Write ACL on table level

Rick54 · ‎05-10-2019

cmdb_ci_service table has 3 read ACLs, some users from CMDB does have write access to these table and other doesn't have write access. I am trying to find what ACls could have been given to CMDB group to have write access to the Business Service table. When I look in the ACL table I can only find 3 read ACLs on cmdb_ci_service table. Can someone help me understand how this group was granted Write acess to this table.

Jon Barnes · ‎05-12-2019

Yes, this is because there was already a write ACL on one of the parent tables. As soon as you create a write ACL on this table, it overrides the ACL on the parent table.

So the key is to do the steps I gave you above to find the exact ACL that is currently being applied for write access, then if you decide you want to create a new ACL for your table, you also need to make a copy of that other ACL (along with its roles) that is currently controlling access, and set it to apply to your table.

View solution in original post

Rajanmehta · ‎05-10-2019

hi Rick,

When you create a ACL record, that is the time you define the operation.

Rick54 · ‎05-12-2019

Raj, thanks for the reply. I am trying to find out where this specific group is getting write access from. When I checked the write access for the table, there is nothing related to write access ACLs.

Rahul Kumar17 · ‎05-12-2019

Hi Rick,

u can write the acl for cmdb_ci_service table

write type acl

wrie -table.none;

for information then go for my link

https://community.servicenow.com/community?id=community_article&sys_id=81222dbadb762f802e8c2183ca961...

If my response helped please mark it correct and close the thread.

Thanks,
Rahul Kumar

Rick54 · ‎05-12-2019

Thanks for the reply Rahul. I created a write ACL on the Business Service table but it taken off write access to other people that already have write access on this table. New ACL only granting access to particular role that was given to the new write ACL.