Make a section read-only for some users

hamidouche · ‎03-06-2020

Hi,

I have 10 sections inside a form that I want to make READONLY (I must not hide the section) for some users with a specific role only.

For example: I have UserA with role A: he can only edit section 1,2,3,4,5 but the rest will be readonly for him

But for UserB with roleB, he can edit sections 1,2,3 and the rest will be readonly, etc you get the idea

I know I cannot use UI policy to do this for the whole section but for fields only. The thing is: the sections have over 100 fields each.

Can I use ACL* for this? if yes how?

Can I use a client script. In this case I have to run g_form.setReadOnly() on all the fields.

Thanks

Allen Andreas · ‎03-06-2020

Hi,

Unfortunately, an ACL won't assist here. There isn't a way to easily make an entire section read-only.

You'd have to use a client script and grab their role using something like:

g_user.hasRole('itil') and go from there.

Keep in mind, any fields that are mandatory and are exposed on load, won't be able to be read-only (I believe).

So you'd have to balance the mandatory requirements as well. May take some work there.

So you'd want to check their role, setMandatory false, then readOnly true...etc.

Please mark reply as Helpful/Correct, if applicable. Thanks!

Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!

Allen Andreas · ‎03-06-2020

Hi,

Unfortunately, an ACL won't assist here. There isn't a way to easily make an entire section read-only.

You'd have to use a client script and grab their role using something like:

g_user.hasRole('itil') and go from there.

Keep in mind, any fields that are mandatory and are exposed on load, won't be able to be read-only (I believe).

So you'd have to balance the mandatory requirements as well. May take some work there.

So you'd want to check their role, setMandatory false, then readOnly true...etc.

Please mark reply as Helpful/Correct, if applicable. Thanks!

Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!

hamidouche · ‎03-06-2020

Hi Allen,

Thank you for your answer.

I was thinking, can I use the advanced script ACL? And I can restrict the access further depending on the role, as in this thread: https://community.servicenow.com/community?id=community_question&sys_id=cf290fe1db5cdbc01dcaf3231f96...

Thanks,

O

Allen Andreas · ‎03-06-2020

You'd have to do that for ALL the fields involved, but yes, you could.

Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!

Ankur Bawiskar · ‎03-06-2020

Hi,

ACLs are not good in this case since you would require individual field level ACLs on those all fields

So if you have 20 different fields spread across 4 sections 5 in each you would require 20 field level write ACLs

So better to use onload client script and use it for all fields

Mark ✅ Correct if this solves your issue and also mark 👍 Helpful if you find my response worthy based on the impact.
Thanks
Ankur

Regards,
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader