How can we prevent deletion of approval requests?

Jaap Grol · ‎03-15-2022

We don't want users to be able to delete any approval request. It seems that the only way to achieve this requires customization in OOB Delete ACL.
Is this the only way?
From auditing and compliance perspective this seems odd.

Ankur Bawiskar · ‎03-15-2022

Hi,

you can use either of the approach

1) Table level DELETE ACL

OR

2) Before delete business rules

OR

3) Hide the Delete UI action on table itself

Regards
Ankur

Regards,
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader

View solution in original post

Allen Andreas · ‎03-23-2022

Hi,

I couldn't immediately find any documentation, but then again, there are many things that aren't documented 😉

With that said, you should have this out of box ACL, here's a link, just replace your instance name as needed:

https://instancename.service-now.com/nav_to.do?uri=sys_security_acl.do?sys_id=80d53ebec0a801663cf834370c8376d3

From there, you can see the out of box script as:

if (gs.hasRole('approval_admin')) {
	//admins can do anything
	answer = true;
} else if ((gs.hasRole('itil') || gs.hasRole('catalog')) && !GlideProperties.getBoolean("glide.approvals.restrict_delete", false)) {
	//itil and catalog can delete if strict_delete prop is not true
	answer = true 
} else {
	//delegates can change approvals delegated to them
	answer = new ApprovalDelegationUtil().isMyApproval(current);
}

With the callout about the system property: glide.approvals.restrict_delete

So you can create this property as a true/false type and set the value to true to prevent itil and catalog roled users from deleting approvals, if that's your goal.

Please mark reply as Helpful/Correct, if applicable. Thanks!

Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!