How ACL Determines? Is it Specific to Generic or vice versa? Can anyone explain me!

lucky6
Tera Contributor

‎07-03-2020 06:16 AM

Hi everyone, 

How ACL determines? Is it Specific to Generic or vice versa? Can anyone explain me!

Thanks in Advance.. 

Labels:
0 Helpfuls
  • 2,354 Views
9 REPLIES 9

Priyanka Vasant
Tera Guru

‎07-03-2020 08:10 AM

Hi lucky,

I have shared similar thread that might help you to get the answer of your question.

https://community.servicenow.com/community?id=community_question&sys_id=03e603e5db1cdbc01dcaf3231f96...

 

Mark helpful or correct based on impact.

Regards,

Priyanka A.

0 Helpfuls

Ankur Bawiskar
Tera Patron
Tera Patron

‎07-03-2020 08:17 AM

Hi,

sharing few links you can go through for understanding

https://docs.servicenow.com/bundle/helsinki-platform-administration/page/administer/contextual-secur...

https://docs.servicenow.com/bundle/orlando-platform-administration/page/administer/contextual-securi...

https://www.youtube.com/watch?v=CigxJiSY9bk

If my answer solved your issue, please mark my answer as Correct & 👍Helpful based on the Impact.

Regards
Ankur

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader
0 Helpfuls

Chuck Tomasi
Tera Patron

‎07-03-2020 08:19 AM

One additional note, on best practices if you are creating an ACL, use roles first, they are faster, easier, and get evaluated first.

Conditions are second - also easy to write.

Use script only if you HAVE to and avoid doing GlideRecord queries in ACLs unless ABSOLUTELY necessary as it could impact performance.

Ankur Bawiskar
Tera Patron
Tera Patron

‎07-07-2020 11:10 PM

@lucky 

Hope you are doing good.

if you think there is any response that helps you please mark that helpful or accepted so that this thread can be closed.

Regards
Ankur

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader
0 Helpfuls

Megha Padale
Giga Guru

‎07-07-2020 11:29 PM

Hi,

Adding to all above, Access Controls do not stand alone; they are part of list known as an Access Control List (ACL). An ACL is an ordered list of all Access Controls that apply in a particular circumstance.

Recall that the NeedIt table extends the Task table.

The NeedIt table extends the task table

 

Due to inheritance, the Task table Access Controls can potentially grant or deny access to NeedIt table records if no Access Controls specific to the NeedIt table exist. If no Access Control exists on the table, the parent table Access Controls are searched.

When deciding whether to grant or deny access, the ACL is searched from the most specific to the most generic match. For example, when determining whether to grant access to the NeedIt table Short description field, the search order is:

  1. Match the table and field name: x_58872_needit_needit.short_description
  2. Match the parent table and field name: task.short_description
  3. Match any table with the field name: *.short_description
  4. Match the table and any field (wildcard): x_58872_needit_needit.*
  5. Match the parent table and any field (wildcard): task.*
  6. Match any table (wildcard) and any field (wildcard): *.*

Check reference:

https://developer.servicenow.com/dev.do#!/learn/learning-plans/orlando/new_to_servicenow/app_store_l...

If my answer helped you in any way, mark answer as helpful and correct.

Thanks and regards,

Megha.

0 Helpfuls