canread(userid of a particular user

Boddedi Mounik1 · ‎07-07-2020

Hi Everyony,

I am writing a fixscript to check a particular user has canread access to HRProfile table.

var user = new GlideRecord('sys_user');
user.addQuery('user_name','TestACL1');
user.query();
var sysid = '';
if(user.next())
{
sysid = user.sys_id;
}
gs.info("sysid"+sysid);

var gr = new GlideRecord('sn_hr_core_profile');
gr.query();
if(gr.next())
{
gs.info("canRead1:"+gr.canRead(sysid));//returns true
}

TestACL1 doesnot have any role,but canread() is returning true.

Ankur Bawiskar · ‎07-07-2020

Hi,

can you explain what you are trying to achieve?

What is the business use-case/requirement here?

Basically the script should run in that user' session so try this

var user = new GlideRecord('sys_user');
user.addQuery('user_name','TestACL1');
user.query();
var sysid = '';
if(user.next())
{
sysid = user.sys_id;
}

var myUser = gs.getSession().impersonate(sysid); // impersonate that user you want

var gr = new GlideRecord('sn_hr_core_profile');
gr.setLimit(1); // just to check for 1 record
gr.query();
if(gr.next())
{
gs.info("canRead1:"+gr.canRead()); // canRead() function doesn't take any input
}

gs.getSession().impersonate(myUser); // impersonate back to the original user

More details below:

https://hi.service-now.com/kb_view.do?sysparm_article=KB0677278

Regards
Ankur

Regards,
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader

Ankur Bawiskar · ‎03-11-2021

@Mounika

Hope you are doing good.

Did my reply answer your question?

If so, please mark appropriate response as correct & helpful so that the question will appear as resolved for others who may have a similar question in the future.

Thanks!
Ankur

Regards,
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader