ACL in CMDB

Go to solution
salu
Mega Guru

‎05-21-2017 10:31 PM

Hello,

I want restrict the write   and delete access for cmdb_ci table.I want to provide write   access only for when the user have cmdb_owner role or member of the assignment group of CI or assign_to of CI.

How can it achieved?

Can some one show a sample ACL for this?

Thanks

Saranya

Labels:
0 Helpfuls
  • 2,956 Views
1 ACCEPTED SOLUTION

Go to solution
Alikutty A
Tera Sage

‎05-21-2017 10:40 PM

You can create a table level write ACL on cmdb_ci with the following script in it.



answer = false;


if(gs.hasRole('cmdb_owner') || gs.getUser().isMemberOf(current.assignment_group) || gs.getUserID() == current.assigned_to){


  answer = true;


}





Thank You


Please Hit Like, Helpful or Correct depending on the impact of response


View solution in original post

6 REPLIES 6

Go to solution
Pradeep Sharma
ServiceNow Employee
ServiceNow Employee

‎05-21-2017 10:49 PM

Hello Saranya,



You have to configure the write and delete table ACL's on cmdb_ci and secure it via role and condition filter. No script required. Please refer screenshot for reference.


In roles, section add "cmdb_owner".


Condition filter:


Screen Shot 2017-05-21 at 10.48.11 PM.png



Reference:


http://wiki.servicenow.com/index.php?title=Using_Access_Control_Rules



Preview file
156 KB

Go to solution
salu
Mega Guru
In response to Pradeep Sharma

‎05-22-2017 12:01 AM

This solution was pretty simple


0 Helpfuls