Bypassing ACL when using inbound action

Hafsa1
Mega Sage

‎07-18-2019 06:40 PM

For change module we have inbound action, which will create change ticket once user will send "BRIDGE CHGxxxxxxxx" in subject. In change we have write ACL for description field, if user have "des_bridge_write" role then only he can update description field.

But my requirement is that if user create change ticket from inbound action then it should add email_body in the description of change ticket. We don't want to remove this ACL due to security issue as per process. How I can tweek this to work. Right now description field is coming BLANK, no matter whatever user provide in email.

And we can't use any fix user to open change ticket, requestor should be the sender only.

0 Helpfuls
  • 1,452 Views
4 REPLIES 4

Manish Vinayak1
Tera Guru

‎07-18-2019 06:52 PM

Create another ACL to allow write access to the change.description field; in the script section use the gs.isIneractive() method to identify if the change request was being created from Inbound Action or was created manually.

 

You could use the following condition to let your write ACL run only for Inbound Actions:

answer = !gs.isInteractive();
answer;

Give it a try, hopefully it works.

Cheers,

Manish

The SN Nerd
Giga Sage
Giga Sage

‎07-18-2019 06:54 PM

I would be surprised if it is the ACL actually blocking this.

I'd hazard a bet that it is coming through blank for admin too.

Can you provide your inbound action code?
ACL's don't usually apply to server-side code unless you are using GlideRecordSecure.


ServiceNow Nerd
ServiceNow Developer MVP 2020-2022
ServiceNow Community MVP 2019-2022

Hafsa1
Mega Sage
In response to The SN Nerd

‎07-18-2019 07:12 PM

No for admin. It's creating.

When I compose email and send it creates with description  from email body. But when some other users who are ITIL or any other with less previledge role sending emails then then email body is not updating in description field.

 

0 Helpfuls

Hafsa1
Mega Sage
In response to Hafsa1

‎07-18-2019 08:02 PM

Sorry guys.

My mistake there was read-only ACL due to which it was appearing blank but when I give this role to user then he was able to see all description of past change ticket which were created earlier.

So hopefully all the users who are authorized to see description they will see it.

 

0 Helpfuls