Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

How to restrict incident fields for non ITIL users

Community Alums
Not applicable

‎03-04-2022 02:22 AM

Hi, 

How do i make all incident fields read only using ACL

User should be assignment group or is the caller or has itil_admin role to edit fields if these conditions are not met the fields must be read only. 

Regards 

C

Labels:
0 Helpfuls
  • 1,106 Views
6 REPLIES 6

Ankur Bawiskar
Tera Patron
Tera Patron

‎03-04-2022 02:25 AM

Hi,

please check existing table level WRITE and table.* WRITE ACL and update accordingly

Regards
Ankur

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader

Raghu Ram Y
Kilo Sage

‎03-04-2022 02:33 AM

HI,

Instead of that I can suggest you other way, that is... show incidents only when the user is either of group member or caller or has itil_admin role.

Making readonly all the fields is not a best practice, because in sometimes we might have field level acls... suppose we have 20 field level ACL's you need to update all those.. so I can suggest the other way to acheive the requirement.

 

Raghu Ram Y
Kilo Sage
In response to Raghu Ram Y

‎03-04-2022 05:29 AM

@Carol have you gone through my suggestion, I hope it will be helpful.

0 Helpfuls

shloke04
Kilo Patron

‎03-04-2022 04:13 AM

Hi @Carol 

Please create a Field level ACL as shown below on Incident table and assign ITIL role to it  an use the script as below:

var getAssignmentGroup = current.getDisplayValue('assignment_group');
if(gs.getUser().isMemberOf(getAssignmentGroup) || current.caller_id == gs.getUserID() || gs.hasRole('itil_admin')){
	answer = true;
}else{
	answer = false;
}

find_real_file.png

Along with this there are certain other ACL which you need to look at and update the ACL with the same script shared above:

Sharing the links of ACL which you need to update with the same script are as below:

https://instance.service-now.com/nav_to.do?uri=sys_security_acl.do?sys_id=1267792b2f03b010770c56f62799b6a9

https://instance.service-now.com/nav_to.do?uri=sys_security_acl.do?sys_id=e22436b10a0a0b2400c777d751620dfa

https://instance.service-now.com/nav_to.do?uri=sys_security_acl.do?sys_id=b48f61c7870033000e56d61e36cb0b46

https://instance.service-now.com/nav_to.do?uri=sys_security_acl.do?sys_id=6bcf65c7870033000e56d61e36cb0b45

https://instance.service-now.com/nav_to.do?uri=sys_security_acl.do?sys_id=e910f9c7870033000e56d61e36cb0bb5

Replace "instance' with your instance name.

Hope this helps. Please mark the answer as correct/helpful based on impact.

Regards,
Shloke

 

Hope this helps. Please mark the answer as correct/helpful based on impact.

Regards,
Shloke
Preview file
81 KB