Restrict RITM and SCTASK Based on Assignment groups

Shruthi8
Tera Contributor

Hi

I have a requirement to create a catalog item and flow attached to it. Now the Related RITM and SCTASK should be visible only to the SCTASK assignment group members and one more group. Other users from different groups should not be able to view the RITM or SCTASK. I tried Query BR but didn't work as expected. A solution will be helpful.

 

Thanks in Advance

Shruthi.

4 REPLIES 4

Trupti94
Tera Guru

can you share code of Query BR?

The SCTASK and RITM should be visible only to task assignment group and one more group
 
(function executeRule(current, previous /*null when async*/) {
 var group = current.assignment_group."sys_id";
if (gs.getUser().isMemberOf((group || 'SysId of another group') )){
current.addEncodedQuery('cat_item==Sysid of catalog item');
}
})(current, previous);

HIROSHI SATOH
Mega Sage

If you want to achieve such requirements, I think you should first implement it with ACL.
If there is a need to implement it in BR, please publish the details of your implementation.

Arun_Manoj
Mega Sage

Hi,

 

Set Up Access Control Rules (ACLs)

  1. Restrict Access to RITM:

Navigate to System Security > Access Control (ACL).

Create a new ACL for the sc_req_item table.

Type: Record

Operation: Read

Name: sc_req_item

Condition

// Check if the current user is a member of the SCTASK assignment group
var taskGroup = current.assigned_to.getDisplayValue();
gs.hasRole('admin') || gs.getUser().isMemberOf(taskGroup);

script:

// Ensure only members of the assignment group can read the RITM
if (current.assignment_group.nil()) {
answer = false;
} else {
answer = gs.hasRole('admin') || gs.getUser().isMemberOf(current.assignment_group);
}

 

do the same  for sc_task table.

 

Please mark it as helpful, if the solution is fine.

 

thanks

Arun