Which on will execute first ACL or Ui policy ?

1_DipikaD
Kilo Sage

3 hours ago

Hi All,

 

Could you please let me know if ACL is written on a field for read only access and on the same field a UI Policy or client script is written for making the field mandatory. On the form which one will be executed ?

 

Thank You

 

0 Helpfuls
  • 322 Views
4 REPLIES 4

Dr Atul G- LNG
Tera Patron

3 hours ago

The execution order is 

 

 

 

ACL 

Dictionary Entry 

UI Policy 

Data Policy as UI  

Client Script 

refer below thread:

 

https://www.servicenow.com/community/itom-forum/hierarchy-of-client-script-ui-policy-and-business-ru...

*************************************************************************************************************
Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/dratulgrover [ Connect for 1-1 Session]

****************************************************************************************************************
0 Helpfuls

Dr Atul G- LNG
Tera Patron

3 hours ago

https://www.servicenow.com/community/itom-forum/hierarchy-of-client-script-ui-policy-and-business-ru...

*************************************************************************************************************
Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/dratulgrover [ Connect for 1-1 Session]

****************************************************************************************************************
0 Helpfuls

Tanushree Maiti
Kilo Patron

3 hours ago

Execution order of ACL is first then UI Policy.

 

 

Please mark this response as Helpful & Accept it as solution if it assisted you with your question.
Regards
Tanushree Maiti
ServiceNow Technical Architect
Linkedin:
0 Helpfuls

Aditya_hublikar
Mega Sage

2 hours ago

Hello @1_DipikaD ,

 

You must  try this  usecase on your pdi for better understanding .

 

ACL runs on server side means it will check you have required roles or not then only you can access that ,

But ui policy or client script executes on client side/browser level so it will get overriden by acl .

ACL is evaluated on the server side first and controls whether the user has permission to read or write the field. UI Policies and Client Scripts run on the client side and control the UI behavior such as making a field mandatory or visible. If an ACL restricts access to a field, then even if a UI Policy makes it mandatory, the user will not be able to interact with it. Therefore, ACL takes precedence in terms of security .

 

 

If this helps you then mark it as helpful and accept as solution.

Regards,

Aditya

0 Helpfuls