I have been having a lot of issues with ACLs. I have a need for one group(one user in that group) to be able to write to a certain few fields on the cmdb_ci_service table. All other fields should be read only(as they are right now). I tried setting the write ACLs on each field that I want the group with role bs_user_role to be able to write to or edit. It's still showing as a read only field for all. I assume this is because of an ACL on the table not allowing it. Any advice on this? The screenshot shows the fields circled that have the write ACL on them and I'm logged in as the user. They are still showing as read-only.
I was able to test this out for you using my Dev environment.
- Firstly, you need to create a write ACL for the entire table (as I stated previously) - so a write ACL for cmdb_ci_service with none chosen on the name line and assign your role you made up:
-Finally, create a write ACL for the same table, but this time the specific field you want then to have access to (create multiple ACLs obviously for all the fields you want) with the specific role you made up.
-Profit
You'll see something like this (I only did this for one field just to test for you):
Please mark as Correct and Helpful if this works for you.
Thanks
Thank you for doing that. Here is what my ACLs look like:
There has to be something keeping it from allowing me to access the field. I'm thinking it has something to do with the cmdb_ci ACLs above the ones I created.
That's how I set it up and it still does not allow me to edit that field when I impersonate the user with the role I created. That's why I am thinking one of the cmdb_ci ACLs or the other write ACLs are causing an issue. I've checked Business rules and UI Policy. Nothing seems to be effecting it. When I go to the debug this is what I'm seeing:
