Read ACLs should not have GlideRecord/GlideAggregate in script

Go to solution
krishna111
Tera Contributor

ā€Ž03-07-2022 03:25 AM

Hello All,

Hope all are doing good !!

ACLs (Security rules) should not have GlideRecord/GlideAggregate in script

We have a custom ACL written as shown below using GlideRecord. How can i replace this code so that it does not use  GlideRecord query. or is it even possible in this case?.

var loggedInUser = gs.getUserID();
var supplier = current.getDisplayValue('u_affected_supplier');
var grm = new GlideRecord('sys_user_grmember');
grm.addQuery('user', loggedInUser);
grm.addQuery('group.parent','ba466ab6db802f40978724b3ca9619fa');
grm.query();
while (grm.next()){
var groupSource = grm.group.source;
if (groupSource == supplier || current.u_affected_supplier.nil()){
answer = true;
}
else{
answer = false;
}

}

 

 

Regards

Kumar.

0 Helpfuls
  • 1,455 Views
1 ACCEPTED SOLUTION

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron
In response to krishna111

ā€Ž03-07-2022 03:51 AM

update as this

answer = isChangeUser();

//give read access to this Vul Item if the user is associated with a Change associated with it
function isChangeUser() {
	var flag = false;
	var usr = gs.getUserID();
	var m2m = new GlideRecord('sn_vul_m2m_item_task');
	m2m.addQuery('vulnerable_item', current.sys_id);
	m2m.query();
	while (m2m.next()) {
		var chg = m2m.task.getRefRecord();
		if (chg.requested_by == usr || chg.u_change_manager == usr || chg.assigned_to == usr || gs.getUser().isMemberOf(chg.u_coordinator_group) || gs.getUser().isMemberOf(chg.assignment_group))
		{
			flag = true;
			break;
		}
	}
	return flag;
}

regards
Ankur

Regards,
Ankur
āœØ Certified Technical Architect  ||  āœØ 9x ServiceNow MVP  ||  āœØ ServiceNow Community Leader

View solution in original post

7 REPLIES 7

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron

ā€Ž03-07-2022 03:28 AM

Hi,

I don't think without GlideRecord it's possible

Regards
Ankur

Regards,
Ankur
āœØ Certified Technical Architect  ||  āœØ 9x ServiceNow MVP  ||  āœØ ServiceNow Community Leader

Go to solution
krishna111
Tera Contributor
In response to Ankur Bawiskar

ā€Ž03-07-2022 03:30 AM

Hello Ankur,

 

Thanks for your Response!!!

0 Helpfuls

Go to solution
krishna111
Tera Contributor
In response to Ankur Bawiskar

ā€Ž03-07-2022 03:35 AM

Hello Ankur,

Can the below code bereplaced or is it possible in any other way?

 

answer = isChangeUser();

//give read access to this Vul Item if the user is associated with a Change associated with it
function isChangeUser() {
var usr = gs.getUserID();
var m2m = new GlideRecord('sn_vul_m2m_item_task');
m2m.addQuery('vulnerable_item', current.sys_id);
m2m.query();
while (m2m.next()) {
var chg = m2m.task.getRefRecord();
if (chg.requested_by == usr || chg.u_change_manager == usr || chg.assigned_to == usr || gs.getUser().isMemberOf(chg.u_coordinator_group) || gs.getUser().isMemberOf(chg.assignment_group))
{
return true;
}
}
}

0 Helpfuls

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron
In response to krishna111

ā€Ž03-07-2022 03:51 AM

update as this

answer = isChangeUser();

//give read access to this Vul Item if the user is associated with a Change associated with it
function isChangeUser() {
	var flag = false;
	var usr = gs.getUserID();
	var m2m = new GlideRecord('sn_vul_m2m_item_task');
	m2m.addQuery('vulnerable_item', current.sys_id);
	m2m.query();
	while (m2m.next()) {
		var chg = m2m.task.getRefRecord();
		if (chg.requested_by == usr || chg.u_change_manager == usr || chg.assigned_to == usr || gs.getUser().isMemberOf(chg.u_coordinator_group) || gs.getUser().isMemberOf(chg.assignment_group))
		{
			flag = true;
			break;
		}
	}
	return flag;
}

regards
Ankur

Regards,
Ankur
āœØ Certified Technical Architect  ||  āœØ 9x ServiceNow MVP  ||  āœØ ServiceNow Community Leader