Understanding ACLs execution plan order

Leonel Sandroni
Tera Guru

‎08-25-2023 05:27 AM

Hi there,

 

I'm trying to understan how the ACLs are executed and they give permissons to users. 

LeonelSandroni_0-1692966168000.png

 


In my understanding:

1-First ACL is avoided because the current user has no required roles
2-Second ACL is evaluated and the user passes all conditions (roles, conditions filter and script) so he gets permissions
3-Third ACL is not evaluated because the user got permissions by the second ACL so it doesnot make sense

Is that correct? If I needed that the last ACLs be evaluated, I should work with the second ACLs in order to deny permissions, right? and this way the last ACL will be evaluated, right?

I need to know if it is right, no more. 

0 Helpfuls
  • 1,507 Views
3 REPLIES 3

Sai Shravan
Mega Sage

‎08-25-2023 05:40 AM

Hello @Leonel Sandroni ,

 

Please find the below SN doc's URL for understanding the ACL debugging tools : 

https://docs.servicenow.com/bundle/vancouver-platform-security/page/administer/contextual-security/c...

Regards,
Shravan
Please mark this as helpful and correct answer, if this helps you
0 Helpfuls

Leonel Sandroni
Tera Guru
In response to Sai Shravan

‎08-25-2023 05:50 AM

I know how to debug security rules works I just need to know what I'm asking for

0 Helpfuls

Raveena
Tera Contributor
In response to Leonel Sandroni

‎03-20-2024 01:33 PM

Hi Leonel

 

Yes your understanding is correct.

 

Please mark this helpful if it solves your query

0 Helpfuls