Hide trashcan from Related Items on Relationship Editor

Go to solution
cgedney
Giga Guru

‎01-17-2024 07:49 AM

It seems that everyone has the ability to add/delete relationships. I want to remove the ability to delete them from everyone, but the SN Admins. What I am talking about:

When you open a CMDB CI and it has the CI Relations (Formatter) added to it. You click the "+" icon on the right side of the Related Items.

2024-01-17 10_44_23-apache linux den 200 _ Web Server _ ServiceNow.png

We want the ability to hide the trashcan for the Relationships based on who has the admin role.

2024-01-17 10_47_04-Unified Navigation App _ ServiceNow.png

 

Is this possible?

 

Thank you for your insights, Charles

0 Helpfuls
  • 329 Views
1 ACCEPTED SOLUTION

Go to solution
Iraj Shaikh
Mega Sage
Mega Sage

‎01-18-2024 12:01 AM - edited ‎01-18-2024 12:12 AM

Hi @cgedney 

The CI relationships are present in cmdb_rel_ci table.
There is OOTB delete operation ACL on cmdb_rel_ci that allows only asset or itil role to delete cmdb_rel_ci records.
(ACL: https://your_instance_name.service-now.com/nav_to.do?uri=sys_security_acl.do?sys_id=810de16dc0a80166...

IrajShaikh_0-1705564005935.png

 

You cannot hide the trashcan but you can prevent the deletion of CI relationship by updating the ACL above

 

Steps:

  1. Uncheck the 'Admin overrides' checkbox field
  2. Remove itil and asset roles from 'Requires role' section
  3. Add 'admin' role in 'Requires role' section

IrajShaikh_3-1705565286709.png

 

Now, whenever any non-admin user tries to save the record after clicking the trashcan icon. They will see the "User not authorized to delete relationships" error message as shown below.

IrajShaikh_2-1705564782174.png

 

 

Please mark this response as correct or helpful if it assisted you with your question.

 

View solution in original post

0 Helpfuls
1 REPLY 1

Go to solution
Iraj Shaikh
Mega Sage
Mega Sage

‎01-18-2024 12:01 AM - edited ‎01-18-2024 12:12 AM

Hi @cgedney 

The CI relationships are present in cmdb_rel_ci table.
There is OOTB delete operation ACL on cmdb_rel_ci that allows only asset or itil role to delete cmdb_rel_ci records.
(ACL: https://your_instance_name.service-now.com/nav_to.do?uri=sys_security_acl.do?sys_id=810de16dc0a80166...

IrajShaikh_0-1705564005935.png

 

You cannot hide the trashcan but you can prevent the deletion of CI relationship by updating the ACL above

 

Steps:

  1. Uncheck the 'Admin overrides' checkbox field
  2. Remove itil and asset roles from 'Requires role' section
  3. Add 'admin' role in 'Requires role' section

IrajShaikh_3-1705565286709.png

 

Now, whenever any non-admin user tries to save the record after clicking the trashcan icon. They will see the "User not authorized to delete relationships" error message as shown below.

IrajShaikh_2-1705564782174.png

 

 

Please mark this response as correct or helpful if it assisted you with your question.

 

0 Helpfuls