- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-20-2019 02:47 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-20-2019 02:50 AM
Hi,
I would suggest these points before creating a new ACL:
1. Search for all the ACLs for that particular table you want to create on and categorise them for row level, field level types, never duplicate any ACL conditions which may turn irritating at later stages.
2. Use scripting if there is a similar ACL available, say your table and field with the role is already available, you can edit it instead of creating a new one.
3. You can also verify the base table (say check for task ACLs before writing a new ACL at incident level) and know things for parent child relation at ACL level.
Creating a new ACL will be easy for a new table but not for the existing ones. Recheck contradicting ACLs if any found, debug asap before going ahead. This would help you to make the process easy and no workarounds needed in future.
you can refer below link :
https://www.servicenowguru.com/showcase/servicenow-security-tips/
After going throw this mark it as correct/helpfull
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-20-2019 02:50 AM
Hi,
I would suggest these points before creating a new ACL:
1. Search for all the ACLs for that particular table you want to create on and categorise them for row level, field level types, never duplicate any ACL conditions which may turn irritating at later stages.
2. Use scripting if there is a similar ACL available, say your table and field with the role is already available, you can edit it instead of creating a new one.
3. You can also verify the base table (say check for task ACLs before writing a new ACL at incident level) and know things for parent child relation at ACL level.
Creating a new ACL will be easy for a new table but not for the existing ones. Recheck contradicting ACLs if any found, debug asap before going ahead. This would help you to make the process easy and no workarounds needed in future.
you can refer below link :
https://www.servicenowguru.com/showcase/servicenow-security-tips/
After going throw this mark it as correct/helpfull
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-20-2019 05:48 AM
ACL useful practice
- Read the documentation.
- Get a personal dev instance and do the learning plans.
- Know the difference between Row level and Field level ACL.
- Review all the ACL's on the table that you are thinking of fiddling with before you fiddle.
- Be as specific as you can. If you only want to lock down one field limit your acl to that field etc.
- OOTB system includes ACL components from global and some parent tables so be aware that the acl you think you are modifying may not be against the table you think. Always check. Don't mod the system wide ones unless totally confident. Scratch that just don't touch them 😛
- Don't test as admin
- If your testing gives an unexpected result beware of the other acl's as they may be interfering with the result that you are after.
I put the caution at the start as you need to be very careful when you do ACL's. You have to elevate your privilege beyond admin to work on them. Given you can trash the system as admin and you are raising your level when you do this you are in a position to wreak havoc if you don't know what you are doing.
