How to define an ACL, to make a field "X" on catalog task table editable only for users with a role?

Smith Johnson
Tera Guru

‎03-07-2024 09:32 AM

Hello,

I have a custom field called "Confidential" in Catalog Task (sc_task) table.
SmithJohnson_0-1709832425251.png

I would like this field to be editable only from users with a specific role "srm".
I have created the following ACL for this field, as shown below:

SmithJohnson_1-1709832579041.png

 

There are no other ACLs defined for this field.

However, a user without the "srm" role is still able to edit this field (i.e., check or uncheck the box).

Any ideas on what I missed here?

Regards,
Smith.

0 Helpfuls
  • 255 Views
3 REPLIES 3

Harsh Vardhan
Giga Patron

‎03-07-2024 10:28 AM

@Smith Johnson  Have you tried to debug your ACL ? Sounds like you have existing ACL for all columns ( * ) or Table level ( none ) ?

Debug your ACL that might give you better picture . 

 

ACL debugging tools 

 

Thanks,

Harsh

0 Helpfuls

Sumanth16
Kilo Patron

‎03-07-2024 10:32 AM

Hi @Smith Johnson ,

 

Enable the debugging option and impersonate a user without a role and a user with a role. And compare Access Control in both sessions which are executed.  You will find which acl causing the issue.

 

If I could help you with your Query then, please hit the Thumb Icon and mark it as Correct !!

 

Thanks & Regards,

Sumanth Meda

 

0 Helpfuls

Sandeep Rajput
Tera Patron
Tera Patron

‎03-07-2024 11:41 AM

@Smith Johnson Check if a write ACL Catalog Task [sc_task].* (for all fields) exists on the Catalog task table. If it does then it might be allowing the write access.

0 Helpfuls