Enable List Edit only for few fields

GokavarapuS2337
Tera Contributor

‎07-12-2025 08:55 AM

Hello Guys, Hope you are doing well

Here's the requirement:

 

On kb_knowledge table -> List Editing is disabled in List Control

I have a group X. I want the members of this group to edit fields from the list.

I want the group members only to edit few selected fields (short description, category etc)...not all the fields

 

Achieved Solution:

1. I have enabled list editing from the List Control

2. Written a field level "list_edit" ACL where i added this group condition.

This is working as expected. Only the group X members were able to edit from the list.

 

The problem is I need to allow list for around 10 fields. 
Do i need to create 10 ACL's?

Any alternatives or best approches?

Appreciate your inputs. Thanks!

 

 

 

0 Helpfuls
  • 1,996 Views
6 REPLIES 6

GlideFather
Tera Patron

‎07-12-2025 09:29 AM

Hi @GokavarapuS2337,

 

what could help you is "wildcard" in ACLs, it is applied to fields, but only to those that haven’t been explicitly defined in another ACL record.

 

For example:

  • Table A has 7 fields. If you set an ACL for just one field, like tableA.short_description, then tableA.* will automatically apply to the remaining 6 fields (7 without short_description).
  • Table B has 5 fields. If you define ACLs for short_description, number, and category, then tableB.* will apply on the last 2 fields only. (5 without short_description, number, category)
  • Table C has 9 fielde, If you apply tableC.* without specifying any other individual field,  then the wildcard applies to all 9.

So with this approach you can decide the operation access (read, view, write, delete, ...) field by field and the rest can be "bulked" by the wildcard. 

 

Buuuut you must be careful because for example creating a new field in future will automatically apply this access logics. 🙂  

Let me know if this makes sense to you or if you want to discuss it further.

 

official ServiceNow documentation:

https://www.servicenow.com/docs/bundle/yokohama-platform-security/page/administer/contextual-securit...

———
/* If my response wasn’t a total disaster ↙️ drop a Kudos or Accept as Solution ↘️ Cheers! */


GokavarapuS2337
Tera Contributor
In response to GlideFather

‎07-12-2025 11:13 AM - edited ‎07-12-2025 11:15 AM

Hi @GlideFather ,

 

Thanks for your response.

 

Say i have 10 fields on the table.

I want to make 6 fields (A,B,C,D,E,F) editable from the list view.  Remaining fields should not be editable.

 

Question 1: How to achieve this?

 

My Solution:

So to make this work i need to create 6 ACL 's (one for each field)

Operation: list_edit

Table.field_name

 

I may need to add one more ACL to restrict the remaining fields 

 

I wanted to check if there is any other alternative or a best approach to make only these 6 fields editable in the list view.

 

Please let me know if you need any further information. Looking forward for your valuable insights!

0 Helpfuls

GlideFather
Tera Patron
In response to GokavarapuS2337

‎07-12-2025 11:30 AM

@GokavarapuS2337 

 

There are many details necessary to consider, are the 4 and 6 fields have the same access rules?

If so, then you can apply the 4 each one by one (even though they will be the same) and the remaining 6 will be covered by the wildcard.

 

You can imagine the wildcard as "everything else that is not explicitly defined"...

 

And if you give explicit rules for the 6 and the other 4 will have the wildcard or rules for 4 and remaining 6 under wildcard.

 

There is a challenge that now it is 10 fields and if you apply any wildcard and in the future you will create a new field, it might go under the wildcard unless you change it.

 

I don't have any universal response to this, look around what is the convention in your instance/project unless it is first similar scenario...

———
/* If my response wasn’t a total disaster ↙️ drop a Kudos or Accept as Solution ↘️ Cheers! */


Chaitanya ILCR
Mega Patron

‎07-12-2025 10:07 AM

Hi @GokavarapuS2337 ,

 

10 ACLs  would be the correct approach here

 

but since you wanted an alternative approach you can try this

1. you can create onCellEdit client scripts all the rest of the fields and make sure they don't update the fields

2. create a Before update BR 

and use gs.action.getGlideURI() to find out the transaction URL and write script to abort action

 

this-> gs.action.getGlideURI() would return something like this in the native UI list

where sysparm_processor = com.glide.ui_list_edit.AJAXLISTEDIT and sysparm_table=BRTableName

xmlhttp.do?ni.nolog.x_referer=ignore&sysparm_first_field=incident.number&sysparm_omit_links=&sysparm_processor=com.glide.ui_list_edit.AJAXListEdit&sysparm_scope=global&sysparm_table=incident&sysparm_type=set_value&sysparm_want_session_messages=true&sysparm_xml=%3crecord_update+table%3d%22incident%22+field%3d%22null%22+query%3d%22ORDERBYDESCsys_updated_on%22%3e%3crecord+sys_id%3d%2246e3e949a9fe19810069b824ba2c761a%22+operation%3d%22update%22%3e%3cfield+name%3d%22short_description%22+modified%3d%22true%22+value_set%3d%22true%22+dsp_set%3d%22false%22%3e%3cvalue%3etestsfa%3c%2fvalue%3e%3c%2ffield%3e%3c%2frecord%3e%3c%2frecord_update%3e&x_referer=incident_list.do%3fsysparm_filter_pinned%3dtrue%26sysparm_query%3d%5eORDERBYDESCsys_updated_on

in the workspace it returns(api/now/graphql?api=api)

 

in the script you check if any of the fields changing and if the users should have access to do so

 

NOTE: These are just alternative ways but not at all recommended and are not so good approaches and they don't work in workspace

LIST edit requires client script on every field (dumb idea 🤪) but alternative

 

Please mark my answer as helpful/correct if it resolves your query.

Regards,
Chaitanya

 

0 Helpfuls