Can I hide the Ci Relationship Edit button for certain roles?

Go to solution
MikeB2
Kilo Contributor

‎08-06-2018 06:03 AM

We want to stop ordinary users from managing CI relatiosnhips.  Can we hide the + button? Depending on role?

 

find_real_file.png

 

Preview file
6 KB
0 Helpfuls
  • 2,345 Views
1 ACCEPTED SOLUTION

Go to solution
Mark Stanger
Giga Sage

‎08-06-2018 05:29 PM

Looks like that button is tied to the row-level 'Write' security ACL for the actual CI record.  In order to remove that button, you need to set up (or edit) a 'write' ACL with the correct roles.  In my out-of-box instance, I just had to remove the 'itil' role frorm the 'write' ACL on the 'cmdb_ci' table.

While that removes the relationship button, it's less-than-optimal that it also disallows writing to the entire CI record.  You could also do the following...

1)  Adjust the 'Create' ACL on the 'cmdb_rel_ci' (CI Relationship) table so that it requires specific roles.  If they can't create records on this table, it won't matter if they can see the plus icon...other than it's a bad user experience because they see the icon and believe they can.

2)  If you still want to remove that button and retain access for restricted users to actually edit the CI record, you could set up an 'onLoad' client script on the 'cmdb_ci' table with the 'Inherited' checkbox checked (so that it applies to the entire CMDB).  That client script would need to include code like this...

// Hide the 'Add' icon on the relationship editor unless the user has the 'asset' role
if (!g_user.hasRole('asset')) {
    $('add_relationship').hide();
}

View solution in original post

11 REPLIES 11

Go to solution
Mo27
Kilo Expert
In response to Mark Stanger

‎09-10-2019 12:43 AM

Hi Mark,

 

I am also having the same issue. Have you got any insight on what could be causing this? Is there specific anything additional required to for this to work?

Thanks

0 Helpfuls

Go to solution
Mo27
Kilo Expert
In response to Mark Stanger

‎09-10-2019 12:43 AM

Hi Mark,

 

I am also having the same issue. Have you got any insight on what could be causing this? Is there specific anything additional required to for this to work?

Thanks

0 Helpfuls

Go to solution
MikeB2
Kilo Contributor

‎08-08-2018 06:16 AM

For future reference, how could I have worked out that the edit button was called $('add_relationship') and that it had a hide() method?

0 Helpfuls

Go to solution
Mark Stanger
Giga Sage
In response to MikeB2

‎08-08-2018 06:24 AM

I used a DOM inspector in my browser to identify the ID of that button in the HTML ('add_relationship').  I then used PrototypeJS (which is included with ServiceNow) to grab that element ($('add_relationship)) and then hide it with '.hide()'.  You can do a Google search to find out how to do DOM inspection in your web browser and research the PrototypeJS library.  DOM hacks using client scripts like this can be more prone to breaking, but usually if you're targeting an element on the page with a distinct ID it's very safe.

0 Helpfuls

Go to solution
poyntzj
Kilo Sage
In response to MikeB2

‎10-30-2018 07:22 AM

Open the debugger tools in the browser

Use the element picker and then go to the button

You will then see the code and there should be an id field.  add_relationship is the name of the id

0 Helpfuls