ACL not working as expected.

Sattimsetti raj
Tera Contributor

Hi All,

 

I have created new field called " Support model " in hardware table (cmdb_ci_hardware) and also, I have created the new role called " u_cmdb_ci_manager " users having " u_cmdb_ci_manager " role " Support model " field should be editable.

 

The three main ACLs I've created are:

 

Sattimsettiraj_0-1709129187829.png

 

Sattimsettiraj_1-1709129250060.png

 

Sattimsettiraj_2-1709129284590.png

 

I'm facing some issues with these ACLs because what those ACLs have now done is made some unnecessary fields editable e.g. the Name field should not be editable.

 

Sattimsettiraj_3-1709129408483.png

 

 

So, I was just wondering what I'm doing wrong and what I need to do make this field editable and keep the other fields read only.

1 ACCEPTED SOLUTION

Hi @Sattimsetti raj in that case you need

write level tablename.* ACL to lock all fields and in advance script return false;

and role u_cmdb_ci_manager

Regards
Harish

View solution in original post

22 REPLIES 22

Hi

I have disabled the Hardware.* is a wild card acl :

 

Sattimsettiraj_4-1709183587958.png

 

 

Still, I see " Support model " field read-only and the other fields are editable:

 

Sattimsettiraj_5-1709183588073.png

 

 

@Sattimsetti raj 

Can you check by any chance if you have made the field read only on dictionary level, check Read only checkbox on the field.

Also, in the table.none write acl, you also have hardware role added there, right?

Best Regards
Aman Kumar

Hi,

Can you check by any chance if you have made the field read only on dictionary level, check Read only checkbox on the field: 

 

Sattimsettiraj_1-1709188672289.png

 

 

 

Also, in the table.none write acl, you also have hardware role added there, right? : Yes.

 

Sattimsettiraj_0-1709188594680.png