Hi,
I have a custom role called "aa_test" that only needs to see and update incidents with an assignment group "Network". I have setup a data filtration record below which works with side effect that are more than I bargained for:
It works so that users with that role can only see "Network" assignment group, but it also prevents admin, and other users from seeing anything but the "Network" assignment group incidents.
I tried to follow the instructions from the community post here to also exclude the itil role, but Role Criteria and subject criteria appear to allow 'is' conditions but not 'is NOT' conditions, at least for me.
Can someone suggest and show a screenshot of how I can limit views by my custom role AND still allow other roles to be unaffected?
In case anyone cares, I was able accomplish this with the following ACLs AND I was able to do this without code, per my original desire.
ACLs for the my custom role:
- incident(read)
- sys_db_object(read)
- sys_db_object.*(read)
- sys_dictionary(read)
- sys_dictionary.*(read)
The incident (read) ACL has a data condition that provided the limitation that finally worked.
In case anyone cares, I was able accomplish this with the following ACLs AND I was able to do this without code, per my original desire.
ACLs for the my custom role:
- incident(read)
- sys_db_object(read)
- sys_db_object.*(read)
- sys_dictionary(read)
- sys_dictionary.*(read)
The incident (read) ACL has a data condition that provided the limitation that finally worked.
