Read and Write ACL on same field

vaibhavdesai · ‎02-07-2017

Hello Experts,

I want to understand few things related basics of ACL.

1) When we create read and write ACL on same field and table. What will be output of that? Which one will be executed?

(I tried to implement it and was not getting any output.)

2) If i have UI policy/Data Policy to restrict some field and then I create ACL on the same field. Which one will be executed first?

Regards,

Vaibhav Desai

Anurag Tripathi · ‎02-07-2017

Hi Vaibhav,

I don't think you need read and write both ACL on the same field(with same conditions) because, if read ACL returns false you will not be able to see the field then editing it is anyways out of the question.

Hope this helps.

-Anurag

View solution in original post

amaradiswamy · ‎02-07-2017

Hi Desai,

Read acl to make the data visible/hidden .

Write ACL to a field givse edit access to field in a record in table.

Data policy and ACLs are both run on server side. But eventhough data policy allows edit/visible and if ACL evaluates to false then the access will be restricted.

Thanks and regards

Swamy

vaibhavdesai · ‎02-07-2017

Hi Swamy,

Thanks for sharing your input.

What i want to understand is If I am creating one ACL that provides read access(without any condition and roles) and Creating other one that provides Write access. What will be output of it?

Regards,
Vaibhav Desai

amaradiswamy · ‎02-07-2017

I will agree with anurag

naresh1019 · ‎10-16-2017

Hi Vibhav

If you are creating a read/write on a particular field....it will allow write access.

Points to be noted.

1) when ever you are speaking for field level ACL, it actually needs to pass table level as well.

Two cases are two cases

CASE-1

1) Table is having only read access

then irerespective of field rules (wheather you create or dont create ), it will be only ready only like this

CASE-2:

Now if you create a write access on the table (which is valid only if you have read access created earlier or else again there would be no meaning it will not allow to see the records itself).

1) There comes the point of security rules @ field level.

So now even if you are creating read and write on perticular fields like above it will allow to acces....

Final Conclusion:

1) You should not think in that way you are looking at

2) Generally ACLS were created with a intension that if you have many fields in a form and want to secure one or two fields .

3) So you should provid write access at a table level to a perticular user.)

4) and the field you want to secure (create field access rule ) and give write access to admin , so that you can secure the fields as show...

The blue color write access is @ itil level...table ACL..

where as red color is write acces @ admin for name2 field.

i hope this repsonse will help you a bit.

mark as helpfull/resoved accordingly.

Thanks