- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-04-2022 12:18 AM
I have to make all fields read only for agent and admin only for alm_asset table. expect one field with write access.
Solved! Go to Solution.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-07-2022 09:32 AM
Hi there,
Any follow-up needed? Or was my answer sufficient?
Let me know.
If your question is solved, please close the topic by marking my answer as correct. This will help others searching for a similar question and will remove the topic from the unsolved list.
Kind regards,
Mark
2020-2022 ServiceNow Community MVP
2020-2022 ServiceNow Developer MVP
---
LinkedIn
Community article, blog, video list
Kind regards,
Mark Roethof
Independent ServiceNow Consultant
10x ServiceNow MVP
---
~444 Articles, Blogs, Videos, Podcasts, Share projects - Experiences from the field
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-19-2023 12:48 PM
Hi @Supriya Mane ,
- Row-level ACLs are combined with the logical OR
- Field-level ACLs are combined with the logical OR
- The results of 1 &2 will be combined with the logical AND
You might require 2, or 3 ACLs in a few cases,
i. A field level tablename.* write operation ACL with requires role "nobody". Which means nobody can edit all the fields.
ii. A field level table.yourField write operation ACL with require roles "agent", "admin". Which means only the desired roles can edit the field mentioned.
Now opening any of the above created ACL, click Show ACL Execution Plan and check if any pre-existing row level ACL is present which might disrupt our scenario, if yes, ( In my case I had one default ACL which required admin role to pass) .. then, you might need another ACL as mentioned below.
iii. create a row level write operation ACL with require roles "agent", "admin". Which means users with roles agent or admin can write.
It evaluates to iii && (i || ii).
If it helps please click Accept as Solution/hit the Thumb Icon.
Thanks,
Jatin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-04-2022 12:22 AM
Hi,
I would suggest you write a table-level ACL to restrict and give field-level access to the users to who you want to show one or two fields.
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-04-2022 12:28 AM
First I tried with write *ACL and giving the role same as I want and for alm_asset table Then after I create one filed level ACL for Restricting the particular field but still it is not working. Please suggest

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-04-2022 12:24 AM
Hi there,
Most ideal would be Access Control. Though this could mean modifying a lot of (out-of-the-box) Access Controls.
Data policy could work, though the maintainable part is really poor.
UI Policy (using script) or Client Script would work perfect for maintainable / upgradeable, though is less secure and will impact performance.
So what do you want to use?
If my answer helped you in any way, please then mark it as helpful.
Kind regards,
Mark
2020-2022 ServiceNow Community MVP
2020-2022 ServiceNow Developer MVP
---
LinkedIn
Community article, blog, video list
Kind regards,
Mark Roethof
Independent ServiceNow Consultant
10x ServiceNow MVP
---
~444 Articles, Blogs, Videos, Podcasts, Share projects - Experiences from the field
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-04-2022 12:30 AM
Hi,
Multiple ways to do this. You can decide which one to take based on your use-case and complexity
1) ACL - Recommended
a) you will require table.* WRITE ACL with advanced script
Admin overrides - uncheck
Script:
if(gs.hasRole('agent') || gs.hasRole('admin'))
answer = false;
else
answer = true;
b) You will require Table.YourField Write ACL to allow the edit for this field only
Admin overrides - uncheck
Script:
if(gs.hasRole('agent') || gs.hasRole('admin'))
answer = true;
else
answer = false;
2) onLoad client script
function onLoad(){
if(g_user.hasRoleExactly('agent') || g_user.hasRoleExactly('admin')){
// make all editable fields as readonly
var fields = g_form.getEditableFields();
for (var x = 0; x < fields.length; x++) {
g_form.setReadOnly(fields[x], true);
}
// make that single field as editable
g_form.setReadOnly('your_field', false);
}
}
Regards
Ankur
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader