GlideSecurityManager - Global
The GlideSecurityManager API provides methods that enable you to retrieve a SecurityManager object and to check if the current user has access rights, both table-level and field-level, to a specified GlideRecord table based on the configured Access Control Rules (ACLs).
GlideSecurityManager - get()
Returns a SecurityManager object.
| Name | Type | Description |
|---|---|---|
| None |
| Type | Description |
|---|---|
| Object | SecurityManager object. |
The following code example shows how to call the GlideSecurityManager.get() method to obtain a GlideSecurityManager object that is then used by the GlideSecurityManager.hasRightsTo() method.
var sm = GlideSecurityManager.get();
var grInc = new GlideRecord('incident');
var path = 'record/incident/read';
gs.info(sm.hasRightsTo(path, grInc));
Output:
trueGlideSecurityManager - hasRightsTo(String path_to_resource, Object context)
Indicates whether the current user has table-level access rights to a specified GlideRecord table based on the configured Access Control Rules (ACLs). This method evaluates all available ACLs for the specific resource.
For additional information on ACLs, see Access Controls Evaluation Order.
| Name | Type | Description |
|---|---|---|
| path_to_resource | String | Resource path to the GlideRecord table to check for access rights. For example: Format: <type>/<name>/<operation>
|
| context | Object | Optional. For table-level validation this field is not required. |
| Type | Description |
|---|---|
| Boolean | Flag that indicates whether the user's roles permit table-level reading of the specified table. Valid values:
|
The following code example shows how to use the hasRightsTo() method to check if the current user has table-level read rights to all records in the Incident [incident] table.
var sm = GlideSecurityManager.get();
var grInc = new GlideRecord('incident');
var path = 'record/incident/read';
gs.info(sm.hasRightsTo(path, grInc));
Output:
false