ACL for sc_request table field: Requested for

Go to solution
ajlabate
Kilo Expert

‎10-10-2014 12:18 PM

When a user is submitting a request from the Service Catalog, I present them with a variable field that is pre-populated with them as the requester.   They have the ability to enter a different valid name if they are submitting it for someone else.   When I test this it works fine, but that's because I am an admin.   I'm trying to figure out how to make that field in the sc_request table editable by anyone (even users).   I created an ACL for the field with no conditions and no script.   I just added the user role to be able to execute, create, or write.   However, this does not work.   Can someone tell me what I need to do to make this work so that anyone submitting a request from the catalog will have the ability to overwrite this field?

0 Helpfuls
  • 4,891 Views
1 ACCEPTED SOLUTION

Go to solution
ajlabate
Kilo Expert
In response to NMSLAcker

‎03-19-2015 08:34 AM

I did get this resolved, but can't remember the actual fix. The only thing I could find was that I updated the "Write" operations of the ACL's for sc_cart.* and sc_cart to force the script to always evaluate to True. This is what I have in the Script section:



var answer = true;


answer;



No roles or conditions are used. See if that does the trick for you.



>>> Marik Daniel <community-no-reply@servicenow.com> 3/18/2015 3:35 PM >>>




( https://community.servicenow.com/?et=watches.email.thread )



ACL for sc_request table field: Requested for


reply from Marik Daniel ( https://community.servicenow.com/people/NMSLAcker?et=watches.email.thread ) in Authentication - View the full discussion ( https://community.servicenow.com/message/765519?et=watches.email.thread#765519 )


Anthony did you get this fixed in your Dublin instance yet?


I am running into the same problem with our script not populating for non-admin users.


It was working until recent patching.


I've looked at the sc_cart ACL's and even made one specific to the Requested_for field but it is still not working.


Even specifying the test user directly in the ACL's didn't work for the non admin user.


We are currently on patch dublin-09-13-2013__patch7-hotfix5-01-22-2015 where the script is not working.


I believe we were on patch 3 when it was known to be working.



Any feedback you might have would be useful.




Reply to this message by going to ServiceNow ( https://community.servicenow.com/message/765519?et=watches.email.thread#765519 )


Start a new discussion in Authentication at ServiceNow ( https://community.servicenow.com/choose-container.jspa?contentType=1&containerType=14&container=2103&et=watches.email.thread )


Following ACL for sc_request table field: Requested for ( https://community.servicenow.com/message/765519?et=watches.email.thread#765519 ) in these streams: Inbox



( https://www.facebook.com/servicenow ) ( https://twitter.com/servicenow ) ( http://www.linkedin.com/company/servicenow ) ( http://www.servicenow.com )



"This electronic mail message contains information which may be confidential, privileged and protected from further disclosure. Such information relates to and is used for all purposes outlined in the statutes below, including Peer Review, Performance Improvement, Quality Assurance and Claims Management and Handling functions and/or Attorney-Client Communications. It is being produced within the scope of all Georgia and Federal laws governing record confidentiality, including (but not limited to) Official Code of Georgia Annotated Sections 31-7-15; 31-7-130; 31-7-131; 31-7-132; 31-7-133; 31-7-140; 31-7-143.


If you are not the intended recipient, please be aware that any disclosure, photocopying, distribution or use of the contents of the received information is prohibited. If you have received this e-mail in error, please reply to the sender immediately and permanently delete this message and all copies of it. Thank you.



Communication of electronic protected health information (ePHI) is protected under the Health Insurance Portability and Accountability Act (HIPAA) Act of 1996. Electronic mail (e-mail) communication is not encrypted or secure. The HIPAA Security Rule allows for patients to initiate communication of personal health information over this medium and for providers to respond accordingly with the understanding that privacy of communication is not guaranteed."


View solution in original post

0 Helpfuls
19 REPLIES 19

Go to solution
Joseph_Wheeler
ServiceNow Employee
ServiceNow Employee

‎10-10-2014 01:00 PM

Hi Anthony,



If you create a variable for a Service Catalog Item, under Service Catalog>Maintain Items and apply no ACL to it, the user should be able to change the answer.



For example, a variable named request_for could be a reference to the sys_user table with a default answer of javascript:gs.getUserID().



Are you making a catalog item, or using the variable somewhere else?   What version are you running?



Cheers,



Joe


0 Helpfuls

Go to solution
ajlabate
Kilo Expert
In response to Joseph_Wheeler

‎10-10-2014 01:06 PM

The user can change the field when submitting, however, it is not writing it to the sc_request.requested_for field.   It does when I submit it.   I am an admin.   We are on the Dublin release.


0 Helpfuls

Go to solution
Joseph_Wheeler
ServiceNow Employee
ServiceNow Employee
In response to ajlabate

‎10-10-2014 01:12 PM

Hi Anthony,



I believe that field name is reserved.   Try using a different variable name, like asking_for and see if it gives you the results you are looking for.


0 Helpfuls

Go to solution
Joseph_Wheeler
ServiceNow Employee
ServiceNow Employee
In response to Joseph_Wheeler

‎10-10-2014 01:17 PM

You may need to make sure the variable is displayed on the task.



Notice the requested for field on the Requested item form is still the original requester, but the variable displayed below is the user selected one:



find_real_file.png


Preview file
32 KB
0 Helpfuls