ACL not working with condition builder

jamhoe · ‎05-02-2017

Hi All,

I am creating an ACL to restrict a user with a custom role to access and update Incident records.

I have tried to create a Read ACL rule with the following configurations:

However, if i tried to impersonate a user with a 'bu_itil' role, those 3 records does not display on the incident list.

I have also tried to script the condition but it is not evaluated when I checked it on the debug logs.

Maybe you guys can help me out on this . TIA.

jamhoe · ‎05-03-2017

Hi Amlan,

I used the code you have provided, however it did not provide me the right results.

But, I tried to tweak the code based on what you have provided and it does the trick.

Thanks for the help.

Regards,

JM

View solution in original post

jamhoe · ‎05-03-2017

Hi Amlan,

In addition, if I filter the records, I can view the actual records that I required to access.

But if remove the filter, only 1 record displays and this is the record created from the user account.

naveenaechan · ‎05-02-2017

Hey Joe,

Probably you have more than one ACL which are being processed. You can find the set of ACLs which are being processed by simply enabling security debug, followed by impersonate the user with "bu_itil" role > goto incident.list and check for all the read acls which are processed in the log and modify accordingly.

Or the better way is to add a query business rule as Amlan said.

Hope this helps.

Thanks

Naveen