Simple ACL script not working
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-28-2017 09:28 AM
Hi everyone,
I modified the OOB ACL for Incident (read) from: current.opened_by == gs.getUserID() || current.caller_id == gs.getUserID() || (current.watch_list.indexOf(gs.getUserID()) > -1
to:
(current.opened_by == gs.getUserID() || current.caller_id == gs.getUserID() || (current.watch_list.indexOf(gs.getUserID()) > -1) || (gs.hasRole('event_group') && gs.getUser().isMemberOf(current.assignment_group)));
And it's not allowing read access. What I tried to add to the OOB condition is a check to see if the user has a custom role AND is a member of the assignment group. The other conditions should remain the same.
My test user has the event_group role and is in the assignment group of multiple incidents but they aren't seeing any records on the incident table.
This custom role does not inherit the itil role.
Any ideas what is misfiring?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-28-2017 09:40 AM
replace gs.getUser().isMemberOf(current.assignment_group) to gs.getUser().isMemberOf(current.assignment_group.getDisplayValue().toString())
with current.assignment_group you are just passing the sys_id, but with the other you are passing the string value of the display value.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-28-2017 08:57 PM
Hi,
Did you get a chance to try what i suggested?
