To restrict the access row level, Before query business rule plays an important role in ServiceNow. In the article we will talk about on below topics related to query business along with video representation of practical implementation.
Table of Content:
1. What is Before Query Business Rule in ServiceNow and why it is used for?
2. Before Query Business Rule vs ACL’s
3. Example Code Snippet
4. Practical implementation of Before Query Business Rule.
What is Before Query Business Rule in ServiceNow and why it is used for?
It is a type of business rule in ServiceNow that we can use to limit that what all records user can access from a given table. In other words we can also say that it is used for data segregation on an instance. Query business executes before the query is sent to the database and it executes synchronously.
Below image with give the complete understanding of business rule execution in ServiceNow:
Before Query Business Rule Uses or examples :
There are lots of example where we can use query BR in ServiceNow. It is very easy to implement or apply Query BR in ServiceNow. Few of the example just for understanding are given below:
1. Lets say users cannot access the incident record in incident list view which belongs to XYZ group.
2. Logged in user can view only those problem records or incident records which are opened by him.
3. It can also be used to support data segregation within domain separated environment. For e.g. user from XYZ company cannot view the incident of ABCDE company.
Example Code Snippet:
(function executeRule(current, previous /*null when async*/) {
if(gs.getUser().isMemberOf('Mention Group Sys_id here') && gs.getSession().isInteractive()){
current.addQuery('assignment_group','Mention Group Sys_id here');
current.addQuery('assigned_to',gs.getUserID());
}
else{
return;
}
})(current, previous);
ServiceNow Query Business Rule Vs ACL’s in ServiceNow:
Few of the difference between before query BR and ACL are listed below:
1. Query BR provide access restriction only in Row Level while ACL provide access restriction Global, table (Row) and field level.
2. When Query BR is restricting the access than user will not see any message by default at the bottom of page related to access restriction but while if it is restricted from ACL than message such as “Numbers of rows removed from the list by Security constraints: 20” displayed to user which basically degrades the user experience.
3. We cannot debug Query Business Rule from Debug Security module but we can debug ACL from the same.
4. In ServiceNow the records are first queried and then after ACL rules are applied.
Practical Implementation or Example of query BR in ServiceNow:
You can find the practical implementation of below use cases in the link given below:
1. Logged in User can only see the incident records which is assigned to a specific group and he should be a member of that group too.
2. Logged in User can only see the incident which is assigned to him.
LINK: Before Query BR with Example Practical Demonstration
For any access related scenario’s through before query business rule the only thing we have to do is that we only have to define the required query. I believe all the all the above content will provide you complete understanding of Before Query business Rule in ServiceNow and example and use case practical implantation will help you implement required scenarios. Please feel free to comment below if you need more information on ServiceNow Before Query BR.
2 Comments
Good Work
ReplyDeletegreat work
ReplyDelete