- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-24-2018 02:22 PM
Hi all,
I created an ACL on the sc_req_item table to restrict write access of Variables to only itil users. Other ACLs on sc_req_item also require itil role to write, so I don't see another ACL overriding this one. The problem is a user without the itil role is still able to go to their requested item and change the variables. Anyone else have this problem? Is there something about variables that does not work with ACLs?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-25-2018 06:24 AM
If you've looked over those ACLs, as you said you did, and even created a write ACL, and that's not working, then you'd have to use my method. ACLs SHOULD work, but I can't go against what you're saying if you've said you've already looked through all current ACLs and made a new one...
If you aren't 100% confident in that, I would highly recommend looking at your RITM ACLs again, look at the write ACLs for that table and see what the conditions/scripts say. You could look in to creating a new write ACL for the table, but also field variables, and then add the role condition of ITIL or whatever you wanted.
Please mark my other reply as Helpful, as you've said it was, and if this was the correct answer, if don't mind marking it as Correct. Thanks! 🙂
Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-24-2018 02:42 PM
Hi,
This documentation should help you: https://docs.servicenow.com/bundle/kingston-it-service-management/page/product/service-catalog-manag...
Please mark reply as Helpful/Correct, if applicable. Thanks!
Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-25-2018 05:27 AM
This does work and is very helpful thanks. The only problem is I would have to do this for every variable and any variables made in the future. Is there not a way to do it for all variables by using an ACL?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-25-2018 06:24 AM
If you've looked over those ACLs, as you said you did, and even created a write ACL, and that's not working, then you'd have to use my method. ACLs SHOULD work, but I can't go against what you're saying if you've said you've already looked through all current ACLs and made a new one...
If you aren't 100% confident in that, I would highly recommend looking at your RITM ACLs again, look at the write ACLs for that table and see what the conditions/scripts say. You could look in to creating a new write ACL for the table, but also field variables, and then add the role condition of ITIL or whatever you wanted.
Please mark my other reply as Helpful, as you've said it was, and if this was the correct answer, if don't mind marking it as Correct. Thanks! 🙂
Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-25-2018 05:57 AM
Hi Kedler,
You don't need to create an ACL for that,you need to update existing ACL on write operation.
Have you check existing ACL on write operation?
