question Grant access to field only based on ACL with dynamic conditions, not a role in SPM forum

Grant access to field only based on ACL with dynamic conditions, not a role

Paul McCurnin — Fri, 06 Oct 2023 20:27:47 GMT

Hi all - I've seen some solutions regarding what I'm attempting to do, but they seem to all involve granting roles to users, which I'm trying to avoid. Here is what I'm attempting to do:

Custom table we'll call "x" - with read and write access restricted to admin users and fulfillers of said table

No problems there

Next, I have a custom user reference field we'll name "custom user"

And below the custom field, I have another we will call "custom user comments"

This reference is dynamic and can be used for any user, regardless of role or no roles at all.

No problems there

This user needs write access to the custom field "custom user comments"

This user is already granted read access to the whole ticket via an ACL, that works great

What I can't sort out is how to write an ACL based on dynamic conditions NOT A ROLE

The conditions I'm wanting to use are "custom user" > is (dynamic) > ME

If I can make this happen, I don't need to require stakeholders to assign users to another group with a role inheritance

Re: Grant access to field only based on ACL with dynamic conditions, not a role

Paul McCurnin — Tue, 24 Oct 2023 16:45:27 GMT

This article helped guide me down the right path:

https://www.servicenow.com/community/developer-forum/i-wanted-to-give-write-access-to-only-one-field-on-form-using/m-p/1727135

Essentially, I wrote multiple ACLs allowing the dynamic condition to work:

Fulfiller: Read and Write to Table; Write to * (all fields on form) (Role Based ACL)

Custom User: Read to Table; Write Access to specific field(s) with condition "Custom User" > is(Dynamic) > Me (Non-Role based ACL, conditional only)

Re: Grant access to field only based on ACL with dynamic conditions, not a role

Paul McCurnin — Tue, 24 Oct 2023 16:46:27 GMT

This did not work