Make all fields read only on Request Record once an item is closed. State should still be editable for admin.

Go to solution
Ken61
Giga Guru

‎02-24-2021 05:36 PM

Please I need help on how to make all fields read only on Request Record once an item is closed. State should still be editable for admin. Client do want to use scripting to achieve this. I tried to use UI Policy and ACL but no luck. Can someone help me with the detail on how to achieve this requirement please. 

Labels:
0 Helpfuls
  • 4,232 Views
1 ACCEPTED SOLUTION

Go to solution
Brad Bowman
Kilo Patron
Kilo Patron
In response to Ken61

‎02-25-2021 03:28 AM

The ability to edit all fields is different than my understanding of your original request, but that actually makes it easier.  Delete the second rule on sc_request.request_state, and modify the first rule to check the Admin overrides box.  Now an admin will be able to edit all fields (except Price) on open and closed Requests, and all users without the admin role will not be able to edit any fields on closed/inactive Requests.

View solution in original post

6 REPLIES 6

Go to solution
abhijitkhewale
Mega Expert

‎02-24-2021 05:52 PM

Hi Ken,

Use can use below client script:

var fields = g_form.getEditableFields();

for (var x=0; x < fields.length; x++){

    if (fields[x]!='state'){

  g_form.setReadOnly(fields[x],true);

   }

}

 

Hope this will help you

Go to solution
Mike S3
Giga Expert

‎02-24-2021 06:01 PM

You may have conflicting ACLs that are causing your ACL to not work properly . You can try running the security debugger to see which ACL is getting triggered on the page if you still want to try the ACL route. 

0 Helpfuls

Go to solution
Brad Bowman
Kilo Patron
Kilo Patron

‎02-24-2021 06:24 PM

Hi Ken,

The inherent problem with using any client-side action to do this - like a Client Script or UI Policy, is that there will always be a way around it - list editing, API, scripting, changing a field in the split second while the form is loading before it shows as read only,....  The best way to achieve record security is with an ACL.  Filter your ACL list on Name = sc_request and Operation = write.  Inactivate what ever is there then create a new one that looks like this.

find_real_file.png

The snc_internal role seems to get added when none are specified.  Next, create another ACL that looks like this

find_real_file.png

When viewing a Closed REQ if there are any fields (other than State for Admin) that are editable then go back to the ACL list and filter on Name contains sc_request and Operation = write to quickly find the field specific one(s) overriding the new ones.

Preview file
146 KB
Preview file
143 KB
Preview file
146 KB
0 Helpfuls

Go to solution
Ken61
Giga Guru
In response to Brad Bowman

‎02-24-2021 06:54 PM

Thanks Brad, I did exactly what you proposed. But no luck.

 

find_real_file.png

The write ACL was deactivated, then create two new ACL BELOW With active = True

find_real_file.png

And This one

find_real_file.png

Can you let me know what I am doing wrong. I need all these fields to be editable by admin once the request state is closed.

find_real_file.png

 

Preview file
102 KB
Preview file
61 KB
Preview file
100 KB
Preview file
30 KB
0 Helpfuls