Give Write access for specific group and other group should readonly

PREMKUMAR M · ‎05-09-2024

Application vulnerable item [sn_vul_app_vulnerable_item] record in servicenow make readonly the remediation target and Last opened field when user doesn't have pentester role.if pentester role there for other group or group members they are able to edit or modify the field.

Abhinav37 · ‎05-14-2024

Hi, These fields are by default read-only as they are system generated and is recommended not to be made editable manually. However you are right, they become editable for users with the sn_vul.app_pen_tester role when the "Assessment Request" iS NOT empty.. ie. if it was a manually created AVIT from the Penetration Testing assessment request process.. below screenshots show the OOB ACL in question..

So again, its best to leave those fields as is for all the AVITs coming in from the scanners as the Scanner Integrations and the Remediation Target Rules will take care of the necessary updates to these fields.

Pls mark helpful and accept as solution if the explanation is sufficient.

Cheers

AB

View solution in original post

Abhinav37 · ‎05-14-2024

Hi, These fields are by default read-only as they are system generated and is recommended not to be made editable manually. However you are right, they become editable for users with the sn_vul.app_pen_tester role when the "Assessment Request" iS NOT empty.. ie. if it was a manually created AVIT from the Penetration Testing assessment request process.. below screenshots show the OOB ACL in question..

So again, its best to leave those fields as is for all the AVITs coming in from the scanners as the Scanner Integrations and the Remediation Target Rules will take care of the necessary updates to these fields.

Pls mark helpful and accept as solution if the explanation is sufficient.

Cheers

AB