Requirement to allow members of a specific group to edit a closed record

pj13
Tera Contributor

‎07-07-2022 03:48 PM

Hi,

 

I have a requirement to allow members of a specific group to edit fields on a closed record. By default fields are set to readonly on closed.


I've tried doing the display BR + onLoad Client script & scripting a UI Policy & ACLs but nothing is working so not sure what to do or what I'm doing wrong.

 

Seems like this should be pretty straightforward.

0 Helpfuls
  • 2,478 Views
11 REPLIES 11

pj13
Tera Contributor
In response to Jason Nichols

‎07-08-2022 09:54 AM

Hey @Jason Nichols ah ok maybe this is where I'm going wrong. This seems so straightforward I'm not sure why its been such a pain. I'll try an ACL at the None level, should I also create an ACL on each field that should be editable or could the one ACL at None + UI Policy per field work?

0 Helpfuls

Jason Nichols
ServiceNow Employee
ServiceNow Employee
In response to pj13

‎07-10-2022 11:20 PM

I suppose there are two methods:

  • Create two write access controls: incident.None and incident.<field>
    Condition: (Script) users who are members of the selected group.
    As the UI Policy to make fields read-only on closed records would still apply, you would need to delete the specific UI Action for the corresponding field.
  • Create one write access control: incident.None.
    Condition: (Script) users who are members of the selected group.
    As the UI Policy to make fields read-only on closed records would still apply, you would need to delete the UI Action for the corresponding field and create a new UI Policy that includes a script (Execute if true) to make the field read only only for users who are not a member of the selected group.

Whatever method you implement, even if it is another, you need to ensure the implementation meets your requirements, that it doesn't open up any security loopholes and that it works in the desired user interfaces (Platform UI, Workspace, Mobile). And finally, once the change is approved, document it! It's a relatively simple requirement, but as you can see, it requires thought and more than one record created/modified, and you don't want to scratch your head later when implementing another requirement that may be influenced by this one.

Hope this helps.

0 Helpfuls