Find your people. Pick a challenge. Ship something real. The CreatorCon Hackathon is coming to the Community Pavilion for one epic night. Every skill level, every role welcome. Join us on May 5th and learn more here.

restrict requestor to delete the attachment

Priyansh_98
Tera Guru

‎06-12-2023 02:46 AM

I want to restrict a user from deleting an attachment from only one specific catalog item and also from the incident table. how can i solve this requirement?

can someone help me on this?

0 Helpfuls
  • 1,406 Views
9 REPLIES 9

Priyansh_98
Tera Guru
In response to Ankur Bawiskar

‎06-12-2023 11:41 PM

hi @Ankur Bawiskar ,

i received an updated requirement from the client, now they want this attachment security form portal side. in esc portal, we have configured 2 lists for RITM and the case table, when I open any of the records there we have an attachment tab 

 

prs1_0-1686638348124.png

so now i want to hide this attachment tab from the requestor for specific catalog items only. and I am new to the portal, can you guide me how can i solve this. if you can guide me step by step that would be very helpful.

0 Helpfuls

Ankur Bawiskar
Tera Patron
In response to Priyansh_98

‎06-12-2023 11:50 PM

@Priyansh_98 

for that you need to clone the existing widget, update the logic and then add that widget again on that page

Regards,
Ankur
✨ Certified Technical Architect  ||  ✨ 10x ServiceNow MVP  ||  ✨ ServiceNow Community Leader
0 Helpfuls

Priyansh_98
Tera Guru
In response to Ankur Bawiskar

‎06-13-2023 12:55 AM

should i update the client script or the server script?

0 Helpfuls

Ankur Bawiskar
Tera Patron
In response to Priyansh_98

‎06-13-2023 04:08 AM

@Priyansh_98 

I believe I have already answered your original question.

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
✨ Certified Technical Architect  ||  ✨ 10x ServiceNow MVP  ||  ✨ ServiceNow Community Leader
0 Helpfuls

Riya Verma
Kilo Sage

‎06-12-2023 03:46 AM

Hi @Priyansh_98 ,

 

Hope you are doing great.

 

1. create a BR to define custom server-side logic to check for conditions required for deletion of attachments.

(function executeRule(current, previous /*, gs */ ) {
  var restrictedCatalogItemSysId = 'SPECIFIC_CATALOG_ITEM_SYS_ID';
  var restrictedIncidentTableSysId = 'INCIDENT_TABLE_SYS_ID';

  if (current.table_name == 'sc_cat_item' && current.table_sys_id == restrictedCatalogItemSysId) {
    // Restrict attachment deletion for the specific catalog item
    current.canDelete = false;
  } else if (current.table_name == 'incident' && current.table_sys_id == restrictedIncidentTableSysId) {
    // Restrict attachment deletion for the incident table
    current.canDelete = false;
  }
})(current, previous /*, gs */ );

 

2. Define the ACL :

  • Operation: delete
  • Table: sc_cat_item
  • Script: current.canDelete !== false

  • OR: Add the following conditions:

    • Table: incident
    • Script: current.canDelete !== false
  • Save and activate the ACL.

 

 

 

 

Please mark the appropriate response as correct answer and helpful, This may help other community users to follow correct solution.
Regards,
Riya Verma