- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎01-06-2019 06:04 AM
both data policy and acl are server side..
both restricts access to data,
what is the major difference between those?
with examples pls?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎01-08-2019 12:24 AM
If you have some field as Mandatory on UI end or client browser, does not mean that it is mandatory at Database as well.
eg, lets say caller is mandatory while creating an incident when you open incident form, but you can bypass that mandate which are enforce at client or UI or browser end if you try to create incident record using GlideRecord server side code
var gr = new GlideRecord("incident");
gr.insert();
This piece of code above will create incident record even though if you dont provide caller as input. To avoid this at database or server level, data policy can be created.
Once data policy is created, you wont be able to submit incident without providing caller inforamtion both at UI ( client side ) level as well as Server ( GlideRecord API or Database level )
Note: Please mark reply as correct / helpful if it has answered your original question.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎01-08-2019 12:24 AM
If you have some field as Mandatory on UI end or client browser, does not mean that it is mandatory at Database as well.
eg, lets say caller is mandatory while creating an incident when you open incident form, but you can bypass that mandate which are enforce at client or UI or browser end if you try to create incident record using GlideRecord server side code
var gr = new GlideRecord("incident");
gr.insert();
This piece of code above will create incident record even though if you dont provide caller as input. To avoid this at database or server level, data policy can be created.
Once data policy is created, you wont be able to submit incident without providing caller inforamtion both at UI ( client side ) level as well as Server ( GlideRecord API or Database level )
Note: Please mark reply as correct / helpful if it has answered your original question.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎01-08-2019 01:29 AM
Hi,
Data policy makes you to enforce data consistency by setting mandatory and read only states for fields.
For example, if we want to make a field mandatory we can use data policy which ensures that a field has value on the server before a record can be inserted or updated.
When it comes to ensuring that a field (or a table) is fully inaccessible to users without a certain role we can use ACL.
While data policies can be used as UI policy on a form as they do not have same functionality as UI policy. For example ,you can not make a field visible or mandatory because there is no server side equivalent contextually hidden field and there is also no advanced view to write script.While ACLs are scriptable where we can write script.This is the major difference between data policy and ACL.
Please mark my answer as correct/helpful if it helps for you
Regards,
Pooja
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎01-08-2019 12:42 AM
Although ACLs & Data Policies seems to be similar -because they have something in common - they are still different - you cannot make a field mandatory with ACL for example.
