ACLs are acting different on fields that are different scope than their table

Xarielah6351749 · 3 weeks ago

Hello,

Given the HR Lifecycle Event (sn_hr_le_case) table, I have applied 2 wildcard ACLs:

1. "sn_hr_le_case.*" with condition "HR Service is 123" that allow all fields only if the script returns true.

2. "sn_hr_le_case.*" with condition "HR Service is NOT 123", that is just the wildcard out of the box one.

Then added few field ACLs with condition "HR Service is 123" and generically allow access for snc_internal role and they show as expected.

The problem is with custom fields that were created for the HR LCE Case table but with a different scope - "Agent Workspace for HR Case Management", those ACLs just don't work and they are shows as orange "Passed" when using Access Analyzer.

Anyone experienced that?

GlideFather · 3 weeks ago

Hi @Xarielah6351749

please share that ACLs to see how it was configured.

Also, you posted the same question 3x, please avoid to create duplicate questions

_____
100 % GlideFather experience and 0 % generative AI

Xarielah6351749 · 3 weeks ago

Hi!

I'll share those below, 2 posts by-the-way were duplicated, the third one is in a different forum so I assumed different kind of users would view it, thanks for letting me know!

GlideFather · 3 weeks ago

Hi @Xarielah6351749,

you have hidden the advanced sections in all 3 screenshots... without seeing that, it's not possible to review it.

If you don't want to share it, it's perfectly fine but you can anonymise it to see the logics that was used

_____
100 % GlideFather experience and 0 % generative AI

Xarielah6351749 · 3 weeks ago

They are empty accept one that is just doing string comparison with the current logged in user with some fields (assigned to, opened_by, etc...)