Business rule to restrict certain incidents
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-03-2019 01:32 AM
Good Morning
I have been asked to restrict certain incident records from being viewed unless a user has a certain role. So for example if you have the role 'itil' then you can view all incidents apart specific breach incidents. However if you have the role 'made up role' then you can view all incidents including these specific breach incidents.
When searching community I keep getting directed to the Guru site which has the code post below...
The issue I have finding is that it restricts all records and not some. When I put a run condition on the business rule again its either all or nothing.
Am I missing something fundamental? It seems the best I can do is restrict everything rather than a few records. Is it that I need two before.query rules?
Could use some guys and gals... thanks
if (!gs.hasRole("itil") && gs.isInteractive()) {
var u = gs.getUserID();
var qc = current.addQuery("caller_id", u).addOrCondition("opened_by", u).addOrCondition("watch_list", "CONTAINS", u);
gs.print("query restricted to user: " + u);
}
- Labels:
-
Incident Management

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-03-2019 02:02 AM
Hi Darren,
Have you created any custom field to check if the incident is breached or not?
If yes then you can use below script in query business rule to restrict the users to see not breached.
if (gs.hasRole(<role name you want to restrict record>) ) {
var qc = current.addEncodedQuery(<condition>); //Put the breached is not true condition here
gs.print("query restricted to user: " + u);
}
If no, then you can't use the query business rule, because incident breach information is getting captured in task_sla table.
Thanks,
Vandna Ahirwar
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-03-2019 04:07 AM
Thanks for the reply. I haven't created a custom field but can use another field use another field with certain information in it. So I can get around that... failing that I can always create a field if needs be.
Do I need to create an additional before.business rule or amend the current one the incident table?
Also by using your script will this only restrict some records rather than all of them?

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-03-2019 04:25 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-18-2024 03:59 AM
Few years late but saw this while looking for something else, but the answer may help someone.
I had a similar requirement once but it was more a case of 'Only group x should be allowed to see their incidents, no other group is allowed'
So, in case this ever get expanded further than this group, I added a tickbox to the group table named 'Incident Private'.
I then created a read ACL on the incident table with the condition 'Assignment group.Incident Private is true' and added the below script: