incident records confidential and not visible to others

Shaik mahammad
Tera Contributor

‎10-05-2023 07:03 AM

If one team or group has a requirement to keep their incident records confidential and not visible to others, but you want to achieve this without using a custom table and only utilizing the incident table

0 Helpfuls
  • 705 Views
2 REPLIES 2

RaghavSh
Kilo Patron

‎10-05-2023 07:09 AM

Try "Read" acl on incident table with below script:

answer=false;

if(gs.getUser().isMemberOf(current.assignment_group)) // only assignment group members can see the incidents. if you have any particular group , pass ths sys_id of that group. 

{

answer=true;

}


Please mark the answer correct/helpful accordingly.


Raghav
MVP 2023
0 Helpfuls

Amarjeet Pal
Kilo Sage
Kilo Sage

‎10-07-2023 03:53 AM

Hello @Shaik mahammad  ,

 

If you want to keep incident records confidential and not visible to others within the same instance of ServiceNow, you can use Access Control Lists (ACLs) to restrict access to certain records based on specific conditions. For example, you could create an ACL that limits access to incidents based on the group or team assigned to the record.

To set up such an ACL, you would need to define a new condition that uses a script to check for the group or team assignment of the current user. You would then apply this condition to all read and write operations for incidents, effectively restricting access for users who are not members of the specified group or team.

Keep in mind that implementing this type of ACL requires careful planning and testing, as incorrect or overly restrictive permissions can lead to unintended consequences. It's also important to communicate clearly with users about any changes or restrictions in place in order to avoid confusion or frustration.

And as suggested by @RaghavSh  you can try the script that should work.

 

Thanks,

Amarjeet Pal

0 Helpfuls