Write ACL Not Working on passing property

Go to solution
ABC6
Tera Contributor

‎08-02-2024 04:18 AM

Hello Team,

I have a requirement where i need to restrict the itil user write permission for few records, for which i did create a write acl and Write the script like this but it is not picking up the property Value

 

ACL Script:

if(gs.hasRole('itil') && gs.getProperty('cmpy.write'))
{
    answer=true;
}
 
Property SS:
 
ABC6_0-1722597405201.png

 

0 Helpfuls
  • 603 Views
1 ACCEPTED SOLUTION

Go to solution
ShubhamGarg
Kilo Sage
In response to ABC6

‎08-02-2024 05:10 AM

Hello @ABC6 ,

 

You can use below path to activate Access Analyzer in your instance. Only system administrator role is required, no special permission is needed as it does not impact your instance.

 

App. Navigator > System defintion > Plugins > Search access analyzer and install it.

 

Begin your troubleshooting. Hope it helps.

 

Mark this as Correct/Helpful if above info. helps in any way and help in closing this thread.

 

Regards,

Shubham

View solution in original post

0 Helpfuls
10 REPLIES 10

Go to solution
Sandeep Rajput
Tera Patron
Tera Patron
In response to ABC6

‎08-02-2024 04:58 AM

@ABC6 Check if there is already another write ACL on Company Property. None which is allowing the write ACL on the table to itil role.

 

The best way to debug such issues is using the Access Analyser. I recommend using it.

0 Helpfuls

Go to solution
ABC6
Tera Contributor
In response to Sandeep Rajput

‎08-02-2024 05:02 AM

i am not sure if access analyzer is been active in my instance,I have checked already there is no other Write ACL

0 Helpfuls

Go to solution
ShubhamGarg
Kilo Sage
In response to ABC6

‎08-02-2024 05:10 AM

Hello @ABC6 ,

 

You can use below path to activate Access Analyzer in your instance. Only system administrator role is required, no special permission is needed as it does not impact your instance.

 

App. Navigator > System defintion > Plugins > Search access analyzer and install it.

 

Begin your troubleshooting. Hope it helps.

 

Mark this as Correct/Helpful if above info. helps in any way and help in closing this thread.

 

Regards,

Shubham

0 Helpfuls

Go to solution
ShubhamGarg
Kilo Sage

‎08-02-2024 04:42 AM

Hello @ABC6 ,

 

What I could notice is, the name of System property is not matching the property name you have passed in the script of ACL. If you could correct it, should work for you.

 

For general ACL specific troubleshooting, ServiceNow has introduced a new capability in Vancouver release, i.e., Access Analyzer. You can check all the accesses for any given user by passing resource details.

 

I hope it helps.

 

Mark this as Correct/Helpful if above info. helps in any way and help in closing this thread.

 

Regards,

Shubham

0 Helpfuls

Go to solution
ABC6
Tera Contributor
In response to ShubhamGarg

‎08-02-2024 04:47 AM

I already renamed that property to what i have mentioned over ACL.

0 Helpfuls