ACL restriction for one assignment group to only members

Daniela18 · ‎06-18-2020

I have a requirement to restrict incidents assigned to group "Network" to only network group members.

I tried this ACL. Can someone tell me what I am doing wrong because when I impersonate someone not in network I can read/ update/ write on the incident etc.

MrMuhammad · ‎06-21-2020

The issue is with triggering conditions. Please remove all the conditions under when to run.

Also, in the script replace the sys_id with actual sys_id of your assignment group in the 4th line. Currently it contains my group sys_id.

Please mark this accepted & helpful if it answered your question.

Thanks & Regards,
Sharjeel

Regards,
Muhammad

SwatiYeginati · ‎07-21-2023

It worked for me. Thank you 🙂

Daniela18 · ‎06-21-2020

Updated to correct SYS ID. didn't help.

It should only be read only when category and subcategory is Email so that is why I still need the filters.

MrMuhammad · ‎06-21-2020

If you don't want to hide records just want to make them readonly then follow the screenshot to setup Write ACL. BR are server side script and cannot make fields readonly.

Make sure to replace sys_id with actual sys_id in the script.

Regards,
Muhammad

Daniela18 · ‎06-22-2020

If you look at my first question, this is where I started.

I created an ACL exactly looking like your picture but with READ instead of WRITE and it did not work and I asked for help of finding out why.

I now activated that ACL again but it is still not working.

I tested with a member that is not admin and not member of Network group and it could see the incidents.