CSA question

Salomao_ · ‎04-30-2024

An administrator creates “customer_table_admin” and “customer_table_user” roles for the newly created "Customer Table”. Which ACL rule would grant access to all rows and all fields to both the customer_table_admin and customer_table_user roles?

A. customer.none
B. customer.all
C. customer.field
D. customer.*

Wind0004 · ‎04-30-2024

Hi Salomao,

The answer would be D.

Table.* is a field level ACL which gives Access to all field on that table.

Table.none is a row level ACL which allows you to access records.

Both are table level ACL, But the thing is * is a wild card entry. Suppose None is restricting table level access and you provide access by using * , system can allow you to do the work.

Please mark it as helpful/correct if it helps for you.

Regards,
Wind

Amitoj Wadhera · ‎04-30-2024

Hi @Salomao_ ,

D. customer.* - This ACL rule would grant access to all rows and all fields in the "Customer Table" for users with the customer_table_admin and customer_table_user roles.

By using the customer.* ACL rule, you specify that access should be granted for all fields and all rows of the "Customer Table" to the roles specified in the ACL. This is a broad permission, so be sure to apply it judiciously to maintain security and access control in your ServiceNow instance.

Please mark as accepted solution/helpful if my response is helpful enough

Regards,

Amitoj

Sandeep Rajput · ‎04-30-2024

@Salomao_ The correct answer is

D. customer.*

sreeram_nair · ‎01-11-2025

customer.none means that you are applying the ACL at the table level.

customer.* means that you are applying this for all rows/fields on that table which don't have their own specific customer.field ACL.

ɪꜰ ᴍʏ ᴀɴꜱᴡᴇʀ ʜᴀꜱ ʜᴇʟᴘᴇᴅ ᴡɪᴛʜ ʏᴏᴜʀ Qᴜᴇꜱᴛɪᴏɴ, ᴘʟᴇᴀꜱᴇ ᴍᴀʀᴋ ᴍʏ ᴀɴꜱᴡᴇʀ ᴀꜱ ᴛʜᴇ ᴀᴄᴄᴇᴘᴛᴇᴅ ꜱᴏʟᴜᴛɪᴏɴ ᴀɴᴅ ɢɪᴠᴇ ᴀ ᴛʜᴜᴍʙꜱ ᴜᴘ.

ʙᴇꜱᴛ ʀᴇɢᴀʀᴅꜱ

ꜱʀᴇᴇʀᴀᴍ