ACL access to specific Group

Adhithyaraj
Tera Contributor

‎06-08-2016 02:47 AM

Hi,

I'm creating ACL for a group(SIU group). The Requirement is , the members of the group should have read access to the table "alm_asset" when the Model Category field is having the value "Camera".
i.e, Asset table will have n number of records with different model categories.
The group member should see the specific model category records only. Other records should not be listed for the member.


There is an ACL written already which allows to see "alm_asset" table only if the user is having "Asset manager" role. But my group member is now having 'itil' role.

I tried the following:

**Gave Asset manager role to the group and scipted the code-

                            var user = gs.getUser();

                            if (user.isMemberOf('b0ffc1cd6f1d590088a99ea22e3ee4ce'))// Special Investigation Unit Group sys id

                                      {

                              gs.log("test1");

                              answer = true;

                            }

                            else{

                              answer = false;

                            }

** Given the Model Category(Camera) condition in ACL

But it doesn't work.

Please give me a solution how I can do this as a beginner to SNOW.

0 Helpfuls
  • 4,325 Views
1 REPLY 1

Andras Kisgyorg
Kilo Guru

‎06-08-2016 04:32 AM

HI,


In general ACL rules should be kept simple to ensure they can evaluate fast (for performance reasons and also it is easier to debug).


In this scenario, I would suggest to create a new Role for this access, with a descriptive name.



Then, you should add this Role to the Group which you wish to grant its members with this access.


Adding a role to a group grants all group members with the role.



After that you have to update the ACLs to do the necessary role check of this particular role and give access accordingly.



Best regards,


Andras