
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-07-2022 07:50 AM
Hello Experts,
I have a request from a user to create an ACL that restricts who can write to the Scrum Role field on our Group Members table. Our customer would like to restrict write access to users:
- in the ITBM Administrators group OR
- has the 'safe_scrum_master' or 'safe_product_owner' role OR
- is a group manager.
The last requirement is the one throwing me off as 'group manager' isn't a specific role I can zero in on and I'm not certain where in ServiceNow that property is set. Below is the code as I have it. Any suggestions? Please note the customer wants ANY group manager to have write access to the Scrum Role field.
if (gs.getUser().isMemberOf('ITBM Administrator') ||
gs.getUser().hasRole('safe_scrum_master') ||
gs.getUser().hasRole('safe_product_owner') ||
answer = true;
else
answer = false;
Thanks in advance!
James B.
Solved! Go to Solution.
- Labels:
-
Service Catalog
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-07-2022 08:55 AM
Hi @J Benson
Then try below code and give the isManager field backend name correctly.
var grManager;
var grM=new GlideRecord("sys_user");
grM.addQuery("sys_id",gs.getUserID());
grM.addQuery("u_ismanager","true"); //here give the ismanager checkbox field name correctly
grM.query();
if(grM.next())
{
grManager=1; //if manager checkbox is true....
}
else
{
grManager=0;
}
if (gs.getUser().isMemberOf('ITBM Administrator') ||
gs.getUser().hasRole('safe_scrum_master') ||
gs.getUser().hasRole('safe_product_owner') || grManager) //added here
answer = true;
else
answer = false;
Hope it helps.
Murthy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-07-2022 08:55 AM
Hi @J Benson
Then try below code and give the isManager field backend name correctly.
var grManager;
var grM=new GlideRecord("sys_user");
grM.addQuery("sys_id",gs.getUserID());
grM.addQuery("u_ismanager","true"); //here give the ismanager checkbox field name correctly
grM.query();
if(grM.next())
{
grManager=1; //if manager checkbox is true....
}
else
{
grManager=0;
}
if (gs.getUser().isMemberOf('ITBM Administrator') ||
gs.getUser().hasRole('safe_scrum_master') ||
gs.getUser().hasRole('safe_product_owner') || grManager) //added here
answer = true;
else
answer = false;
Hope it helps.
Murthy

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-07-2022 09:17 AM
Murthy,
I edited as suggested (backend field name is 'u_is_manager') but result is still the same when impersonating user.
var grManager;
var grM=new GlideRecord("sys_user");
grM.addQuery("sys_id",gs.getUserID());
grM.addQuery("u_is_manager","true");
grM.query();
if(grM.next())
{
grManager=1;
}
else
{
grManager=0;
}
if (gs.getUser().isMemberOf('ITBM Administrator') ||
gs.getUser().hasRole('safe_scrum_master') ||
gs.getUser().hasRole('safe_product_owner') || grManager)
answer = true;
else
answer = false;
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-07-2022 09:42 AM
Hi @J Benson
I don't think there is any issue in the script.
Can you share the ACL configuration screenshot?
So that I can have a look on the same.
Murthy

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-07-2022 11:02 AM
Murthy,
After speaking with the customer again, it appears 'u_is_manager' is not what we're looking to capture. The requirement is for any group manager. They recommended creating a GlideRecord to run through all the groups and look for group managers, but I'm not sure we want an ACL doing that much work. We'll have to re-evaluate how we want to approach this requirement.
I'll mark your previous answer as the solution.
Thanks for all your help,
James
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-07-2022 07:41 PM
Hi @J Benson
In that case you can use the script which I shared earlier.
Are you looking to give the access in the list view? If yes you need to write list_edit ACL.
Murthy