- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-25-2022 09:00 PM
Hello - I have a specific catalog log item that I need to restrict users with the itil role to view only requests they submitted. I've tried created and read ACL on the sc_request_item as well as a business rule and nothing works.
I was able to restrict read access, but it also restricts them from submitting their own request.
Thank you in advance for your help!
See screen shot
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-26-2022 06:03 PM
Inactivate the Business Rule, as I don't see what that could possibly be adding/effecting in this scenario. On the ACL, you have a heck of a lot of conditions. Are all of these really necessary? If you deactivate the ACL, can you submit a new request? Once you can do this, activate the ACL with one condition at a time - so start with isNewRecord only, and you should be able to read and write. Once this is working, add the necessary conditions to be able to read existing RITMs if the current user was the submitter - but this should be one condition - whatever on the RITM matches the current user. You'll also want to add a condition for this Catalog Item only, so this doesn't apply to every RITM/Catalog Item.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-26-2022 03:52 AM
I am not a developer mate but would like to understand the need for this requirement. ITIL user is one who can work on records and make restrictions, you are violating the basic function of ITIL.
You can use the available for if required.
Mark helpful, if solve the purpose.
If my response proves useful, please indicate its helpfulness by selecting " Accept as Solution" and " Helpful." This action benefits both the community and me.
Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/atul_grover_lng [ Connect for 1-1 Session]
****************************************************************************************************************
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-26-2022 04:01 AM
Hi Tracey,
On your read ACL on the sc_req_item table, add a script or incorporate this logic into your script.
answer = false;
if (current.isNewRecord() || current.opened_by = gs.getUserID()) {
answer = true;
}
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-26-2022 01:33 PM
Thank you Mega very for your suggestion. I tried that on the OOB read ACL and still no luck. I've added my business rule here do you see any issue? When I impersonate an itil user and after submission i get this
bus
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-26-2022 06:03 PM
Inactivate the Business Rule, as I don't see what that could possibly be adding/effecting in this scenario. On the ACL, you have a heck of a lot of conditions. Are all of these really necessary? If you deactivate the ACL, can you submit a new request? Once you can do this, activate the ACL with one condition at a time - so start with isNewRecord only, and you should be able to read and write. Once this is working, add the necessary conditions to be able to read existing RITMs if the current user was the submitter - but this should be one condition - whatever on the RITM matches the current user. You'll also want to add a condition for this Catalog Item only, so this doesn't apply to every RITM/Catalog Item.