How to restrict incidents visible based on user role in service now?

Go to solution
Upendar4
Tera Contributor

‎08-26-2021 10:29 AM

if the incident state field value is resolved then that records only visible for particular users based on the role.

can anyone please help me with this...

thanks,

upendar

0 Helpfuls
  • 3,012 Views
1 ACCEPTED SOLUTION

Go to solution
Allen Andreas
Administrator
Administrator

‎08-26-2021 10:46 AM

Hi,

You can control this via ACL and Before Query business rule.

For the before query business rule you can use something like:

if (!gs.hasRole('admin')) {
current.addQuery('state', '!=', 3);
}

The above example would filter out any incident where the state is 3 if they're not an admin.

The same can be done for "read" ACL on this table, by adding appropriate role to the ACL and then adding condition 'state' 'is not' 'x', where x represents what state you're trying to filter out.

You must ensure that the same user doesn't pass any other "read" ACL on that table as well else they'll see more records.

Please mark reply as Helpful/Correct, if applicable. Thanks!


Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!

View solution in original post

5 REPLIES 5

Go to solution
Sai Kumar B
Mega Sage
Mega Sage

‎08-26-2021 10:44 AM

Hi @Upendar 

You can create an ACL on the incident table with specific roles and conditions. Just check the OOTB read ACLS and follow the same.

0 Helpfuls

Go to solution
Sravan15
ServiceNow Employee
ServiceNow Employee

‎08-26-2021 10:46 AM

Hi

 

We can restrict the visibility using Access Controle List (ACL).
Operation of the ACL should be read

https://docs.servicenow.com/bundle/rome-platform-administration/page/administer/contextual-security/...

 

We can also write an Advanced read operation ACL where we evaluate a user against the privileged group.

return (  gs.getUser().isMemberOf('Group One') 
       || gs.getUserID() == "User A SysId" );

We can add more conditions to validate the user.

 

Thank You

Venkat Sravan

0 Helpfuls

Go to solution
Allen Andreas
Administrator
Administrator

‎08-26-2021 10:46 AM

Hi,

You can control this via ACL and Before Query business rule.

For the before query business rule you can use something like:

if (!gs.hasRole('admin')) {
current.addQuery('state', '!=', 3);
}

The above example would filter out any incident where the state is 3 if they're not an admin.

The same can be done for "read" ACL on this table, by adding appropriate role to the ACL and then adding condition 'state' 'is not' 'x', where x represents what state you're trying to filter out.

You must ensure that the same user doesn't pass any other "read" ACL on that table as well else they'll see more records.

Please mark reply as Helpful/Correct, if applicable. Thanks!


Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!

Go to solution
John Zhang1
Kilo Patron
Kilo Patron

‎08-26-2021 11:08 AM

You can create the following Read ACL for your requirement:

find_real_file.png

 

 

If my reply is Helpful/Correct, please mark the answer as correct.

Preview file
118 KB
0 Helpfuls