Restrict access by a script

Service Catalog enables you to control access to a service catalog item or category with a custom script.

  1. Navigate to Service Catalog > Maintain Items or Service Catalog > Maintain Categories.
  2. Open the relevant catalog item or category.
  3. Configure the form to add the Entitlement Script field.
    Figure 1. Entitlement Script
    entitlement script
  4. In the Entitlement Script field, enter the access control script.

    Sample Scripts

    The following example script grants access to a catalog item named French Blackberry to users with a language of Fr (French):
    gs.log ( 'Running Entitlement script for French Blackberry' ) ;
     
     if (gs. getUser ( ). getLanguage ( ) == 'fr' ) 
        answer = true ; else 
        answer = false ;
     
    answer ;
    The following example script could be used to distinguish between two categories of users (one with full access and one with restricted access) on the catalog of services:
    var userid  = gs. getUserID ( ) ; var gr  = new GlideRecord ( 'sys_user' ) ; 
    gr. get ( 'sys_id' , userid ) ; 
     
     if (gr. source )
        answer = true ; else
        answer = false ; 
     
    answer ;
    Overriding Entitlement Scripts by Role
    1. Navigate to Service Catalog > Properties.
    2. Enter the roles for which to override the entitlement script (grant access) in the property List of roles (comma-separated) that can override normal entitlement checking inside the catalog. A role of "itil" means that the itil role can order any catalog item, even one protected by entitlement restrictions.