Administer > Application setup > Process Designer > Process Designer security model > Roles in the operator record > Check security rights by using Java Script or variables

Check security rights by using Java Script or variables

Applies to User roles: System Administrator

In the Process Designer security framework, you can use Java Script functions or use variables to check the security rights of an operator.

Check security rights using Java Script

In the Process Designer security framework, you can use the “security.getRights” Java Script function to check security rights for an operator. For how to use this function, see the following description and examples.

security.getRights(<area>, <right>)

This function checks and returns the specific right (or setting) of the current role in a given Area. The return value is a string.

<area> - The Security Area that is to be checked, such as Incident or Change.

<right> - The right to check, such as new or update.

Example 1

var temp = lib.security.getRights("Change", "update")

Depending on the specific right that the current user has, the function may return one of the following values: "always", "never", "assigned" or "workgroup".

If the current user has no update right for the Change module, the return value is "false".

Example 2

var temp = lib.security.getRights("Change", "allowCategory")

The return value is a group of specific categories. For example: {"Emergency Change", "CI Group"}

Example 3

var temp = lib.security.getRights("Change", "view")

It returns "true" if the current user has the view right for the Change module. Otherwise, it returns "false" if the current user does not have the view right for the Change module.

Note You can also use the “security.getToken(<area>, <right>)” function to check rights (or settings).

The security.getToken function is an alias of security.getRights.

Check record right with variables

You can use the following variables to check whether a user can access a record. The variables are calculated based on new, view, update, delete, allowed status, and folder setting from secRights with each record.

  • $L.tableAccess.new
  • $L.tableAccess.view
  • $L.tableAccess.update
  • $L.tableAccess.delete
  • $L.tableAccess.expert
  • $L.tableAccess.admin