- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-12-2022 07:48 AM
Hi ,
I am using 1 core table in
1. ITBM,
2.ITSM.
currently i am working on the ITSM.
1.my requirement is i have to make program table read only for the program_staff role users, and editable for the program admin role users,I am using ACL's to do this.
2.issue is program_staff role users contains other roles also like abc_staff, etcc.
3.that abc_role have write access .. if we remove that access it will impact the ITBM Space,
4. but i need program table is read only for the program staff role users in ITSM Space. how to achive this?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-12-2022 09:39 PM
Hello Siva,
In this case if the abc_role which is contained in program_staff role has write access to Program table then you won't be able to achieve this requirement. The solution to this is that you create another custom role and assign that role to the users instead of program_staff. Then write ACL on this role to only provide read role on program table. But creating custom role can cost some amount to customer.
another solution would be create a new group ITSM space and add the users in this group to whom you want the program table to be read only. Then in the ACL on program table that allow the write role to users with abc_role you can add 1 additional condition as shown below:
if (!gs.getUser().isMemberOf("ITSM Space")) {
answer = true;
} else {
answer = false;
}So in that case if the user is member of ITSM Space group and have abc_role then they will not have write access on program table and users who are not member of ITSM Space group but have abc_role then they will have write access on program table.
Please mark my respsone as helpful/correct, if it answer your question.
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-12-2022 09:39 PM
Hello Siva,
In this case if the abc_role which is contained in program_staff role has write access to Program table then you won't be able to achieve this requirement. The solution to this is that you create another custom role and assign that role to the users instead of program_staff. Then write ACL on this role to only provide read role on program table. But creating custom role can cost some amount to customer.
another solution would be create a new group ITSM space and add the users in this group to whom you want the program table to be read only. Then in the ACL on program table that allow the write role to users with abc_role you can add 1 additional condition as shown below:
if (!gs.getUser().isMemberOf("ITSM Space")) {
answer = true;
} else {
answer = false;
}So in that case if the user is member of ITSM Space group and have abc_role then they will not have write access on program table and users who are not member of ITSM Space group but have abc_role then they will have write access on program table.
Please mark my respsone as helpful/correct, if it answer your question.
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-14-2022 11:55 PM
Hello Siva,
Just wanted to check with you, if the above response answered your question. If yes, then please do close this thread/question by marking the appropriate response as correct.
If you still need any further help or guidance on this then please update those on this question.
Thanks
