How to achieve below scenario by using ACL?

harshacool9
Kilo Explorer

4 hours ago

"I created a custom table that extends from the Task table. After configuring the ACL, when I impersonate an ITIL user, I am still able to see all the records."

 

Scenario
In the Incident table:

  • ITIL users can read incidents.

  • But users can only see incidents assigned to their group.

0 Helpfuls
  • 80 Views
1 REPLY 1

Tejas Adhalrao
Tera Guru

25m ago

Hi @harshacool9  ,

your table extends task, it automatically inherits .itil can read incidents 

there are Read ACL that restricts visibility to:   Assigned to user ,  Assigned to user's group , Opened by user etc.

So just giving itil role access is NOT enough.  You must add a condition or script in the Read ACL.

 

 

1) create new ACL 

 

  • Table: your_custom_table

  • Operation: read

  • Requires role: itil

  • advance checkbox is true

 

2) and add this script in acl 

answer = false;

if (gs.hasRole('admin')) {
    answer = true;
} else if (current.assignment_group && 
           gs.getUser().isMemberOf(current.assignment_group)) {
    answer = true;
}

 

** script defined -

  • Admin → Can see everything

  • ITIL → Can see only records where:

    • assignment_group = group they belong to   ***

 

 If you found my solution helpful, please mark it as Helpful or Accepted Solution...!

thanks,

tejas

Email: adhalraotejas1018@gmail.com

LinkedIn: https://www.linkedin.com/in/tejas1018

 

 

0 Helpfuls