ACL to restrict access on a particular choice /status value ?

Go to solution
SAS21
Tera Guru

‎07-25-2023 11:23 PM

I have a requirement that if status is 'Completed' then only sysadmin can update status for such records

EG:  if Incident status is Completed, only System admin can edit the status but it should be restricted for Incident manager role only when status is completed.

Where as Incident manager role has access to all the fields on the form via *acl. 

I have tried this but its not working. 

Admin Overrides is checked 

Write operation

selected the required field 'Status'

if (current.u_status == 'Deleted') {
if ((gs.getUser().hasRole('x_critcinc_manager')) || (gs.getUser().hasRole('x_mim_manager'))) {
answer = false;
}
} else {
answer = true;
}

 

Please suggest. Is it possible to restrict the specific choice for a specific role ?

 

Appreciate the Help

 

0 Helpfuls
  • 1,970 Views
1 ACCEPTED SOLUTION

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron
In response to SAS21

‎07-26-2023 03:45 AM

@SAS21 

you cannot control choices from ACL.

Better have field level WRITE ACL and then have Before update to check if choice value change is allowed

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader

View solution in original post

0 Helpfuls
8 REPLIES 8

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron

‎07-25-2023 11:43 PM

@SAS21 

you can restrict field using field level WRITE ACL but not choice

to handle choice value you can use before update BR and stop the update by checking the role etc

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader
0 Helpfuls

Go to solution
Nishita Padwal
Tera Contributor

‎07-26-2023 12:02 AM - edited ‎07-26-2023 12:16 AM

Hello @SAS21 -
Well, I think you can achieve this using the client script as well. This is suitable when the requirement is to restrict the user on opening of the form. I would suggest not touching ACLs for such kind of requirements.

The client script would be something like this: (Type= onLoad)

 

if(g_form.getValue('status') == 'Completed'){
   if(!g_user.hasRole('admin')){
         g_form.setReadOnly('status', false); 
   }
}

 

If my answer helps, please mark it as correct.

Thanks,
Ni**bleep**a.

0 Helpfuls

Go to solution
SAS21
Tera Guru
In response to Nishita Padwal

‎07-26-2023 12:34 AM - edited ‎07-26-2023 12:35 AM

Hi ,Thank you for replying.
Just One field with choices 
function onLoad() {
    //Type appropriate comment here, and begin script below
    var status = g_form.getValue('u_inc_status');
if((status == 'Completed' && (!g_user.hasRole('admin'))))
    {
        g_form.setReadOnly("u_inc_status", true);
    }
}
 
 
This is working only after clicking on Save. my requirement is  Status field should become readonly whenever the choice is selected as Completed. Am i missing something?
0 Helpfuls

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron
In response to SAS21

‎07-26-2023 01:47 AM

@SAS21 

your script is onLoad so it will work only once when form loads

 

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader
0 Helpfuls