- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-17-2023 11:15 AM
Hello community,
We don't want non-itil and non-admin users to access Native UI platform using web link.
According to the KB : Restrict ESS or non-role users from navigating to native UI by manipulating the URL - Support and Tr...we have implemented this UI Script :
addLoadEvent(function()
{
if(!g_user.hasRoleExactly('itil') || !g_user.hasRoleExactly('admin') && document.URL.indexOf('.do')!= -1)
{
window.location='/sp';
}
else
{return}
});
Unfortunately, it was redirecting all users (including users with Admin and Itil roles) to the Portal because the link to access our instance contains : ".do"
e.g : https://xxxxdev.service-now.com/login.do
Has someone have any relevant experience to achieve this without using UI Scripts? or how can we improve our UI Script ?
Your contribution would be appreciated
Thanks
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-17-2023 07:01 PM
Have you tried excluding the login URL and any other url's that may be part of the login\pw reset prcoess?
A simple fix might be to set data in the user session via the spEntry script and use this session data to identify your 'portal' users (and/or portal), this way you would be referencing data that did not exist until the user had logged in.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-17-2023 03:08 PM
Hi, I would suspect your issue is the logic of your conditional check as || && results will be short circuited.
Javascript Short Circuiting Operators - GeeksforGeeks
Meaning anyone with ITIL OR Admin role (not both) will result in same outcome, as anyone without both roles
You can test\prove the logic in a background script.
var itil = false;
var admin = false;
var urlName = 'test.do';
var url = urlName.indexOf('.do') != -1;
gs.info('url ' + url);
if(!itil || !admin && url) {
gs.info('expression result = true');
} else {
gs.info('expression result = false');
}
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-17-2023 04:12 PM
Hi Tony,
Thanks for your quick answer.
If the issue is operator, then this should work:
addLoadEvent(function() {
if (!(g_user.hasRoleExactly('itil') || g_user.hasRoleExactly('admin')) && document.URL.indexOf('.do') !== -1) {
window.location = '/sp';
} else {
return;
}
});
I've added parentheses to separate || and &&
But the UI script still not functioning
Regards
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-17-2023 04:52 PM
Hi, testing in background window with your updated condition, the results seem to be correct\consistent
For any combination of itil and\or admin roles == true the outcome is false for url.do
and is true where itil and admin == false.
Are you able to debug the conditions using alert()
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-17-2023 06:24 PM
Are you able to debug the conditions using alert()
Yess
