Skip to content

Instantly share code, notes, and snippets.

@cmcdevitt
Last active September 1, 2022 18:14
Show Gist options
  • Select an option

  • Save cmcdevitt/7d5fb10ac9f95773149c8bb40c7cd97a to your computer and use it in GitHub Desktop.

Select an option

Save cmcdevitt/7d5fb10ac9f95773149c8bb40c7cd97a to your computer and use it in GitHub Desktop.
Filter Records for a 'Business Unit' Analysts. Typically an Analysts can see everything, but you may need them just to see only their BUs stuff
/*
1. Grant the user the Analysts role, for example: sn_vul.vulnerability_analyst
2. Grant the user the NEW BU Analysts role (that you created for this), for example: sn_vul.vulnerability_bu_analyst
Note: the new role does not need to have any ACLs or anything else
3. Create an On Before, Query Business Rule (Order 10,000)
*/
gs.getUser().hasRole('sn_vul.vulnerability_bu_analyst');// <== BR Condition, only run this for BU Analysts
//In canned BR function
if(!gs.hasRole('admin')){//Don't run it for Admins
var currentUser = gs.getUser();
var user = new GlideRecord('sys_user');
user.get(currentUser.getID());
//This is pushing the recommended dot walk limit, but there should only be so many BU Analysts so....
current.addEncodedQuery('assignment_group.manager.department.business_unit=' + user.department.business_unit);
}
/*
We are making a big assumption here. We are assumming the the VITs, Assignment Groups, Managers Business Unit is the
same as the Business Unit Analysts. This should be true and we are making an assumptive filter.
Of course, in theroy if the underlying Asset has a Business Unit associated with it, you could use that.
*/
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment