- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-21-2022 11:13 AM
We have a need for a non-IT user to have access to RITMs, Incidents and Change tickets (read & create) for only a particular group. I did use a script that was posted to create a business rule on incident and that works for incident. We do not want them in to modify the CMDB. How do we prevent access to the CMDB?
The business rule reads...
(function executeRule(current, previous /*null when async*/ ) {
// Add your code here
if (gs.getSession().isInteractive()) {
//Restrict to caller, watchlist, or members of assigned group...
var u = gs.getUserID(); //Get the sys_id value of the current user
var g = getMyGroups(); //Get the list of the current user groups
var q = current.addQuery('caller_id', u).addOrCondition('assignment_group', g).addOrCondition('watch_list', u); //Modify the current query on the incident table
}
})(current, previous);
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-04-2023 07:09 AM
We had to create business rules for Incident and RITMs.... The first reply was closest to what we need.
(function executeRule(current, previous /*null when async*/ ) {
// Add your code here
if (gs.getSession().isInteractive()) {
//Restrict to caller, watchlist, or members of assigned group...
var u = gs.getUserID(); //Get the sys_id value of the current user
var g = getMyGroups(); //Get the list of the current user groups
var q = current.addQuery('caller_id', u).addOrCondition('assignment_group', g).addOrCondition('watch_list', u); //Modify the current query on the incident table
}
})(current, previous);
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-04-2023 07:09 AM
We had to create business rules for Incident and RITMs.... The first reply was closest to what we need.
(function executeRule(current, previous /*null when async*/ ) {
// Add your code here
if (gs.getSession().isInteractive()) {
//Restrict to caller, watchlist, or members of assigned group...
var u = gs.getUserID(); //Get the sys_id value of the current user
var g = getMyGroups(); //Get the list of the current user groups
var q = current.addQuery('caller_id', u).addOrCondition('assignment_group', g).addOrCondition('watch_list', u); //Modify the current query on the incident table
}
})(current, previous);

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-21-2022 11:46 AM
Hi @jabest13 ,
I believe what you are trying to achieve here is to filter the CMDB records for a certain set of users, who are in anyway associated with the record.
Again, showing records which are supposed to be seen by you and restricting access to be able modify the CMDB, are two different things.
In this Before Query BR, you will be filtering CMDB and not restricting modification access, for that you will need to have ACLs in place.
Let me know, what exactly you are trying to achieve.
Aman Kumar
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-28-2022 06:28 AM
Unfortunately, this business rule affected all ITIL users. Working on modifying the script for only the limited_ITIL role. Other ideas are welcome.