Hide the Delete button from core_company table.

Go to solution
ServiceNowSteve
Giga Guru

‎12-11-2017 09:18 AM

Good Afternoon All,

Today we has a user acidently delete a company record from our core_company table and as a result I am trying to hide the Delete button (Not use an ACL to restrict) and despite my searching all I can find as a solution is to use the UI Policy to make it visible to noly users with admin roles which is fine but when I add gs.hasRole("admin") to the global Delete condition it does nothing for the ITIL users.

Anyway the one way I did get the delete button to disappear was a client script that used.

var items = $$('BUTTON').each(function(item)

  {

              if(item.innerHTML.indexOf('Delete') > -1)

{

                      item.hide();

              }

      });

but that also deleted it from the Admin role....so I guess I need a little guidance on how to hide the option from only ITIL users and not Admin users on a specific table.

0 Helpfuls
  • 1,704 Views
1 ACCEPTED SOLUTION

Go to solution
adamjgreenberg
ServiceNow Employee
ServiceNow Employee

‎12-11-2017 09:20 AM

ACL's are the best way to hide items from specific groups of users.



As you found out, javascript can hide such an item, but it is global in nature.


View solution in original post

10 REPLIES 10

Go to solution
adamjgreenberg
ServiceNow Employee
ServiceNow Employee
In response to ServiceNowSteve

‎12-11-2017 09:41 AM

Steve,



You should be able to restrict the ACL to a specific table for the specific group.



Table ACL rules




For instance:



user_admin has the right to use the delete button anywhere



ITIL_user does NOT have the right to the delete button on table core_company


Go to solution
adamjgreenberg
ServiceNow Employee
ServiceNow Employee
In response to adamjgreenberg

‎12-11-2017 09:47 AM

I believe you can just add more roles on this page to block anyone or restrict this ability to a specific group.




/sys_security_acl.do?sys_id=8bdccdc50a0a0b4401f2332a717f7919


Go to solution
adamjgreenberg
ServiceNow Employee
ServiceNow Employee
In response to adamjgreenberg

‎12-11-2017 09:52 AM

So, I just tested ITIL and core_company, the delete is restricted by default according to the OOB ACL.




Is your core_company allowing ITIL users to delete records? If so, there is a rule in place to allow this.


Go to solution
ServiceNowSteve
Giga Guru
In response to adamjgreenberg

‎12-11-2017 09:52 AM

Thank you all for your help. ACL did work, I was just thinking about restricting the Delete button in the wrong way.


0 Helpfuls

Go to solution
palmen
Tera Guru
In response to ServiceNowSteve

‎12-11-2017 09:47 AM

There are different ACLs for delete and create/read/write.


You could let your users create/read/write to the core_company table, but you should restrict the ACL for delete on the table to only be for admins (or maybe user_admin as well if they should be able to do it).



This should solve your problem.