Restricting Records Using Before Query Business Rule

Mussie · ‎11-15-2017

Hi Guys,

I have two tables:

Table A - is extended from Task

Table B - is a simple table with three field (user, description, parent) and one of those fields is a Parent which refers to table A.

Now I have ACLs which restrict users from viewing table A record except in the following condition:

1. User is requested_for

2. User is Assigned_to

3. User is listed in Table B

I am able to achieve this using a combination of Script Include and ACLs. However, I am getting the message "Number of rows removed from this list by Security constraints". Based on this link, I was able to create a before Business Rule:

https://www.servicenowguru.com/scripting/business-rules-scripting/controlling-record-access-before-q...

However, I am not able to make this work for scenario number 3 listed above (User is listed in Table B).

Any ideas?

Mussie

sndangibbard · ‎11-16-2017

If I've understood your requirements correctly then something like this should work (the BR would be on table A)

var ar=[];

var q='sys_id=';

var gr = new GlideRecord("tableB");

gr.addQuery("u_user", gs.getUserID());

gr.query();

while(gr.next()) {

ar.push(gr.u_parent+'');

}

q+=ar.join('^ORsys_id=');

current.addEncodedQuery(q);

Obviously replace tableB, u_user and u_parent with the correct table and column names!

View solution in original post

Simon Christens · ‎11-16-2017

What kinda of field is this "3. User is listed in Table B"?

The query differs from different types

current.addQuery('parent.<user_field if single reference>', gs.getUserID())

current.addQuery('parent.<user_field if list>', 'CONTAINS', gs.getUserID()) //if i remember right - else replace CONTAINS with LIKE