Hello,

Our Service Catalog approval process triggers user approvals to one or more users. If one of the approvers or their delegates approves or rejects the RITM, the other approvals should move to no longer required and the workflow should move forward.

This works as expected for users with roles, but if one of the approvers is an ESS user, and they approved or rejected the approval, the rest of the user approval (sysapproval_approver) records for that RITM aren't getting closed.

I put in a read ACL on the sysapproval_approver table. This works as expected but we have an OOB business rule called "approval query" on the sysapproval_approver table that is preventing ESS users from viewing other approval records.

Can we disable this business rule and use only ACLs to handle our approval permissions or is there an easier way for the workflow (system) to handle the approval activity instead of using the user account.

[code]

answer = gs.hasRole('approval_admin') || isApprovalMine(current) || hasAccessToDocument(current) || uIsRITMApprover(current);

function uIsRITMApprover(ritm) {

  if(current.sysapproval.sys_class_name=='sc_req_item') {

  var gr = new GlideRecord('sysapproval_approver');

  gr.addQuery('sysapproval', current.sysapproval);

  gr.query();

  var flag=false;

  while(gr.next()) {

  var approver = gr.approver.toString();

  if(approver == gs.getUserID()) {

  return true;

  }

  else {

  flag = uIsDelegate(approver);

  }

  }

  return flag;

  }

  return false;

}

function uIsDelegate(approver) {

  var dg = new GlideRecord("sys_user_delegate");

  dg.addQuery('user', approver);

  dg.addQuery('delegate', gs.getUserID());

  dg.addQuery('approvals', 'true');

  dg.addQuery('ends', '>=', gs.now());

  dg.query();

  if(dg.next()) {

  return true;

  }

  return false;

}

[/code]

Thank you,

Teja.