- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-28-2014 01:22 PM
I noticed on the ESS view of the Requested Items for any user there is an "Update" and "Delete" button available. For regular users, all the fields have an ACL applied that makes them non-editable so they can't really update anything. However, the "Delete" button works just fine. The regular user can go in and delete the Requested Item record. This appears to be out-of-the-box functionality. Is this so? I cannot imagine why you'd want that button available to your regular users. Furthermore, is there a way to remove this button? I cannot seem to find where these are being loaded from.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-28-2014 01:42 PM
Hi,
There is one OOB ACL which allow end users to delete there Requested Item. You need to update that ACL if you want to remove Delete button for ESS Users.
Please answer as correct/helpful, if it was really helpful
Enhance Knowledge NOW@ www.solutioningnow.com
http://www.solutioningnow.com/
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-28-2014 01:42 PM
Hi,
There is one OOB ACL which allow end users to delete there Requested Item. You need to update that ACL if you want to remove Delete button for ESS Users.
Please answer as correct/helpful, if it was really helpful
Enhance Knowledge NOW@ www.solutioningnow.com
http://www.solutioningnow.com/
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-29-2014 06:48 AM
I found the OOB ACL controlling the "Delete" button. Works great, thank you!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-28-2014 10:15 PM
I have two ACLs that restrict the 'Delete' function to Admins on the Request Task and Catalog Task.
Right click on the form header: Personalize --> Security Rules. Click Add to add the two ACLs below. Make sure to scroll to the bottom of the page, under the Requires Roles related list add "Admin." This should remove the buttons from the form for users without the Admin role.
Note: I'm not sure if there is an OOB ACL that would override these rules (thus needing to be updated), but it doesn't hurt to try. Let me know how it goes.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-29-2014 01:08 AM
I generally set a UI action like delete so only admins can use it.
try adding:
gs.getuser().hasrole('iitl') to the condition of the UI action