Find your people. Pick a challenge. Ship something real. The CreatorCon Hackathon is coming to the Community Pavilion for one epic night. Every skill level, every role welcome. Join us on May 5th and learn more here.

Access Controls: Table.none vs Table.* - what's the difference

martinsk
Mega Expert

‎10-06-2017 03:58 AM

Hi

Can someone clarify the difference is between a field-level acl in the form table.* and a record-level acl for that table? I'm assuming the wildcard scoops up all fields in the table, so what is it achieving that the table-level one isn't?

Thanks in advance.

Martin

  • 11,525 Views
11 REPLIES 11

Prathmeshda
Tera Guru

‎01-12-2026 01:34 AM

Hello @martinsk 
Table.none: This is a row-level ACL. It controls whether a user can access the records (rows) of a specific table. Think of it as the gatekeeper to the entire set of data within a table. If a user does not have the necessary permissions granted by a Table.none ACL, they will not be able to see or interact with any records in that table, regardless of field-level permissions.
Table.*: This is a field-level ACL. It acts as a wildcard, applying to all fields on the specified table. It controls whether a user can access the individual data points (fields) within the records of that table. This ACL comes into play after a user has been granted row-level access through a Table.none ACL (or other means).

Scenario : Read Access with Table.none and Table.* (Admin)

Now, let's say you have the same READ ACL with Table.none for both Admin and ITIL, and you add another READ ACL with Table.* specifically granting access to the Admin role.
Result: Both Admin and ITIL users will still be able to view all Incident records and their fields. The Table.none ACL already provides row-level access. The addition of Table.* for Admin explicitly grants read access to all fields, which they already had implicitly. It doesn't change the outcome in this scenario.

Table.none is like having the key to enter the building itself. Without this key, you cannot access any of the rooms inside.
Table.* is like having permission to see the contents of all the rooms inside the building. However, this permission is useless if you don't have the key to get into the building in the first place

If this response proves useful, please mark it as Accept as Solution and Helpful. Doing so benefits both the community and me. 👍🙂

Vishal Jaswal
Giga Sage

Friday

Hello  

When you select ACL Operation (let's say) as read, Name as Incident and None -> Then you are doing it for List view (records). This means you won't be able to see any count as how many incidents are there and not even can search via global search (icon at top right):

Before ACL:
11.jpg
After ACL:
12.jpg13.jpg14.jpg18.jpg


When you select ACL Operation (let's say) as read, Name as Incident and * -> Then you are doing it for Field Level which means on the list view you can still see the counts but all the fields/columns will be hidden for you. You can search any incident however it will not show any field to you:

15.jpg16.jpg17.jpg

Let's say you want to provide reporting team the capability to retrieve the count of incidents created everyday however don't want reporting team to see any incident field and it's value -- then the table.*

Let's say you don't want anyone to search, view, edit, report (export) on specific incidents, then you can use table.NONE


Hope that helps!
0 Helpfuls