Write ACL to allow user write access to their own records

mkader · ‎01-13-2021

Hello,

I have a new field I have created on the user table. This field will only be able to be written to by Admins and through a record producer we have on our portal (record producer does not create record, it does update). I need an ACL that only allows Admin to write too. I have a custom role that will only have read access. If a user is trying to update their record from the back-end on the user table, they should also have access.

Currently, I have everything setup. I have a write ACL for Admin only, so no other users can make modifications. Now I need to add something that will allow current users to make modifications to their own records.

Thanks!

Pranesh072 · ‎01-13-2021

You can add following code in acl script

if (!gs.hasRole('admin')&& gs.getUserID() !== current.getValue('some user field on record')) {
	answer = false;
} else {
	answer = true;
}

View solution in original post

Pranesh072 · ‎01-13-2021

You can add following code in acl script

if (!gs.hasRole('admin')&& gs.getUserID() !== current.getValue('some user field on record')) {
	answer = false;
} else {
	answer = true;
}

mkader · ‎01-13-2021

If I wanted to make it read only for a particular role how can I do that?

if(gs.hasRole('update_contact_info')) {
    answer = false;
}

Pranesh072 · ‎01-13-2021

create a read acl and dont write acl for this role.

Ashok59 · ‎01-20-2024

@mkader, did you tried above script to provide write access to user on their own assets. Is it working?

Please share your response asap, little urgent for me.

Thank you,

Ashok.