ACL rules for Service Portal

peternemeth · ‎11-25-2016

Hi,

The outage records (cmdb_ci_outage) show outages on the System Status page of the Service Portal. Works fine!

I'm trying to limit the visibility of outages and I found that there is no ACL rule for this table!

Shouldn't it mean, that nobody can see the records of the table?

I'm on Helsinki release, with high security enabled...

The System Status page shows all of the outages, seemingly ignoring my ACL rules?

Does ACL rules apply to the Service Portal?

Did I misunderstand something?

Any ideas are welcomed.

Thanks

Peter

larstange · ‎11-25-2016

Hi

the outage widgets get their information server side via GlideRecords.

The gliderecords do no honor the ACLs unless you use a GlideRecordSecure which they dont.

In general Service Portal do honor the ACLs but in the end it is up the the implementation in each widget.

larstange · ‎11-25-2016

Hi

the outage widgets get their information server side via GlideRecords.

The gliderecords do no honor the ACLs unless you use a GlideRecordSecure which they dont.

In general Service Portal do honor the ACLs but in the end it is up the the implementation in each widget.