Regarding the ACL for reading restricted records
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-29-2024 01:28 AM
I have a requirement to restrict access to a certain type of problem and allow only specific groups to read them, table: problem, type: read. Therefore, I need an ACL on the Problem table with a script. However, this should apply to all created roles as only members of these groups should have the ability to see these records. Currently, it only works if a user has the 'itil' role. For example, a user with the 'sn_problem_read' role can see everything, even if they are not a member of that group.
How can I solve this issue? Do I need to add all roles that have read access to problems to the newly created ACL? I tried doing that, but it didn't work. Users with other roles can still see everything.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-29-2024 06:16 AM
Share code please to chekc.
If my response proves useful, please indicate its helpfulness by selecting " Accept as Solution" and " Helpful." This action benefits both the community and me.
Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/atul_grover_lng [ Connect for 1-1 Session]
****************************************************************************************************************
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-29-2024 10:49 AM
Hello, this is my script include that I call in the ACL table 'problem' with the operation 'read'. It works perfectly if the user has the ITIL role, is added to the support group, or removed from it. However, if the user is assigned to the 'sn_problem_read' role or any other role, regardless of their role, they can see all the records.