https://netsuiteprofessionals.com logo
#suitescript
Title
# suitescript
c

Chris Simon

03/31/2022, 9:32 AM
Anyone know how to dynamically grab the current user's permission to access a given custom record? This is what I've tried, but it always seems to return FULL permission:
Copy code
//Get User Permissions
			var objUser = runtime.getCurrentUser();
			//Get the environment internal ID for the custom record in the environment
			var objCustomRecord = record.create({
				type: 'customrecord_test'
			});
			var stCustomRecordTypeId = objCustomRecord.getValue({fieldId: 'rectype'});
			var stPaymentRecordPermission = objUser.getPermission({
				name: 'LIST_CUSTRECORDENTRY' + stCustomRecordTypeId
			});
			var stSublistPermission = stPaymentRecordPermission <= 1 ? serverWidget.FieldDisplayType.INLINE : serverWidget.FieldDisplayType.ENTRY;
			log.debug('DEBUG', 'User: ' + JSON.stringify(objUser));
			log.debug('DEBUG', 'Permission Level for LIST_CUSTRECORDENTRY' + stCustomRecordTypeId + ':' + stPaymentRecordPermission);
b

battk

03/31/2022, 10:56 AM
that looks like a partial solution
ignoring the part where it only works if you have at least create permission
you might actually want to check if that user can actually create/edit/delete those custom records
c

Chris Simon

03/31/2022, 11:52 AM
It's in the before load UE that executes as admin, so it shouldn't fail to execute that record.create
b

battk

03/31/2022, 11:57 AM
thats also probably why you have full permission as an admin
c

Chris Simon

03/31/2022, 12:05 PM
Yeah, you're probably right. Just weird because the user I'm returning still has the user's role listed, not admin. I guess that's just how the apis work. Thanks for your help.
b

battk

03/31/2022, 12:24 PM
run it using the current user's permissions
c

Chris Simon

03/31/2022, 12:52 PM
Yeah was trying to get the best of both worlds, but it appears no dice
b

battk

03/31/2022, 12:54 PM
if you are desperate, the hard way is to do a role search
depending on how generic you need to make your solution, it could work out
c

Chris Simon

03/31/2022, 1:24 PM
That did the trick! Gross, but it works! Thanks for your help!
Copy code
//Get User Permissions
			var objUser = runtime.getCurrentUser();
			log.debug('DEBUG', 'User: ' + JSON.stringify(objUser));
			//Get the environment internal ID for the custom record in the environment
			var objRecord = record.create({
				type: 'customrecord_test'
			});
			var stCustomRecordTypeId = 'LIST_CUSTRECORDENTRY' + objRecord.getValue({fieldId: 'rectype'});
			log.debug('DEBUG', 'Custom Record Permission Desired: ' + stCustomRecordTypeId);
			var arrFilters = [];
			arrFilters.push(search.createFilter({name: 'internalid', operator: 'anyof', values: [objUser.role]}));
			arrFilters.push(search.createFilter({name: 'permission', operator: 'anyof', values: [stCustomRecordTypeId]}));
			log.debug('DEBUG', 'Custom Record Permission Filters: ' + JSON.stringify(arrFilters));
			var arrPermissionSearchResults = commonUtil.search('role', null, arrFilters, ['permission','level']);
			var stSublistType = serverWidget.SublistType.LIST;
			var stSublistPermission = serverWidget.FieldDisplayType.INLINE;
			log.debug('DEBUG', 'Custom Record Permission Results: ' + JSON.stringify(arrPermissionSearchResults));
			for(var intPermissionIndex = 0; intPermissionIndex < arrPermissionSearchResults.length; intPermissionIndex++)
			{
				var stPaymentRecordPermissionLevel = arrPermissionSearchResults[intPermissionIndex].getValue({name: 'level'});
				log.debug('DEBUG', 'Permission Level for ' + stCustomRecordTypeId + ':' + stPaymentRecordPermissionLevel);
				if(stPaymentRecordPermissionLevel > 1)
				{
					stSublistType = serverWidget.SublistType.INLINEEDITOR;
					stSublistPermission = serverWidget.FieldDisplayType.ENTRY;
					log.debug('DEBUG', 'Permission Granted!');
				}
				break;
			}
b

battk

03/31/2022, 1:28 PM
depends on how generic your solution needs to be
by default, its wrong for the owner of the custom record
they always have full permission
global permissions require you to also search the user's global permissions
and there are 2 other permission modals