Best way to restrict access to certain records in a table based on a field value

Josh Ferree
Mega Contributor

‎02-21-2018 10:21 AM

I'm looking for a way to restrict access to certain records depending on who it is that's looking at it.

For example, say I have 5 records.  2 of them have AA in a field, 3 of them have BB in that same field.  I want to allow certain people access to view and/or modify the AA records, but not BB.  I figured setting a custom list field in the sys_user table to add which records I want them to have access to would work, but I'm struggling finding a way to restrict the access based on this.

 

Thank you all in advance!

0 Helpfuls
  • 5,387 Views
7 REPLIES 7

Anurag Tripathi
Mega Patron
Mega Patron

‎02-21-2018 10:32 AM

ACL is the way to go my friend

 

Let me know if you need help to configure it too.

-Anurag
0 Helpfuls

Josh Ferree
Mega Contributor
In response to Anurag Tripathi

‎02-21-2018 10:37 AM

I was figuring ACL.. Would I be using gsUserID().getRecord().u_field on it?

0 Helpfuls

pranav_parmar
Kilo Contributor

‎02-21-2018 10:37 AM

You can use the Access Controls to define those at row level. This is the most easiest way to block record level access. You can find more details on docs: 

 

https://docs.servicenow.com/bundle/jakarta-platform-administration/page/administer/contextual-security/concept/access-control-rules.html

 

0 Helpfuls

Josh Ferree
Mega Contributor

‎02-21-2018 02:55 PM

I've been doing some research, and it looks like a mix of ACL and before query business rules may do the trick.

0 Helpfuls