Enable ITIL users to create projects and edit their own
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-08-2015 11:54 PM
Hi SNC,
I am trying to give some flexibility in my instance and enable ITIL users to create new projects. However, I want them to be able to edit only the project which they have created, not ones created by others.
I tried by placing a couple of ACL rules on pm_project table:
1. create - ITIL users
2. edit - ITIL users + the condition of current.created_by == gs.getUserID();
However, this does not seem to work well, as they are able to create projects, but can modify all projects.
Any ideas of how I could accomplish this?
And also on the side I was thinking that perhaps I would have to force similar restrictions to the pm_project_task as well, because it's the tasks which I need to prevent from editing, right?

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-09-2015 12:08 AM
Hi Dimitar,
You can turn on the debugger in your instance and check further to understanding which ACL is allowing the access.
http://wiki.servicenow.com/index.php?title=JavaScript_Debugger
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-09-2015 12:52 AM
To use project management users need to have project_manager / project_user roles. Only ITIL wont help.
Now find the existing write acl on project and project task table and make appropriate changes there.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-09-2015 01:17 AM
Hi Dimitar,
Before modifying the ACLs or anything, maybe you should ask your ServiceNow representative because at my knowledge the project portfolio suite is a separated application with specific pricing.
So if you modify the ACLs without the agreement from your representative, you won't be compliant with ServiceNow licenses.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-09-2015 05:12 AM
Thanks for the comments guys. I though of all you said, and I switched the approach a bit.
What I am looking to do now is create a custom role, which will include the project_user role, perhaps and the project_manager role. And on top of that I want to set the condition in that role to restrict editing of projects, unless you are the project manager of the project. Do you know how could I do this?