Restrict access to incident records

Poorva Bhawsar · ‎02-20-2024

Hi Community,

I have a requirement when incidents are assigned to xyz group, they should be able to edit anything on the incident record. Also, worknotes and additional comments can be modified by any person but other fields should only be editable to xyz group.

I tried acls but those are creating issues. I have also created query BR but its completely hiding the incident record if it belongs to xyz group.

What is the best way to achieve this and how?

Harish KM · ‎02-20-2024

Hi @Poorva Bhawsar you need to create a new ACL with tablename and .* // allow all fields

condition: Group is "xyz"

and role

2. for additional comments and work notes, you can create a field level Write ACL which will allow all users to edit.If they have a role

3. If there are any field level ACL, this will override .* ACL and will block access to edit these fields if the group users donot have this role assigned in field level ACLS

Regards
Harish

Poorva Bhawsar · ‎02-20-2024

I dont have any specific role for this group. I have already created acls which you have mentioned. And yes other acls are creating problem. Any other option instead of acls?

Harish KM · ‎02-20-2024

Hi @Poorva Bhawsar then in that case in tablename.* ACL use advanced script and check

if(gs.getUser().isMemberOf("GroupName"))

{

answer = true;

}

You have to enable debug Security rules and verify which ACL is not allowing to edit like below

Regards
Harish

Poorva Bhawsar · ‎02-20-2024

I am using the same acl. But yes better to do the debugging.