Workaround For GlideRecord SetWorkflow(false) Issue

As part of the GlideRecord API comes the function setWorkflow(false) .

If you’ve never used this before, essentially this function switches off the running of any subsequent business rules or workflows. This is really useful in a number of scenarios, for example when you need to update a lot of records in bulk and do not want emails to be automatically sent out for each one.

I’ve been recently working on archiving and using the OOB implementation was just too slow for us (OOB was taking approximately 5 minutes to archive one incident and 5 tasks, my custom one now archive 150 incidents, 500 tasks, all audit records, journal records, attachments etc, in less than a minute).

But while doing this, I needed to delete records from one place in ServiceNow and put them somewhere else. I didn’t want it audited that I deleted these records nor did I want business rules being triggered on the back of the deletions. So away I went setting setWorkflow(false) when deleting everything but this is where I stumbled across an issue… the business rules still ran, as did auditing!!

So I decided to dig a bit further, and I discovered that setWorkflow(false) doesn’t ALWAYS switch off business rules. Let me explain….
Continue reading

iFrame Not Resizing In CMS

Not sure who here is working on content management pages using iFrames but there is a bug within SN (i think only becomes an issue in IE rather than firefox, but I can’t remember since they’ve blocked firefox useage here). The issue is that when the iframe is loaded, the size of the iframe automatically gets resized according to the content of the form.

Working in the CMS, you’ll probably be using iFrames a lot, Even though they’re out of fashion now, they do the job for what we need in ServiceNow. Except in one scenario. Let me explain…
Continue reading

Client Side GlideRecord Security


This bug had me scratching my head and pulling my hair out for a good couple of days before I finally realised there must be a bug. Let me explain….

Server side GlideRecords do not adhere to ACLs. For example, if you have a write rule on a field which prevents anyone from writing to this field, if a UI action attempted to write to this field using a server side GlideRecord it would work just fine.

This is intended as an end user cannot run custom GlideRecords themselves so any attempt at any CRUD (create, read, update and delete) operation is actually intended by the ServiceNow implementer.

As anyone can write a custom client side GlideRecord using any browsers javascript console, client side GlideRecords must follow and evaluate all CRUD rules. So far so good right? Wrong! CRUD rules on client side GlideRecords aren’t evaluated quite right!

Continue reading