Restrict access to incident records

Poorva Bhawsar
Mega Sage

‎02-20-2024 10:07 PM

Hi Community,

 

I have a requirement when incidents are assigned to xyz group, they should be able to edit anything on the incident record. Also, worknotes and additional comments can be modified by any person but other fields should only be editable to xyz group.

 

I tried acls but those are creating issues. I have also created query BR but its completely hiding the incident record if it belongs to xyz group.

 

What is the best way to achieve this and how?

0 Helpfuls
  • 731 Views
16 REPLIES 16

Harish KM
Kilo Patron
Kilo Patron

‎02-20-2024 10:12 PM - edited ‎02-20-2024 10:14 PM

Hi @Poorva Bhawsar you need to create a new ACL with tablename and .* // allow all fields

condition: Group is "xyz"

and role

 

2. for additional comments and work notes, you can create a field level Write ACL which will allow all users to edit.If they have a role

 

3. If there are any field level ACL, this will override .* ACL and will block access to edit these fields if the group users donot have this role assigned in field level ACLS

Regards
Harish
0 Helpfuls

Poorva Bhawsar
Mega Sage
In response to Harish KM

‎02-20-2024 10:25 PM - edited ‎02-20-2024 10:25 PM

I dont have any specific role for this group. I have already created acls which you have mentioned. And yes other acls are creating problem. Any other option instead of acls?

0 Helpfuls

Harish KM
Kilo Patron
Kilo Patron
In response to Poorva Bhawsar

‎02-20-2024 10:35 PM

Hi @Poorva Bhawsar then in that case in tablename.* ACL use advanced script and check

if(gs.getUser().isMemberOf("GroupName"))

{

answer = true;

}

You have to enable debug Security rules and verify which ACL is not allowing to edit like below

HarishKM_0-1708497257674.png

 

HarishKM_1-1708497302079.png

 

 

Regards
Harish
0 Helpfuls

Poorva Bhawsar
Mega Sage
In response to Harish KM

‎02-20-2024 10:41 PM

I am using the same acl. But yes better to do the debugging.