Child group member can able to see parent group assigned task

dhivyal94299399 · an hour ago

Check:

I Have parent group named called " NNC" and the child group named "WRN-ADC".

I am part of child group.

When i open the catalog task assigned to me, i can able to see the task assigned to the parent group also.

How to restrict this. How this functionality work.

Ankur Bawiskar · 39m ago

@dhivyal94299399

this is Out of the box feature

when a user is in a child group, they can see tasks assigned to that child group and all of its parent groups. This is controlled by the assignment group hierarchy and the default read ACLs for sc_task

Approach

-> use script based ACL on sc_task with Table.None READ ACL

-> in the roles section give snc_internal

// Allow admin and users with specific override roles
if (gs.hasRole('admin')) {
    return true;
}

// Check if user is a member of the task's assignment group
if (current.assignment_group && gs.getUser().isMemberOf(current.assignment_group)) {
    return true;
}

// Deny access (prevents seeing parent group tasks via hierarchy)
return false;

💡 If my response helped, please mark it as correct ✅ and close the thread 🔒— this helps future readers find the solution faster! 🙏

Regards,
Ankur
✨ Certified Technical Architect || ✨ 10x ServiceNow MVP || ✨ ServiceNow Community Leader