regarding ACL and client side restriction

Go to solution
Abhinab Achary1
Tera Guru

‎06-22-2016 06:22 AM

Hi All,

I have a doubt,

I have created a ACL that allows only admin users to write access Assigned to field for which i have created a simple ACL.

But now

I want that if the state of the incident in incident form is only resolved or any state as i want , that should not allow the write access , for any other state it should allow users to edit the field.

I have given under condtion that state is closed. but i see that for any state no maater what the ACL only works good for whether user is admin or not.. the condition seems to have no affect.

Is there any scripting that can be done.. if possible   with an example would be very helpful

Thanks,

Abhinab

0 Helpfuls
  • 3,250 Views
1 ACCEPTED SOLUTION

Go to solution
Brad Tilton
ServiceNow Employee
ServiceNow Employee

‎06-22-2016 06:33 AM

The ACL only gets evaluated server side, so if the state field changes you would have to save the form before the ACL reevaluates itself. You could use a combination of ACL and ui policy.



If you're ACL isn't working could you post a screenshot?


View solution in original post

5 REPLIES 5

Go to solution
Rohit Kumar
Giga Expert

‎06-22-2016 06:32 AM

First review all the ACLs on incident table.


Condition filter in write ACL may solve your purpose.


State is oneof Closed/Resolved.



I am not sure what you want to achieve but you need to work on filters or use script in ACL.



Thanks


Rohit


0 Helpfuls

Go to solution
Brad Tilton
ServiceNow Employee
ServiceNow Employee

‎06-22-2016 06:33 AM

The ACL only gets evaluated server side, so if the state field changes you would have to save the form before the ACL reevaluates itself. You could use a combination of ACL and ui policy.



If you're ACL isn't working could you post a screenshot?


Go to solution
Abhinab Achary1
Tera Guru
In response to Brad Tilton

‎06-22-2016 08:32 AM

Hi Brad,


You are absolutely correct, it worked as soon as i save the form.. Thanks


0 Helpfuls

Go to solution
santoshsahoonis
Kilo Guru

‎06-22-2016 06:35 AM

"I have given under condtion that state is closed." = this means only Closed incidents will be editable.


"user is admin or not" =   You must have Admin override = true



Also, can you state your scenario more properly:


1. I want Incidents with states ...... to be editable by only admin?


2. If Incident doesnt have the states as in Step 1(State....), users can edit this field



from 1 and 2 => admin should always be able to edit/write



If my above assumption is correct, then create an write ACL with admin override = true and in script make sure to have,





if(current.state == '6')   // 6 = Resolved or change accordingly

   answer = false;

else 

   answer = true;