Question on the Roles field on the knowledge article form

Go to solution
shill
Mega Sage

‎05-21-2012 12:46 PM

We have certain articles that we only want certain roles to have access to. It was my understanding that the roles field on the article provided this, but it appears that it may only prevent the article from showing up on searches and the KB view page. What I have found is if this article is attached to another form via an attached knowledge field, the hovering or clicking the icon displays the article.

Am I mistaken on this functionality? If so, what would be the best way to still use this roles field, but allow for read security of these articles?

Labels:
0 Helpfuls
  • 2,142 Views
1 ACCEPTED SOLUTION

Go to solution
CapaJC
ServiceNow Employee
ServiceNow Employee
In response to shill

‎06-25-2012 01:42 PM

A change has been made for the upcoming Berlin release to add the following one-line script to the existing Read ACL on the kb_knowledge table:



gs.hasRole("knowledge") || gs.hasRole(current.roles) || current.roles == "public" || current.roles == "";

This ACL is part of the High Security plugin, however, so if you don't have that installed you can simply modify the ACL yourself.

The ACL grants read access if the user has the "knowledge" role, or any of the roles on the article itself, or the article is public.


View solution in original post

0 Helpfuls
3 REPLIES 3

Go to solution
CapaJC
ServiceNow Employee
ServiceNow Employee

‎05-21-2012 01:53 PM

You could modify the existing row-level Read ACL on kb_knowledge by requiring the user have one of the roles in that field. Maybe add a one-line script like the following:

gs.hasRole(current.roles);

Or you could create a new ACL where Type = ui_page, name = kb_knowledge_list, and add roles to the related list to keep most users from accessing the list natively at all.


0 Helpfuls

Go to solution
shill
Mega Sage

‎06-25-2012 01:16 PM

OK,
Checked with support and apparently the role field on the KB article is only used for the portal view, not the form view which is shown when an article is referenced from another record (incident in our case).
I did go ahead and set the ACL as you suggested and this is what they wanted.

Thanks for the help.


0 Helpfuls

Go to solution
CapaJC
ServiceNow Employee
ServiceNow Employee
In response to shill

‎06-25-2012 01:42 PM

A change has been made for the upcoming Berlin release to add the following one-line script to the existing Read ACL on the kb_knowledge table:



gs.hasRole("knowledge") || gs.hasRole(current.roles) || current.roles == "public" || current.roles == "";

This ACL is part of the High Security plugin, however, so if you don't have that installed you can simply modify the ACL yourself.

The ACL grants read access if the user has the "knowledge" role, or any of the roles on the article itself, or the article is public.


0 Helpfuls