Write operation ACL is not working

Prasnajeet1
Giga Guru

ā€Ž09-05-2023 11:30 AM

Hi All

I have created ACL on the write operation. In the alm_hardware table there is field called "Last audit date" This field is set as readonly on the dictionary level. My requirement is if any user has 3 roles (asset_manager, asset_admin & asset_analyst) then "Last audit date" field should be editable. I have created the write opration ACL on the field level but it is not working. Can someone please suggest what I need to do or what need to modify to make it working.

0 Helpfuls
  • 1,004 Views
3 REPLIES 3

Tushar
Kilo Sage
Kilo Sage

ā€Ž09-05-2023 11:51 AM

Hi @Prasnajeet1 

 

can you please go to the table's dictionary (in your case, "alm_hardware").

You locate the "Last audit date" field and than navigate to the "Advanced" tab in the field's dictionary configuration.

Now set the "Write Access" field to "Allowed" for the roles that should have edit access to this field (e.g., 'asset_manager', 'asset_admin', 'asset_analyst)

 

Please, don't forget to mark my answer as correct if it solves your issue or mark it as helpful if it is relevant for you!

Regards,
Tushar

0 Helpfuls

DrewW
Mega Sage
Mega Sage

ā€Ž09-05-2023 12:17 PM

Turn off the read only on the dictionary record for the field.  Then put your write acl in using an advanced script the checks to that the user has all three roles.  Script should look something like

answer = gs.getUser().hasRole('asset_manager') && gs.getUser().hasRole('asset_admin') && gs.getUser().hasRole('asset_analyst');

 

Then you have to make sure that at least one of the three roles also has write access to the table.

 

OlaN
Giga Sage
Giga Sage

ā€Ž09-05-2023 12:20 PM

Hi,

You will need to remove the read-only mark on the dictionary level first, in order to allow writing to this field.

As long as it's set to read-only no ACLs will work to grant the write access.

 

After the removal, you can see if you have configured your ACL correctly, to allow to write in to some roles.

 

Also note, if you create the ACL and add roles in the "Requires role" section, these are treated as OR condition.

If your requirement is that a user should have multiple roles, then check the advanced checkbox, and write a script can checks if the user has all roles required before granting access.

0 Helpfuls