ACL on custom table in scoped application not working

kunal16 · ‎01-29-2020

Hi All,

I have create a new custom table 'Allegations' in Human Resources: Core application which is associated to Employee Relations table (there is a reference field on Allegations that refers to Employee Relations table).

The requirement is users with role 'sn_hr_core.employee_relations' should be able to create records in Allegations table. Now, I updated the ACLs (created during table creation for Allegation) and added the role 'sn_hr_core.employee_relations' on the Create operation, but still users with that role are unable to submit any record in Allegations table as all the fields are read-only for them.

Note: All the other ACLs (CRUD) have the role 'sn_hr_core.employee_relations' added to them.

Any help will be appreciated.

Thanks in advance!

Christian Prob2 · ‎01-29-2020

So if you create a 'create' ACL for sn_hr_core_allegation.* for your role it will work.

There is an ootb box create ACL "*.*" which prevents writing into fields at creation.

You can then still control update access through appropriate fields level 'write' ACLs as needed.

The only risk I see is that a user could manipulate the "created_on" and "created_by" fields - **IF** you have them on the form and show them.

Mark ✅ Correct if this solves your issue and also mark 👍 Helpful if you find my response worthy based on the impact.

Hope that helps, Christian

View solution in original post

kunal16 · ‎01-29-2020

Hey Christian,

Although there was no field level validation on Allegations table in form of UI Policy/Client Script/Data Policy, I did create a * level create-ACL and it worked! Not sure why it didn't work with basic table-level ACLs!!

Thanks for your help!

SN27 · ‎01-29-2020

Hi Kunal,

Make inactive the Read ACL and run.

Maybe the Read ACL is also working.

Regards,

Satya.