Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

Limit visibility to sctasks

Go to solution
AnthonyMull
Tera Contributor

‎02-10-2025 10:06 PM

Hi community 

I want to limit visibility to Sctasks and ritm records where the item = a specific item

I tried acls on there own but the oob acls are stopping it from working.  What is best approach here. Example would be appreciated 

Thanks in advance

0 Helpfuls
  • 1,596 Views
1 ACCEPTED SOLUTION

Go to solution
J Siva
Kilo Patron
Kilo Patron

‎02-15-2025 07:20 PM

Hi @AnthonyMull 
PFB the sample for "Deny unless" ACL.
Ex:
1. Catalog item: Limit visibility to sctasks 

2. Custom role: restrict_task_view

3. Two test users: Test 1 -> Without custom role; Test 2 -> With custom role

JSiva_0-1739675624287.png

4. Creating Deny Unless ACL of type read on "sc_req_item" table

JSiva_1-1739675747336.png

5. Output results:

-> User TEST 1:

JSiva_3-1739675911710.png

 

-> User TEST 2:

JSiva_2-1739675837760.png

 

I hope this helps.
Please mark this as a solution if it resolves your query.
Thanks,
Siva

 

View solution in original post

14 REPLIES 14

Go to solution
Dushyant Siroh
Tera Expert
In response to AnthonyMull

‎02-11-2025 10:09 PM

hi @AnthonyMull 

 

Please click on advanced tab , you have seen the script field is visible in advanced related list .

Screenshot 2025-02-12 at 11.36.14 AM.jpeg

0 Helpfuls

Go to solution
AnthonyMull
Tera Contributor
In response to Dushyant Siroh

‎02-11-2025 11:26 PM

Hi @Dushyant Siroh , this is where I entered the script, I had to change it because we cannot return we have to set "answer = true;"

 

However the script did not work.

What I did:

1. I entered in the role I created in the role field.

2. I entered in the script you provided.

Users without the role can still see records which I do not want them to.

0 Helpfuls

Go to solution
Dushyant Siroh
Tera Expert
In response to AnthonyMull

‎02-11-2025 11:31 PM - edited ‎02-11-2025 11:32 PM

hi @AnthonyMull 

 

Can you please share me a screenshot ? 

0 Helpfuls

Go to solution
AnthonyMull
Tera Contributor
In response to Dushyant Siroh

‎02-11-2025 11:35 PM

Yes please see below:

 

AnthonyMull_0-1739345745241.png

 

0 Helpfuls

Go to solution
Dushyant Siroh
Tera Expert
In response to AnthonyMull

‎02-11-2025 11:43 PM

Hello @AnthonyMull 

 

var ritm = new GlideRecord('sc_req_item');
if (ritm.get(current.request_item)) {  // Retrieve the RITM record based on the Sys ID
    // Retrieve the catalog item using the item reference field
    var catalogItem = ritm.item.getRefRecord();  // This retrieves the full catalog item record
    
    // Compare the Sys ID of the catalog item with the desired Sys ID
    var desiredSysId = 'desired_sys_id_here';  // Replace this with the actual Sys ID of the catalog item
    
    // Now check if the Sys ID of the catalog item matches the desired Sys ID
    if (catalogItem.sys_id == desiredSysId) {
        return false;  // Allow access if the Sys ID matches
    }
}
return true;  // Deny access if the Sys ID does not match

 

Please apply this code and take sys_id for particular item and then tell me its working or not  ?