Is it possible to check the access(ACLs) of a user by logging into ServiceNow but not impersonating in an ATF.

Vasavi4
Giga Contributor

I have a requirement to test the access of a user for few fields using ATFs, but we should not do through impersonate user, is there a way to do using ATF, like how we are manually logging in with that account and checking.

3 REPLIES 3

Community Alums
Not applicable

Hi @vasavib1 ,

May i know, why you don't want to use Impersonate step ? As this is what best practice says:

Following below Steps you can achieve the mentioned requirement.

  1. Impersonate a User which is having Access to that field.
  2. Open a form.
  3. Field state validation and validating the field is not read only.
  4. Impersonate User which dont having Access to that field.
  5. Open a form. (Same form as step 2)
  6. Field state validation and validating the field is now read only.

Mark my answer correct & Helpful, if Applicable.

Thanks,

Sandeep

Vasavi4
Giga Contributor

There are few ACLs where we are doing impersonateCheck and restricting the access if user is in impersonate. As few fields have sensitive information.

Community Alums
Not applicable

HI @vasavib1 ,

You can add a role on which ACL is configured  and then the rest of the steps will remain the same for testing. By doing this it will allow to impersonate and test.

 

Mark my answer correct & Helpful, if Applicable.

Thanks,

Sandeep