas so I appreciate it very much!
Cheers,
-Aaron

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-20-2020 07:23 PM
try
current.isNewRecord() || current.opened_by == gs.getUserID() ||
current.request.requested_for == gs.getUserID() ||
gs.hasRole('itil,sn_request_write') ||
current.watch_list.indexOf(gs.getUserID()) > -1 ||
new ApproverUtils().canApproversRead();

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-20-2020 08:52 PM
That did not work. I looked up the script include; while it seems like a good bet it doesn't seem to work, at least not as written in your suggestion.
Thank you for the suggestion. Still looking.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-20-2020 07:31 PM
I wonder if answer = true instead of return true would work.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-20-2020 08:53 PM
Tried this too - no luck. Thank you for the suggestion!