How We can use Nobody Role ?

Go to solution
Vishal Savajia1
Kilo Sage

‎04-21-2020 05:55 AM

HI Team, 

 

A) I have requirement to restrict one column from editing in List View?  No one can edit this including admins, I have already implemented ACL and is working for me. I would like to know how we can use NoBody role ? Can anyone provide insignt on this role.

Labels:
0 Helpfuls
  • 6,765 Views
1 ACCEPTED SOLUTION

Go to solution
xiaix
Tera Guru

‎01-25-2021 09:42 AM

Late to the party on this one, but here's how I was able to set the 'nobody' role for a list_edit ACL that I had:

Step 1: Create the ACL you want and add some role, doesn't matter what.

find_real_file.png

Step 2: Type in 'sys_security_acl_role.list' into your main filter navigator and hit Enter

find_real_file.png

 

Step 3: Find the ACL role record you created in step 1, you can filter as shown here.  Once you see the record, right-click on it and "Copy sys_id":

find_real_file.png

 

Step 4: Place the following code into a background script and run it. **NOTE** use the sys_id that you just copied and put it into the rec.get() and don't use mine... lol

Also, the "nobody" role sys_id should be the same across all instances.  If not, it's easy to find.

(function(){
	gs.getSession().setStrictQuery(true);
	var rec = new GlideRecord("sys_security_acl_role");
	rec.get("54c7e7a3dbf5e090d0065e98dc96198a"); /* sys_id of the sys_security_acl_role record you copied */
	if (rec){
		rec.sys_user_role = 'b05940500a0a0aa70090a4893f6ff35d'; /* nobody role */
		rec.update();
	}
})();

 

 

If you refresh that ACL record now, you should notice that you have a 'nobody' role:

 

find_real_file.png

View solution in original post

Preview file
24 KB
Preview file
8 KB
Preview file
39 KB
Preview file
25 KB
7 REPLIES 7

Go to solution
Jaspal Singh
Mega Patron
Mega Patron

‎04-21-2020 06:01 AM

Hi Vishal,

 

Did you check link that has details about base system roles? It states that 'Nobody' has a precedence over admins & personally never had a need to use it but should be used carefully as recommended.

Go to solution
Vishal Savajia1
Kilo Sage
In response to Jaspal Singh

‎04-21-2020 06:04 AM

Yes Please, I already read carefully about this link, but in my intance i can figure out few ACLs which have used this Role.

0 Helpfuls

Go to solution
Jaspal Singh
Mega Patron
Mega Patron
In response to Vishal Savajia1

‎04-21-2020 07:11 AM

Yes, in that case it would simply imply that neither System Admin nor maint user (OOB platform developer) will have access to this field once defined & thus should be used carefully as the impact would be longterm one.

0 Helpfuls

Go to solution
xiaix
Tera Guru

‎01-25-2021 09:42 AM

Late to the party on this one, but here's how I was able to set the 'nobody' role for a list_edit ACL that I had:

Step 1: Create the ACL you want and add some role, doesn't matter what.

find_real_file.png

Step 2: Type in 'sys_security_acl_role.list' into your main filter navigator and hit Enter

find_real_file.png

 

Step 3: Find the ACL role record you created in step 1, you can filter as shown here.  Once you see the record, right-click on it and "Copy sys_id":

find_real_file.png

 

Step 4: Place the following code into a background script and run it. **NOTE** use the sys_id that you just copied and put it into the rec.get() and don't use mine... lol

Also, the "nobody" role sys_id should be the same across all instances.  If not, it's easy to find.

(function(){
	gs.getSession().setStrictQuery(true);
	var rec = new GlideRecord("sys_security_acl_role");
	rec.get("54c7e7a3dbf5e090d0065e98dc96198a"); /* sys_id of the sys_security_acl_role record you copied */
	if (rec){
		rec.sys_user_role = 'b05940500a0a0aa70090a4893f6ff35d'; /* nobody role */
		rec.update();
	}
})();

 

 

If you refresh that ACL record now, you should notice that you have a 'nobody' role:

 

find_real_file.png

Preview file
24 KB
Preview file
8 KB
Preview file
39 KB
Preview file
25 KB