Restrict access to incident records
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-20-2024 10:07 PM
Hi Community,
I have a requirement when incidents are assigned to xyz group, they should be able to edit anything on the incident record. Also, worknotes and additional comments can be modified by any person but other fields should only be editable to xyz group.
I tried acls but those are creating issues. I have also created query BR but its completely hiding the incident record if it belongs to xyz group.
What is the best way to achieve this and how?

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-20-2024 10:12 PM - edited 02-20-2024 10:14 PM
Hi @Poorva Bhawsar you need to create a new ACL with tablename and .* // allow all fields
condition: Group is "xyz"
and role
2. for additional comments and work notes, you can create a field level Write ACL which will allow all users to edit.If they have a role
3. If there are any field level ACL, this will override .* ACL and will block access to edit these fields if the group users donot have this role assigned in field level ACLS
Harish
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-20-2024 10:25 PM - edited 02-20-2024 10:25 PM
I dont have any specific role for this group. I have already created acls which you have mentioned. And yes other acls are creating problem. Any other option instead of acls?

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-20-2024 10:35 PM
Hi @Poorva Bhawsar then in that case in tablename.* ACL use advanced script and check
if(gs.getUser().isMemberOf("GroupName"))
{
answer = true;
}
You have to enable debug Security rules and verify which ACL is not allowing to edit like below
Harish
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-20-2024 10:41 PM
I am using the same acl. But yes better to do the debugging.