Client Script Role Restrictions
Client scripts respect the role permissions specified in the user's NetSuite account. An error is thrown when running a client script to access a record with a role that does not have permission to view or edit the record.
The following client script attaches to a custom sales order form and executes when the fieldChanged entry point is triggered:
/**
* @NApiVersion 2.x
* @NScriptType ClientScript
*/
define(['N/search'],
function(search) {
function getSalesRepEmail(context) {
var salesRep = context.currentRecord.getValue({
fieldId: 'salesrep'
});
var salesRepEmail = search.lookupFields({
type: 'employee',
id: salesRep,
columns: ['email']
});
alert(JSON.stringify(salesRepEmail));
}
return {
fieldChanged: getSalesRepEmail
}
});
If you are logged in with an administrator role, you receive the alert when you load the sales order with this form. If you are logged in with a role that does not have permission to view/edit Employee records, you receive an error when you select the Sales Rep field.
The following considerations can help prevent users from receiving the error:
-
Consider the types of users who may be using your custom form and running the script.
-
Consider which record types users do not have access to. If it is vital that all who run the script have access to the records in the script, you may need to redefine the permissions of the users (if your role is as an administrator).
-
Consider rewriting your script so that it only references record types that all users have access to.
-
Consider writing the script as a user event script, and set the Execute As Admin preference on the Script Deployment page. Note that alerts are a function of client scripts only and cannot be used in user event scripts. For more information about user event scripts, see SuiteScript 2.x User Event Script Type.