What does these ACLs allows the user to fetch/gather/perform, and from where?

ChrisGetint · yesterday

Hi team!

I'm working on a ServiceNow user, as well as learning about ACLs and table permissions, and would like to learn what the following ACLs are for, what they allow the user to do/what is their main function or purpose is:

Dictionary Entry [sys_dictionary]
Field class [sys_glide_object]
Choice [sys_choice]
Journal Entry [sys_journal_field]

Can someone also refer me to some documentation where I can read and learn more about these specific ACLs?

Thanks!

GlideFather · yesterday

Hi @ChrisGetint,

these aren't ACLs, they are in "Access control" in your instance.

And they would be in a format:

table.none
- giving access to the whole table
table.field1
- access to the particular field 1
table.field2
- access to the particular field 2
table.field3
- access to the particular field 3
table.*
- access to all the fields that is not explicitly define
- all the table field except of 1, 2, and 3

Beside that you define the operations - read, write, create, delete.

And with all this you can set the access who can read (view) what fields. for example Number will be visible by everybody but a field Salary would be restricted to a group or role...

To update or create ACL records you need security admin role, the highest role existing.

The tables you mentioned are not granting access:

Dictionary Entry [sys_dictionary]
- definition and attributes of form fields
- e.g. field Assigned to - defined as reference, Number as integer, etc.
Field class [sys_glide_object]
- definition of fields - string, integer, ...
Choice [sys_choice]
- all the choices in the platform
- e.g. State > New, Closed, etc
  - State for Inc, states for change, ... as they can vary
Journal Entry [sys_journal_field]
- stores Additional comments and Work notes
- e.g. from an incident, from a change, all...

For all the tables above add .list and you can do inspection to observe and understand what they store:

sys_glide_object.list
sys_dictionary.list
etc

———
/* If my response wasn’t a total disaster ↙️ ⭐ drop a Kudos or Accept as Solution ✅ ↘️ Cheers! */

GlideFather · yesterday

@ChrisGetint and also:

System dictionary
sys_glide_object
- The sys_glide_object table in ServiceNow stores the definitions and properties of different field types, like "String," "Integer," or "Reference". It defines the characteristics of various field types that are used within the system. This table contains internal system configurations, making it typically hidden from general users and requiring administrative roles (like maintenance or security_admin) to view or modify its records
sys_choice
sys_journal_field

versus ACL:)

Thank you for your eventual kudos or accepting solution :))

———
/* If my response wasn’t a total disaster ↙️ ⭐ drop a Kudos or Accept as Solution ✅ ↘️ Cheers! */

kaushal_snow · yesterday

Hi @ChrisGetint ,

Those ACL let a user view or query metadata and system internals, the sys_dictionary ACL grants access to table/field definitions and schema details, sys_glide_object controls access to the definitions of field classes/types, sys_choice lets one see or retrieve choice list entries (dropdown options) for fields, and sys_journal_field lets one read or write journal entries (such as comments or work notes tied to records) depending on the ACLs in place...

If you found my response helpful, please mark it as ‘Accept as Solution’ and ‘Helpful’. This helps other community members find the right answer more easily and supports the community.

Thanks and Regards,
Kaushal Kumar Jha - ServiceNow Consultant - Lets connect on Linkedin: https://www.linkedin.com/in/kaushalkrjha/

Ankur Bawiskar · yesterday

@ChrisGetint

the tables you listed are system table and each has it's own purpose

what's your exact question?

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader