How to prevent an ACL from masking another ACL

jenny32 · ‎06-20-2017

Hello Everyone,

I am pretty new to ACL concept and i would really appreciate any help on this.

I need to give write access for users with a role 'abc' and when the 'Model category' is 'xyz' on 'Hardware' table to edit 4 fields.

I created ACL:

1) field level ACL for all 4 fields: alm_hardware.<field label> (fields that i require to be edited by user)

2) Table level ACL : alm_hardware(none)

where in the 'Role' field i added the role and used filter condition to set the 'Model category' for 'xyz'.

Already an ACL exists on this table created by someone with field level ACL: alm_hardware.* and Table level: alm_hardware(none) and with some script in the script section which allow users to edit the record if they belong to support group mentioned in the record. The problem i am facing here is when i activate my acl, it is masking the acl which was created by someone for the same table. I want both the ACL's to work on that table.
Please find the screenshot below:

I really appreciate if i could get any help on this.

Thanks in advance

Kalaiarasan Pus · ‎06-20-2017

Please read this KB article and understand how the ACL works

ServiceNow KB: Demystifying Access Controls (KB0541355)

The more specific ACL will override the generic ACL, meaning the field ACL will override the * ACL for those fields.

jenny32 · ‎06-20-2017

Hi Kalai,

Thank you for ur quick response!!!

I went through the article and created ACL based on that only and it didn't work as expected, also in the article i couldn't find anything which specifies regarding the field ACL overriding * ACL.

Is there any other way i can make both the ACL to work.