Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

How to make only one field editable on record, remains should be read-only

Supriya25
Tera Guru

‎08-21-2023 07:09 PM - edited ‎08-21-2023 07:45 PM

Hi All,

 

Please help me on below issue.   why my Write ACL not working , always two fields still read-only just like previous.???

 

current setup:

in CSM, we create one custom table "Invoice Compliances "  which is extended from Case table .we have totally 45+ fields (some custom fields and some case table fields ).  Full Access on Invoice Compliances table records/fields can be updated only by  "admins" and "invoice_compliances_user "

ACL : Write 

Table: Invoice Compliances.*   

roles:  "admins" , "invoice_compliances_user ", Condition: State|not|cancelled/Closed. 

 

on request For Finance group we create one new Role "finance_invoice_compliance_user" given read access on list of records for reporting purpose and some other purposes.

ACL : Read   

Table : Invoice Compliances.*   

roles: "finance_invoice_compliance_user" , Condition: State|not|cancelled.

 

up to this point everything  fine.

 

 

Issue

now finance_invoice_compliance_user role users want to update 2-fields by them in 'Invoice Compliances table' record, so we created Write ACL, but it is not working , always that two fields showing as Read-only as like other fileds.

ACL : Write 

Table: Invoice Compliances.Trans ID 

roles:  finance_invoice_compliance_user, Condition: State|not|cancelled/Closed. 

Script

 

 

 

 

var gr=new GlideRecord('sys_user_grmember');
gr.addEncodedQuery('group.name.STARTSWITHFinance_Invoice_Compliance^group.active=true');
gr.addQuery('user',gs.getUserID());
gr.query();
if(gr.next())
answer=true;
else
answer=false;

 

 

 

 

 

 

Kindly help me why my Write ACL not working , always two fields still read-only just like previous.

 

 

 

0 Helpfuls
  • 821 Views
17 REPLIES 17

Jim Coyne
Kilo Patron

‎08-21-2023 08:52 PM

Why are you using a script in the ACL?  Is having the "Role" not sufficient?  You are basically checking if the user is in a Group whose Name starts with "Finance_Invoice_Compliance" AND has the "finance_invoice_compliance_user" Role.

0 Helpfuls

Supriya25
Tera Guru
In response to Jim Coyne

‎08-21-2023 09:06 PM

Thanks for reply,

yes checking two group Name starts with "Finance_Invoice_Compliance" AND has the "finance_invoice_compliance_user" Role.

 

but not sure why it is not working

0 Helpfuls

Jim Coyne
Kilo Patron
In response to Supriya25

‎08-21-2023 09:37 PM - edited ‎08-21-2023 09:48 PM

How are the Users given the Role?

 

Try changing the Script to this:

 

answer = (function() {
    var result = false; //default to no access

    //make sure they are in a particular Group
    var gr = new GlideRecord("sys_user_grmember");
    gr.addEncodedQuery("group.nameSTARTSWITHFinance_Invoice_Compliance^group.active=true^user=" + gs.getUserID());  //I don't like to mix addEncodedQuery and addQuery
    gr.query();
    if (gr.next())
        answer = true; //let them have access

    return result;
})();

 

 

0 Helpfuls

Supriya25
Tera Guru
In response to Jim Coyne

‎08-22-2023 10:48 AM - edited ‎08-22-2023 11:23 AM

Hi,

 

No change, still it is read-only showing 

I added Popup gs.addInfoMessages in ACL  ...., I can see that info message  as a admin when i Open record, but when i impersonated with 

Finance_Invoice_Compliance

this group user , he is not getting info message on record level.

0 Helpfuls

Jim Coyne
Kilo Patron
In response to Supriya25

‎08-22-2023 03:19 PM

How are users given the "finance_invoice_compliance_user" Role?

0 Helpfuls