Using ACL how would I allow a field to be editable by multiple groups and users

Community Alums · ‎08-01-2024

Hi,

I have a requirement, where I have to create a field named "Sandbox Name", and I have only a couple of users and groups to be able to edit the field. The users who can edit the "Sandbox Name" field are IT Manager and Team Lead. I groups are Support Group and Business Unit Group. Kindly help.

Regards

Suman P.

Nicholasgan · ‎08-01-2024

You will want to create a field level Write ACL similar to the example on incident below, ensuring the highlighted parts are set correctly. You won't need any scripting for this

Operation: Write

Name: Configuration Item - Sandbox Name

The exact filter condition you want will be:

[Team Lead][is (dynamic)][Me][OR]

[IT Manager][is (dynamic)][Me][OR]

[Support Group][is (dynamic)][One of My Groups][OR]

[Business Unit Group][is (dynamic)][One of My Groups]

I have assumed all of the user sets you referenced above will already have write access to the record.

Slava Savitsky · ‎08-01-2024

Something along these lines should do the trick:

answer = false;

isITManager = current.u_it_manager == gs.getUserID();
isTeamLead = current.u_team_lead == gs.getUserID();
isSupportGroupMember = gs.getUser().isMemberOf(current.support_group);
isBusinessUnitGroupMember = gs.getUser().isMemberOf(current.u_business_unit_group);

if (isITManager || isTeamLead || isSupportGroupMember || isBusinessUnitGroupMember) {
	answer = true;
}

Create a "write" ACL for your Sandbox Name field, check Advanced checkbox and put the code into the Script field.

Blog: https://sys.properties | Telegram: https://t.me/sys_properties | LinkedIn: https://www.linkedin.com/in/slava-savitsky/