debugging of security rules?

Snow Guest · ‎05-19-2022

i have created custom role in scoped application and given acces to all the feilds to read, write, and create but two fields remains in read only mode....why? there are no feild level acls whih restricting them and there are no ui polices writen and client scripts too!!

what went wrong?

NOte:- when i tried to impersenate with user who had a custom role you can see how it is looks like in first picture. second one is how form looks like when i opened in application.

sachin_namjoshi · ‎05-19-2022

Did you checked if these fields are read only at dictionary level?

Regards,

Sachin

sachin_namjoshi · ‎05-19-2022

Turn on field watcher on these fields to see which object is making it read only.

Also, are these fields pulled from base table e.g task? They may be read only at dictionary level.

Regards,

Sachin

Allen Andreas · ‎05-19-2022

Hello,

Please review your ACLs in this order (using incident for example):

table.field ACL (incident.short_description)
Parent table.field ACL (task.short_description)
table.* ACL (incident.*)
Parent table.* ACL (task.*)
Generic field ACL (*.*)

If an ACL exists at one of those levels, starting from 1, then that ACL determines their access (whether pass or fail).

Additionally, as has been mentioned, check the field dictionary for those two fields to include any dictionary overrides (as this field could have been inherited higher up the chain).

Please mark reply as Helpful/Correct, if applicable. Thanks!

Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!

Allen Andreas · ‎05-19-2022

Also, please don't post duplicate questions on the forums as responses get spread out all over: https://community.servicenow.com/community?id=community_question&sys_id=34ad3df1db23c514ca6fdb85ca96...

Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!