ACL not working as expected.

Sattimsetti raj · ‎02-28-2024

Hi All,

I have created new field called " Support model " in hardware table (cmdb_ci_hardware) and also, I have created the new role called " u_cmdb_ci_manager " users having " u_cmdb_ci_manager " role " Support model " field should be editable.

The three main ACLs I've created are:

I'm facing some issues with these ACLs because what those ACLs have now done is made some unnecessary fields editable e.g. the Name field should not be editable.

So, I was just wondering what I'm doing wrong and what I need to do make this field editable and keep the other fields read only.

Harish KM · ‎02-28-2024

Hi @Sattimsetti raj in that case you need

write level tablename.* ACL to lock all fields and in advance script return false;

and role u_cmdb_ci_manager

Regards
Harish

View solution in original post

Sattimsetti raj · ‎02-28-2024

user role was: u_cmdb_ci_manager

Harish KM · ‎02-28-2024

Hi @Sattimsetti raj is there any scripts which is making the field readonly?

Regards
Harish

Sattimsetti raj · ‎02-28-2024

Hi,

NO, its new field I have created.

Harish KM · ‎02-28-2024

Hi @Sattimsetti raj I just tested in PDI, here is what i did,

1.created a new field "Support Mod" on cmdb_ci_hardware table

2.created a new role u_cmdb_ci_manager

3. Assigned user Fred luddy u_cmdb_ci_manager role

4. Created a Write ACL as below

Result:

1. As Fred with u_cmdb_ci_manager role. Field editable

tested as itil user, field not editable

Regards
Harish

Sattimsetti raj · ‎02-28-2024

My instance is not working. anything less needs to be check?