List edit on VITs (sn_vul_vulnerable_item)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
yesterday - last edited yesterday
Hello,
I am looking for an ability to allow list edit for vulnerability analysts on 'Assigned to' field in VITs.
Though the user has required roles (write_all), OOTB ACLs do not allow editing of this field though the VIT is assigned to User's group or the linked Remediation Task is assigned to the user.
We do not want to write a custom ACL to force the list_edit (because we already have customizations impacting time in our upgrades and there is an OOTB methodology to do this way).
'bulk edit' dialog does not have an option to update the 'Assigned to' in VITs.
Having write_all role enables write access to all the vulnerability items records though it is not assigned to the person. This is different from permitting to edit in the 'List view'.
Looks like this is the recent change in the newer version of store app, at least from the last one year. Users who used to do it earlier (I could not validate if it was ever allowed in the previous versions) are now demanding to have this functionality back.
How are other organizations handling these scenarios? it makes sense for a Team lead for example to assign the VITs to their team members. A team lead needs to be a part of the group to assign the VIT tickets to. Why does someone need to assign the VITs from a random group?
Similar problem explained here:
ACL to allow editing of assigned to field in VIT t... - ServiceNow Community
