should ACL script return true explicitly to grant access?

prasanna11
Mega Guru

should ACL script return true explicitly to grant access?

will this below ACL return true if any of the condition satisify ?

current.isNewRecord() || current.request.opened_by == gs.getUserID() || current.request.requested_for == gs.getUserID() || gs.hasRole('itil')

Or should this be wrapped inside a function as below?

checkAccess();

function checkAccess() {

if (current.isNewRecord() || current.request.opened_by == gs.getUserID() || current.request.requested_for == gs.getUserID() || gs.hasRole('itil')){

return true;

}

else{

return false;

}

}

1 ACCEPTED SOLUTION

harshvardhan_11
Giga Expert

Both will work in same manner.



As per the wiki


The script must generate a true or false response in one of two ways:


  • return an answer variable set to a value of true or false
  • evaluate to true or false.


So since both of the values return to true. It will work in both conditions


View solution in original post

5 REPLIES 5

harshvardhan_11
Giga Expert

Both will work in same manner.



As per the wiki


The script must generate a true or false response in one of two ways:


  • return an answer variable set to a value of true or false
  • evaluate to true or false.


So since both of the values return to true. It will work in both conditions


ghsrikanth
Tera Guru

As a reference for the Harshavardhan's answer - you can always check any out of box ACL


Please find the the out of box ACL on Incident table -


https://instanceName.service-now.com/nav_to.do?uri=sys_security_acl.do?sys_id=7da3bda1c0a801667dc88c...



Screen Shot 2016-03-17 at 7.53.06 PM.png



Hopefully it helps


Abhinandan Pati
Giga Guru

Hi Prasanna,



Answer to your first question is YES. And second method is the best approach.



Thanks


Abhinandan


why is second method the best?