ACL for particular user group
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-08-2025 09:51 PM
For a record, If the assigned to is a group1 member and logged in user is group 2 member then for the group 2 member the record should be read only. How to write ACL script for this requirement?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-08-2025 10:11 PM
Hi @BKash ,
You can create table.* acl and use below code.
(function() {
// Get the 'assigned_to' field value
var assignedTo = current.assigned_to;
// Check if 'assigned_to' is a member of 'group 1'
if (assignedTo) {
var grGroup1 = new GlideRecord('sys_user_grmember');
grGroup1.addQuery('group.name', 'group1'); // Replace 'group1' with the actual name of Group 1
grGroup1.addQuery('user', assignedTo);
grGroup1.query();
if (grGroup1.next()) {
// Check if the logged-in user is a member of 'group 2'
var grGroup2 = new GlideRecord('sys_user_grmember');
grGroup2.addQuery('group.name', 'group2'); // Replace 'group2' with the actual name of Group 2
grGroup2.addQuery('user', gs.getUserID());
grGroup2.query();
if (grGroup2.next()) {
// Logged-in user is a member of 'group 2', deny write access
return false; // Denies access for group 2 members
}
}
}
return true; // Allows access for other users
})();
-------------------------------------------------------------------------
If you found my response helpful, please consider selecting "Accept as Solution" and marking it as "Helpful." This not only supports me but also benefits the community.
Regards
Runjay Patel - ServiceNow Solution Architect
YouTube: https://www.youtube.com/@RunjayP
LinkedIn: https://www.linkedin.com/in/runjay
-------------------------------------------------------------------------
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-08-2025 10:17 PM - edited 01-08-2025 10:18 PM
Hi @Runjay Patel , Is there a way we can use system property instead of group names?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-08-2025 10:32 PM
Hi @BKash ,
Instead of hardcode you can use sys property to get the sys_id of the group.
Create a property and store the value and get that in ACL like below
gs.getProperty('your_property_name')
-------------------------------------------------------------------------
If you found my response helpful, please consider selecting "Accept as Solution" and marking it as "Helpful." This not only supports me but also benefits the community.
Regards
Runjay Patel - ServiceNow Solution Architect
YouTube: https://www.youtube.com/@RunjayP
LinkedIn: https://www.linkedin.com/in/runjay
-------------------------------------------------------------------------
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-09-2025 01:27 AM
Hi @BKash ,
Is my proposed solution didnt work?
Are you still facing issue?
If my answer addressed your query, feel free to accept it to help others in the community benefit as well.
