ACL not restricting data

Anubhav24 · ‎09-11-2023

Hi All,

I have a custom table which has table.none and table.* ACLs with custom roles to restrict access.

Now I want to show only those records to the logged in user if the user is part of the Assignment group on the record.

Created an ACL as table.* and in conditions mentioned assignment group is(dynamic) one of my groups, and added the role which is needed to give read/view access on the table.

Result : The records are not restricted and user is able to see other assignment group records as well of which user is not part of.

Tried debugging it all ACLs are being passed by the user. Should I write the condition in the script tab ? Going to try this next.

Siva Jyothi M · ‎09-11-2023

Hi @Anubhav24,

You can modify the existing ACL, but this will change the access to all the roles in the ACL.

Mark this answer as correct and helpful if it solves your issue.

Regards,

Siva Jyothi.

Anubhav24 · ‎09-11-2023

Exactly but what the best in this case to resolve this situation , to create a new ACL is that a solution but that is being overridden I think.

How do we solve this situation ? Do you have any solution to this ?

Siva Jyothi M · ‎09-11-2023

Hi @Anubhav24,

The existing ACL has 4 roles in it, are you looking for restricting the data relevant to their assignment groups for all the 4 roles?

If you are restricting the data for all the 4 roles, you can modify the existing ACL.

Suppose, if you are looking for only 1 role, remove the 1 role from the existing ACL and create a new ACL with this one role for restricting the data.

Mark this answer as correct and helpful if it solves your issue.

Regards,

Siva Jyothi.

Manisha Reddy K · ‎09-11-2023

Hi @Anubhav24 ,

You can also write a before query business rule instead of ACL and it works.

Performance is also good. Mark this as helpful if it helps.