ACL read access

1_DipikaD · ‎11-19-2024

Hi All,

My organization already has a ACL of read operation for a table having 2 roles in condition . Now they want to open Read access to that particular table for ITIL . If I am adding ITIL role in the condition with the existing 2 roles then those users who have all 3 roles will able to read that table . In that point I am confused should I add ITIL role in the condition with other 2 existing roles or I should create a new ACL for that table. Also I am facing a issue that there is no option is coming to add new role in the existing ACL condition section but it should be there, right ?

Thank you

Zach Koch · ‎11-19-2024

Couple things. First, to edit ACLs at all, you have to click on your profile in the top right, and hit Elevate role ( you need security_admin to do this). This will allow you to edit and create ACLs. When it comes to whether to make a new ACL or add to existing, it depends on what functionality you desire. If you want the user to be required to have ALL 3 to read the table, then add it to the existing, if you want a user who only has ITIL, and not the other two roles in the ACL, then make a new one. When a user visits a table, they have to meet all conditions (condition(if applicable), script (if applicable, and have all roles listed to be able to do the action listed in the ACL. In your case, if you made a new ACL with Read for ITIL, then they would fail the first ACL with the two roles they don't have, but pass the new ACL, allowing them to read the table. I would highly recommend you read more on the subject as ACLs can have a huge effect on functionality and can cause unintended consequences if done incorrectly.

Here are the docs for ACLS

Docs

If this information helped resolve your issue, please remember to mark response correct and thumbs up to help future community members on this information, thanks!