Restrict Users from Moving cards to other Lanes in VTB

Icarus
Kilo Contributor

‎02-08-2022 10:09 PM

Hello,

I am trying to make an ACL to prevent users in a certain group moving cards in the VTB to different swim lanes. I've tried making one on the Private Task Board and the VTB card board, but neither prevents the user from moving the card. My code logs correctly but I think I have the ACL on a wrong table. I've been using this post: https://community.servicenow.com/community?id=community_blog&sys_id=ef2de6e5dbd0dbc01dcaf3231f96197e&view_source=searchResult to try and figure this out.

Here is my acl:

Type: record

Operation: write
Admin Overrides: True
Name: Private Task [vtb_task].*

Script:

function checkGroup(user,group){
	// takes user sys_id and group sys_id
	//returns boolean
    var gr = new GlideRecord('sys_user_grmember');
    gr.addQuery('user', user);
    gr.addQuery('group', group);
    gr.query();
    
    if(gr.next()){
      gs.info("User is Member of Group!");
      return true;
    }
    else{
      gs.info("User is Not a Member of Group!");
      return false;
    }
}
var user = gs.getUserID();
var admins = 'sys_idOfGroup';
answer = checkIfUserInGroup(user, admins);

What table do I need to have the ACLs on to make sure a user who is not part of the group cannot move the cards to a different task? And what would those ACLs look like?

Labels:
0 Helpfuls
  • 551 Views
1 REPLY 1

Community Alums
Not applicable

‎02-08-2022 10:24 PM

Hi @Icarus ,

Try a before Business Rule on the vtb_card table. In the Conditions check for Updated Changes. In the advanced script use something like below. We added a custom_field u_amender which is true if the member can amend and false if they are a read-only member.

 

(function executeRule(current, previous /*null when async*/) {

var vtb_mem = new GlideRecord('vtb_board_member');

vtb_mem.addQuery('board',current.board);

vtb_mem.addQuery('user.name',user.getFullName());

vtb_mem.addQuery('u_amender',true);

vtb_mem.query();

if(!vtb_mem.next())

{

gs.addErrorMessage("You do not have permission to update this VTB");

current.setAbortAction(true);

}

//else

{

//gs.addInfoMessage('Success??');

}

 

Mark my answer correct & Helpful, if Applicable.

Thanks,

Sandeep

0 Helpfuls