The user can add CI relationship

NajiASR
Tera Contributor

best community,

In Business Service form the user how have a role to write can add CI relationship.

can be possible to let the user add CI relationship with out have this role.

I want to let the user add CI relationship without changing anything in the record

kind regards

2 REPLIES 2

Dr Atul G- LNG
Tera Patron
Tera Patron

Hi @NajiASR 

No mate, in ServiceNow, roles work at the table level—not at the form level. If you want to restrict access, you’d need to look into ACLs or Business Rules. However, that approach adds technical debt. It’s generally better to guide or educate users and use the system as designed.

*************************************************************************************************************
If my response proves useful, please indicate its helpfulness by selecting " Accept as Solution" and " Helpful." This action benefits both the community and me.

Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/atul_grover_lng [ Connect for 1-1 Session]

****************************************************************************************************************

Rafael Batistot
Tera Sage

Hi @NajiASR

 

Here some options the may you try 

 

 

1. ACL on CI Relationship Table (cmdb_rel_ci)

  • The relationships are stored in the cmdb_rel_ci table, not directly in the Business Service record.
  • You can create a new Write ACL on cmdb_rel_ci where condition = source or target is a Business Service.
  • Grant access via a custom role (e.g., ci_relationship_editor) only for relationship creation.
  • This way, the user doesn’t need write access on the Business Service itself, only permission to create relationships.

2. UI Action or Custom Related List

  • You can build a custom UI Action or UI Page that allows users to add relationships (calls a script to insert into cmdb_rel_ci).
  • Display this on the Business Service form so they feel like they’re adding relationships, but technically you’re bypassing the form’s write restriction.

 

3. Delegated Admin / Scoped Role

  • If you want finer control, create a new role and assign it only to relationship creation.

• Add this role in the cmdb_rel_ci ACLs (Create/Write) but not in cmdb_ci_service.