clarification on delete operation of acl

Jagadeesh_Maddi
Tera Contributor

3 weeks ago

Hi everyone,

I’m looking for some clarity on Delete ACL evaluation in ServiceNow.

Specifically, when a delete operation is performed on a record, how does the platform evaluate:

  • table.none

  • table.*

My understanding is that delete is a row-level operation, so only  table.none are checked, and table.* (field-level wildcard) is ignored — but I’d like to confirm if this is always true or if there are any exceptions.

Thanks in advance for your help!

0 Helpfuls
  • 287 Views
1 REPLY 1

MohamedZ
Tera Sage

3 weeks ago - last edited 3 weeks ago

Hi @Jagadeesh_Maddi ,

Yes your understanding is correct.

I tested in PDI for custom table. As you can see i created table level and field level ACL and assigned the field-level (table.*) delete ACL to the admin role only.

During testing, I observed that unlike read/create/write, the field-level table.* is ignored for delete operations. When impersonating a non-admin user, the record could still be deleted as long as the table-level delete ACL allowed it. This confirms that delete is a row-level operation and Field-level ACLs  have no impact on delete

I don’t think there are any exceptions to this behavior

 

Mohammed8_0-1768950764738.png

 

Mohammed8_1-1768951011465.png

 

Thanks and regards,

Mohammed Zakir