Need Help Restricting Admin and Users from Deleting Attachments on Scoped Application Record
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-29-2024 04:29 AM
Hi ServiceNow Community,
I'm facing a challenge in restricting both admin and user roles from deleting attachments on a custom table within a scoped application.
Here's the scenario:
I have an out-of-the-box (OOB) delete Business rule that permits specific role users to delete attachments. To enhance security, I modified the ACL condition to restrict non-admin users from deleting attachments, which worked well. However, I'm keen on avoiding any edits to the global ACL.
Here's what I've tried so far:
Created a Before Delete Business rule on the attachment table with a condition specific to my custom table. This rule calls a script include to abort the delete action.
Utilized a Cross-scope privilege to deny delete permission for attachments.
Unfortunately, neither of these methods has yielded the desired result. Users and admins are still able to delete attachments.
Could anyone in the community offer suggestions or insights on how to achieve this goal effectively within the scoped application framework? I'm particularly interested in solutions that don't require modifications to the global ACL.
Any help or guidance would be greatly appreciated.
Thank you in advance!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-29-2024 04:48 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-29-2024 04:51 AM
you can setup a delete ACL which only returns true on admins or if it's the user that created the attachments.
Take a look here and let me know if you hit a brick wall: Access control list rules
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-29-2024 09:48 PM
It appears that there is some confusion about the requirement.On the scoped application table,I would like to restrict attachment deletion for all users, including administrators. I cannot restrict deletion by creating an ACL from the scoped application on the attachment table because Servicenow does not allow script writing or adding conditions.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-31-2025 01:41 PM
@Aishwarya_28 Did you ever have any luck?
