How to restrict incidents visible based on user role in service now?

Upendar4
Tera Contributor

if the incident state field value is resolved then that records only visible for particular users based on the role.

can anyone please help me with this...

thanks,

upendar

1 ACCEPTED SOLUTION

Allen Andreas
Administrator
Administrator

Hi,

You can control this via ACL and Before Query business rule.

For the before query business rule you can use something like:

if (!gs.hasRole('admin')) {
current.addQuery('state', '!=', 3);
}

The above example would filter out any incident where the state is 3 if they're not an admin.

The same can be done for "read" ACL on this table, by adding appropriate role to the ACL and then adding condition 'state' 'is not' 'x', where x represents what state you're trying to filter out.

You must ensure that the same user doesn't pass any other "read" ACL on that table as well else they'll see more records.

Please mark reply as Helpful/Correct, if applicable. Thanks!


Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!

View solution in original post

5 REPLIES 5

Sai Kumar B
Mega Sage
Mega Sage

Hi @Upendar 

You can create an ACL on the incident table with specific roles and conditions. Just check the OOTB read ACLS and follow the same.

Sravan15
ServiceNow Employee
ServiceNow Employee

Hi

 

We can restrict the visibility using Access Controle List (ACL).
Operation of the ACL should be read

https://docs.servicenow.com/bundle/rome-platform-administration/page/administer/contextual-security/...

 

We can also write an Advanced read operation ACL where we evaluate a user against the privileged group.

return (  gs.getUser().isMemberOf('Group One') 
       || gs.getUserID() == "User A SysId" );

We can add more conditions to validate the user.

 

Thank You

Venkat Sravan

Allen Andreas
Administrator
Administrator

Hi,

You can control this via ACL and Before Query business rule.

For the before query business rule you can use something like:

if (!gs.hasRole('admin')) {
current.addQuery('state', '!=', 3);
}

The above example would filter out any incident where the state is 3 if they're not an admin.

The same can be done for "read" ACL on this table, by adding appropriate role to the ACL and then adding condition 'state' 'is not' 'x', where x represents what state you're trying to filter out.

You must ensure that the same user doesn't pass any other "read" ACL on that table as well else they'll see more records.

Please mark reply as Helpful/Correct, if applicable. Thanks!


Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!

John Zhang1
Kilo Patron
Kilo Patron

You can create the following Read ACL for your requirement:

find_real_file.png

 

 

If my reply is Helpful/Correct, please mark the answer as correct.