- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-07-2020 01:34 AM
I have requirement where i need to restrict ritm records to be hidden for other group memebers and only visbile to the specific assigned group and its members.
I have written table.none ACL with below code and condition
Its not working as expected and users are still able to view other groups ritm request.
Please help me on this.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-09-2020 03:22 AM
Hi,
You can try the following way:
1> Create a custom role and assign it to this assignment group.
2> Now search for all the Request Read ACLs. You may have several and for the basic read ACLs for Requests that allow all ITIL(any other specif role) etc. to read the Requests. Here you should add a condition that assignment IS NOT 'xyz'.
3> Now in the new Read ACL...you should put assignment IS 'xyz' and then add the role to the role section of the ACL.
4> This way all the other Requests will be still read by ITIL(any other specific role), Expect the one assigned to this 'xyz' team.
5> now the team 'xyz' has their own ACL with role that allows the to read it.
Please mark reply as Helpful/Correct, if applicable. Thanks!

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-09-2020 02:20 AM
I would check if there is existing ACL which is allowing to read these records.
answer=!gs.getUser().isMemnerOf('sys_id') && gs.getUser().hasRole('role');

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-09-2020 02:53 AM
Hi,
There are other acls like opened by, created by is the logged in user, etc.
This ACL which you created is on REQ table, you want to hide REQ or RITM?
Thanks,
Ashutosh

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-09-2020 03:11 AM
By this you will get 'Security constraint...' message. Prefer Query business rule over this.
For above you can remove the quotes ('') from true/false. In additon, try passing the Group Name in isMemberOf('group_name') instead of sys_id
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-09-2020 03:22 AM
Hi,
You can try the following way:
1> Create a custom role and assign it to this assignment group.
2> Now search for all the Request Read ACLs. You may have several and for the basic read ACLs for Requests that allow all ITIL(any other specif role) etc. to read the Requests. Here you should add a condition that assignment IS NOT 'xyz'.
3> Now in the new Read ACL...you should put assignment IS 'xyz' and then add the role to the role section of the ACL.
4> This way all the other Requests will be still read by ITIL(any other specific role), Expect the one assigned to this 'xyz' team.
5> now the team 'xyz' has their own ACL with role that allows the to read it.
Please mark reply as Helpful/Correct, if applicable. Thanks!