ACL not working for a new table which only a specific group can see.

snow_beginner · ‎11-24-2023

Hi,

I have a story with the following requirements:

-Create a new table with some fields which will hold data - I have done that and made a table, it is in global scope and is not extended from any other table as per the requirements.

- Create / Read / Update Access is required ONLY for BUS.INSURANCE.WEALTH-SUPPORT user group.

I am stuck in the ACL and am not sure what to do. Initially I created a read ACL with the following script:

answer = checkGroupMember();

var groupSysId = gs.getProperty("experian.bancs.bus.insurance.wealth.group.sysid");

var grGroup = new GlideRecord("sys_user_group");

var groupName = "";

if (grGroup.get(groupSysId)) {

groupName = grGroup.name.toString();

}

function checkGroupMember() {

if (gs.getUser().isMemberOf(groupName)) {

return true;

} else {

return false;

}

But when I impersonate anyone in that group I am unable to create a record in the table and the one that I created as admin I can see any of the fields on there at all. I have attached a photo of what the table is meant to look like (1) and what it looks like when I impersonate someone in the group (2)

What do I do and what am I doing wrong? Do I need to make 3 ACL (read, write and update)? The group has the role itil in it. Please help I am very stuck on this.

Sandeep Rajput · ‎11-24-2023

@snow_beginner Please update your script as follows.

var groupSysId = gs.getProperty("experian.bancs.bus.insurance.wealth.group.sysid");
var grGroup = new GlideRecord("sys_user_group");
var groupName = "";
if (grGroup.get(groupSysId)) {
   groupName = grGroup.name.toString();
}
answer = checkGroupMember(groupName);
function checkGroupMember(groupName) {
    if (gs.getUser().isMemberOf(groupName)) {
        return true;
    } else {
        return false;
    }
}

Please mark my answer helpful and correct if it manages to address your issue.

View solution in original post

Sandeep Rajput · ‎11-24-2023

@snow_beginner You need to apply the same script in write and create ACL too.

Last but not the least, upvote and mark my solution as correct answer.

View solution in original post

Sandeep Rajput · ‎11-24-2023

@snow_beginner Please update your script as follows.

var groupSysId = gs.getProperty("experian.bancs.bus.insurance.wealth.group.sysid");
var grGroup = new GlideRecord("sys_user_group");
var groupName = "";
if (grGroup.get(groupSysId)) {
   groupName = grGroup.name.toString();
}
answer = checkGroupMember(groupName);
function checkGroupMember(groupName) {
    if (gs.getUser().isMemberOf(groupName)) {
        return true;
    } else {
        return false;
    }
}

Please mark my answer helpful and correct if it manages to address your issue.

snow_beginner · ‎11-24-2023

Thanks so much! That has made it so that the impersonated user can see the table and the record too and everything looks great. The only issue is that all the fields are read only for them I think they need to be editable as well. Do I need to change that read acl to create or update or make a new one for create and update?

Pic attached of what user sees now (3)

Sandeep Rajput · ‎11-24-2023

@snow_beginner You need to apply the same script in write and create ACL too.

Last but not the least, upvote and mark my solution as correct answer.

IronPotato · ‎11-24-2023

Hi @snow_beginner ,

I guess that you are practicing ACL scripts but why you are trying to script it, if this can be done by 3 clicks via GUI in studio?