Letting the requestor add a comment to a change request?

Jacob Saaby Ni1 · ‎03-05-2018

Hi everyone.

So, I have a bit of a conundrum (at least to me).

I want to let normal users add comments to the change requests they've created.

The front end for this, is the Service Portal (but it also doesn't work in the platform gui), where the Ticket Conversations work just fine when I'm the ITIL user, but not as the normal user.

So to that end, I've created some ACL's.

For both change_request.comments and task.comments, there are now read, write and create ACL's, with a role requirement (which the test user has assigned).

Nothing. The Additional comments field simply doesn't appear in the GUI, if I go to the test change request I created with the test user. And, I don't get to comment through the Ticket Conversations widget on the service portal page, of course.

Just to test, I created the same ACL's for the sys_journal_field, as I could see the comment was stored there. Still nothing.

Do any of you have a better suggestion, so I might bring this to work?

Jacob Saaby Ni1 · ‎03-06-2018

Hi again.

So, found the solution myself, by using the Debug Security Rules. Can't recommend that enough 😄 Basically it was because my custom role didn't have permissions on the TABLE rule change_request.* (read). Only ITIL had that permission. So I added my role to that rule.

After that was ok, all I had to do was add a field level rule for change_request.comments, add my custom role to that ACL, and set a condition of "Requested by is (dynamic) me".

Then the Additional Comments field appeared in the platform GUI, and a user with that specific role can now comment on change requests. But ONLY change requests which have been requested by that user. So only your own change requests.

View solution in original post

Jacob Saaby Ni1 · ‎03-05-2018

As a follow up: The requestor can ONLY add a comment to his/her own change requests.

I have a condition in place, that says "Requested by is javascript:gs.getUserID()".

On task.comments and sys_journal_filed it's "Created by is javascript:gs.getUserID()".

Just to be clear, as I'm not interested in circumventing the licensing terms.

Kristoffer Mon1 · ‎01-15-2020

Hi @Jacob Saaby Nielsen ,

I appreciate your details on this matter. Concerning the licensing, were you able to get confirmation from your account rep that you are within your license agreement?

Jacob Saaby Ni1 · ‎01-16-2020

Hi Kristoffer.

I *think* I remember that we got an ok with this. As long as they couldn't alter the records themselves, but only comment. But in any case I would suggest you talk to your ServiceNow rep 🙂

Also, since then, the Business Stakeholder plugin has been released. That at least takes care of the "read" part of the non-itil user.

That means you'd only have to handle the ACL for commenting.

Jacob Saaby Ni1 · ‎03-06-2018

Hi again.

So, found the solution myself, by using the Debug Security Rules. Can't recommend that enough 😄 Basically it was because my custom role didn't have permissions on the TABLE rule change_request.* (read). Only ITIL had that permission. So I added my role to that rule.

After that was ok, all I had to do was add a field level rule for change_request.comments, add my custom role to that ACL, and set a condition of "Requested by is (dynamic) me".

Then the Additional Comments field appeared in the platform GUI, and a user with that specific role can now comment on change requests. But ONLY change requests which have been requested by that user. So only your own change requests.