Why table.none write acl grant access to edit fields of custom table

abrouf · ‎11-21-2023

I created a custom table with Extends table - Asset and a role -test_asset then, created Table.None write ACL with a custom role - test_asset, but non-admin users with role - test_asset are able to edit the custom fields that I added.

Any idea or suggestion is appreciated.

Thank you.

abrouf

abrouf · ‎11-29-2023

The issue has been resolved by creating a write ACL for all fields (Table.*) and adding an admin role, I thought the admin already had write access by default. so didn't do so earlier.

Got this idea from here:

https://www.servicenow.com/community/secops-forum/how-to-give-write-access-to-specific-field-on-form...

Still didn't get the logic, if anybody knows, please drop here with the ServiceNow ACL documentation.

View solution in original post

abrouf · ‎11-22-2023

Hi Anvesh,

You mentioned-

This is because of ACL is searched from the most specific to the most generic match.

As there is no field level ACL it matches the Row Level ACL to grant the access.

Here Row level access is read but given here as a write.

abrouf · ‎11-22-2023

Corrections: