Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

ACL script for matching user ID with field on record

Go to solution
patricklatella
Mega Sage

‎11-28-2017 10:03 AM

hey gang,

I'm debugging some ACLs, one in particular has a condition I'm trying to set in script so that the logged in user can read fields on a record only if they are the current entry in one of the fields.

which is of these would be correct?   does my script have to have a line for "answer = true"?

var u = gs.getUserID(); //sets u to ID of current user

answer = current.u_customer_contact == u || current.opened_by == u || current.isNewRecord() || !current.getUniqueValue();

OR...

var u = gs.getUserID(); //sets u to ID of current user

if (current.u_customer_contact == u || current.opened_by == u || current.isNewRecord() || !current.getUniqueValue()) {

answer = true;

}

find_real_file.png

Preview file
93 KB
0 Helpfuls
  • 12,285 Views
1 ACCEPTED SOLUTION

Go to solution
Justin Abbott
Giga Guru

‎11-28-2017 10:28 AM

You don't need to explicitly state answer = true.



As long as answer evaluates to either true or false.



Stylistically, I'd throw some parenthesis in there, but that's just my preference.



var u = gs.getUserID(); //sets u to ID of current user


answer = (current.u_customer_contact == u) || (current.opened_by == u) || (current.isNewRecord()) || (!current.getUniqueValue());


View solution in original post

6 REPLIES 6

Go to solution
Justin Abbott
Giga Guru

‎11-28-2017 10:28 AM

You don't need to explicitly state answer = true.



As long as answer evaluates to either true or false.



Stylistically, I'd throw some parenthesis in there, but that's just my preference.



var u = gs.getUserID(); //sets u to ID of current user


answer = (current.u_customer_contact == u) || (current.opened_by == u) || (current.isNewRecord()) || (!current.getUniqueValue());


Go to solution
patricklatella
Mega Sage

‎11-28-2017 01:06 PM

thanks Justin.



quick question regarding the ACL setup...if "--None--" is selected for the field, does that mean that the ACL applies to the whole table?   What does selecting "*" do?



find_real_file.png


Preview file
45 KB
0 Helpfuls

Go to solution
Justin Abbott
Giga Guru
In response to patricklatella

‎11-28-2017 01:08 PM

Selecting "--None--" applies the rule to the table. Selecting "*" applies the rule to all fields on the table.



The information, especially the diagrams, on this Wiki site always help remind me how ACLs are evaluated: http://wiki.servicenow.com/index.php?title=Using_Access_Control_Rules#gsc.tab=0


0 Helpfuls

Go to solution
patricklatella
Mega Sage

‎11-28-2017 01:25 PM

so then would I need 2 ACLs?   one to grant access to "read" the table, and then a 2nd to grant access to "read" all the fields on the table?


0 Helpfuls