the answer is that this is a level higher than even elevated privilege - MAINT - which only ServiceNow have not the local instance admins. Will be interesting to see if ServiceNow addresses this in future releases to open up the role to sys_admins
WORKAROUND: can add a custom UI action to enable adding this
condition: gs.hasRole('admin')
script:
gs.getSession().setStrictQuery(true);
var nobody_role = gs.getProperty('role_nobody');
var acl_role_rel = new GlideRecord('sys_security_acl_role');
acl_role_rel.get('sys_security_acl', current.sys_id);
if (acl_role_rel) {
acl_role_rel.sys_user_role = nobody_role;
acl_role_rel.update();
}
action.setRedirectURL(current);
(ServiceNow)
(Courtesy of Mohammad Nassar)
I had no idea that this role even exists!! This is such a great article, thank you so much for sharing!!
ReplyDeletesure! thanks for feedback
ReplyDelete