Business rule query

Merza Lyn
Mega Guru

We created a business rule to restrict Risk and Risk acceptance task to search if logged in user is not the same as the owner and assigned_to.

 

sn_risk_risk - Owner

(function executeRule(current, previous /*null when async*/) {
   // Allow admins and users with specific roles to bypass the restriction
   if (gs.hasRole('admin') || gs.hasRole('sn_risk.global_manager') || gs.hasRole('sn_grc.admin')) {
       return;
   }

   var user = gs.getUser();
   var userRecord = new GlideRecord('sys_user');

   if (userRecord.get(user.getID())) {
       var userCountry = userRecord.location.country;

       // If user's country is defined, filter the query
       if (userCountry) {
           // Add condition: Owner's country must match user's country
           current.addQuery('owner.location.country', userCountry);
       } else {
           // If user has no country, restrict all records
           current.addQuery('sys_id', '');
       }
   } else {
       // If user record not found, restrict all records
       current.addQuery('sys_id', '');
   }
})(current, previous);

 

sn_risk_acceptance_task

(function executeRule(current, previous /*null when async*/) {
   // Allow admins and users with specific roles to bypass the restriction
   if (gs.hasRole('admin') || gs.hasRole('sn_risk.global_manager') || gs.hasRole('sn_grc.admin')) {
       return;
   }
   var user = gs.getUser();
   var userRecord = new GlideRecord('sys_user');
   if (userRecord.get(user.getID())) {
       var userCountry = userRecord.location.country;
       // If user's country is defined, filter the query
       if (userCountry) {
           // Add condition: Owner's country must match user's country for the task
           current.addQuery('assigned_to.location.country', userCountry);
       } else {
           // If user has no country, restrict all records
           current.addQuery('sys_id', '');
       }
       // Check if the risk acceptance task has an associated parent risk
       if (current.risk) {
           var parentRisk = new GlideRecord('sn_risk_risk');
           if (parentRisk.get(current.risk)) {
               // If the parent risk exists and has an owner
               var parentRiskOwnerCountry = parentRisk.owner.location.country;
               // If the parent risk owner is from a different country, allow access to the task
               if (parentRiskOwnerCountry !== userCountry) {
                   // Allow access to the risk task even if country mismatch exists
                   current.addQuery('sys_id', current.sys_id);  // Ensure the task remains accessible
               }
           }
       }
   } else {
       // If user record not found, restrict all records
       current.addQuery('sys_id', '');
   }
})(current, previous);

 

However, there are cases that when the Owner of the Risk assigned the risk acceptance task to user that located in other country. So the assigned_to cannot view the Parent risk.

 

Sample this Risk.

Owner is from Korea

MerzaLyn_2-1741655320704.png

 

And the risk acceptance task is assigned to Scott that is located in the US.

MerzaLyn_3-1741655348550.png

So Scott cannot view the parent risk because him and the owner are not in the same country.

MerzaLyn_4-1741655430555.png

How can I exempt that case in my BRs?

13 REPLIES 13

Hi @Merza Lyn,

 

could you please check the technical names on the risk task table and adjust accordingly in the second script I have provided in the query, this is the line that needs to be adjusted:

 

assigned_to should be replaced with the technical name of field “Site Risk Manager”

risk should be replaced with technical name of Risk

 

taskGR.addEncodedQuery('assigned_to=' + user.getID() + '^risk=' + current.sys_id);

 

 


If you found this helpful, please hit the thumbs-up button and mark as correct. That helps others find their solutions.

There was also a typo (missing “=“) 

it should be in this format (please double check the technical names from the risk task table):

taskGR.addEncodedQuery('assigned_to=' + user.getID() + '^risk=' + current.sys_id);

 


If you found this helpful, please hit the thumbs-up button and mark as correct. That helps others find their solutions.

@Merza Lyn 

I hope you are doing well! Did it work?


If you found this helpful, please hit the thumbs-up button and mark as correct. That helps others find their solutions.

Hi @Medi C 

No, it did not work.

Hello @Medi C 

 

This one?

 

MerzaLyn_2-1741663991893.pngMerzaLyn_3-1741664014706.png