ACL Help Needed - Make sys_user_group Name field visible to end users in a catalog variable

Go to solution
t_a_rogers
Kilo Expert

‎07-22-2016 01:32 PM

Hi Everybody!


In a catalog item I have a Lookup Select Box that pulls a filtered set of groups from our sys_user_group table. This will ultimately determine routing of a specific request, which all works fine simply using "task.setDisplayValue('assignment_group', current.variables.ourvariablename);" in the task we want pointed.

Unfortunately, during testing I found out our end users cannot see the items in this select box, most likely due to no ACL existing which by default allows end users to read data from the Group table.

What is the most basic way I can make an ACL which grants access to the Name field on sys_user_group? I've tried the following and thus far haven't seen any success:

Access Control:

Type: Record

Operation: Read

Admin Overrides: True

Name: Group [sys_user_group]

Field: Name

Advanced: True

Script:

if (gs.getUser().hasRoles())

  answer = true;

else

  answer = false;

Is there an easier way to simply allow this field for anybody to see?

0 Helpfuls
  • 3,398 Views
1 ACCEPTED SOLUTION

Go to solution
Chuck Tomasi
Tera Patron
In response to Chuck Tomasi

‎07-22-2016 01:37 PM

Example:


find_real_file.png



And to test with Joe Employee... can read the list. If I drill in to the record, I get just read-only fields.



find_real_file.png


View solution in original post

Preview file
130 KB
Preview file
140 KB
14 REPLIES 14

Go to solution
Chuck Tomasi
Tera Patron
In response to t_a_rogers

‎07-22-2016 02:55 PM

You have



Group.* as the name. Change it to Group.none



(i.e. change the second drop down in the name field from * to none.) You are saying "You can have read access to all the fields, but not the record.) That doesn't do much good.


Go to solution
t_a_rogers
Kilo Expert
In response to Chuck Tomasi

‎07-22-2016 02:59 PM

Awwwwwww shucks. My bad. It works now!



Thanks SO MUCH for your dedication (and patience) to helping me learn and get this working! Now I have to decide which post in our thread to mark as the quick solution for others.. lol


0 Helpfuls

Go to solution
Chuck Tomasi
Tera Patron
In response to t_a_rogers

‎07-22-2016 03:01 PM

Glad you got it working Travis. Have a good weekend.


0 Helpfuls

Go to solution
akber
Giga Contributor
In response to Chuck Tomasi

‎11-22-2017 05:41 AM

Perfect! It works.


0 Helpfuls

Go to solution
Pradeep Sharma
ServiceNow Employee
ServiceNow Employee

‎07-22-2016 01:39 PM

Hi Travis,



The below thread should answer your question.


ESS Users: Allow users to see group and group member information


http://wiki.servicenow.com/index.php?title=Using_Access_Control_Rules


0 Helpfuls