ACL for particular user group

BKash · ‎01-08-2025

For a record, If the assigned to is a group1 member and logged in user is group 2 member then for the group 2 member the record should be read only. How to write ACL script for this requirement?

Runjay Patel · ‎01-08-2025

Hi @BKash ,

You can create table.* acl and use below code.

(function() {
    // Get the 'assigned_to' field value
    var assignedTo = current.assigned_to;

    // Check if 'assigned_to' is a member of 'group 1'
    if (assignedTo) {
        var grGroup1 = new GlideRecord('sys_user_grmember');
        grGroup1.addQuery('group.name', 'group1');  // Replace 'group1' with the actual name of Group 1
        grGroup1.addQuery('user', assignedTo);
        grGroup1.query();
        if (grGroup1.next()) {
            // Check if the logged-in user is a member of 'group 2'
            var grGroup2 = new GlideRecord('sys_user_grmember');
            grGroup2.addQuery('group.name', 'group2');  // Replace 'group2' with the actual name of Group 2
            grGroup2.addQuery('user', gs.getUserID());
            grGroup2.query();
            if (grGroup2.next()) {
                // Logged-in user is a member of 'group 2', deny write access
                return false;  // Denies access for group 2 members
            }
        }
    }

    return true;  // Allows access for other users
})();

-------------------------------------------------------------------------

If you found my response helpful, please consider selecting "Accept as Solution" and marking it as "Helpful." This not only supports me but also benefits the community.

Regards
Runjay Patel - ServiceNow Solution Architect
YouTube: https://www.youtube.com/@RunjayP
LinkedIn: https://www.linkedin.com/in/runjay

-------------------------------------------------------------------------

BKash · ‎01-08-2025

Hi @Runjay Patel , Is there a way we can use system property instead of group names?

Runjay Patel · ‎01-08-2025

Hi @BKash ,

Instead of hardcode you can use sys property to get the sys_id of the group.

Create a property and store the value and get that in ACL like below

gs.getProperty('your_property_name')

-------------------------------------------------------------------------

If you found my response helpful, please consider selecting "Accept as Solution" and marking it as "Helpful." This not only supports me but also benefits the community.

Regards
Runjay Patel - ServiceNow Solution Architect
YouTube: https://www.youtube.com/@RunjayP
LinkedIn: https://www.linkedin.com/in/runjay

-------------------------------------------------------------------------

Runjay Patel · ‎01-09-2025

Hi @BKash ,

Is my proposed solution didnt work?

Are you still facing issue?

If my answer addressed your query, feel free to accept it to help others in the community benefit as well.