How do I give only "view" role or permission to a user to certain tables?

sifynm · ‎02-22-2017

As per the URL: http://wiki.servicenow.com/index.php?title=Role_Delegation#gsc.tab=0 I read the following:

4.2 Preventing Roles from being Delegated

By default, the following fields are not delegatable:

admin

public

nobody

role_delegator: A user with the role_delegator role cannot delegate this role to other group members.

My requirement, I have created a table by name "Sify Servers" and "SR IR Tables" which are as shown in the attachment. Please let me know how I can create an access for the user who should be able to only view these tables, but should not be able to modify any fields. I have tried giving him an "admin" role which works, but if I remove the user role it does not work. I have read through this wiki for creating roles URL: http://wiki.servicenow.com/index.php?title=Creating_Roles#gsc.tab=0 but not sure how I can implement it. If there are any steps to follow kindly let me know.

shloke04 · ‎02-24-2017

Hi,

1) First you need to enable the Elevated Privileges to write an ACL which can be done as shown below:

2) Click on the ACL module visible in your screen shot also shown below:

3) Once you click on ACL highlighted above in red then you would be getting the New button to crate an ACL as shown below:

Hope this helps. Mark the answer as correct/helpful based on impact.

Regards,

Shloke

Hope this helps. Please mark the answer as correct/helpful based on impact.

Regards,
Shloke

View solution in original post

sifynm · ‎02-24-2017

Dear Mr. Harshavardhan,

I have elevated my privileges as "security_admin" and I was able to view the "New" button, however I am totally not convinced by the reply of adding myself as security admin. I am again repeating my requirement, when a table is created I should be able to restrict a user or a group of users from accessing it. Kindly let me know how to do the same.

My view of doing this is I need to specify the user or a group of users who "Can read" only (view) this table. Please help me with the same, maybe along with the access levels. The steps to achieve it would help me doing it.

shloke04 · ‎02-24-2017

Hi Nandan,

ACL is the best approach of controlling the visibility of records as part of your requirement too. Security_admin role is required in order to configure the ACL.

As per your screen shot, the Table "Sify Server" for which you want to have Read only access for the list of records for a certain role of users, you need to configure the Read ACL as mentioned above in my post and give the specific role in the ACL for whom you want the Read access to be.

Try configuring the same and test your scenario and let me know if it does not works.

Hope this helps. Mark the answer as correct/helpful based on impact.

Regards,

Shloke

Hope this helps. Please mark the answer as correct/helpful based on impact.

Regards,
Shloke

sifynm · ‎02-24-2017

Thank you for the help everyone to Mr.Harshavardhan as well.

sifynm · ‎02-26-2017

Dear Mr. Shloke Srivastava,

I have created a new modified access rule for "snc_internal" which is working for the group of users. These groups of users have read only access once they login. Please let me know what I have accomplished is correct or if there are any changes required.

shloke04 · ‎02-26-2017

Hi Nandan,

Can you share the screen shot of the ACL you have configured so that I can review the same, as the above screen shot shared by you reflects only the role for which you are configuring the access level.

Regards,

Shloke

Hope this helps. Please mark the answer as correct/helpful based on impact.

Regards,
Shloke