Remove Admin role to view records/fields on specific table

Go to solution
DChandlerKy
Tera Guru

‎11-24-2014 12:37 PM

We have built an application per a requirement.   The form and notifications, while simple, work like a charm.   There is no workflow.   The last piece is for us to adjust the ACL's so that only users with a specific role (created when the app/table was created) can view the records. (Yes - everyone is aware that if there is an issue, we will have to add Admin back into the ACL to troubleshoot.)

 

This new table/app was extended off of Task.   I created a Read ACL for each of the fields on the table/form with the specific role and unchecked the "Admin Override" box.   However, I can still see the fields.   A few of the fields are borrowed from the task table, and a few others were created on the new table.

 

Any ideas/suggestions on how to 'lock' Admins out?

 

Thanks,

Diana

0 Helpfuls
  • 2,591 Views
1 ACCEPTED SOLUTION

Go to solution
Michael Fry1
Kilo Patron

‎11-24-2014 01:50 PM

Tho I personally don't support something like this, you can add this script to the ACL read and it should hide the field from the admin:



var answer = true;


if (gs.hasRole('admin'))


  answer = false;


View solution in original post

0 Helpfuls
5 REPLIES 5

Go to solution
Michael Fry1
Kilo Patron

‎11-24-2014 01:50 PM

Tho I personally don't support something like this, you can add this script to the ACL read and it should hide the field from the admin:



var answer = true;


if (gs.hasRole('admin'))


  answer = false;


0 Helpfuls

Go to solution
sumeet_n
Kilo Guru

‎11-24-2014 01:54 PM

Hello Diana,



I found it so straight initially. In addition to unchecking the 'admin overrides' checkbox, i had to add the below script to each of the 4 (read, write, delete, create) acls (<tablename.none>) for that table to get it to work.



if(gs.getUser().hasRole('admin')){


false;


}else


true;



In the required roles add that specific role in each acl.




This restricts admin users to access the records, and allows access to users with the specified role to.



Let me know if it works.


0 Helpfuls

Go to solution
Aaviii
Tera Contributor
In response to sumeet_n

‎05-21-2024 07:22 AM

Hi am getting the below error after adding the code.

IMG_3683.jpeg

0 Helpfuls

Go to solution
Ashok10
Mega Expert

‎11-24-2014 07:24 PM

Diana,


I too faced similar kind of problem earlier .Even after unchecking 'admin overrides' check box, admin was able to bypass that ACL.


And when I put   that condition in form of script it started working as expected.



var answer = true;


if (gs.hasRole('admin'))


  answer = false;



Hope this helps.


0 Helpfuls