ACL for HR Case
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-30-2015 11:12 AM
We are currently implementing HR Service Management and have a requirement where an assignment group can restrict case access to their assignment group only.
I have achieved this by adding a new field on the form 'Restrict Case Access' and a new read ACL rule:
Everything appears to work as expected, however, my question is, should I be using 'hr_Factory.getSecurityManager(current, gs).canRead()' as many of the other HR ACL rules appear to be using - after reading the wiki I am confused on how to work with these custom wrappers.
Am i creating issue for myself by not using the wrappers?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-13-2015 01:33 AM
I would suggest just included the factory condition will all condition you will write in Script block using AND operator. and make sure the groups have required HR table read role.
Regards
Harsh Bahl
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-13-2015 08:34 AM
Hi Harsh,
Could you provide an example of how this would look.
Thanks.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-13-2015 10:22 AM
Hi Walton ,
For Example:
In hr_case read ACL
The script condition is as follows:
answer = checkUserGroup();
function checkUserGroup() {
var group = returnCurrentUserGroup();
if ( hr_Factory.getSecurityManager(current, gs).canRead() && (group.indexOf("HR Recruiter")>=0 ) && (current.category == 'offboarding') ){
return true;
}
else if ( hr_Factory.getSecurityManager(current, gs).canRead()) {
return true;
}
else {
return false;
}
}
Here "&& (group.indexOf("HR Recruiter")>=0 ) && (current.category == 'offboarding')" is condition that I wanted to keep. Along with this I added factory condition. This will make sure that access as per factory conditions are also give and that actually make sense. For Example factory condition gives access to case record to a person who opened it.
Does this makes sense to you?
Regards
Harsh Bahl