- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-05-2020 07:18 PM
Which one statement correctly describes access control rule evaluation?
A. if a row level rule and field level rule exist, both rules must be true before an operation is allowed
B. the role with the most permissions evaluate the rules first.
C. if more than one rule applies to a record the older rule is evaluated first.
D. Table access rules are evaluated from the general to the specific.
I am confused with the choces
Solved! Go to Solution.
- Labels:
-
Personal Developer Instance
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-05-2020 07:29 PM
Hi,
Answer for this question is A. if a row level rule and field level rule exist, both rules must be true before an operation is allowed.
As an example of read access:
If the row allows access and the field denies, you could end up with a list of empty rows (just icons down the left).
If the row denies access and the fields allow, then you get nothing.
Reference:
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-05-2020 07:29 PM
Hi,
Answer for this question is A. if a row level rule and field level rule exist, both rules must be true before an operation is allowed.
As an example of read access:
If the row allows access and the field denies, you could end up with a list of empty rows (just icons down the left).
If the row denies access and the fields allow, then you get nothing.
Reference:
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-05-2020 07:35 PM
Hi,
Option A is correct for your question.
For more information you can check evaluation order of ACL.
ACL evaluation process
An ACL rule only grants a user access to an object if the user meets all of the permissions required by the matching ACL rule.
- The condition must evaluate to true.
- The script must evaluate to true or return an answer variable with the value of true.
- The user must have one of the roles in the required roles list. If the list is empty, this condition evaluates to true.
- [Record ACL rules only] The matching table-level and field-level ACL rules must both evaluate to true.
Mark correct/helpful based on impact.
Thanks,
Dhananjay.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-05-2020 07:38 PM
Hi,
Option A is correct.
A. if a row level rule and field level rule exist, both rules must be true before an operation is allowed.
Please check the below link for reference.
https://community.servicenow.com/community?id=community_blog&sys_id=24ad62a9dbd0dbc01dcaf3231f961932
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-05-2020 08:55 PM
Hi,
I see you're posting several questions in this format that appear to be from an assessment. Please search the forums and documentation for this.
Thank you!
Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!
