Business Rule Effected Admin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2 hours ago
We are attempting to integrate incidents using the API.
We created an API user and assigned the custom role "itsm_write_create_api_fjdx".
We created the following business rule because we do not want the API user to read the sys_user table, but we encountered an issue where the admin user also cannot reference the sys_user table.
Why is this happening?
【Business Rule】
Table : sys_user
●When to run
When : before
Order : 100
Query : true
●Advanced
Condition : gs.hasRole('itsm_write_create_api_fjdx')
Script :
(function executeRule(current, previous /*null when async*/) {
current.addEncodedQuery('sys_id=NULL');
})(current, previous);
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2 hours ago
Hi @KantaSasaki ,
your admin is blocked because the Before Query business rule runs globally and the condition is catching admin too. The fix is to either refine the condition (exclude admin) or move the restriction into an ACL, which is the recommended approach.
If it is helpful, please hit the thumbs button please mark the answer as correct based on the impact!!
Kind Regards,
Shaik Mohammed Mustaq
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
an hour ago
Thankyou for answer.
Is this behavior—where it affects admins despite specifying a role—exclusive to pre-query business rules?
