What is difference between table.none and table.* in ACL? Please explain with an example.

Go to solution
Tejashvi
Giga Contributor

‎04-20-2020 08:16 AM

Hii,

 

What is the difference between table.none and table.* in ACL form ?Please explain with an example.

 

Thanks in advance!!!

0 Helpfuls
  • 24,842 Views
1 ACCEPTED SOLUTION

Go to solution
Allen Andreas
Administrator
Administrator

‎05-18-2020 09:08 AM

Hi,

For table.none means that you are applying the ACL at the table level.

For table.*, means that you are applying this for all rows/fields on that table which don't have their own specific table.field ACL. So it's more of a "meta-ACL", if you will.

Then there's table.row/field, means you are applying this for that specific field.

For ACLs you first need access to the table, then to the field. Think of it as walking up to a house. You can't get in the house (table) without the door being unlocked. Once inside, the rooms, are the rows/fields. So those need to be unlocked as well to go in to those (table.* or table.row/field).

More discussion found here: https://community.servicenow.com/community?id=community_question&sys_id=fa788feddb1cdbc01dcaf3231f96...

Please mark reply as Helpful/Correct, if applicable. Thanks!


Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!

View solution in original post

10 REPLIES 10

Go to solution
Kieran Anson
Kilo Patron

‎04-21-2020 05:13 PM

Hi Tejashvi,

Easiest way to distinguish is one is row level (.none) and one is field level (* or incident.number).

For example, ACL write - incident.none which requires role "ITIL" and a condition of "incident_stateNOT IN7,8^EQ" requires the user to have the ITIL role and the INC not to be in state 7 or 8 (Closed or Cancelled) in order to have write access at record level. If no further ACL's are defined, this user would have full access to the record and update all fields.

For field level, ACL write - incident.state requires the admin role with a condition of "state=7^EQ" meaning if the state is 7 (Closed) then the only user who can update the record state and change it to in progress as an example would be a user with admin role. Even though the ITIL user has full access at row/record level, this ACL prevents access at the particular field level.

 

Go to solution
Kieran Anson
Kilo Patron
In response to Kieran Anson

‎05-18-2020 09:01 AM

Hi, Checking in on whether my reply resolved your issue? If so please Mark Correct and /or 👍 Helpful if you find my response worthy based on the impact.
By doing so you help other community members find resolved questions which may relate to an issue they're having.

Go to solution
Allen Andreas
Administrator
Administrator

‎05-18-2020 09:08 AM

Hi,

For table.none means that you are applying the ACL at the table level.

For table.*, means that you are applying this for all rows/fields on that table which don't have their own specific table.field ACL. So it's more of a "meta-ACL", if you will.

Then there's table.row/field, means you are applying this for that specific field.

For ACLs you first need access to the table, then to the field. Think of it as walking up to a house. You can't get in the house (table) without the door being unlocked. Once inside, the rooms, are the rows/fields. So those need to be unlocked as well to go in to those (table.* or table.row/field).

More discussion found here: https://community.servicenow.com/community?id=community_question&sys_id=fa788feddb1cdbc01dcaf3231f96...

Please mark reply as Helpful/Correct, if applicable. Thanks!


Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!

Go to solution
Allen Andreas
Administrator
Administrator
In response to Allen Andreas

‎06-01-2020 06:40 PM

Hi,

I just wanted to check in on this. If my reply helped guide you correctly, please mark it as Helpful & Correct.

Thank you!


Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!