How to overwrite ACL making all fields read only depending on condition

Go to solution
Milan13
Giga Expert

‎07-21-2019 11:53 PM

Hello,

below ACL makes all field read only upon given conditions.

However I need to "overwrite" this ACL in order to make some of the fields (additional comments, work notes, watch list, work notes list) editable but don't know how.

Tried to create simple ACL like incident.watch_list  with condition role=itil however this just does not work.

No conflicting ACL particularly for watch_list not found...

Any idea on this?

Appreciate your help,

Milan

find_real_file.png

 

find_real_file.png

Preview file
210 KB
Preview file
219 KB
0 Helpfuls
  • 4,393 Views
1 ACCEPTED SOLUTION

Go to solution
AbhishekGardade
Giga Sage

‎07-22-2019 12:06 AM

1. A write ACL on Table allowing access

2. A * write ACL on all fields not allowing access

3. A write ACL allowing access to the single field

Field level access controls have a higher precedence over table level.

Check out this blog: https://community.servicenow.com/community?id=community_blog&sys_id=24ad62a9dbd0dbc01dcaf3231f961932

Please mark as Correct Answer/Helpful, if applicable.
Thanks!
Abhishek Gardade

Thank you,
Abhishek Gardade

View solution in original post

2 REPLIES 2

Go to solution
AbhishekGardade
Giga Sage

‎07-22-2019 12:06 AM

1. A write ACL on Table allowing access

2. A * write ACL on all fields not allowing access

3. A write ACL allowing access to the single field

Field level access controls have a higher precedence over table level.

Check out this blog: https://community.servicenow.com/community?id=community_blog&sys_id=24ad62a9dbd0dbc01dcaf3231f961932

Please mark as Correct Answer/Helpful, if applicable.
Thanks!
Abhishek Gardade

Thank you,
Abhishek Gardade

Go to solution
Milan13
Giga Expert

‎07-22-2019 05:46 AM

Hi Abhishek,

 

I am sorry but I am completely lost here...:(

 

I have this business requirement:

I only need editable fields (write) for member of incidents' assignment group once the assignment group is the group whrere logged in person is a member of.

This works - made by below ACl, as per second print screen all fields are greyed out, if there was appropriate assignment group entered all fields would be editable.

What is need is to make Work notes, Additional Comments, Watch Lists, Work Notes list editable even if correct assignment group is NOT entered.

I tried to simply add other ACLs  like incident.watch_list etc. just having the role of itil (the only condition) but it does not work.

No idea how to do this simply loooking task...

It seems no conflicting ACLs are in place.

Appreciate your help,

Milan

 

 

0 Helpfuls