ACL script help to check member is belongs to assignment group provide read access?

Go to solution
Vijay27
Tera Guru

‎07-18-2019 03:51 PM

answer = getAttachmentReadAnswer();

function getAttachmentReadAnswer() {

var user=gs.getUserID();
gs.info("user name is:"+user);                //in logs it is giving correct user
var grp=current.assignment_group;       
gs.info("currentgrp name is"+grp);          //in logs it is giving null
if(current.assigned_to == user)
return true;
else if(user.isMemberOf(current.assignment_group) {
return true;
}
else return false;

 

I want to provide access to seee the attachment attached on the case if the user opens a case and he belongs to assignment group of the case.

The above script  is not working in ACL script .please help me on the ACL scriptong ony on how to check this one

Regards,

vijay

0 Helpfuls
  • 8,219 Views
1 ACCEPTED SOLUTION

Go to solution
Mike Patel
Tera Sage
In response to Vijay27

‎07-18-2019 05:22 PM

try below

answer = getAttachmentReadAnswer();

function getAttachmentReadAnswer() {
	var gr = new GlideRecord("task");
	gr.get("sys_id", current.table_sys_id);
		
	var user=gs.getUserID();
	gs.info("user name is:"+user);                //in logs it is giving correct user
	var grp=gr.assignment_group;
	gs.info("currentgrp name is"+grp);          //in logs it is giving null
	if(current.assigned_to == user){
		return true;
	}else if(gs.getUser().isMemberOf(gr.assignment_group)) {
		return true;
	}else{
		return false;
	}
}

View solution in original post

0 Helpfuls
8 REPLIES 8

Go to solution
Vijay27
Tera Guru
In response to The SN Nerd

‎07-18-2019 05:27 PM

I debud the security rules and checked only this is running and giving accces to see the attachment ,if i made this acl  inactive the users cant see the attachment and if i made active the users can able to view te attachment

0 Helpfuls

Go to solution
Mike Patel
Tera Sage
In response to Vijay27

‎07-18-2019 05:22 PM

try below

answer = getAttachmentReadAnswer();

function getAttachmentReadAnswer() {
	var gr = new GlideRecord("task");
	gr.get("sys_id", current.table_sys_id);
		
	var user=gs.getUserID();
	gs.info("user name is:"+user);                //in logs it is giving correct user
	var grp=gr.assignment_group;
	gs.info("currentgrp name is"+grp);          //in logs it is giving null
	if(current.assigned_to == user){
		return true;
	}else if(gs.getUser().isMemberOf(gr.assignment_group)) {
		return true;
	}else{
		return false;
	}
}
0 Helpfuls

Go to solution
Mike Patel
Tera Sage
In response to Mike Patel

‎07-18-2019 05:31 PM

try and let me know

0 Helpfuls

Go to solution
The SN Nerd
Giga Sage
Giga Sage

‎07-18-2019 05:21 PM

Remember that even if this ACL evaluates to false as you may expect if another read ACL passes they will still be able to see the attachment. There are some other OOTB Attachment ACL's with advanced conditions that may be passing..

Can you elaborate on what you mean by 'not working as expected' ie

  • Users can read attachment when they shouldn't on record type X
  • OR Users cannot read attachment when they should record type X
  • Or both? 

ServiceNow Nerd
ServiceNow Developer MVP 2020-2022
ServiceNow Community MVP 2019-2022
0 Helpfuls