ACL Question Please

Go to solution
Dave_p
Giga Guru

‎02-28-2025 04:59 AM

Hi,

I want to see that the 'short description' of the 'incident' is editable only by the 'Analytics Settings Manager' group. But when I impersonate Adela, she is also able to edit it. Kindly help.

 

a.png

 

Application Engine group

b.png

 

c.png

 

//sys_id of Analytics Manager group: 019ad92ec7230010393d265c95c260dd
if(gs.getUser().isMemberOf('019ad92ec7230010393d265c95c260dd')){
	answer=true;
}
else{
	answer=false;
}

 

d.png

0 Helpfuls
  • 638 Views
2 ACCEPTED SOLUTIONS

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron

‎02-28-2025 06:01 AM

@Dave_p 

are you sure that user is not part of that group?

Any other field level WRITE ACL is allowing the edit?

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader

View solution in original post

0 Helpfuls

Go to solution
Sandeep Rajput
Tera Patron
Tera Patron
In response to Dave_p

‎03-03-2025 05:44 AM

@Dave_p Did you check if there are any other ACL defined on the short description field which is allowing the access to the user here? You can use access analyser to find the ACL which is granting access on the short description field.

View solution in original post

0 Helpfuls
8 REPLIES 8

Go to solution
Dr Atul G- LNG
Tera Patron
Tera Patron

‎02-28-2025 05:22 AM

Hi @Dave_p 

 

https://www.servicenow.com/community/now-platform-forum/create-acl-for-group-access-only/td-p/247953...

 

https://www.servicenow.com/community/itsm-forum/need-to-write-an-acl-to-allow-only-members-of-partic...

 

https://www.servicenow.com/community/itsm-forum/create-an-acl-to-make-a-record-visible-to-only-those...

*************************************************************************************************************
If my response proves useful, please indicate its helpfulness by selecting " Accept as Solution" and " Helpful." This action benefits both the community and me.

Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/atul_grover_lng [ Connect for 1-1 Session]

****************************************************************************************************************

Go to solution
Rohit Singh
Mega Sage

‎02-28-2025 05:44 AM - edited ‎02-28-2025 06:22 AM

Hi @Dave_p ,

 

First check if the Adela is having ITIL or sn_incident_write role. If Yes

 

Then There must be total 3 ACL written on incident.description and Operation: "write"

 

You have to deactivate the one which have "sn_incident_write" because this ACL is again allowing user who have sn_incident_write role. ITIL role inherit this role. 

 

RohitSingh3_0-1740750168534.png

 

Also try to use: gs.getUser().isMemberOf('GROUPNAME')

 

If my response helped, please mark it helpful and accept the solution so that it benefits future readers.

 

Regards,
Rohit


 

Go to solution
Rohit Singh
Mega Sage
In response to Rohit Singh

‎03-03-2025 05:32 AM

Hi @Dave_p ,

 

Did you tried above solution.

If my response helped, please mark it helpful and accept the solution so that it benefits future readers.

 

Regards,
Rohit

 

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron

‎02-28-2025 06:01 AM

@Dave_p 

are you sure that user is not part of that group?

Any other field level WRITE ACL is allowing the edit?

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader
0 Helpfuls