Field Level Write ACL is not working

Rani11
Tera Expert

‎04-01-2021 12:04 AM

Hi All,

There is custom table created and it has write and read acl . I am trying to create one more acl to give access to specific field for the specific group but its not allowing them to edit. Can anyone clarify on this acl rule.

Everyone can read :

 

find_real_file.png

Admin only can access :

find_real_file.png

New Acl which is created to access the specific field but it does not works. I have tried the advance script in --None-- acl as well but its not working. Ideally i need to give access to particular group to particular field alone :

find_real_file.png

Preview file
53 KB
Preview file
51 KB
Preview file
51 KB
0 Helpfuls
  • 2,692 Views
4 REPLIES 4

Maik Skoddow
Tera Patron
Tera Patron

‎04-01-2021 12:18 AM

Hi,

you need an additional ACL <table_name>.* 

Please go to my answer at question https://community.servicenow.com/community?id=community_question&sys_id=f79b7933dbe2e0503daa1ea66896... to see how to archive your requirement.

Kind regards
Maik

If my answer replied your question please mark appropriate response as correct so that the question will appear as resolved for other users who may have a similar question in the future.

0 Helpfuls

Maik Skoddow
Tera Patron
Tera Patron
In response to Maik Skoddow

‎04-12-2021 06:03 AM

Hi @Rani 

Did my reply answer your question?

If so, please mark the appropriate response as "correct" so that the question will appear as resolved for other users who may have a similar question in the future.

If not, please tell me what you are still missing!

Many thanks & kind regards
Maik

0 Helpfuls

vikas shukla
Kilo Guru

‎04-01-2021 12:29 AM

Hii,

For ACL creation, you should have Admin role, because only admin can mark Elevate Role true.

you can also check the below Link-ACL 

please mark correct and close the question.

Thanks,

Vikas Shukla

0 Helpfuls

Deepak Ramar1
Tera Expert

‎04-26-2024 04:33 AM

Hi @Rani11,
I worked on similar requirement to provide edit access only to one field to specific group and here,
 

  • Assuming table: Test Lookup
  • Field to edited: u_acl_field
  • Group to be provided access: Database

 
I would recommend you to create two write ACLs for Test Lookup table:

Spoiler

 

1) with None ACL table level with this advanced script condition: 
answer = gs.getUser().isMemberof('Database') ? true: false;

2) with * ACL which applies to all fields of table with this advanced script condition:
if (gs.getUser().isMemberof('Database') && (root_rule== 'u_acl_field')) {
return true;
}
else{
return false;
}

 

If you find my comment useful, mark it as correct or helpful.

Regards,
Deepak Ramar

0 Helpfuls