making fields read only using ACL

VSN · ‎05-31-2023

Hi , i have a requirement to make fields read only when the state of the record is in draft or submit.if the user has role employee_admin, employee_mabager roles.

i have to achieve this functionality by using ACL's only.

Rana5 · ‎05-31-2023

Users with the mentioned role; do they get to update or for them alone the form is read only? Both can be done.

In case they are the ones who can edit, have these two roles added in the Roles section.

In case they are the ones who cannot edit, have a different role added in the Roles section or you can achieve this by scripting as well.

In both cases add a filter condition i.e., state is Draft or Submit.

Thank you!

Regards,

Rana

Manmohan K · ‎05-31-2023

Hi @VSN ,

You can create write ACL like below on desired table as shown below

Replace with roles and condition you specified in the requirement

Bert_c1 · ‎05-31-2023

Hi siva62,

there are plenty of examples in your instance. See:

https://[instance_name].service-now.com/sys_security_acl_list.do?sysparm_query=operation%3Dwrite%5EnameLIKE.%5EscriptISNOTEMPTY&sysparm_view=

Field level ACLs.

Bert_c1 · ‎05-31-2023

Like one posted above. Create a 'write' acl on the desired table. Conditions "state", "is one of", "Draft,Submitted", and use script logic:

// Deny access if current user has employee_admin or employee_manager role.
if (gs.hasRole('employee_admin') || gs.hasRole('employee_manager'))
	answer = false;
else
	answer = true;

You need to check that there are no 'conflicting' ACLs, that allow users with either role 'write' access to the table. If a small number of fields on the table have to be read-only for your conditions, then define ACLs for each field. Name = table_name.field_name.

Some documentation:

https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0541355

https://docs.servicenow.com/bundle/utah-platform-security/page/administer/contextual-security/concep...

I hope this helps.