ACL: Allow Incident watch list member write access to watch_list

perkinsarm · ‎11-17-2016

We can add users to Incident Watch lists to make the incident known to them. We would like to give them the privilege to remove themselves from that watch list or add others.

Testing the condition Watch list contains javascript:gs.getUserID() doesn't work. I'm assuming this is because the watch_list is a glide list.

I have tried to write a script, but this is not working.

var arrayUtil = new ArrayUtil();

var watch_list_arr = current.watch_list.split(',');

if (watch_list_arr.length) {

answer = arrayUtil.contains(watch_list_arr,gs.getUserID());

} else {

answer = false;

}

On a related note, what is the best way to debug an ACL script? I've tried gs.print statements but am not finding any output.

cameronrichard · ‎11-18-2016

Hi Bradley,

The first thing to check, is the new ACL active?

How do you know it isn't firing, through Debug Security Rules?

Thanks,

Cameron

perkinsarm · ‎11-18-2016

The rule was active.

I also placed gs.addInfoMessage statements on the two main Incident.* table write ACLs and the 3 Incidient.watch_list write ACLs. The new one never fired. The other four did.

After that, I turned off the incident.watch_list write rule that used the condition builder and rewrote that in a script. I added the watch_list member condition and while the two original conditions still worked I could never enable the watch list for members that weren't call, opener, or fulfiller.

It appears that in a case where the current user is not the incident caller, opener, or fulfiller (assigned_to) the record opens in a purely read only state and none of the write rules ever fire. It doesn't matter if the current user/watchlist member is a roled user or not. I spent the better part of a day on this yesterday and eventually gave up.

Allowing all incident watch list members to manage their watch lists is desirable, but a lower priority at this time. This is an edge case. If they need to be removed they have the options to (1) join and request removal via the Incident records Live Feed, or (2) respond via email with a removal request to any incident notification. We'd love to provide the feature, but can live with these options for now.

nimakey · ‎06-29-2017

Hi Bradley,

try the following on your condition builder and let me know if that worked.

Thanks

Nima

BryanS413339635 · ‎09-07-2017

Did you find a solution to this?

Douglas Mines · ‎07-13-2018

I had this issue earlier today with the ACL simply ignoring this field; to resolve it, I cleared the attributes from the dictionary entry for the column, saved, then re-entered and re-saved. Fixed it for me; YMMV.

Noticed that the "show field" right-click menu in the system gave different attributes to the ones actually on the dictionary table entry.