0

I am currently working on a role called "read_incident" which should allow EES Users read the incidents of their assignment group.

Therefor I did the following:

  • created a role "read_incident"
  • assigned the role to group "Service Desk"
  • created a user "Denis" and added him to the "Service Desk" group
  • modified the query incident Business rule using an addorcondition to include my "read_incident" role to read incidents. (now you either have the "itil role", or the "read_incident" role to read incidents.
  • created an ACL with dynamic filter to read incidents if the assignment group is one of my groups.

Now I created a homepage using a gauge of a list report of incidents which are assigned to "service desk" group.

As admin I can see all the incidents of course. But when I impersonate "Denis", the incident list reports the following "No records to display"

So nothing is blocking me from reading incidents, but somehow there is no Data match. I tried creating a new incident and assign it to the "service desk" but still this incident isn't visible for the user "Denis".

What I know until now: - Business rule is 100% working, because no "data is blocked" - I can query the incident table

The Business rule:

if (!gs.hasRole("itil").addOrCondition(!gs.hasRole("read_incident") && gs.isInteractive()) {
  var u = gs.getUserID();
  var qc = current.addQuery("caller_id", u).addOrCondition("opened_by", u).addOrCondition("watch_list", "CONTAINS", u);
  gs.print("query restricted to user: " + u);
}
ekad
  • 14,436
  • 26
  • 44
  • 46
RayofCommand
  • 4,054
  • 17
  • 56
  • 92

1 Answers1

2

Your business rule is not correct: gs.hasRole() method returns true or false, you cannot use the method addOrCondition() there. There is also an error in your if sentence, it is needed another ")" at the end of the condition.

Try the following:

Business Rule Condition

(!gs.hasRole("itil") || !gs.hasRole("read_incident")) && gs.isInteractive()

Script

(function executeRule(current, previous /*null when async*/) {

    var u = gs.getUserID();
    current.addQuery("caller_id", u).addOrCondition("opened_by", u).addOrCondition("watch_list", "CONTAINS", u);

})(current, previous);

It is better to use the Condition field when possible, it improves the performance. I'm not sure if the business rule script meets your needs, I think you should check if the user is member of the current assignment_group, right?

J. Juárez Polo
  • 71
  • 5