Correct me if I am wrong.

The field which I want to make editable after resolved is a field created only in Problem table. So is there a use of writing a * ACL for field ?

I think ,the way I explained my requirement was wrong. Actually it is:

we have written an ACL for allowing permission to edit all variables in the problem when the state is not Resolved, cancelled or closed. Now we have a requirement that we need to give access to edit a single field even after Resolved state. I tried by writing another Field ACL but it does not work. Since Field ACL will work first and later the table ACL will work. Can we do this through ACL?

Regards,

Ajai

ok let me try to explain again... my understanding is....

ACL's are evaluated at 2 layers.. table and field level...

the evaluation of rights at a LAYER level is MOST restrictive.. so if you get a deny from the table layer or from the field layer.. your access is denied.

Each layer is resolved independently using a LEAST restrictive requirement.. so if you are looking only at the field layer and 9 acl rules deny access and one allows access you get access on the FIELD layer..  

so both layers have to say yes.. but within each layer you only need a single yes if that makes sense....

so if your requirement is that only ONE field be editable in a state... you can NOT deny access at the table level n that state as that would block access with no way around it.. so you have to remove your table level deny when the state is resolved

so what we want now is a FIELD level deny on all fields EXCEPT certain ones... so you write a field level deny with the field as *   this should deny access to all fields... .now add a second acl allowing access to the single field we need... <remember at the field level a single yes gives us a yes> and it should work for you.

I also thought of changing the ACL and do this through UI Policy. But before that I just want to know whether some possibility with ACL is there because I have a lot of fields in Problem.