ACL script is not working properly

Renu9
Tera Contributor

Hi All,

 

I am having an existing ACLs on the table - asmt_assessment_instance_question.

 

In read and write acl: existing script is like below with the role - u_ticket_admin:

answer = (current.instance.user == gs.getUserID()) || (new AssessmentUtils()).hasAssessmentRoles(current.instance.metric_type.roles);
 
But as per my requirement , few users who are having roles such as '
Retail Specialist' and '
Retail Specialist II' who are also having u_ticket_admin role should not view records in the table 'asmt_assessment_instance_question' as they are survey related questions.
 

I modified the script in both read and write acls as below but still even with the logged in users who are having these retail roles are still viewing the records, which should not happen. Please guide here what I am missing

 

if((current.instance.user == gs.getUserID()) ||
(((new AssessmentUtils()).hasAssessmentRoles(current.instance.metric_type.roles))&&
(current.instance.trigger_id.assigned_to.title != 'Retail Specialist')&&
(current.instance.trigger_id.assigned_to.title != 'Retail Specialist II'))) ;
{
gs.log("access is provided  "+gs.getUserID());
answer = true;
}
 
 
2 REPLIES 2

Paul Curwen
Giga Sage

I presume you have answer=false at the start of your ACL script so it is deny by default?

 

Without that it won't work the way you want. 

***If Correct/Helpful please take time mark as Correct/Helpful. It is much appreciated.***

Regards

Paul

Suyash Joshi
Tera Contributor

Hi @Renu9 

Try this,

if (
(current.instance.user == gs.getUserID()) ||
(
((new AssessmentUtils()).hasAssessmentRoles(current.instance.metric_type.roles)) &&
(current.instance.trigger_id.assigned_to.title != 'Retail Specialist') &&
(current.instance.trigger_id.assigned_to.title != 'Retail Specialist II')
)
) {
gs.log("access is provided " + gs.getUserID());
answer = true;
}

If this work accept it as solution for other user help and mark as helpfuls

Regards,

Suyash