- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-20-2020 08:16 AM
Hii,
What is the difference between table.none and table.* in ACL form ?Please explain with an example.
Thanks in advance!!!
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-18-2020 09:08 AM
Hi,
For table.none means that you are applying the ACL at the table level.
For table.*, means that you are applying this for all rows/fields on that table which don't have their own specific table.field ACL. So it's more of a "meta-ACL", if you will.
Then there's table.row/field, means you are applying this for that specific field.
For ACLs you first need access to the table, then to the field. Think of it as walking up to a house. You can't get in the house (table) without the door being unlocked. Once inside, the rooms, are the rows/fields. So those need to be unlocked as well to go in to those (table.* or table.row/field).
More discussion found here: https://community.servicenow.com/community?id=community_question&sys_id=fa788feddb1cdbc01dcaf3231f96...
Please mark reply as Helpful/Correct, if applicable. Thanks!
Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-18-2020 09:26 AM
Hi
Table.* is a field level ACL which gives Access to all field on that table.
Table.none is a row level ACL allows you to access records.
Basically the answer is simple yet tricky. Table.None is used when you are not bothered about columns and this only take care of records/rows.
Table.* comes to picture when your focus comes to field level , say you want to control the column access like making all read only. Also overriding the other ACL with table.column1/2/3.
Example 1
|
Operation |
User 1 |
User2 |
User 1 with role1 |
User 2 with role2 |
|
READ |
Table.none |
Table.none |
Can read and write all fields |
Can read and write all fields |
|
WRITE |
Table.none |
Table.none |
Example 2 : Table . * are used restrict purpose simply.
|
Operation |
User 1 |
User2 |
User 1 with role1 |
User 2 with role2 |
|
READ |
Table.none |
Table.none |
Can read and write all fields |
Can Only read all fields |
|
WRITE |
Table.none |
Table.none | ||
|
WRITE |
Table.* |
|
Example 3 :
|
Operation |
User 1 |
User2 |
User 1 with role1 |
User 2 with role2 |
|
READ |
Table.none |
Table.none |
Can WRITE all field except field 1 |
All field read except field 1 |
|
WRITE |
Table.none |
Table.none | ||
|
WRITE |
Table.* |
Table.field1 |
If it help mark helpful or correct
Thanks and regards
Anil
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-05-2020 08:23 AM
How on this earth is this connected to Devops?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-05-2020 10:58 AM
Hi nk,
People can choose any forum section they'd like and most likely accidentally picked the wrong thing? It does happen?
Sorry for the inconvenience!
Take care!
Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-10-2024 04:58 PM
Great that other community users have responded hence, I am going to give a different example to add clarity (if needed by others)
Think of a Table as a house and fields of a table as rooms in that house. With that in mind, table.* is essentially a key to all the rooms. So, it controls access to all fields in a table, unless overridden by specific field-level ACLs whereas, table.none controls access to records in the table, but does not apply to fields. It's often used to determine if a user can access any record in the table at all.
An example of how and when you would wish to use something like this could be:
table.*:
Use when you want to define general access rules for all fields in a table.
Example: Allow all users to view all fields in the Incident table, but restrict editing specific fields with individual field-level ACLs.
table.none:
Use when you want to control whether a user can access any records in the table at all.
Example: Allow only certain roles to view any record in the Change Request table, but leave field-level access to specific field ACLs.
Please mark my reply as Helpful/Correct, if applicable. Thanks! Might take a second for you and will help me 🙂
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-27-2025 01:25 AM
Generally "table.none" grants access to all records within a table without any restrictions on individual fields, while "table.*" grants access to all fields within a table, but only if there isn't a more specific field-level ACL rule in place.
