How to manage ACL and Roles for providing access to specific records only

Mahesh111 · ‎01-30-2025

Hello Team,

I need your help on how to implement below approach

I have a customer requirement to create tickets via integrations. To create these tickets, we are using cert_task OOB table however we have created a separate application in application navigator as well as a separate view for these tickets.

The requirement here is we have two roles for this cert_task table i.e. certification and certifiction_admin. we are expected here to give access to those records which got created via integration rather than all records from this table

So, shall I create a separate role dedicated to my requirement and create a separate ACLs to manage the access or I have to use OOB roles only? The problem with OOB ACLs is we need to change a lot and the access is provided to whole table. If i create custom roles and ACL does it impact OOB ACLS?

Sandeep Rajput · ‎01-30-2025

@Mahesh111 Since this is a completely custom requirement, you can choose to create a custom role and ACLs. Changing OOTB role or ACL will make the skip during the next upgrade.

Mahesh111 · ‎02-03-2025

Hello, If i do create custom roles however OOB roles are overriding them and wont allow the access

Sandeep Rajput · ‎02-03-2025

@Mahesh111 Along with the custom roles, you need custom ACLs too to grant the user access.

Mark Manders · ‎01-30-2025

If you can make a distinction on the records and you are on Xanadu, you can easily use the 'deny unless' ACLs to get this done. It will limit the number of ACLs you need to get it working.

Please mark any helpful or correct solutions as such. That helps others find their solutions.
Mark