- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-03-2014 01:38 PM
I am looking for a way to be able to give access to the CMDB for IT users to be able to modify fields, such as Manufacturer; OS Version; Supported By; Support Group and many more. I have attached a screen shot of one of the CI's. These users all have the itil role. I don't want to just give these users the Asset role because it turns on or makes visible the modules Asset Portfolio; Inventory; Asset Contracts; Financial Mgmt; Organizational Mgmt. All I want to do is allow them the rights to be able to "edit" the fields for a CI. I think an Access Control List would do this, but I don't know how to make it work. I created one and have also attached it.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-04-2014 05:30 AM
I figured it out. Instead of creating a new ACL (cmdb_ci*); I used the existing ACL cmdb_ci for write. I added in the Required Roles section the ITIL Role and tested successfully. I took it one more step from there. I decided I didn't want all ITIL users to have access to write to these fields and created a new role called "cmdb_user"; then added that in the Required Roles instead of ITIL. In the Role cmdb_user, I am then able to manage which users or groups can have this access. Thanks to all that responded, it did help lead me in the right direction.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-03-2014 01:46 PM
Hi Joan,
Instead of using the script to assign rights to the itil role, use the Requires Role section below that.
Gabe
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-03-2014 03:48 PM
I would use the required roles at the bottom. However for the scripting part, it should look like this:
if(gs.hasRole('itil') || gs.getUser().isMemberOf(current.support_group)){
answer = true;
}
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-03-2014 11:28 PM
Joan,
ITIL users can do modify(Update) the Configuration items. This functionality is given OOB in ServiceNow.
You don't need to do any extra effort for this.
If you have any concerns let me know.
Best Regards,
Mukesh
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-04-2014 05:12 AM
I have tried the two suggestions above and still can not make these fields editable for itil users. I have tried it with scripts, without scripts and as suggest OOB; but if you refer to the screen shots, there are many fields grayed out to an itil user; regardless of what has been tested so far. I also tried to add an ACL for the asset* and put itil role in the Requires Role section, that also did not resolve the problem. Any other ideas out there?
