ACL Not working for internal users

Sohini Kar · 3 weeks ago

As an internal user, I want to view and update RITMs categorized as internal so that I can manage RITMs securely.

Acceptance Criteria = User has internal_user role;

Can view RITMs where Categorization = Internal;

Cannot view external incidents unless hybrid classification applies.

I created an ACL with below script:

(function()

{

// Allow ITIL or other elevated roles

if (gs.hasRole('itil') || gs.hasRole('sn_incident_read'))

{

return true;

}

// Check if user is an internal user

var isInternalUser = gs.hasRole('internal_user');

if (!isInternalUser) {

// User is not internal, so this ACL should not grant access

return false;

}

// INTERNAL USER LOGIC

// Get categorization on the RITM

var ritmCat = current.u_categorization.toString();

// Get parent request categorization

var reqCat = "";

if (current.request) {

var req = current.request.getRefRecord();

if (req && req.isValidRecord()) {

reqCat = req.categorization.toString();

}

// 1️⃣ Allow if RITM or Request is Internal

if (ritmCat === "Internal" || reqCat === "Internal") {

return true;

}

// 2️⃣ Allow if RITM or Request is Hybrid

if (ritmCat === "Hybrid" || reqCat === "Hybrid") {

return true;

}

// 3️⃣ Otherwise block (External)

return false;

});

It is still giving me error.

Can it be like any other ACL is blocking this?

Ankur Bawiskar · 3 weeks ago

@Sohini Kar

even if 1 table.None ACL passes the access will be given.

Did you debug your above script by adding logs?

💡 If my response helped, please mark it as correct ✅ and close the thread 🔒— this helps future readers find the solution faster! 🙏

Regards,
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader

Simon Christens · 3 weeks ago

Try changing:

(function()

with:

answer = (function()

You need to make sure that "answer" is assigned in the ACLs

If that doesnt work then you need to check the if statements for proper values