I want to restrict the users such that they can access incidents which are assigned to their group members.

Murthy JN1 · ‎03-31-2022

I tried using Read ACL with 'Assignment Group' - is (Dynamic) - One of my groups, but I am able to view all the records of the incident table.

Raghu Ram Y · ‎03-31-2022

HI,

Remove condition and click on advance and under script write the below code.

answer=false;
if(gs.getUser().isMemberOf(current.assignment_group) && current.assignment_group!='')
{
answer=true;
}

Community Alums · ‎03-31-2022

Hi @Murthy JN ,

You can apply before query business rule for it.

You can also achieve it with ACL where you can check the logged in user group and the record's assignment group.

Or, simply Write a read ACL on Incident table and put the condition in the advance script

if(gs.getUser().isMemberOf(current.assignment_group))

answer=true;

Mark my answer correct & Helpful, if Applicable.

Thanks,

Sandeep

Wayne Richmond · ‎03-31-2022

This should work so I assume there is a conflicting rule. Try turning on debugging ACLs and see if there are ACLs allowing read at the record level

Raghu Ram Y · ‎03-31-2022

HI,

Remove condition and click on advance and under script write the below code.

answer=false;
if(gs.getUser().isMemberOf(current.assignment_group) && current.assignment_group!='')
{
answer=true;
}

Raghu Ram Y · ‎04-01-2022

@Murthy JN have you checked my suggestion? I hope it helps, if so please mark my response as correct and helpful.