- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-27-2025 05:04 AM
Hi everyone , I have a use case of ACL . So can please help me for this
use case -
A User having a particular role(ITIL role) should not be able to attach a attachment/file through attachment option which is available on the incident form .
Thank You
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-27-2025 06:26 AM
try an ACL on sys_attachment table.
script would be similar to this deaft:
if (gs.getUser().hasRoleExactly(“itil”) {
Answer = false;
} else {
answer = true;
}
let me know if you have any progress.
ps: hasRoleExactly(itil) will be evaluated false by admin, the user must have explicitly assigned this particular role, no inheritance is taken to consideration.
if you want to consider inheritance, go with hasRole(“itil”);
/* If my response wasn’t a total disaster ↙️ ⭐ drop a Kudos or Accept as Solution ✅ ↘️ Cheers! */
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-27-2025 09:49 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-27-2025 09:55 AM
@AkashKushwah Yes, absolutely.
it’ll might require some tweaks, but custom of ootb it works the same.
even for a custom app/table, set of access roles are auto-created.
example, my custom table is called vinegar, it will be created vinegar.user, vinegar.admin and vinegar.manager (not sure how exactly but some 3 basic roles are autocreated) and these are a part of the ACL, so you can adjust together with this or create new from scratch
/* If my response wasn’t a total disaster ↙️ ⭐ drop a Kudos or Accept as Solution ✅ ↘️ Cheers! */
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-27-2025 10:14 AM
Hi there AkashKushwah
You can handle this with a Create ACL on the sys_attachment table. Just block users with the itil role from adding attachments to the incident table.
like this
if (gs.hasRole('itil') && current.table_name == 'incident') {
answer = false;
} else {
answer = true;
}
:
Kind Regards,
Mohamed Azarudeen Z
Developer @ KPMG
Microsoft MVP (AI Services), India
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-27-2025 06:26 AM
try an ACL on sys_attachment table.
script would be similar to this deaft:
if (gs.getUser().hasRoleExactly(“itil”) {
Answer = false;
} else {
answer = true;
}
let me know if you have any progress.
ps: hasRoleExactly(itil) will be evaluated false by admin, the user must have explicitly assigned this particular role, no inheritance is taken to consideration.
if you want to consider inheritance, go with hasRole(“itil”);
/* If my response wasn’t a total disaster ↙️ ⭐ drop a Kudos or Accept as Solution ✅ ↘️ Cheers! */
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-27-2025 09:49 AM
Can i also use this script for custom form?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-27-2025 09:55 AM
@AkashKushwah Yes, absolutely.
it’ll might require some tweaks, but custom of ootb it works the same.
even for a custom app/table, set of access roles are auto-created.
example, my custom table is called vinegar, it will be created vinegar.user, vinegar.admin and vinegar.manager (not sure how exactly but some 3 basic roles are autocreated) and these are a part of the ACL, so you can adjust together with this or create new from scratch
/* If my response wasn’t a total disaster ↙️ ⭐ drop a Kudos or Accept as Solution ✅ ↘️ Cheers! */
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-27-2025 10:14 AM
Hi there AkashKushwah
You can handle this with a Create ACL on the sys_attachment table. Just block users with the itil role from adding attachments to the incident table.
like this
if (gs.hasRole('itil') && current.table_name == 'incident') {
answer = false;
} else {
answer = true;
}
:
Kind Regards,
Mohamed Azarudeen Z
Developer @ KPMG
Microsoft MVP (AI Services), India