How to grant access to a particular group?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-23-2024 11:04 PM
Hi everyone!
I've created a field called "Management Group" with a ref qualifier of type "IRM" on the Entity form. This form should be visible only to members of the Management Group. Additionally, Entity records can be modified by the Entity Owner and members of the Management Group. If the Management Group isn't defined, only the Entity Owner should have write access.
How do I configure this? Can anyone help me?
Thank you!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-27-2024 01:09 AM
Hello @planetium79
So, you need to handle this via Security rules such as ACL's. You need to implement read and write ACL.
In both the ACL's use the below script:
var answer = (gs.getUser().isMemberOf(current.getValue('management_group')) || gs.getUserID() == current.getValue('owner')); // replace the management group and owner with actual field names(=tested)
Hope it helps:)
Murthy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-29-2024 04:33 AM
Hi @planetium79,,
you'll need to create the appropriate access control rules (ACLs) and use UI policies.
1.Create an ACL for Form Visibility use following script :
var userGroups = gs.getUser().getMyGroups();
if (current.Management_Group) {
return userGroups.contains(current.Management_Group);
} else {
return current.entity_owner == gs.getUserID();
}
2.Create an ACL for Write Access :
var userGroups = gs.getUser().getMyGroups();
if (current.Management_Group) {
return userGroups.contains(current.Management_Group) || current.entity_owner == gs.getUserID();
} else {
return current.entity_owner == gs.getUserID();
}
3.Create a UI Policy to Hide the Management Group Field for Unauthorized Users:
var userGroups = g_user.groups.split(',');
if (g_form.getValue('management_group')) {
if (!userGroups.includes(g_form.getValue('management_group'))) {
g_form.setDisplay('management_group', false);
}
}
4.Create a UI Policy Action:
select Field name as Management Group and make Visible False
If you find my response helpful, please consider marking it as the 'Accepted Solution' and giving it a 'Helpful' rating. Your feedback not only supports the community but also encourages me to continue providing valuable assistance.
Thanks,
Pooja Manchekar
