The Zurich release has arrived! Interested in new features and functionalities? Click here for more

If a user does not have read access on a ticket, should he able to see attachment on header

Go to solution
Priya Singh 2 2
Tera Contributor

4 weeks ago

Hello Team,

My issue is that a user or group of members do not have access on a record which is working fine however they can see attachment on header or attach an attachment that's not the right behavior, what is the best way to fix this problem by following best practice:

 

My condition is if CI is this & Location is this then only opened by or member of group (xyz) should have read access other people shouldn't have it

@Pradeep Patil provide your inputs here asap ?

 

Thanks,

XXX

0 Helpfuls
  • 400 Views
1 ACCEPTED SOLUTION

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron

4 weeks ago

@Priya Singh 2 2 

if your user has write access to record they can see the paper-clip icon on header.

you can use display business rule + onLoad client script and use g_scratchpad variable

Then hide the attachment header using DOM manipulation

Display Business rule

(function executeRule(current, previous /*null when async*/ ) {

    // Add your code here
    g_scratchpad.isVisible = current.cmdb_ci == 'ciSysId' && current.location == 'locationSysId' && (current.opened_by == gs.getUserID() || gs.getUser().isMemberOf('Group XYZ'));

})(current, previous);

onLoad client script:

-> Ensure "Isolate Script" field is marked as False to allow DOM manipulation

-> IF this field is not on form then make it false from list

function onLoad() {

    if (attachmentHeader && g_scratchpad.isVisible.toString() == '') {
        // Hide the attachment header section
        var attachmentHeader = document.getElementById('header_attachment_list');
        attachmentHeader.style.display = 'none';
        // Optionally, hide the paperclip icon as well
        g_form.disableAttachments();
    }
}

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader

View solution in original post

0 Helpfuls
4 REPLIES 4

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron

4 weeks ago

@Priya Singh 2 2 

if your user has write access to record they can see the paper-clip icon on header.

you can use display business rule + onLoad client script and use g_scratchpad variable

Then hide the attachment header using DOM manipulation

Display Business rule

(function executeRule(current, previous /*null when async*/ ) {

    // Add your code here
    g_scratchpad.isVisible = current.cmdb_ci == 'ciSysId' && current.location == 'locationSysId' && (current.opened_by == gs.getUserID() || gs.getUser().isMemberOf('Group XYZ'));

})(current, previous);

onLoad client script:

-> Ensure "Isolate Script" field is marked as False to allow DOM manipulation

-> IF this field is not on form then make it false from list

function onLoad() {

    if (attachmentHeader && g_scratchpad.isVisible.toString() == '') {
        // Hide the attachment header section
        var attachmentHeader = document.getElementById('header_attachment_list');
        attachmentHeader.style.display = 'none';
        // Optionally, hide the paperclip icon as well
        g_form.disableAttachments();
    }
}

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader
0 Helpfuls

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron
In response to Ankur Bawiskar

3 weeks ago

@Priya Singh 2 2 

Hope you are doing good.

Did my reply answer your question?

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader
0 Helpfuls

Go to solution
Priya Singh 2 2
Tera Contributor
In response to Ankur Bawiskar

3 weeks ago

Thank you @Ankur Bawiskar it is working now

0 Helpfuls

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron

4 weeks ago

@Priya Singh 2 2 

Another method is this

1) create Table.None read acl on sys_attachment, condition as

Table Name == incident

2) use advanced script and add the logic by doing GlideRecord on incident table and accordingly set answer=true/false

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader
0 Helpfuls