Hierarchy of Client Script, UI Policy and Business Rule and ACL
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-06-2016 10:35 PM
Does anyone know the hierarchy, say ACL says read/write, then i have a script to say readonly. What will apply? Same with others, UI Policy and Client Script, what will be applied.
- Labels:
-
Service Mapping

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-06-2016 11:46 PM
Hi Rusty,
As Paul points out, the ACL is the LAW. If you do not have permissions (i.e., a matching ACL) to something, then nothing will change that for you.
- If it is a security issue, then ACL is your desired answer. Access to a field based on role or group membership is a good candidate
- If it is something that can fluctuate based on choices made within the form, then a UI Policy/Data Policy/Client Script may be your solution.
- UI Policies can be applied in a specific order, can include scripting, but only apply to form views
- Data Policies are similar, do not include scripting, but can apply to lists and forms, as well as imports and other operations
- Client Scripts apply to the form only and do not have a specified order. While you can use them to set field mandatory/read-only/visibility, these are better left to UI/Data Policies. Client Scripts are more appropriate for data validation/manipulation on the form.
Just remember, ACLs control your access to something (thus the 'A') and apply to the field/record/table itself on the underlying database.
-Brian
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-06-2016 11:50 PM
The problems is, the ACL is read/write. Then I wrote a script to make it readonly (onload), it was being executed I am sure, but the field is still writable. That is my problem.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-07-2016 12:14 AM
A write=true ACL won't override a Client Script.
Can you post your code / Policy?
If you are just toggling a field to read only, I recommend using UI Policy,
ServiceNow Nerd
ServiceNow Developer MVP 2020-2022
ServiceNow Community MVP 2019-2022
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-07-2016 12:25 AM
I can't seem to use UI Policy because my condition is based on the current user, say the current user has an 'admin' role, that is the only time the field will be writable.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎10-07-2016 08:53 AM
You can still use UI Policy with the Execute if true/false scripts available to you (however Data Policy doesn't offer these) instead of using Client Scripts.
-Brian