Restrict RITM and SCTASK Based on Assignment groups

Shruthi8 · ‎07-18-2024

Hi

I have a requirement to create a catalog item and flow attached to it. Now the Related RITM and SCTASK should be visible only to the SCTASK assignment group members and one more group. Other users from different groups should not be able to view the RITM or SCTASK. I tried Query BR but didn't work as expected. A solution will be helpful.

Thanks in Advance

Shruthi.

Trupti94 · ‎07-18-2024

can you share code of Query BR?

Shruthi8 · ‎07-18-2024

The SCTASK and RITM should be visible only to task assignment group and one more group

(function executeRule(current, previous /*null when async*/) {

var group = current.assignment_group."sys_id";

if (gs.getUser().isMemberOf((group || 'SysId of another group') )){

current.addEncodedQuery('cat_item==Sysid of catalog item');

}

})(current, previous);

HIROSHI SATOH · ‎07-18-2024

If you want to achieve such requirements, I think you should first implement it with ACL.
If there is a need to implement it in BR, please publish the details of your implementation.

Arun_Manoj · ‎07-18-2024

Hi,

Set Up Access Control Rules (ACLs)

Restrict Access to RITM:

Navigate to System Security > Access Control (ACL).

Create a new ACL for the sc_req_item table.

Type: Record

Operation: Read

Name: sc_req_item

Condition

// Check if the current user is a member of the SCTASK assignment group
var taskGroup = current.assigned_to.getDisplayValue();
gs.hasRole('admin') || gs.getUser().isMemberOf(taskGroup);

script:

// Ensure only members of the assignment group can read the RITM
if (current.assignment_group.nil()) {
answer = false;
} else {
answer = gs.hasRole('admin') || gs.getUser().isMemberOf(current.assignment_group);
}

do the same for sc_task table.

Please mark it as helpful, if the solution is fine.

thanks

Arun