A question about OnCellEdit client script and a role-based condition

mitzaka · ‎09-14-2015

Hi SNC,

I want to restrict all users but the ones having a certain role from being able to edit the 'state' field in incidents, when double-clicking in the list views.

Could I use an OnCellEdit script and have the role condition in there? Has anyone tried that?

Thanks!

Pradeep Sharma · ‎09-14-2015

Hi Dimitar,

Thanks for the update. You have to create a ACL of operation type "list_edit" and then restrict based on roles.

http://wiki.servicenow.com/index.php?title=Using_Access_Control_Rules#gsc.tab=0

View solution in original post

Pradeep Sharma · ‎09-14-2015

Hi Dimitar,

The best way would be to restrict based on list_edit operation. You can have the aappropriate script logic and restrict it. More info here.

Using Access Control Rules - ServiceNow Wiki

However if you still want to restrict it based on OnCellEdit then the script will be. Create a OnCellEdit client script on state

function onCellEdit(sysIDs, table, oldValues, newValue, callback) {


   var saveAndClose = true;


   //Type appropriate comment here, and begin script below


   var role = g_user.hasRole('rolename');


   if (role)


   return false;


   callback(saveAndClose);


}

mitzaka · ‎09-14-2015

Sounds fair, although how would I define that I want to create an ACL which is only for the bulk edition (editing many rows)?

I mean for the ACL - man, you are quick?:)

Pradeep Sharma · ‎09-14-2015

Hi Dimitar,

Thanks for the update. You have to create a ACL of operation type "list_edit" and then restrict based on roles.

http://wiki.servicenow.com/index.php?title=Using_Access_Control_Rules#gsc.tab=0

mitzaka · ‎09-14-2015

I crated a list_edit ACL and set the condition to have my role, but it does not seem to work. I am still getting the 'security preventing...' message. I tried the onCellEdit client script as well, but I get the same "result". How would you debug that?