Script to exclude Caller from restricted view of Assignment group incidents

tpalamore
Tera Contributor

I am using the below Business Rule script to block view of incidents assigned to a specific groups from other users that are not in that group. This is causing an error message for the caller.

What line needs to be added to exclude the block from caller, to where the caller can see their submitted incident?

 

Condition: !gs.getUser().isMemberOf('ServiceNow - HR');

 

Script:

(function executeRule(current, previous /*null when async*/ ) {
var grp = current.addNullQuery('assignment_group').addOrCondition('assignment_group','!=','5655ec7b47716a10661782b5536d43c7');
})(current, previous);
5 REPLIES 5

SupriyaWaghmode
Kilo Sage

@tpalamore 

Can you remove some from group name keep as "Servicenow-HR" then validate?

Have you written before query business rule? Please check

 

If these points are helpful and resolved your issue, then marked as accepted/helpful.

 

--

Thanks & Regards ,
Supriya Waghmode |ServiceNow Consultant

 

 

Can you remove some from group name keep as "Servicenow-HR" then validate?

Please clarify

And yes, I have in the When to Run section:

tpalamore_0-1751556307100.png

 

 

Dubz
Mega Sage

If you're on Yokohama or beyond, you can take advantage of security data filters to fulfil requirements like this. Take a little look at the article below, it's very good and explains all the different security options really clearly:

 

https://sn-nerd.com/2025/06/09/is-records-hidden-by-security-constraints-still-a-thing-after-the-lat...

MarkBennettCC
Tera Contributor

Could you add "&& current.caller_id != gs.getUserID()" to your condition so it will not run if the caller is the current user