Two table.* acl on same table is possible?

SamiranD · ‎01-14-2025

I need to give edit access to users on alm_hardware table based on which groups are they part of. Let's say i need to give edit access of all the fields to two different users from two different groups, and based on a field value of alm_hardware. How can I achieve this?

JenniferRah · ‎01-14-2025

Yes, you can have 2 different ACLs if you want. As long as a user matches one of the ACLs, they will be granted access.

SamiranD · ‎01-14-2025

and the 2 acls can be different only in a particular field? i mean i am differentiating the two acls based on a field only. will that work fine?

PritamG · ‎01-14-2025

to give edit access on the alm_hardware table based on group membership and a field value,

Create an ACL for the alm_hardware Table and set the condition

In the ACL script, check for user roles or group membership:

var group1 = gs.getUser().isMemberOf('group_one');
var group2 = gs.getUser().isMemberOf('group_two');
var conditionMatch = (current.field_name == 'desired_value');
answer = (group1 || group2) && conditionMatch;

save and This ensures edit access is granted only when users belong to the specified groups and the field condition is met.

yuvarajkate · ‎01-14-2025

Yes, you can achieve this using Access Control Rules (ACLs).

To grant edit access based on group membership and a field value, create ACLs for the alm_hardware table. Use a record ACL to control table-level access and field ACLs for specific fields. In the ACL scripts, check if the user is part of the desired group using a GlideRecord query on the sys_user_grmember table, and also validate the field value (e.g., current.status == 'In Progress'). Combine both conditions in the script, and set the ACL to grant or deny access accordingly.