Help in Client Script: If user belongs to CMDB assignment group, he can edit a field in cmdb table

ArushiG
Tera Contributor

‎04-07-2025 10:48 AM

Hi team,

Please help me with a client script on cmdb_ci_hardware table:

 

If a user belongs to cmdb_ci_hardware table, he should be able to edit the new field "External IP". I've written the below:

 

function onLoad() {
   //Type appropriate comment here, and begin script below


    var usrdetail = g_user.getUserID();
    var gr = new GlideRecord('sys_user_grmember');
    gr.addQuery('user', usrdetail);
    gr.addQuery('group', '47d86fe1db7f845055434cb11596192a');
    gr.query();
   
    if(gr.next()){
        g_form.setVisible('u_external_ip',true);
        g_form.setReadOnly('u_external_ip', false);
    }
       
    else{
        g_form.setVisible('u_external_ip',false);
        g_form.setReadOnly('u_external_ip', true);
    }
   
}
0 Helpfuls
  • 983 Views
13 REPLIES 13

AshishKM
Kilo Patron
Kilo Patron

‎04-07-2025 10:58 AM - edited ‎04-07-2025 11:03 AM

Hi @ArushiG , 

The best approach to create an ACL [ write/read ] on this table for external ip.

What issue with this code. Is this not working in your case ?

 

For simple testing purpose, its ok to user GlideRecord, later you can change this code with GlideAjax call of you can also use "isMemberOf()" OOTB method

 

function onLoad() {
    var groupName = 'YOUR_GROUP_NAME_HERE'; // Replace with actual group name
   // check if logged-in user is part fo the given group
    if (g_user.isMemberOf(groupName)) {
            g_form.setVisible('u_external_ip',true);
            g_form.setReadOnly('u_external_ip', false);
    } else {
        g_form.setVisible('u_external_ip',false);
        g_form.setReadOnly('u_external_ip', true);
    }
}

 

-Thanks,

AshishKM

 

 


Please mark this response as correct and helpful if it helps you can mark more that one reply as accepted solution
0 Helpfuls

ArushiG
Tera Contributor
In response to AshishKM

‎04-09-2025 02:30 AM

Hi Ashish,

I tried that, but it hasn't worked. I tried with both group name and group sysid. The field was still editable by all.

0 Helpfuls

Shivalika
Mega Sage

‎04-07-2025 11:34 AM

Hello @ArushiG 

 

You should create a field level ACL for this.

 

Kindly mark my answer as helpful and accept solution if it helped you in anyway. This will help me be recognized for the efforts and also move this questions from unsolved to solved bucket. 

 

Regards,

 

Shivalika 

 

My LinkedIn - https://www.linkedin.com/in/shivalika-gupta-540346194

 

My youtube - https://youtube.com/playlist?list=PLsHuNzTdkE5Cn4PyS7HdV0Vg8JsfdgQlA&si=0WynLcOwNeEISQCY

0 Helpfuls

ArushiG
Tera Contributor
In response to Shivalika

‎04-09-2025 02:36 AM

Hi Shivalik,
ACLs will require creation of roles, right? I have not worked with ACLs much so I am not sure about that. We are not allowed to create new roles, that is why I'm trying to use the groups to restrict.

0 Helpfuls