How to implement granular delegation to ITSM (e.g. Request Management) ACL Rules

Sven Lieback
Tera Contributor

‎07-18-2022 11:36 PM

Greetings,

did anyone implemented the granular delegation (part of HRSD / additional plugin) for ITSM? It's really simple to define the delegation tables and delegation rules but I'm struggling with the ACL Rules. So e.g. for Request Management. If I order something and the department head has to approve. If a granular delegation is active and the approval is delegated to another department head, he (the delegate) is not able to open the ritm. I tried to implement/copy the "isAssignedOrDelegated" function of hr_delegation script include but I failed. Any ideas?

Many thanks, Sven

0 Helpfuls
  • 1,874 Views
5 REPLIES 5

Sven Lieback
Tera Contributor
In response to Christian Prob2

‎06-09-2023 03:39 AM

Hi @Christian Prob2 ,

 

I wrote an own delegationUtil script include with necessary functions. One of them I used for ACLs. 

 

My read Access control rule for ritm: 

if (new itsm_DelegationUtil().hasDelegatedApproval(current))
	answer = true;

Initialization of delegation Util:

var itsm_DelegationUtil = Class.create();
itsm_DelegationUtil.prototype = {
    initialize: function() {
		// BEGIN COPY FROM HR DELEGATION
		this.DELEGATION_PLUGIN_ACTIVE = GlidePluginManager().isActive('com.glide.granular_service_delegation');
		var maxRecordsReturned = gs.getProperty('sn_hr_core.delegation.max_records_returned_limit.override', '');
		maxRecordsReturned = maxRecordsReturned && !isNaN(Number(maxRecordsReturned)) ? Number(maxRecordsReturned) : '';
		this.MAX_DELEGATE_RECORD_RETURN = maxRecordsReturned;
		// END COPY FROM HR DELEGATION
    },
/* MY FUNCTIONS
...
*/
    type: 'itsm_DelegationUtil'
};

The hasDelegatedApproval function:

//checks if the record has an active delegated approval to the current user
	hasDelegatedApproval: function(record, userId) {
		if (!record || !record.isValid())
			return false;

		if (!userId)
			userId = gs.getUserID();
		
		
		var targetTable = record.getTableName();
		var documentId = record.sys_id;
				
		// GET ALL APPROVALS FOR USER
		var approvalGr = new sn_delegation.DelegationUtil().getDelegatedApprovalsForUser(userId, true);
		var hasApproval = false;
		while (approvalGr.next()){
			// CHECK FOR DELEGATION (maybe optional)
			if (approvalGr.document_id==documentId && approvalGr.source_table==targetTable){
				hasApproval = true;
			}
			if (hasApproval) {
				return new sn_delegation.DelegationUtil().isRecordDelegatedToUser(userId, approvalGr);
			}
		}
		return false;
	},

 

Hope that helps 😉

Sven