Using ACL how would I allow a field to be editable by multiple groups and users

Community Alums
Not applicable

‎08-01-2024 03:39 AM - edited ‎08-01-2024 03:43 AM

Hi,

I have a requirement, where I have to create a field named "Sandbox Name", and I have only a couple of users and groups to be able to edit the field. The users who can edit the "Sandbox Name" field are IT Manager and Team Lead. I groups are Support Group and Business Unit Group. Kindly help.

 

1.png

6.png

 

2.png

 

3.png

 

4.png

 

5.png

 

Regards

Suman P.

0 Helpfuls
  • 301 Views
2 REPLIES 2

Nicholas_Gann
Mega Guru

‎08-01-2024 04:19 AM

You will want to create a field level Write ACL similar to the example on incident below, ensuring the highlighted parts are set correctly. You won't need any scripting for this

Operation: Write

Name: Configuration Item - Sandbox Name

 

The exact filter condition you want will be:

[Team Lead][is (dynamic)][Me][OR]

[IT Manager][is (dynamic)][Me][OR]

[Support Group][is (dynamic)][One of My Groups][OR]

[Business Unit Group][is (dynamic)][One of My Groups]

 

Nicholas_Gann_0-1722511084568.png

I have assumed all of the user sets you referenced above will already have write access to the record.

0 Helpfuls

Slava Savitsky
Giga Sage

‎08-01-2024 04:26 AM

Something along these lines should do the trick:

answer = false;

isITManager = current.u_it_manager == gs.getUserID();
isTeamLead = current.u_team_lead == gs.getUserID();
isSupportGroupMember = gs.getUser().isMemberOf(current.support_group);
isBusinessUnitGroupMember = gs.getUser().isMemberOf(current.u_business_unit_group);

if (isITManager || isTeamLead || isSupportGroupMember || isBusinessUnitGroupMember) {
	answer = true;
}

 

Create a "write" ACL for your Sandbox Name field, check Advanced checkbox and put the code into the Script field.


Blog: https://sys.properties | Telegram: https://t.me/sys_properties | LinkedIn: https://www.linkedin.com/in/slava-savitsky/
0 Helpfuls