How to limit an itil user to view incidents only from their company/group? ServiceNow

4.3k views Asked by At

Within my ServiceNow environment, I manage a number of incidents from different organizations, I've started the process of setting up a dashboard for one customer's CIO to view all tickets and incidents which relate to their company. I'm attempting to restrict what they can view to just their company, however, I'm running into issues. If they go to all incidents they're able to view every single incident on the system so my question is simple but perhaps the answer isn't. How exactly Can I restrict their access/view rights to simply the company they're assigned to?

thanks,

2

There are 2 answers

0
Matthew On BEST ANSWER

In the end I created a Business Rule which queried the incident table:

if(gs.getUser().getCompanyID()=='company_sys_id' && gs.getSession().isInteractive()){

    var u = gs.getUserID();
    var qc = current.addQuery('opened_by', u);
    qc.addOrCondition('caller_id', u);
    qc.addOrCondition('company', 'company_sys_id');
}
1
RayofCommand On

you have to modify the ACL rules for that table. Something like:

answer = current.opened_by == gs.getUserID() || current.caller_id == gs.getUserID() || current.company == gs.getUser().getCompanyID();

So the caller, opened by or the company of that has to match, in order to view the incident. Does this help you ?