Welcome to Community Week 2025! Join us to learn, connect, and be recognized as we celebrate the spirit of Community and the power of AI. Get the details  

All fields should be read only except one or two fields.

Go to solution
Supriya Mane
Tera Contributor

‎08-04-2022 12:18 AM

I have to make all fields read only for agent and admin only for alm_asset table. expect one field with write access.

0 Helpfuls
  • 3,123 Views
2 ACCEPTED SOLUTIONS

Go to solution
Mark Roethof
Tera Patron
Tera Patron

‎08-07-2022 09:32 AM

Hi there,

Any follow-up needed? Or was my answer sufficient?
Let me know.

If your question is solved, please close the topic by marking my answer as correct. This will help others searching for a similar question and will remove the topic from the unsolved list.

Kind regards,
Mark
2020-2022 ServiceNow Community MVP
2020-2022 ServiceNow Developer MVP

---

LinkedIn
Community article, blog, video list

 

Kind regards,

 

Mark Roethof

Independent ServiceNow Consultant

10x ServiceNow MVP

---

 

~444 Articles, Blogs, Videos, Podcasts, Share projects - Experiences from the field

LinkedIn

View solution in original post

0 Helpfuls

Go to solution
Jatin Ponnaluri
ServiceNow Employee
ServiceNow Employee

‎03-19-2023 12:48 PM

Hi @Supriya Mane ,

 

  1. Row-level ACLs are combined with the logical OR
  2. Field-level ACLs are combined with the logical OR
  3. The results of 1 &2 will be combined with the logical AND

    You might require 2, or 3 ACLs in a few cases, 
    i.  A field level tablename.* write operation ACL with requires role "nobody".  Which means nobody can edit all the fields.
    ii. A field level table.yourField write operation ACL with require roles "agent", "admin".  Which means only the desired roles can edit the field mentioned. 

    Now opening any of the above created ACL,  click Show ACL Execution Plan and check if any pre-existing row level ACL is present which might disrupt our scenario, if yes, ( In my case I had one default ACL which required admin role to pass) .. then, you might need another ACL as mentioned below.
    iii. create a row level  write operation ACL with require roles "agent", "admin". Which means users with roles agent or admin can write. 

    It evaluates to iii && (i || ii).

    If it helps please click Accept as Solution/hit the Thumb Icon.
    Thanks,
    Jatin

View solution in original post

0 Helpfuls
12 REPLIES 12

Go to solution
Mark Roethof
Tera Patron
Tera Patron
In response to Ankur Bawiskar

‎08-04-2022 12:37 AM

Hi Ankur,

What if there are already Access Controls in place? Then what you are mentioning is not complete, as other Access Controls could result in true?

Kind regards,
Mark

 

Kind regards,

 

Mark Roethof

Independent ServiceNow Consultant

10x ServiceNow MVP

---

 

~444 Articles, Blogs, Videos, Podcasts, Share projects - Experiences from the field

LinkedIn

0 Helpfuls

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron
In response to Mark Roethof

‎08-04-2022 12:43 AM

Hi,

that's correct there would be an impact and I mentioned the same to decide the approach based on complexity and use-case.

@Supriya Mane : Please check any other table level ACL/Field level ACLs are impacting and accordingly decide to take the approach.

In that case safer way is to use client script

Regards
Ankur

Regards,
Ankur
✨ Certified Technical Architect  ||  ✨ 9x ServiceNow MVP  ||  ✨ ServiceNow Community Leader
0 Helpfuls

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron
In response to Ankur Bawiskar

‎08-07-2022 08:31 AM

@Supriya Mane

Hope you are doing good.

Did my reply answer your question?

If my response helped please close the thread by marking appropriate response as correct so that it benefits future readers.

Regards
Ankur

Regards,
Ankur
✨ Certified Technical Architect  ||  ✨ 9x ServiceNow MVP  ||  ✨ ServiceNow Community Leader
0 Helpfuls

Go to solution
Pavankumar_1
Mega Patron

‎08-04-2022 12:43 AM

Hi,

You can do it with ACL and client script and UI policy.

ACL:

1. Create table level ACL and give admin role and create field level for those fields and provide the agent role for it.

2. Client script: create onload client script

function onLoad() {   

 if (g_user.hasRole("sn_esm_agent")) { //give agent role
        
        g_form.setReadOnly('field_name', true);
    } 
}

3. UI Policy : Create UI policy and make readonly for the all fields based on role

function onCondition() {

if (g_user.hasRole("sn_esm_agent")) { //give agent role
        g_form.setReadOnly('field_name', true);

}}

 

Hope it helps!!

Please Mark ✅ Correct if applicable, Thanks!! 

 

Regards

Pavankumar

If it helps please click Accept as Solution/hit the Thumb Icon.
ServiceNow Community MVP 2024.
Thanks,
Pavankumar
0 Helpfuls

Go to solution
Mark Roethof
Tera Patron
Tera Patron

‎08-07-2022 09:32 AM

Hi there,

Any follow-up needed? Or was my answer sufficient?
Let me know.

If your question is solved, please close the topic by marking my answer as correct. This will help others searching for a similar question and will remove the topic from the unsolved list.

Kind regards,
Mark
2020-2022 ServiceNow Community MVP
2020-2022 ServiceNow Developer MVP

---

LinkedIn
Community article, blog, video list

 

 

Kind regards,

 

Mark Roethof

Independent ServiceNow Consultant

10x ServiceNow MVP

---

 

~444 Articles, Blogs, Videos, Podcasts, Share projects - Experiences from the field

LinkedIn

0 Helpfuls