Understanding user criteria for event types in Workforce Optimization for ITSM

  • Release version: Xanadu
  • Updated August 1, 2024
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Understanding user criteria for event types in Workforce Optimization for ITSM

    This guide explains how to manage user access rights for different event types within Workforce Optimization for ITSM’s team calendar, including meetings, training, and time-off requests. It enables you to control Create, Read, Update, and Delete (CRUD) permissions based on user criteria, allowing precise management of who can perform specific actions on event types.

    Show full answer Show less

    Key Features

    • Role-Based Default Access: Users have default access managed by roles, with team members typically restricted from reading "Actual work" event types.
    • User Criteria for Flexibility: You can define inclusion and exclusion criteria to override default role-based access, granting or restricting CRUD operations for individual users, groups, or roles.
    • Inclusion and Exclusion Logic: The system first checks exclusion criteria—if exclusion is true, access is denied. If not excluded, inclusion criteria determine if access is granted, requiring at least one inclusion user criterion to be true and role access confirmed.
    • CRUD Operations Controlled: Each Create, Read, Update, and Delete operation can be managed separately through user criteria.
    • Manage Access Precisely: You can create user criteria records to specify exactly which users, roles, or groups have access to each event type.

    Practical Application for ServiceNow Customers

    • Customizing Team Member Permissions: If team members cannot edit work shifts by default, use user criteria to grant them the necessary rights without broad role changes.
    • Restricting Irrelevant Events: Limit event visibility so users only see event types relevant to their responsibilities, improving calendar clarity and security.
    • Verifying Permissions: Check individual or group CRUD rights to ensure proper access is granted, avoiding unauthorized changes or viewing of sensitive event data.

    Key Outcomes

    By using user criteria for event types, you gain granular control over event management permissions within Workforce Optimization for ITSM. This ensures that users have appropriate access aligned with their roles and responsibilities, enhancing security and operational efficiency in managing team calendars.

    Manage user access for any event type such as meeting, training, and time-off requests in the team calendar.

    You can include or exclude Create, Read, Write or Update, and Delete (CRUD) rights for event types using the inclusion and exclusion user criteria access. You can perform the CRUD operations for users, groups, or roles.
    Note:
    By default:
    • Users have role-based access to manage event types.
    • Team members don’t have read-access to events of type Actual work.
    For additional flexibility around managing the CRUD access, you can set the user criteria for each event type. For example, if team members don't have access to edit their work shifts using their role-based access, you can set that access using user criteria. You can set this access for specific team members or for the whole group.

    The flow diagram shows the logic on how inclusion and exclusion user criteria access work for event types.Infographic that describes the user criteria access for event types flow. The text that describes the flow follows this infographic.

    How inclusion and exclusion user criteria access works
    When the user criteria rules get evaluated, it's done in the following order:
    1. The system first evaluates the exclusion access for each criteria.
      • If the exclusion access for a CRUD operation is set to true, then the system evaluates the user criteria.
        1. If the user doesn’t have access based on their role, then the user is denied access for the specific CRUD operation.
        2. If the user isn’t denied access, then the system evaluates the inclusion criteria.
      • If the exclusion access for a CRUD operation is set to false, then the system evaluates the inclusion criteria.
    2. For the inclusion access, for a specific CRUD operation such as Create, the system checks if at least one of the inclusion user criteria is set to true. If yes, then the system evaluates the user criteria based on the user's role access.
      • If the user:
        • Has access for the CRUD operation based on their user role, then the user can perform that action. For example, if the event type is training and the CRUD operation is Create then the user can create the training event types.
        • Doesn’t have access for the CRUD operation based on their user role, then the user can’t perform that action.
      • If at least one of the inclusion criteria isn’t set to true, the user doesn’t have access to the specific CRUD operation. In this example, the user can’t create the training event types.
    Note:
    The exclusion access always takes precedence over the inclusion access. If no inclusion or exclusion access is set, then the role-based access is used for managing event types.