How to restrict incident fields for non ITIL users

Community Alums
Not applicable

‎03-04-2022 02:22 AM

Hi, 

How do i make all incident fields read only using ACL

User should be assignment group or is the caller or has itil_admin role to edit fields if these conditions are not met the fields must be read only. 

Regards 

C

Labels:
0 Helpfuls
  • 958 Views
6 REPLIES 6

Ankur Bawiskar
Tera Patron
Tera Patron

‎03-04-2022 02:25 AM

Hi,

please check existing table level WRITE and table.* WRITE ACL and update accordingly

Regards
Ankur

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader

Raghu Ram Y
Kilo Sage

‎03-04-2022 02:33 AM

HI,

Instead of that I can suggest you other way, that is... show incidents only when the user is either of group member or caller or has itil_admin role.

Making readonly all the fields is not a best practice, because in sometimes we might have field level acls... suppose we have 20 field level ACL's you need to update all those.. so I can suggest the other way to acheive the requirement.

 

Raghu Ram Y
Kilo Sage
In response to Raghu Ram Y

‎03-04-2022 05:29 AM

@Carol have you gone through my suggestion, I hope it will be helpful.

0 Helpfuls

shloke04
Kilo Patron

‎03-04-2022 04:13 AM

Hi @Carol 

Please create a Field level ACL as shown below on Incident table and assign ITIL role to it  an use the script as below:

var getAssignmentGroup = current.getDisplayValue('assignment_group');
if(gs.getUser().isMemberOf(getAssignmentGroup) || current.caller_id == gs.getUserID() || gs.hasRole('itil_admin')){
	answer = true;
}else{
	answer = false;
}

find_real_file.png

Along with this there are certain other ACL which you need to look at and update the ACL with the same script shared above:

Sharing the links of ACL which you need to update with the same script are as below:

https://instance.service-now.com/nav_to.do?uri=sys_security_acl.do?sys_id=1267792b2f03b010770c56f62799b6a9

https://instance.service-now.com/nav_to.do?uri=sys_security_acl.do?sys_id=e22436b10a0a0b2400c777d751620dfa

https://instance.service-now.com/nav_to.do?uri=sys_security_acl.do?sys_id=b48f61c7870033000e56d61e36cb0b46

https://instance.service-now.com/nav_to.do?uri=sys_security_acl.do?sys_id=6bcf65c7870033000e56d61e36cb0b45

https://instance.service-now.com/nav_to.do?uri=sys_security_acl.do?sys_id=e910f9c7870033000e56d61e36cb0bb5

Replace "instance' with your instance name.

Hope this helps. Please mark the answer as correct/helpful based on impact.

Regards,
Shloke

 

Hope this helps. Please mark the answer as correct/helpful based on impact.

Regards,
Shloke
Preview file
81 KB