- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-28-2024 06:32 PM
It feels like users should not be able to change their approval status after approving or rejecting something, am I missing something? It appears like an ITIL user would be able to just toggle their approval back and forth all day if they wanted. Sure it will create a record, but it doesn't feel right. Is this an accepted configuration, or am I missing some critical piece of permissions or common fix that everyone implements, like a UI policy to make the field read-only once the status has changed from Requested to Approved or Rejected.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-28-2024 09:18 PM
Stefan,
Unfortunately you are correct in thinking this is an 'OOTB' gap. In addition to that the system doesn't track the actual 'Processor' so if an 'Approval Admin' or 'Delegate' were to process the approval it would only show that in review of the activites. You could rely on the 'updated by' but that could change post-processing so it's not reliable.
I would actually recommend a few things:
- Restrict read only fields on processed approvals using a UI policy.
- Prevent updates to records through UI as well as other formats using a business rule.
- Track the actual 'Processor' using a dictionary addition and a FLOW.
I've attached working examples of all three of these in the 'approvalRecordStrengthening.v1' update set.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-28-2024 06:47 PM
Correct, logically once a record either approved or rejected should not be changed as in back end flow or other logics get attached and changing the decision will bring audit question later on.
If my response proves useful, please indicate its helpfulness by selecting " Accept as Solution" and " Helpful." This action benefits both the community and me.
Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/atul_grover_lng [ Connect for 1-1 Session]
****************************************************************************************************************
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-28-2024 09:18 PM
Stefan,
Unfortunately you are correct in thinking this is an 'OOTB' gap. In addition to that the system doesn't track the actual 'Processor' so if an 'Approval Admin' or 'Delegate' were to process the approval it would only show that in review of the activites. You could rely on the 'updated by' but that could change post-processing so it's not reliable.
I would actually recommend a few things:
- Restrict read only fields on processed approvals using a UI policy.
- Prevent updates to records through UI as well as other formats using a business rule.
- Track the actual 'Processor' using a dictionary addition and a FLOW.
I've attached working examples of all three of these in the 'approvalRecordStrengthening.v1' update set.
