ACL restrict write to specific groups but allow everyone with itil role to write on Comments and Work Notes

JC S_
Mega Guru

‎05-15-2019 05:30 AM

We have a requirement to restrict write access on specific records to spceific groups only but anyone with itil role should be able to write on comments and work notes. Any idea on how to approach this ACL setup?

0 Helpfuls
  • 3,913 Views
5 REPLIES 5

Tim Provin
Mega Guru
In response to JC S_

‎05-15-2019 08:15 AM

Built this out in my developer instance, and did some debugging.  The task field level write ACLs are providing access to itil.  The joys of ACLS!  So what this means is that for each field that has a task field level ACL, you would need to modify the existing ACL to have the below condition.

find_real_file.png

Then you need to create the opposite at the task level for the group.  So a field level ACL that does not have any roles, the condition is Task type is Catalog Task, and the script checks the assignment group.  

Lots of work for something so simple.

Preview file
16 KB
0 Helpfuls