Field level ACL - One field Write

ladrian1610 · ‎07-20-2025

Hello,

How to make a user be able to write only one specific field on a form? I want that users in say 'Management' group are able to edit solely 'approval_status' field on a form, other fields they shouldn't be able to edit.

I understand that Field level ACL restricts this field to be created/edited/read/deleted by the role specified in the Conditions. So to achieve my goal I could create ACL for Write all the fields apart from 'approval_status' and in Conditions provide, say Admin. This, of course doesn't seem like a best practice.

ladrian1610 · ‎07-21-2025

I got the solution.
ACL setup:
[Write] my_table Condition/Role: 'x_role.approval_manager'
[Write] my_table.approval_status Condition/Role: 'x_role.approval_manager'
[Write] my_table.* Condition/Role: Admin

View solution in original post

J Siva · ‎07-20-2025

Hi @ladrian1610

You can create field level ACL write ACL on that particular field (table.approval_status) with the role as snc_internal or ITIL and in the script just use the below

answer= gs.getUser().isMemberOf("GROUP_NAME");

Regards ,

Siva

ladrian1610 · ‎07-20-2025

Thank you friend!

J Siva · ‎07-20-2025

@ladrian1610 Glad it helped

ladrian1610 · ‎07-21-2025

Hey there again, upon checking your proposition I realised that the outcome is the user that belongs to the group mentioned in the script can write all the fields but not the approval_status.

Solution that works:

ACL	Operation	Type	Condition/role
table	Write	Table	management
table.approval_status	Write	Field (approval_status)	management
table.*	Write	All other fields	admin

Thus the group with management role can only write the approval_status.