Access to risk owner and delegate to all the controls which are mapped to risk they own.

TheGOAT
Tera Contributor

Hi, What i want is that the risk owner or delegate can see all the controls which are mapped to risk they own. They are related by a m2m table. I tried creating read acl on control table with script but its not working the script part is getting skipped ? Can anyone suggest me how to give access?

2 REPLIES 2

cartergray7
Kilo Contributor

Check if another ACL is matching before your scripted ACL, as that can prevent your script from running. Also make sure the user can read the M2M records. If needed, a before-query Business Rule may be a simpler way to restrict controls to a risk owner.

pr8172510
Kilo Sage

Hi @TheGOAT,

In my case, the custom Read ACL script was never executed because an existing OOTB ACL was being evaluated first. I used Debug Security Rules to identify which ACL was taking precedence.

After reviewing the ACL evaluation order, I created a more specific ACL to handle my use case, allowing access only when the current user was the Risk Owner or Risk Delegate for a Risk mapped to the Control through the M2M table. That resolved the issue in my instance.

 check

 

  • Debug Security Rules to see which ACL is being evaluated.
  • Whether an existing OOTB ACL is taking precedence over your custom ACL.
  • The table hierarchy and field-level ACLs, as they can also affect ACL evaluation.