Manage access via configuration

Sandhya23 · ‎08-01-2024

I have an ACL that restricts the deletion of incidents in the incident table to just a couple of groups. However, as requirements change and additional user groups need access to the delete functionality, I must update the code to add these new groups. Is there a way to manage this through configuration, so we don't have to modify the ACL directly each time a new group needs access?

AndersBGS · ‎08-01-2024

Hi @Sandhya23 ,

from the top of my head - no. I only ACL configuration as the only option as there is no other place to set the CRUD rules.

if my answer has helped with your question, please mark my answer as accepted solution and give a thumb up.

Best regards

Anders

If my answer has helped with your question, please mark my answer as the accepted solution and give a thumbs up.

Best regards
Anders

Rising star 2024
MVP 2025
linkedIn: https://www.linkedin.com/in/andersskovbjerg/

Mark Manders · ‎08-01-2024

Delete operations are only provided through ACLs like Anders mentioned.

But you should have the possibility to make it easy on yourself: use the 'security attribute condition' where you can use 'local' to select 'group'. That way you can just add the groups to the ACL without having to script through sys_id's and such.

Please mark any helpful or correct solutions as such. That helps others find their solutions.
Mark

Anubhav24 · ‎08-01-2024

Hi @Sandhya23 ,

You can store the groups sys_ids in a system property and then access that system property to validate the groups allowed for delete operation. Going ahead when ever new groups need the permission for delete operation you can simply add those groups in the system property.

Please mark helpful/correct if my response helped you.

Sandhya23 · ‎08-03-2024

I have been doing the way Mark and Anders mentioned but this will be the best approach for me, I will try this and check if it works the way I wanted. Thanks, Anubhav