Restrict access to Catalog Item Variables by role

ben510 · ‎03-13-2019

I am trying to restrict access to Catalog Item Variables by role. The variables should always be available when the user is submitting via Service Catalog. Once submitted the values of catalog variables should be restricted (RITM, SCTASK, and reporting) to users without a specified role. Users with reporting access should not be able to run reports on these variables unless they have the specified role.

I have tried adding roles to the variables using the permissions tab. When the role is added to the read permissions, users without the role can not populate the field when in the Service Portal.

I have also tried copying the oob acl (afad8ea2eb9230003623666cd206fe45) for the sc_cart_item table. In my copy I tried updating the script to exclude the Catalog Item.

Allen Andreas · ‎03-13-2019

Hi,

When you were working with the ACL's for those variables...did you do it on those tables? like sc_req_item.variables and sc_task.variables? That should also cover reporting as well?

Please mark reply as Helpful/Correct, if applicable. Thanks!

Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!

ben510 · ‎03-18-2019

I did try both tables. The ACL affected only the RTIM and Task variables and did not apply the Catalog Item Variables.