1

So I would love to let some ESS users see all incidents for a specific service in their default homepage, which I create.

What I did so far to manage that:

  • create a role
  • create group
  • add persons to the group
  • create homepage with gauge reports
  • added the role to the homepage as read & write

Now from my view as ITIL user I am able to see 17 incidents for my specific service X. Now I impersonate a User of that new group and I see only 3 Incidents, only the one that specific user created. But he is unable to see the others.

So what I tried was manipulating the incidents module under Application Menu -> Self Service --> Incidents

There I found a JavaScript which checks if the incident was created by the user, I just switched the true to false, and I hoped to get the other 14 incidents in return instead of his 3.

But that didn't work out.

Since ServiceNow is nearly as powerful as Chuck Norris, there must be other simple ways to achieve my goal.

I am running a fuji release. patch 11?

Heretic Monkey
  • 11,687
  • 7
  • 53
  • 122
RayofCommand
  • 4,054
  • 17
  • 56
  • 92

2 Answers2

1

I assume this is the javascript condition you're talking about:

caller_id=javascript:gs.getUserID()^active=true

This is specifying a default filter which restricts to records where:

  • Caller is the logged-in user (i.e. the logged-in user created the incident)
  • Incident is active

If you change it to active=false, you're just saying "Give me all incidents where caller is logged-in user which are inactive, which I don't think is what you want. It sounds like you actually want to allow the user to see incidents where they aren't the caller, in which case you could remove the first condition (caller_id=javascript:gs.getUserID()) which would default that module to showing all active incidents, which I fear is still not what you want.

To get you to the next step, can you share how you're handling filtering the service for the logged-in user?

Joey
  • 2,901
  • 21
  • 22
  • you are right, I tried to deactivate the script but it won't save after I remove the checkmark @ active. – RayofCommand Sep 28 '16 at 07:29
  • I wanted no filtering to be done. That's why I tried to reverse that condition. Any idea how I can turn this script off? – RayofCommand Sep 28 '16 at 07:35
  • I'm assuming that you're seeing this script on the sys_app_module entry (at a URL like `/sys_app_module.do?sys_id=087800c1c0a80164004e32c8a64a97c9` ), in which case you can just clear out the "Arguments" or "Filter" fields entirely to remove the filter condition from the list. – Joey Sep 28 '16 at 20:14
  • Actually I was not precise enough. I created a Homepage with Charts for my ESS users which displays all incidents of their service. But every ESS user can only see the incidents which where created by them. – RayofCommand Oct 04 '16 at 08:38
1

If you are talking about End-Users (Users without a role, or without the ITIL role) they are restricted by an onbefore query business rule and additionally by an ACL. You have to change both if you want your End-Users to see more Incidents. The sys_ids of these two objects should be the same on all instances, so just replace "yourinstance" in the links with the name of your service-now instance.

Link to Business Rule

Link to ACL (don't forget to elevate privileges [security_admin] in order to make changes)

makim
  • 3,154
  • 4
  • 30
  • 49
  • Hey Makim, yes you are right, meanwhile I found the business rule myself and saw the ACL as well. Turning on debugging helped me :) What I am not sure about is, if this is ok for ServiceNow in terms of licensing etc. Terms and Conditons... – RayofCommand Oct 19 '16 at 16:33
  • as far as I know this should be no problem, I did this a few times and Service-Now never said a word ;) – makim Oct 20 '16 at 13:21
  • would you be so kind and show me how to add the "check if user is in group" function to the existing business rule? I tried adding something like this "addOrCondition(u.isMemberOf('mygroup')" without success. Also if the user has no role at all, but is in a group and can view incidents. I can't make him see a homepage, right? – RayofCommand Nov 08 '16 at 11:49