should ACL script return true explicitly to grant access?

prasanna11 · ‎03-17-2016

will this below ACL return true if any of the condition satisify ?

current.isNewRecord() || current.request.opened_by == gs.getUserID() || current.request.requested_for == gs.getUserID() || gs.hasRole('itil')

Or should this be wrapped inside a function as below?

checkAccess();

function checkAccess() {

if (current.isNewRecord() || current.request.opened_by == gs.getUserID() || current.request.requested_for == gs.getUserID() || gs.hasRole('itil')){

return true;

}

else{

return false;

}

harshvardhan_11 · ‎03-17-2016

Both will work in same manner.

As per the wiki

The script must generate a true or false response in one of two ways:

So since both of the values return to true. It will work in both conditions

harshvardhan_11 · ‎03-17-2016

Both will work in same manner.

As per the wiki

The script must generate a true or false response in one of two ways:

So since both of the values return to true. It will work in both conditions

ghsrikanth · ‎03-17-2016

As a reference for the Harshavardhan's answer - you can always check any out of box ACL

Please find the the out of box ACL on Incident table -

Hopefully it helps

Abhinandan Pati · ‎03-17-2016

Hi Prasanna,

Answer to your first question is YES. And second method is the best approach.

Thanks

Abhinandan

prasanna11 · ‎03-24-2016

why is second method the best?