Override oob ALC on HR Task

Go to solution
miro2
Mega Sage

‎09-22-2023 01:29 PM - edited ‎09-22-2023 01:36 PM

Hi,

 

My question is related to the ACL on the HR Task table.

Scenario: HR Agents are not allowed to delete HR Tasks if the parent Case has the HR Service set to 'Feedback' or if parent Case state is 'Suspended.'

Agents can delete any other tasks; it's only these specific tasks that I need to restrict from being deleted.

 

I can modify the script in the existing OOB ACL for the 'DELETE' operation, but I'm not sure if this is the best approach. The highlighted section in red indicates the added script, which works.

miro2_3-1695414152465.png

 

 

 

I tried to create new ACL to override existing ACL, but it didn't work. Seems like OOB ACL has highest priority.
Below custom ACL

miro2_0-1695414977050.png

 

 

 

0 Helpfuls
  • 632 Views
1 ACCEPTED SOLUTION

Go to solution
miro2
Mega Sage

‎10-18-2023 03:11 AM - edited ‎10-18-2023 03:13 AM

The problem has been solved. I my previous scenario, when HR Service is set to 'Feedback', or if the parent Case's state is 'Suspended', it indicates that I use the "Feedback" and "Suspended" HR templates for the child task.
I adjusted the solution to align with below approach. I modified the oob ACL and added a script where I check if one of the HR Template sys_id values is stored in the System property. If it is, I set the answer to false. So, whenever the task will be created with the HR template (Feedback or Suspended) then user won't see Delete button.

 

View solution in original post

0 Helpfuls
5 REPLIES 5

Go to solution
Bert_c1
Kilo Patron

‎09-22-2023 01:43 PM

Hi @miro2,

 

Try enabling Security Debug, and test. In the browser window that appears search for your new ACL and check if any of the three icons are green. and the value of "rc=".

0 Helpfuls

Go to solution
miro2
Mega Sage
In response to Bert_c1

‎09-22-2023 02:08 PM

Hi @Bert_c1 
Here's a screenshot. The three green dots represent the oob ACL, and mine is in the middle.

miro2_0-1695416537928.png

 

On the row level, the one above mine is the OOB ACL, and the current one was created by me.

 

miro2_1-1695416835844.png

 

0 Helpfuls

Go to solution
Bert_c1
Kilo Patron

‎09-22-2023 05:26 PM

Hi Miro2,

 

So those three didn't fail. I have no idea what the problem is. Maybe create a Support Case to have it investigated. I see 46 ACLs for the 'sn_hr_core_task' table in my instance.

0 Helpfuls

Go to solution
miro2
Mega Sage

‎09-23-2023 02:00 AM

so the question to solve my problem might be how to take precedence over existing ACL. I know it can be done by being more specific or having a higher priority for created ACL. Or maybe adding script to the existing ACL is good approach?
Any other answers would be appreciated. Thanks!

0 Helpfuls