How to restrict RITM records to be visible only to specific assigned group and its members via ACL

Mayur21 · ‎05-07-2020

I have requirement where i need to restrict ritm records to be hidden for other group memebers and only visbile to the specific assigned group and its members.

I have written table.none ACL with below code and condition

Its not working as expected and users are still able to view other groups ritm request.

Please help me on this.

sashichand · ‎05-09-2020

Hi,

You can try the following way:

1> Create a custom role and assign it to this assignment group.

2> Now search for all the Request Read ACLs. You may have several and for the basic read ACLs for Requests that allow all ITIL(any other specif role) etc. to read the Requests. Here you should add a condition that assignment IS NOT 'xyz'.

3> Now in the new Read ACL...you should put assignment IS 'xyz' and then add the role to the role section of the ACL.

4> This way all the other Requests will be still read by ITIL(any other specific role), Expect the one assigned to this 'xyz' team.

5> now the team 'xyz' has their own ACL with role that allows the to read it.

Please mark reply as Helpful/Correct, if applicable. Thanks!

View solution in original post

Swapnil Shirsik · ‎05-09-2020

I would check if there is existing ACL which is allowing to read these records.

answer=!gs.getUser().isMemnerOf('sys_id') && gs.getUser().hasRole('role');

Ashutosh Munot1 · ‎05-09-2020

Hi,

There are other acls like opened by, created by is the logged in user, etc.

This ACL which you created is on REQ table, you want to hide REQ or RITM?

Thanks,
Ashutosh

Jaspal Singh · ‎05-09-2020

By this you will get 'Security constraint...' message. Prefer Query business rule over this.

For above you can remove the quotes ('') from true/false. In additon, try passing the Group Name in isMemberOf('group_name') instead of sys_id

sashichand · ‎05-09-2020

Hi,