Did you know, that ACL scripts are running even the advanced flag is set to false?!?!?!!!!

Zod
Giga Guru

‎02-05-2018 03:41 AM

After got trapped by an ACL that did do something I was not expecting ... I found out, that the script in the acl was executed even the advanced flag set to false.

As this is a true/false field and not an ui action to show/not show the script, this is absolutely not what I expected and none of my peers knew this.

Also the ServiceNow Support was obviously not aware of it ....

Developement Statement:

"..., the developer has confirmed that this is an expected behavior. The Advanced checkbox just controls the visibility of the script field. At the time of ACL execution, we check the script field. If it is populated, we will execute it as part of the ACL evaluation.

utely"

From my point of this is critical .. especially as we are talking about ACLs! And for sure not consistent ... and somehow servicenow more and more starts to look like cobbled solutions like Martix or HP ...

Not a good developement from my point of view ;-(

  • 2,105 Views
17 REPLIES 17

Uncle Rob
Kilo Patron

‎02-05-2018 06:23 AM

This is one of hte OOB features that always annoyed me.
By the time I'm configuring ACL, Business Rules, or Notifications it should be assumed that I want advanced mode.   Defaulting to some stripped down version of the form is .. frustrating.


sbh
Tera Guru

‎04-07-2021 09:54 AM

In fact, it evaluates the script when Advanced is unchecked and the entire script is commented out. Which makes me think it probably evaluates commented-out lines of scripts I intend to run. To me, that's not expected behavior at all.

0 Helpfuls

Allen Andreas
Administrator
Administrator
In response to sbh

‎04-07-2021 10:00 AM

Hi,

This is a 3 year old thread, haha, but yea, we've established that the script, even with the advanced box unchecked, will still execute any script that's there.

The same can be said for fields where you use a UI Policy to fill out child fields if the parent field is 'x' (for example), but then change the "parent" field that those child fields were based upon to now 'y'...those child fields go away now, but the data is still there, you just don't "see" it.

Checking or unchecking that advanced box in ServiceNow lingo, is merely a visibility option to see the advanced script or not and is not meant as "well if you have script there but uncheck this advanced box, the script is not going to run".

Please mark reply as Helpful, if applicable. Thanks!


Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!

sbh
Tera Guru

‎04-07-2021 10:06 AM

I can understand that (though it's not behavior I expected to see) but I've never heard of a script that runs when it's commented out.

0 Helpfuls

Allen Andreas
Administrator
Administrator
In response to sbh

‎04-07-2021 11:49 AM

Well, commented out is still script, but get this...

I literally had a mind boggling scenario where a notification wasn't firing. After going through every, single, thing I could think of...over 7 years of experience, lol....I finally figured it out....a developer was using the conditional script, but had commented everything out, but kept it there because they didn't want to "lose" it...

Well...that field literally needs to result in true for it to send...and so if it's used, even with only commented out code, it was basically causing the notification to not send.

So, there's some little intricacies going all that just takes time to learn, lol.

The overall point though is that those script type fields tend to still run even if we don't think they will so if you treat them all like that, you'll be better off.

Hopefully that random trivia fact helps you one day 🙂

Please mark reply as Helpful, if applicable. Thanks!


Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!